A better example is to explain the chaos of having to go to the grocery store and pick up some hot dogs and buns. You know the pain.
asmoranomar
joined 10 months ago
Why would you break the 2nd? Are you one of those liberal types? /s
Clearly it's the forbidden ice cream sandwich from the last ice age.
100k voters attended. Not surprised it doesn't look the same as 100k people.
I'm not an expert, but can you not be both?
And even if it was, it would be the right move. The last thing we want is to stop risk management because there's only 2 hours left and the door hasn't fallen off so far.
AM radio is also used for time keeping and weather transmissions for embedded systems that don't need Internet or heavy computing power (like a clock on your desk or a watch). It's also good for emergencies. All of which can be passed in analog audio or digitally modulated (or both). Probably not exciting for music, but the fact that it's there and you can tune into it to find out the weather or traffic is useful.
I was a mix-up that was quickly resolved because the baby they gave my mom had the wrong bits. It happened again with my sibling. And my other sibling. For the exact same reasons. We all joke that none of us are really related.
But it really makes you think...
Close, but you are still trusting the device you own. If I were to compromise that device, I could capture that key and use it. Again, this is my limited understanding, but a zero trust solution works in such a way that the actual keys are not stored anywhere. During setup, new temporary keys are generated. A keypass binds to the temporary key for use of authentication. The temporary key can be revoked at any time for any reason, whether it's due to a breach or routine policies. It can be as aggressive as it needs, and the implication is that if someone else (either you or an attacker) got issued a new temporary key then the other would not receive it. Using an incorrect temporary key would force an initialization again, using the actual keys that aren't stored anywhere.
The initialization process should be done in a high trust environment, ideally in person with many forms of vetting. But obviously this doesn't take place online, so there is the risk that your device is not trusted. This is why the process falls back on other established processes, like 2FA, biometrics, or using another trusted device. How this is done is up to the organization and not too important.
But don't get too hooked on the nuances of passwords, keys, passkeys,etc. The entire purpose is to limit trust, so that if any part of the process is compromised, there is nothing of value to share.
Disclosure: Worked in military and this seems to be a consumer implementation of public/private key systems using vector set algorithms that generate session keys, but without the specialized hardware. It's obviously different, but has a lot of parallels, the idea in this case is that the hardware binds to the private/public keys and generates temporary session keys to each unique device it communicates with, and all devices can talk with members of it's own vector set. Capturing a session key is useless as it's constantly being updated, and the actual keys are stored on a loading device (which is subsequently destroyed afterwards, ensuring the actual key doesn't exist anywhere and is non recoverable, but that's another thing altogether). My understanding of passkey systems is solely based on this observation, and I have not actually implemented such a solution myself.
From my understanding it's the concept of trust. Basic passwords are complete trust that both ends are who they say they are, on a device that is trusted, and passing the password over the wire is sufficient and nobody else tries to violate that trust. Different types of techniques over time have been designed to reduce that level of trust and at a fundamental level, passkeys are zero trust. This means you don't even trust your own device (except during the initial setup) and the passkey you use can only be used on that particular device, by a particular user, with a particular provider, for a particular service, on their particular hardware.....etc. If at any point trust is broken, authentication fails.
Remember, this is ELI5, the whole thing is more complex. It's all about trust. HOW this is done and what to do when it fails is way beyond EIL5. Again, this is from my own understanding, and the analogy of hardware passwords isn't too far off.
It's good that you were able to quote the regulations. You're not wrong, I'm just apathetic; the question was more rhetorical. To be clear: I don't have faith that this is strong enough to deter and/or that governing policies have enough teeth to enforce. I'd like to be wrong, but I'm not hopeful.
view more: next ›
Nothing stopped the person from calling road service to wire the car up, save for the fact that a child was involved.
But there was. And ensuring the kid is safe takes top priority, and the last thing anyone wants to hear is another case of emergency responders dragging their feet while another kid dies. Smash your way safely into that car, THAT is what they are trained to do.
Firefighters deal with a lot of shit and receive lots of training. I would argue that most firefighters know about the issues being laid out, and policy, not lack of knowledge, dictates a process to be carried out. I really don't think this is a situation they should be vilified over if it saves lives.
Edit: If it wasn't clear, nobody is complaining about getting off work and finding out their car is dead, and having to call the fire department to show up with the jaws of life.