That's what happens when a paper is withdrawn [1], and MIT requested to withdraw the paper [2]. This news title saying that they requested to take down the paper is subtly incorrect.
Some softwares: Yes. People with Mac are advised/forced to use Windows. For instance, Uwayapply, a college admission application service, doesn't support macOS.
Or: they provide .pkg file to install similar program.
Most of them want sudo. They use root permission for various purpose, but the most impressive one for me was registering their CA certificate on Firefox root store, to support WebSocket over TLS to localhost on Firefox.
Nice! That way you can extract the private key and cert from the app and spoof the local server! I bet that cert is valid for *. and the same on every machine as well?
The problem came from U.S. cryptography export regulation which makes exportable cryptographic algorithm feasible to crack. Bundled Internet Explorer didn't support good algorithms on SSL.
So, South Korea government wanted to add another security layer. They wanted to state "good to go" algorithm (just like FIPS did), so they built and recommended the encryption algorithm, SEED. And it required ActiveX, because 128 bits cryptography on JavaScript was infeasible then.
The real problem of South Korea is, the slowness of deprecation.
They deprecated ActiveX (and created NPAPI or WebSocket on localhost) in 2014. After Microsoft deprecated Windows XP, they established "Windows XP Task Forse" to respond security issues with Windows XP computers on government agencies. Yeah, this was fairly late, considering MS declared the Windows XP deprecation schedule in 2007.
IE/ActiveX/Java Applet/etc algorithms aren't still completely deprecated in Korea. NEIS, a giantic service used by every K-12 school to record and manage education-related information, still uses the technology based on Internet Explorer by using IE compatibility mode of MS Edge. Repeat, EVERY K-12 school teacher and staff uses this service, with IE compatibility mode.
I want South Korea to adapt new technology and deprecate old one more in due course. I mean, they should accept TLS provides decent end-to-end encrpytion, and they should recognize Triple DES is deemed unsafe algorithm.
A LOT of Korean citizens cared and got angry with this issue. So governments, agencies, and. yeah, "security companies", finally decided/declared to deprecate ActiveX-fu softwares and follow Web Standard.
A Korean company Tmax sells Tibero, the Oracle-compatible DBMS (proprietary). AFAIK, it's quite so much "compatible" (it even has same typos with Oracle DB), and they're not sued by Oracle.
Note: AirDrop is unsafe for broadcasting message anonymously. It will also broadcast your hashed phone number and email[1], which can be reversed by rainbow table.
True, but invalidated by burner and jailbroken phones which are widespread in China. They can definitely catch somebody with a concerted effort but I'd be surprised if the average Chinese teenager couldnt figure out how to make a burner email
I think the problem is the majority of people don't know that airdrop isn't actually anonymous, sure there are workarounds but it doesn't matter if 99% of users don't follow them.
There are markets in China where you can buy all the parts super cheap and build your own iPhone. It's like nothing you'd ever see in the western world. Hundreds of stalls all selling an individual specific selection of phone components, and if you ask for something they don't have, they'll recommend their friend's stall to you.
Apple have sold billions of iPhones. All those second hand "recycled" parts go somewhere.
An iphone can be bought and emails can be registered without doxing yourself, so this info isn't strongly tied to your identity the same way a phone number is.
Where would be the sanest choice if I need some CPU computational resources (say, 10k CPU-hours)? Researchers simply used DigitalOcean (under their generous resource grants), but I believe there would be another better way for computing if I can't get such donation...
Using the example in this article as a demo, on AWS, it takes $75 and 4 hours to crack a RSA-512 key, and it was the 2015 number. So it's certainly the correct choice here.
Python 3.10 is standard even in the latest debian version, nearly every Linux that you would setup today has python >=3.9 preinstalled. Unless you use some sort of "webspace" type of provider that only allows PHP, this should not be an issue (in fact I had a webspace once and it too had python, I just had to ask).
So python 3.10 is not an external dependency here, because external implies you need to install it.
But all the non-standard python modules used (humanize, ...) are definitly external dependencies and that can be an issue if you try to run your service in such a restricted environment.
[1]: https://info.arxiv.org/help/withdraw.html#:~:text=Previous%2...
[2]: https://economics.mit.edu/news/assuring-accurate-research-re...