> The cost of rent is 30€ per square meter per month in Paris.
Only for big enough apartments. 20m² appartements do not go for under 850€, ie around 42€/m². Granted these flats are too small to even have a laundry machine, let alone a laundry folding robot.
Switching one uppercase letter in an otherwise lowercase password adds exactly 1 bit of entropy (per switched letter).
On the other hand, any extra lowercase letter will increase the entropy by 4.7 bits (assuming a password on [a-z]).
Given that most passwords have at best 2 uppercase letters, I would argue it is safer to force longer passwords than passwords with at least one uppercase letter.
How is this objectively a great feature? This is a spyware that stores screenshots unencrypted (and thus accessible to any other spyware). I am also not convinced that the AI tools would have been offline, thus effectively sharing your whole data with Microsoft (even more than before).
From a privacy perspective, this feature is an abomination
I'd caution us to separate out the feature from the implementation.
The feature provides the ability to search through all of the previous things you've done and gain context in an instant, in a way that can be queried with natural language. I think we can agree what it aims to achieve is beneficial.
The implementation is what you're debating. I see these are two separate things, but they play hand in hand. If you get the implementation wrong, it can easily tank the feature.
Still, the documentation for this seems to disagree with what you're saying.
> This is a spyware that stores screenshots unencrypted
This page[1] states "Snapshots are encrypted by Device Encryption or BitLocker". They suggest that things aren't shared with Microsoft, though I totally understand the skepticism there.
> This page[1] states "Snapshots are encrypted by Device Encryption or BitLocker".
That sounds like it just means it's encrypted at rest - ie. while you're logged out - but transparently decrypted in much the same way as everything else on the system while you're logged in. That is to say, any running malware would have just as much access as it would do on a system that doesn't use encryption.
From a functional point of view, it can be treated as being equivalent to being unencrypted, with the exception being when you aren't logged in - at which point you're not running any programs anyway.
While the claim that Bitlocker is used to encrypt them is true, it’s really not good enough here. The files are unencrypted during a live session, which makes them an easy target for malware.
Not just during a live session -- whenever Windows is running. Nobody needs to be logged in or actively using the machine for the files to be readable in unencrypted form.
"Objectively" is very strong, but I'd love a tool like this.
Except it's so thoroughly invasive and ripe for abuse that I can't imagine ever using something like this that isn't open source and thoroughly vetted. And I think your very valid points are stemming from that -- MS's implementation was hamfisted and halfassed, and people don't trust them even if they do it correctly. But those are issues with the implementation and the implementer, in my mind. Not the conceptual feature.
At this point I really wonder if e-mail is the best solution for encrypted asynchronous communication. E2E systems like Signal or Whatsapp offer a very functional, intuitive way to protect your texts.
That's only if Signal and Whatsapp actually took any good lessons from WJCE. Both handle the difficult identity issue with the comparison of huge numbers just like with PGP. Usability studies have shown that this has worked out about as well as one might expect[1]. Worse, both cheerfully allow the use of unauthenticated correspondents without any particular warning to the user. WHCE identified the root issue as a failure to create and impart the required concepts to use the system. Signal/Whatsapp completely fail at this, instead the user is provide with a sense of security that is not warranted.
The PGP using community as least recognised that there was a problem. When has anyone ever organized a Signal/Whatsapp key comparison party?
The only issue with WhatsApp (I have no idea about Signal) is that, while it offers seamless encryption, it doesn't allow you to use an alternative client. Therefore, all trust has to be placed in the client and its distribution to ensure it doesn't mess up (intentionally or not). For the average Joe however I totally agree with you and it's a good baseline.
Security folks, especially on HN, are very actively hostile to alternative implementations and clients because in their mind it breaks security. Just see any Apple or Signal topic.
The walled garden lockin in by design for you to be safe.
I mean you seem to be simply reducing spying to the GPD, when it varies very much with the policies of a country. Israel is 27th by GDP but is a world leader in espionage, and especially in surveillance tools. Similarly France is good enough at spying that it got offered to join the 5 eyes (it did not work out because France asked the mutual non-spying clause to be applied, which the US refused).
So while it is probable that the US has a bigger spying industry, it's also hasty to dismiss another player by saying "lol 10% of GDP"
> Hermes, Dior, LVMH, etc. I don't think these exactly help spying
Well France carried spying activities in Syria through Lafarge. Sometimes all you need is a foothold into the good places (Syria, or, for L'Oréal, rich circles)
If you really believe that something that is 1 million times less efficient than Visa/MasterCard for a fraction of the service, and that miners really use residential energy when they are active 24/7 and thus by definition a continuous strain on the grid, I have so many scams^W interesting products to sell you
Comparing Bitcoin network to Visa/MasterCard is as pointless as comparing Gold mining to those cc networks. Fair comparison would be Bitcoin network vs Gold mining/storage/securing/transfer activities.
The key point (often missed by these articles) is that aperiodic tilings do not have a (infinite) periodic pattern. This means that you cannot draw a shape on these tiles and say: "the tiling is based on infinite repetitions of this shape, and only this shape".
Of course individual tiles will repeat, but never in an infinite periodic pattern.
Edit: a novelty of this paper is that their shape is "truly" aperiodic, which means no matter how hard you try, you will end up with aperiodic tiling. Existing one-shape aperiodic tilings had to add constraints on how to put two shapes next to each other to ensure aperiodicity.
I meant "a given orientation of the tile will be present many times (or infinitely many)".
It's very probable (I did not read the paper, only their website page) that the tile only occupies a finite amount of orientations in the tiling and therefore at least (and probably more if not all) one orientation will also be present an infinite amount of times.
However this does not imply periodicity of the tiling.
Have you heard of Australia? https://www.sydney.edu.au/news-opinion/news/2018/03/13/gun-l...