3. Finally a startup that is developing technology to make the life better for us d...

Finally a startup that is developing technology to make the life better for us drivers. See Tempus (2nd to last video)

By definition, a zero day exploit cannot be prevented as you don't even know there was a potential security hole. The government, Apple, Google, and yes, governments around the world, purchase zero-day exploits for millions of dollars. It's believed that the US government purchased the knowledge to commit the Stuxnet attack on Iran, although that's wading a bit too far into geopolitics in a conversation about server security.

So yes, choosing your APIs wisely and monitoring transactions are a way to minimize your risk of a zero-day exploit, by their very nature, they're impossible to prevent when you're running a computer nowadays. And if you try to roll your own security system, you're bound to have even more security holes than systems which have been reviewed thousands of times over by the likes of Cisco, Oracle, etc., since they too have a vested interest in that system's security.

Yes, encryption can be broken. There's a reason we don't use DES anymore. As computers get faster they can of course break more and more algos, which is why developers are continually improving the algos used in their systems. I remember when SHA-1 was considered a very good hashing function, and now we look back on it and laugh.

But no, GPUs can't crack modern encryption functions "in a matter of days". From a bestof'ed reddit thread asking the same question:

It would take 1038 Tianhe-2 Supercomputers running for the entirety of the existence of everything to exhaust half of the keyspace of a AES-256 key

So I guess we'll have to agree to disagree on that one. Again, I'm not naïve to think I've somehow cracked the core question of encryption and should be contacted by the NSA for a position - far from it. Instead, I'm saying I completely acknoledge that there are, and will always be, security flaws in the ever-evolving world of encryption. Just a couple of years ago researchers were able to crack RSA with a side channel involving sticking a microphone on a computer's CPU and listening for minute changes in frequency.

But that doesn't mean we should pack all this up and move on to an Amish farm, but instead that we should always be reviewing the modern standards, and like I offered to you for my site, to always try to break them to make them better.

So yes, I rely on modern and industry-standard encryption functions, because I recognize that I am not a cryptographer and any "custom encryption function" I would try to develop would not even be close to what actual real cryptographers have determined to be the current best option.

In their latest announcement, the reddit admins even made this point. If you think you're smarter than the world's greatest cryptographers, you're gonna have a bad time.

Also, I have nothing to do with anyone in the videos linked. So reserve any criticism you have for them.

/r/uberdrivers Thread Parent Link - justinkan.com
Previous
Next

Recently removed from /r/uberdrivers

Is this normal for full time drivers ? New on Uber Why do drivers sometimes cancel when they are basically already there? Uber and Lyft have acknowledged their prices have increased amid rising demand for rides and difficulty in recruiting drivers and Taxis are back. Finally happened to me... account blocked When a customer reports that you never delivered their order, do you call into support? Ubers all new Heat Map in Orange County California SoCal stop hitting on women Rarity of Tips Increasing? I'm being sued by an Uber Driver who ran a red light Does anyone feel this awkward silence? New car, captive market, does this make sense? Why do some drivers get upset if I Juul in the back seat? Sticky Surge rolling out in Columbus, OH market Passenger Injury Fraud Before and after pictures of me after deciding to no longer accept pool requests

More Random Comments

Antistasi private server save issues Girlfriend has chronic depression Police arrest suspected of burglarizing at least 18 local businesses Time to own up, what’s the most fucked up thing you’ve done to someone? Putin: Russia warns U.S. against 'meddling' in presidential election TIL: Sequoyah, the creator of the the Cherokee Syllabary, demonstrated the written language to his people and was then charged with and tried for witchcraft. The rest of the story... Need advice for Pandemic Legacy with 2 players Redditors who have had sex whith other people being in the room ( regardless of whether they knew or not ) what's the story ? [NSFW] But chill! Whats the most fucked up thing you have seen a friend do to somebody? Whats the most fucked up thing you have seen a friend do to somebody? CCW Holder Shoots Naked Man Causing Disturbance "SHE DOESN'T HAVE BOTOX DUDE" Anxiety is like when video game combat music is playing but you can't find any enemies. First preview of the Han Solo movie