Due to the nature of critical infrastructure it would not be advisable to force lockout rules and rate limiting on devices.
The main issue comes from the long life cycle of equipment and companies not wanting to change to new securer methods due to fear of costs implementing it.
To be honest when it comes to critical infrastructure, you cannot be conservative enough.
Which is to say: These networks should be closed-loop, and air gapped from the internet. The best security is simply not letting an attacker connect to the equipment at all.
Same way cars are meant to work. One network for the vehicle control systems, another network for the fun stuff (in car entertainment, OnStar, etc). With well defined interconnections between them (that assumes the "fun stuff" side can misbehave).
If there is any interconnection between the critical infrastructure network and the internet, then it needs to be very well regulated, down to the packet lengths.
AFAIK: U-Block Origin is a fork of U-Block which hopes to stay in sync with U-Block, but maintain a per-site block/allow feature which was removed from the newer version of U-Block.
I'm curious to know what will happen with all the user data on their systems. There was a site floating around which allowed you to access your playlist information just by entering your account email. I assume that was old public data.
And with services like this, is there any threat to users who access 'illegal' material?
Good point. People discussed different ways to get to the parts stored in localstorage, but that obviously only should work locally. Since Groovebackup got shutdown as well we can't check what they did.
Look into R+D. I was in the same boat as you. Then I decided to take a look at research, now can't get enough of it. There are government funding for PhD's (Search Department of Education and learning (DEL) Funding.)
I'm British and went from industry back to do a PhD at 25. You don't even need to worry yourself about searching for funding - there is plenty available for CS and I found it was enough to live on even though I'd been used to a grown-up salary.
I'm considering something similar (23 now, studied in Imperial, working now in the US, but missing learning so many new things like I had in undergrad).
Did you experience a large decrease in quality of life? Have you saved up a lot until you started at 25?
I managed to live off the stipend without too much of a problem - but I lived with my wife and she paid the mortgage while I was studying so I suppose I didn't have any accommodation expenses. In my second year I did a six-month internship in the US and came home with a five figure sum which made it a lot easier.
The creative commons site provides links to popular search engines with with Create Commons licenses. Though these are not Clip art, there is a lot of material which you can use. Just needs a bit of searching.
It's all well and good adding support for new algorithms, and streamlining the UI. But still, access to the key servers are done over plaintext[1]. Which could allow an attacker to modify your request/response from the keyservers.
Am I correct in believing that this is a critical issue not to address?
[1] "Support for keyserver access over TLS is currently not available but will be added with one of the next point releases. " -- https://gnupg.org/faq/whats-new-in-2.1.html
I don't believe that this is a critical issue. The PGP-trust model doesn't need you to trust neither the keyserver nor the connection to the keyserver. You are supposed to look at the actual key, and the actual signatures of the key to decide if you trust it.
Anyone can usually upload any key to the keyserver, so even if you use TLS that wouldn't make a difference from a security perspective.
I believe it was meant ironically. Similar to the joke "I double rot13 all my emails, but I'm probably just being paranoid." (If you're not familiar with rot13, running it twice results in the original plaintext.)
It's a joke, but at the same time, I doubt the pattern-recognition bots correct for it, so it would likely have some effect security-wise, to the same extent you get by spelling 'shit' as 'sh|t'.
The main issue comes from the long life cycle of equipment and companies not wanting to change to new securer methods due to fear of costs implementing it.