Huawei promised to fix these horrible security issues after a code review in 2012 and the establishment of the HCSEC oversight board in 2014, yet HCSEC found Huawei had not fixed the issues found in 2012 in their 2018 report, at which point Huawei promised to spend $2 billion to improve code security.
IIRC the 2019 report from HCSEC outlined the same bugs had yet to be fixed. I think Huawei doesn't want to fix bugs in products they aren't currently selling (in part based on Nortel code that has been patched over the last decade with new features), thus the lies and lack of investment.
I just picked up a Mac Mini for recompiling a handful of apps. If I were developing daily on it, a better specced machine might be worth it, but 2 to 4 year old Mac Minis are cheap, have the latest MacOS and fulfill my needs.
The term "elites" in this thread does not refer to the aristocracy or the financial 0.1%. It refers to the high-achievers in math and science, and they have to work for their income just like everybody else (and from what I've ready about postgrads and PhD students in the US, they have to work their asses off).
The browser version of Zoom seems to require a free account be created, and it was audio only in Chromium, I could not get it to use my camera. Zoom refused to work in Firefox.
Jitsi and Google Meet seem to work in both browsers, without requiring me to log in.
You can join Zoom meetings on your browser without creating an account. It's a bit off the beaten path:
1. Go to zoom.com
2. Click "Join a meeting"
3. Enter meeting id and click Join
4. Ignore the automatic app download
5. Go back
6. Click "Join a meeting" again
7. Enter meeting id and click Join again
8. Ignore the app download again
9. Click at "If nothing prompts, click here"
10. Click "Join from your browser"
11. Agree to terms of service
12. Enter password and name, click Join
It's improved a bit, and actually works fine in Firefox Nightly right now, but you have to craft the web client URL directly. The UI will try its very best to make you download the client.
Seen somewhere else: when you get to the web page that launches the app, don't allow that launch, hit (IIRC) "Retry", still don't allow it, and the page should say "Having trouble?" offer a link to the web version.
I've joined plenty of Zoom meetings without creating an account. Are you sure it wasn't just asking you to enter your name and email in the page so people on the call would know who you are when you joined?
I couldn't get it to work in Firefox ESR on Debian 10, and audio was consistently choppy for me in Chromium 80 after I went through their forced account creation process. Zoom wouldn't use my camera either in Chromium :c
Jitsi and Google Meet worked by following a link and clicking one popup. Much easier UX
The spread may appear low in your city, but how much of that is from lack of testing? If your employees can work from home, it is best for you to implement work from home ASAP.
Businesses in Washington State have shuttered or gone to work from home over the last 3 weeks, had most businesses made this change earlier(eg: at the beginning of those 3 weeks) we would see much less spread and quicker easing of restrictions.
Is Alberta doing widespread Covid-19 testing yet? We had cases of teens with no international travel getting Covid-19 in February according to the Seattle Flu Study, there are likely more cases in Edmonton that exhibit minimal symptoms currently.
I was looking at the numbers for today (because I was curious about the U of A which has gone fully remote for course and exam delivery). There's a model in here https://medium.com/@tomaspueyo/coronavirus-act-today-or-peop... that you can plug numbers into. I would say work from home though, you'll feel absolutely devastated if one of your employees falls ill and you were the cause. Trust them to do their work remotely and they will reward that trust.
> "Hospital ICU units are not overwhelmed which puts a limit to total infections."
I wouldn't say that; reports coming out of Seattle look pretty grim.
"...Reports from the Seattle area, the epicenter of the U.S. outbreak, indicate that some of the city’s hospitals are nearly overwhelmed. One hospital’s note to staff, shared with New York Times columnist Nicholas Kristof, says the “local COVID-19 trajectory is likely to be similar to that of Northern Italy.” The hospital is down to a four-day supply of gloves..."
The healthcare industry can't afford to exist if they don't get paid by someone (whether that is the insurers or Medicare/Medicaid). We've seen mass closures of rural hospitals and medical practices as more rural Americans have lost insurance or gotten insurance that has large penalties for using said insurance: https://www.youtube.com/watch?v=18kxPz4Z_g8
Insurers themselves are a mixed bag, many have gone broke as IIRC the gov't managed pool of money they were supposed to pull out of/put money into to ensure no insurer went under from too many unhealthy, newly insured people has been starved of funding under our current administration.
Is it possible to give more details on all this? I was sim-swapped on the 21st resulting in a sizable bitcoin theft. I’d really appreciate it if you could email me at my contact email on my profile with any note it do you have. Thanks so much!
I was affected by this, they SIM swapped a line on our account twice, both times on Friday at 5:23pm (followed by swapping the old SIM back at 5:42pm).
Just received the CPNI notice today from T-Mobile, we had a 6 digit PIN set prior to the first SIM swap on January 10th, and changed it before the following SIM swap on January 17th.
T-Mobile told me these swaps occurred at a store for both attacks. I did remove all authorized users from the account prior to the SIM swap on the 17th. T-Mobile has refused to provide Seattle Police Dept with any info about the fraudulent activity, and left me in the dark prior to the letter today.
We need legislation around liability for SIMs, as every single large financial institution seems to be using SMS messages as proof of identity. Better yet, we need legislation that protects individuals from liability if a business uses SMS as proof of identity.
Edit: For ATT, I don’t know what power they give their employees to change or bypass people’s passcode, but as a user, all you need to reset passcode are last 4 digits of account owner’s social, billing zip code, and access to one of the phone lines on the account where they will send an SMS to verify you’re one of the people on the account.
I would hope that for much stricter processes to reset passcode, like a notarized letter or showing passport and physically going to a store to prove identity.
When my AT&T sim was swapped a short while back, AT&T told me the same thing about a retail store. The support person you talked to believes this because that’s what the computer system says. I even received an automated SMS a week later asking for feedback about my “retail experience” at that location.
The law enforcement task force I spoke to told me that in reality, the swappers have remote access to the admin portal and just fill out a field with a store close to your billing address to make it look legit. Nobody was ever at that retail location.
All of the metadata about the swap is manually entered by the attacker. The support people don’t understand that and just read off of their screen. Even the automated systems are fooled.
IIRC the 2019 report from HCSEC outlined the same bugs had yet to be fixed. I think Huawei doesn't want to fix bugs in products they aren't currently selling (in part based on Nortel code that has been patched over the last decade with new features), thus the lies and lack of investment.
More reading: https://www.fiercewireless.com/wireless/uk-says-huawei-equip... and https://aragonresearch.com/cyber-war-flashback-remembering-t...