What is scary though is how easily the rfid can be read off of a person. It's a great thing to have but card issuers should include some kind of protective sleeve with every card rather than relying on the consumer to be both aware of and able to use an rfid blocking wallet.
Old payment card RFID contactless was really insecure; it basically spat out the data on the magnetic stripe. New contactless is directly tied to the EMV chips and requires the whole cryptographic round trip and such. You can put a protective sleeve around your cards if you want, but it doesn't really add much in real security anymore.
If payment can be authorized through the chip by mere proximity, without any explicit authorization by the owner, then it's still insecure. Of course the thief would need to have an official payment terminal, but those are everywhere.
Technically yes you are correct, but the threat model here is similar to someone grabbing a card from you and dipping it into a terminal chip reader without your permission. This is what the PIN part of chip-and-PIN protects against; the chip part (also applicable to EMV contactless) protects against card duplication and transaction replay.
There is a huge difference between this kind of attack and what an attacker can do with the old scheme of magnetic swipe data over RFID. With the former, the only thing an attacker can do is perform a real transaction in that moment; this transaction leaves behind an audit trail tied to a real merchant (the operator of the terminal) and their bank account. An attacker cannot, however, initiate additional payments without accessing the payment card again, and without access to the cryptographic secrets held by the payment service provider, they cannot extract the card number to use for online transactions.
With the latter, it's equivalent to skimming a the magnetic stripe: an attacker can clone the card and reuse it for transactions as often as they'd like for whatever amounts they can authorize. In addition, they will have access to the plaintext card number, which would allow them to use it for online transactions. And absolutely none of this leaves behind an audit trail of how the attacker got your card.
I disabled mine on the card, and exclusive useless NFC payment from my banking app. That still requires my explicit authorization and is therefore a lot more secure. I started doing this during Covid when we weren't allowed to touch anything anymore, and I'm not going back.
I figure to be a more complete test you'd have to include Baidu the Chinese search engine, which is in no doubt censored. Or old school engines like ask.com, and Yahoo even though they serve Bing results to my understanding it would be nice to include them. Either way, good showcase, great example queries. Although I do think some should be catering the MSM narrative to see if the results give contrary results included.
I think in the future people will just resort to checking yandex/baidu/duckduckgo every time they think the results might be censored. The opposing regimes are likely to censor complimentary parts of the web.
I've been doing this for awhile. Most importantly, I do this with my news. If there's a war in Europe, I don't even bother to check the BBC anymore, or German outlets. I try to grok Al Jazeera, India Times, Channel News Asia, see what's common between them.
I mean you vote with your dollar. Stop supporting these bad practices. I don't, it's a hull to get everyone to stop and force themselves to work around. Maybe it's a losing battle, but stop giving them money and we'll be better off. I would not purchase a product with an underlying subscription. I even go as far as getting older cars so I don't have to worry about it.
All this spotlight on VS Code and no mention of Sublime Text? I view Sublime Text (even though there is a license fee) as more emacs like than VS Code. I side with others to say its no where near Emacs because Emacs is Emacs. My most cherished Sublime Text plugins began as an Emacs extension (xiki). So I would say Emacs is important to the ecosystem but there's no way Product X will be an Emacs of the 21st century.
I've always been a huge fan of sublime, i use it daily as a text editor. It's largely a visual clipboard for me.
However as a development environment its lacking. The interface for installing and configuring plugins is needlessly arcane, and whilst it's fast I find myself defaulting to vscode for pure productivity reasons. I don't even particularly like vscode - largely electron snobbishness tbh - but it's the best to for my particular job (frontend dweeb for a well known site with a very modern stack)
I've used intellij, visual studio, vscode, sublime and dozens of other apps extensively professionally as my day to day (eclipse and atom were low points) and all have their merits but as a fast, easy, cohesive environment that is easily setup a combination of zsh and vscode is absolutely my goto the days.
Edit. People calling vscode bloated does amuse me though. it's not exactly vim but it's a million miles away from its bigger brother.
