This already happens every single time when there is a security breach and private information is lost.
We take your privacy and security very seriously. There is no evidence that your data has been misused. Out of an abundance of caution… We remain committed to... will continue to work tirelessly to earn ... restore your trust ... confidence.
I split step 4 in their "high level, this is the general flow for data migrations".
4.0 Freeze old system
4.1 Cut over application traffic to the new system.
4.2 merge any diff that happened between snapshot 1. and cutover 4.1
4.3 go live
to me, the above reduces the pressure on downtime because the merge is significantly smaller between freeze and go live, than trying to go live with entire environment. If timed well, the diff could be minuscule.
What they are describing is basically, live mirror the resource. Okay, that is fancy nice. Love to be able to do that. Some of us have a mildly chewed bubble gum, a foot of duct tape, and a shoestring.
Lots of systems can tolerate a lot more downtime than the armchair VPs want them to have.
If people don't access to Instagram for 6 hours, the world won't end. Gmail or AWS S3 is a different story. Therefore Instagram should give their engineers a break and permit a migration with downtime. It makes the job a lot easier, requires fewer engineers and cost, and is much less likely to have bugs.
I am personally aware that Washington DC, same areas of Maryland, Virginia and Delaware have been tracking car Bluetooth (and EZ-Pass) for decades for "traffic management". The more BT detected the heavier tracking. The longer time between detectors for the unique BT/EZ-Pass, the slower the traffic. Adjust traffic lights down the road to improve traffic flow. (when I write Ez-Pass, i mean the toll transponder, but not detected by a toll booths or overhead arches.)
Note that boxes may get pressure from all the sides(different kind of pressure & movements during shipping), not just from the top as seen in the images (or shelters) in the article.
I think the goal would be not to make the whole box out of this structure, but to scale this structure down to be 4 millimeters high and use is as the core of the cardboard (or corrugated fibreboard as it's known in the industry).
I loaded semis for UPS in the summer of 1967 in Milwaukee, between my first and second years of college. I worked 4 hour shifts at night, 6-10 pm, M-F. Hard job. Paid very well. Deep inside the trucks the temperature and humidity were so high me and my partner had to shift roles every 15 minutes, one of us outside the back of the truck selecting packages off the belt that ran along the back of all the trucks in the loading bay and the other inside the truck, pulling them off the long elevated metal roller-topped structure that extended from the back belt at the back of the truck to the front of the semi.
When the outside temperature was 90° and up, it was insanely hot 30 feet deep inside the trucks with no air circulation: we wore gloves and shorts. The noise also was incredibly loud, deafening. Toward the end of our shifts we were semi-delirious and exhausted and so we just threw the rapidly incoming packages over our heads back into the truck instead of stacking them as was proper.
So the damage was likely done long before the delivery person took it the last few feet.
Anyone who’s worked inside the sortation centers has also seen sorters crash and rip packages to shreds.
Obviously that’s not “normal” damage to packages, because those things certainly aren’t getting delivered, but it’s not like these things get handled gently by the automation. Packages slide into collection belts where they land hard on top of other packages, they zip down chutes to be loaded into semis, etc.
There’s a reason they want breakables properly packed, and it’s not because the last-mile delivery guy is going to shoot a three with your box.
If Real ID is so good, why do we have CLEAR? Why can I not skip the line with RealID?
If we are forced RealID, why not just make all the TSA checkpoints like Global Entry (or in several countries with IDs), fully automate them, using Real ID. That would get rid of CLEAR, and a lot of TSA agents.
CLEAR is basically (mostly) self-service pre-verification by a commercial entity, achieves near the same exact thing as it is done at the TSA agent with RealID now.
The CLEAR system uses CAT or CAT-2 to send info to TSA to validate. Same, exact protocol and information as it is with the TSA Agent.
The only meaningful difference is that the biometrics is pre-stored with CLEAR, while the other travelers are collected at the TSA agent stands and compared to RealID.
There are multiple countries where all of this is done with dark technomagic. You can see this witchcraft working with Global Entry (CBP, not TSA).
What is interesting about this is that CLEAR has a relationship with the airports (mostly), not TSA. Airports are the ones pushing CLEAR so they do not have insane queues, not TSA.
There are plenty of Faraday bags readily available for cell phones.
Look in the digital forensics industry. Field forensic investigators can get bags or boxes (look like Pelican(r) cases), or inserts for Pelican cases (a 1615 fits just right into a sedan's trunk).
Long time ago when mobile forensics was in its infancy they were given out as swag.
The #1 problem is of course that if not in airplane mode, some not too smart phones keep increasing the power to the radio (smarter ones do this for a few minutes then power down radio, then cycle up again). Guess what happens with a bunch of juice dumped into electronics in a locked case inside a trunk in a hot car, with half dozen other phones doing the same thing (because it is never a single burner phone).
In a pinch, 3 to 5 layers of aluminum foil, stainless steel cocktail shaker, ammo can, or combination thereof works.
edit: Yes, if we are discussing this with physicists, RF cannot be blocked, it can be attenuated. The strength of the RF signal is reduced as it travels through different materials, and in theory it can never be completely eliminated. In practicality, the signal only needs to be attenuated until it cannot be picked up sufficiently even when very close by a receiver.
I came here to say what you did. I used to work in three letter agencies and took part in testing faraday bags for clandestine operators. Something about faraday bags that most people don't know is that they have a shorter life than you would think. As they move around and bend, they start to "leak" more RF. WaitWaitWha is also correct that in a pinch, some aluminum foil works pretty well if you're careful. The service will be so bad, that the phone won't likely get packets out or in. Just be thorough when doing it.
Also, I worked with clandestine people and for most of them had threat models more relaxed than a lot of people on HN. What are you all up to???
There used to be an option called "Cat guard" built into several historical (BBS ) software. On (and cannot remember the name) one software that did synchronization with other networks (e.g., FIDO, uunet) it was considered a major feature.
Primary purpose was to lock the keyboard so when the cat walked all over it, it would not disconnect.
If so, is this 'fuse' per-planned in the hardware? My understanding is cell phones take 12 to 24 months from design to market. so, initial deployment of the model where this OS can trigger the 'fuse' less one year is how far back the company decided to be ready to do this?
Lots of CPUs that have secure enclaves have a section of memory that can be written to only once. It's generally used for cryptographic keys, serials, etcetera. It's also frequently used like this.
Fuses are there on all phones since 25+ years ago, on the real phone CPU side. With trusted boot and shit. Otherwise you could change IMEI left and right and it's a big no-no. What you interact with runs on the secondary CPU -- the fancy user interface with shiny buttons, but that firmware only starts if the main one lets it.
> ... The hackers would still need physical access to the hard drives to use the stolen recovery keys.
This is incorrect. A full disk image can easily obtained remotely, then mounted wherever the hacking is located. The host machine will happily ask for the Bitlocker key and make the data available.
This is a standard process for remote forensic image collection and can be accomplished surreptitiously with COTS.
We take your privacy and security very seriously. There is no evidence that your data has been misused. Out of an abundance of caution… We remain committed to... will continue to work tirelessly to earn ... restore your trust ... confidence.
reply