News/Interesting Stories/Beautiful Pictures from Europe 🇪🇺
(Current banner: Thunder mountain, Germany, 🇩🇪 ) Feel free to post submissions for banner pictures
(This list is obviously incomplete, but it will get expanded when necessary)
Also check out !yurop@lemm.ee
And if the UK rejects an update, that update cannot be released in any other nation and the public would not be informed of the decision.
That sounds like the UK wants every software and hardware vendor to flee its market.
I don't see how that part is supposed to play out anyway.
What happens if the UKHO rejects an update, but it is then rolled out everywhere else?
So, did someone tell them the Empire is long gone and after Brexit, UK's all on their own now?
...which you btw can also clearly see by Apple freely attacking them in this article. They are neither afraid nor do they feel the need to appease.
“We doubled our domestic software industry!”
The UK has always had a very authoritarian streak.
People often think of this as a Tory problem, but it makes Labour jizz their pants just as much.
And if the UK rejects an update, that update cannot be released in any other nation and the public would not be informed of the decision.
So,.... say, I find a major bug in a widely used software and inform the vendor. Said vendor informs the UK bodies and they reject the update and it is bound by the decision to stay silent and don't patch it. What stops me now to go full public disclosure of the matter? From my perspective I told them the big, I might even have confirmation, that it's worked on and then... silence. The only way to get this patched in a timely manner would be massive public pressure.
Police knocking on your door stop you. This is clearly an attempt to protect their own backdoors from being patched so they can continue eavesdropping
First - if I'm not from the UK, thats very unlikely. At least because the UK wants it to happen and not for other reasons.
Second - the moment the information is out, it's too late. Their zero day is burned.
Third - the police needs to know where to knock. If I publish the information in a way that can be associated with my identity and I'm the one that alerted the vendor, sure. But even if I'm a completely random person that immediately goes full disclosure - doing so may in a way that identifies me might hurt me anyways, depending on my jurisdiction. So for individuals it might be the smarter play to make it less traceable.
Fourth - imagine Google's Project Zero or another "huge player" finds the Bug and alerts the vendor. Google e.g. has a policy to fully disclose the bug, if there's no fix within a specified time-frame. This might be extended for reasons, but only of there's a good reason. If the vendor cannot say why they don't patch, well that's none of these reasons.
You're missing the point. They are blocking the security patches themselves. "Google has a policy to.." is invalid when a nation state, especially not one with one of the strongest intelligence gathering apparatus in the world, has a law telling them what to do.
Google already works with the intelligence agencies. It would be naive to assume otherwise
A completely random person anonymously putting the information out online is not the person releasing the security patch. That's probably why they are focusing of the updates themselves. Easier to hold someone responsible
Is this the whole save the children by having no encryption thing again?
Wild to think anyone is stupid enough to think the uk has that kinda pull.