Limonene

Feudposting? What does that word mean?

This doesn't look like they hijacked the apps to spy on users' location. It looks to me like these apps were already illegitimately collecting location data and passing it to Gravy Analytics where it was sold to the highest bidder. If I'm interpreting this article correctly, the hackers only hijacked Gravy Analytics so they could get the location data without paying. The location data was already in the malicious hands of Gravy Analytics.

But it seems rather nebulous. Many of the app developers' quoted responses in the article seem to be blatant lies, which the article disproves. Many of the app developers deny handing over location data, but do run ads. If those ads execute arbitrary javascript, then IP geolocation is easy. I don't know how cookies/tracking would work for in-app ads, though.

The Logitech F310 (wired) and F710 (wireless) are ok. The F710 has a big 2xAA battery compartment which is uncomfortable for some.

Save your receipt, because Logitech's warranty is better than their construction. I destroyed my first F710's control pad on my second play of Crosscode, but they sent me a new one.

Do not use either one to operate a manned submarine.

C when I cast a char * * to a char * * const: ok

C when I cast a char * * to a char * const *: ok

C when I cast a char * * to a char const * *: WTF

C when I cast a char * * to a char const * const *: ok

The key has to be stored somewhere to be able to use it. This is full disk encryption, so every single sector that is read or written (except some boot and kernel stuff, presumably) needs to go through that encryption key. You could maybe store it in a cryptographic coprocessor that uses SRAM for the key and key schedule, but those are very uncommon now that AES-NI is popular. And I don't think AES-NI has any special registers that could help here.

I assume they think the Windows login password will keep them safe. I don't know. But many corporate computers (several I've been forced to use) do use Bitlocker without a password.

Yes, assuming it's durably sealed and tamper-proof. If you have enough physical access, though, you can remove the DRAM and put it in another machine to scrape it. This adds time, but it has been done before. One experiment dipped the DRAM in liquid nitrogen for an hour, and found 0.13% decay.

Those are pretty nice specs. I would buy one right now if I didn't have a Deck already, and if it didn't come with a Windows tax.

A "cold boot" attack. These have been around for a while.

The degredation is not a huge barrier. Spraying inverted canned air can cool the DRAM enough to preserve it for a little while, even long enough to switch it to a new motherboard. Whenever the motherboard is powered, the DRAM is being refreshed, so won't degrade. A few bits lost is no fatal flaw, since most cold boot attack algorithms search for long key schedules, not just the key.

Bitlocker is extra vulberable because it stores the key in the TPM and requires no password to boot. An attacker can extract the key even if the computer is off when they get it.

I love that these have borders around the buttons. I wish more interfaces would do that. It used to be standard.

This is an attic insulation issue. If your attic was insulated enough, you would have snow on the roof.

The heat transfer out the roof is dependent only on the indoor temperature, the outdoor temperature, and the attic's insulation. None of those parameters depend on whether or not you are running a server farm (unless the server farm is so powerful that it increases the indoor temperature to uncomfortable levels, and prevents the furnace from even running.

I think the ship is worth less than the cable. Even if all the crew are Chinese spies, their lives are probably worth less to China than the value of successfully cutting the cable.

If I were Taiwan, I would put the whole crew on trial for espionage, and publicize it as much as possible.