This effect is - in some ways I fear, almost inherent to tech.
The same reason you call someone an idiot if they click an ad that looks like an error message, login to their bank on mybank.com.sketchysite.info, respond to a Nigerian scam or open that .pdf.scr file attached to an email. This stuff seems dead flat basic to people who are exposed to scams regularly. We don't call the scammers idiots for making millions on ransomware, most of us just delete their messages without a second thought - instead we call their victims idiots for falling for it in ways that seem obvious to us. Heck, even in much of the general public these are used as punchlines on occasion. Victim blaming and just expecting people to recognize these things as sketchy seems to be quite common for these sorts of technical issues.
Replacing the previous packaging that had a deposit and return glass bottle with single use plastic wasn't demand led. They corrected quite well for the known tendencies of people - consumers - to be forgetful or drop litter.
Who put pop vending machines everywhere and pushed out healthier alternatives, for example? Who did it in schools to try to hook kids in to junk food habits?
All they'd have to do in order to survive a factory reset is to write to the /system partition, which contains the main OS. A factory reset only wipes /data and a few caches.
Writing to /system requires it to be mounted read/write and permissions to do so, so they'd need a root exploit in order to pull it off, but there's quite a few to choose from especially as devices age and given that they're doing this outside Play Store where Google won't pick them up.
I'm just crossing my fingers advanced users don't lose the ability to side-load apps over bad publicity like this, maybe they should make it harder to enable though.
No. The play store does not check very well and is pretty easy to bypass. Up until recently you could just download .dex (android equivalent of .jar) files into your apps resources at run time then call the classloader. Then for their runtime scan you can either just wait to put the real code online or have a hardcoded switch to execute the main function based on like an NTP server saying it's past X day. I think that is why they removed calls to the classloader from android. There's a few other ways to do basically that that still work but I'm not sharing those for free.
IMO There is a slight flaw to how this question is worded. It's not that they block you from running code that you need to be root to run (you'll just get insufficient perms errors) it's just that you're not root. You could write the code to write to /system, and it will run it just will not work. Thus, you need to utilize some sort of local privilege escalation. That is it's own equally semi-sticky wicket.
True, just disabling it via PackageInstaller by default would do the trick, the root community could re-enable it easily and those who only needed to sideload the occasional app could do so via USB debugging.
It seems like every time I hope for a reasonable solution like this I get let down substantially though.
Wow, interesting to see Hikvision on this list, I own several of their cameras (and keep them isolated on a separate VLAN), but once you know them, you see them everywhere, they have a huge hold in the video surveillance market. Wonder if their main Chinese competitor, Dahua will pick up their market share in the US or if there's a more local competitor.
Huawei's HiSilicon fab makes purpose built ICs for these things, I've dumped the firmware for some whitebox ones done by a local tech retailer, but they were still heavily reliant on those ICs. Will be very interesting to see what happens in that market if this persists for long.
I procure cameras for some systems development we are doing for the DoD. Hikvision and Dahua are both specifically banned by law. The number of American companies simply rebranding banned cameras and stamping "Manufactured in America" on them was a bit of a shock.
Yes, 废话 is a different word than than 大话, and sounds different. I've heard 大话 also means bullshit, though. E.g., "大话王 King Of Bullshit": https://www.le.com/ptv/vplay/26199923.html
I think the philosophy here has sort of changed with newer versions of Windows, this is why the taskbar now has quicklaunch icons and regular app icons the same size and place. I keep all my "stuff that just stays open" like thunderbird, spotify, mumble and firefox to the left.
> when you loose your data you have only 30 days to get it back before Backblaze deletes it as well!
Uhhh... this one could be a significant issue for me right now. I've got a laptop that's been offline for about 2 months now due to a motherboard failure due to liquid damage. I haven't bothered dumping the drive yet because I figured even if it's got issues Backblaze has a copy.
You're telling me that if I login to my account right now, the data is gone? If so, they really need to make that one more obvious.
EDIT: Just checked Backblaze, still looks like the data is there after 70+ days. Has this policy changed at some point?
It is more complicated than just "after 30 days" (and always has been). If your laptop is entirely offline (or you simply uninstall the client from your laptop), then the policy is ACTUALLY that we keep your backup for 6 months as long as you keep paying your bill. But to be honest, it's more like a year or two. The 6 month policy is we guarantee the backup will be preserved, not that we will immediately go out and delete it at exactly 6 months and 1 day.
This is a completely different situation than files you delete but the backup continues. For cost reasons, Backblaze purges the files that you deleted from your local drive after 30 days. HOWEVER, with this new 7.0 release you can pay a little more and increase that retention time to one year, or forever. This was a highly requested feature for the situation you ran into.
Or, if you have a hard drive that you disconnect and aren't willing to reconnect for more than 30 days. Since your backup is continuing, Backblaze assumes the drive will never come back, so the files are then deleted to save money in the datacenter. Of course, this changes with the 1 year retention policy, you can unplug the drive for up to 1 year and still dial back time and restore all your files.
I should have explained the 30 days better. I would edit my comment if I still could.
But yeah, since I kept the computer online and Backblaze app running _after_ I lost the files, Backblaze marked them up for deletion in those 30 days. To be fair, I didn't try to contact them and ask to help me, maybe they would.
I spent several days trying to download the backup and then I gave up and ordered the drive.
Good to see that you have a new retention policy since then.
> HOWEVER, with this new 7.0 release you can pay a little more and increase that retention time to one year, or forever. This was a highly requested feature for the situation you ran into.
I'm glad to hear that Backblaze has finally made such an option available. However:
> For cost reasons, Backblaze purges the files that you deleted from your local drive after 30 days.
As someone who once almost lost his PGP key and had to recover it from old physical backup media, I'd like to point out that that is not a "backup" service. It's sort of like a lazily expiring mirror, but it's definitely not a backup service.
Do you look at all of your files every 30 days? How long would it take you to notice that a random file had disappeared from the filesystem 7 layers deep? Have you ever needed to restore a years-old file?
(You need not explain why you do it; I understand about users who could use it as a cloud storage service by deleting files after they're backed up. The point remains that it's not a backup.)
What you're referring to, I'd call a historical archive, containing many backups.
When I think about a backup, I'm thinking in terms of recovering last good state after a drive failure or catastrophic filesystem corruption. I don't tend to think of a backup as implying a deep history unless that part is explicitly stated. That distinction was easier to notice back in the days of backing up to tape or optical discs - you don't expect each tape/disc to contain a version history, just a single snapshot, and you don't expect your collection to retain long-gone files unless it's an ever-growing pile of tapes/discs.
In that mindset, it's not reasonable to expect that a backup service necessarily provides the full historical archive.
> you don't expect your collection to retain long-gone files unless it's an ever-growing pile of tapes/discs.
Rule number whatever of backups: Don't discard old backups. Bitrot occurs, and people make mistakes, and newer backups can have flaws that older ones don't, which will go undiscovered until it's too late.
We're not talking about piles of tapes, we're talking about virtually unlimited disk space. State-of-the-art backup software chunks and deduplicates data and stores snapshots of directory trees. For most cases, there's no reason not to keep a subset of old snapshots, and many reasons to keep them.
What's your criteria for backup? I completely agree that something like RAID is not backup, but 30-60 days seems comparable to other backup services and covers most scenarios. The old-school manual process of swapping a USB drive at work every week/month has the similar retention.
The only consumer-facing system I've used with multi-year retention is Time Machine. Every few years it has trouble "verifying" the backup and I have to start over (it also deletes old backups when you run out of space). Right now my backup only goes to August.
Backup means that if it takes me 6 months to realise that the 2014 finances folder had been accidentally deleted, I can still recover it.
I'd love to see BackBlaze offer the option to select "mission critical" folders that have super-long-life (Time Machine-like) version retention. Give everyone a few gigabytes of this for free, charge a premium to increase that space.
Though that sounds tricky to set up all the UI for. For now you can set up a separate backup of that stuff. Set B2 as the backend and you get 10GB free.
Maybe—and the UI could be little more than a script that does exactly what you described.
The point of making it a UI is, first and foremost, to get people thinking about this question. And it gives people the option to acheive what you just described without stumbling upon a post like yours on Hacker News.
A post like mine? But it's your post that has the idea...? The only thing I said about how to make it possible is "separate backup", which anyone can think of in two seconds and is only a hint of a tenth of an explanation. I don't understand.
Something like Attic, Borg, CrashPlan, Restic, etc, that allow snapshot retention periods, like "1 per year for the last X years, 1 per month for the last X months, one per day for the last X days".
> I completely agree that something like RAID is not backup, but 30-60 days seems comparable to other backup services and covers most scenarios.
That doesn't protect against bitrot. e.g.
1. File is backed up (snapshot A).
2. File is slightly corrupted by bitrot, cosmic ray, etc.
3. File is modified by user, corruption is unnoticed.
4. File is backed up again (snapshot B).
5. "Backup" service deletes snapshot A.
6. User discovers corruption.
7. User looks to restore earlier versions until an uncorrupted one is found.
8. User discovers that all available snapshots were made after corruption happened.
Or replace "file" with "directory" and "bitrot" with "accidental file deletion" and the user still suffers from data loss.
Mirrors are not backups, and a few revolving snapshot slots is effectively a mirror.
The ic is not part of battery chemistry- in case this comment isn’t a joke a common workaround would be to grab ic from dead batteries and put them on fakes.
You're right, keeping keys in SRAM and other trivial anti-tamper measures are way too expensive. Cutoffs are performed by the same IC. Should be trivial.
This was a business decision for sure. Apple doesn't want anyone but Apple to work on their devices. Now maybe you can say that alone is good for resale, but it's extremely shitty for customers, especially when their attitude is to tell people they need a new board and all their data is gone when a repair, often even a simple one is entirely possible.
The issue w bogus undisclosed batteries was causing problems for apples brand rep. Many of the bulging / exploding batteries were not in the end apple.
The lie you are spreading, that you can’t use non apple batteries is false. The phone will work fine, but apple will let you know it can’t model the batteries health.
Having the phone recognize if the battery key has changed is a simple and effective way to manage this.
For MANY people, being able to rely on the apple battery health check is far more important than allowing scammers to do a cheap battery swap, sell phone with a “near new” battery, and then have customer in apple store complaining a few weeks later only to be told they were ripped off
As I pointed out there's fairly simple ways for them to resolve this without these practices. No where did I suggest that the batteries don't work at all. The extents people go to on this site to defend Apple's shitty anti-consumer behavior is utter insanity.
Go ahead and describe the fairly simple solution you've come up with understanding there is a surprising amount of money out there to defeat it.
If by "brand new" battery you mean an unused battery there are actually issues there, sellers do sell "unused" batteries as "brand new" but the mfg date turns out to be really old. Technically true I guess - the battery has not been used? Would I want a 3-4 year old battery? No - who knows what SOC it has been maintained at.
What is interesting is apple's focus on "shitty anti-consumer" behavior which is "utter insanity" has resulted in a lot of consumers buying their product.
The same reason you call someone an idiot if they click an ad that looks like an error message, login to their bank on mybank.com.sketchysite.info, respond to a Nigerian scam or open that .pdf.scr file attached to an email. This stuff seems dead flat basic to people who are exposed to scams regularly. We don't call the scammers idiots for making millions on ransomware, most of us just delete their messages without a second thought - instead we call their victims idiots for falling for it in ways that seem obvious to us. Heck, even in much of the general public these are used as punchlines on occasion. Victim blaming and just expecting people to recognize these things as sketchy seems to be quite common for these sorts of technical issues.