Soli

About

Username
Soli
Joined
Visits
172
Last Active
Roles
member
Points
17,049
Badges
2
Posts
10,035
  • If both your iPhone and passcode get stolen, you're in deep trouble

    tyler82 said:
    This is why my passcode is 13 characters. 

    And if a thief has a Cellebrite and you have a dinky 4 digit passcode your phone will be hacked faster than you can say hack. 

    Your 13 characters is surely more entropy than the average person, but you can get even more secure with an even shorter passcode if you do use what i call "extra special" characters in your passcode. Those are the long-press characters that Xed mentions in an earlier comment. I'll talk about these further down.

    If you use the "typical" character palette of upper case letters (26), lower case letters (26), numbers (10), you have 62 options per character, but why not use all those "special characters" that are also available which I think bring you another 35 options for a total of 107 options that work great on the iOS keyboard, which is more than any website will allow.

    That means a 6-character passcode would be 107^6 for a total of 1.5 TRILLION possible combinations compared to a 6-digit PIN which is 10^6 for a total of 1 MILLION options. It really doesn't take much longer to input and because of Touch ID and Face ID not requiring you to unlock with your passcode constantly there's no reason not to have a more secure one.

    But wait, there's more...

    If non-alphanumerics for passwords, like punctuation and other non-alphanumeric characters, are referred to as "special characters" I've deemed the much richer palette of characters available for the long-hold on the iOS virtual keyboard as "very special characters."

    For example, if you hold down the 'a' key on at the American English iOS keyboard (same for macOS, btw), you get the options (à, á, â, ä, æ, ã, å, ā). These are all valid for Apple OS passwords and they're all unique Unicodes so they won't be registered just the letter 'a'. But not all have so many options on the long-press. The ampersand (&), for example, only has the section sign (§) as an option.

    By my last count of the American English iOS keyboard there are 210 options. That means that a 4-character passcode would be 1.944 BILLION options. Moving to 6-characters it's now 85.8 TRILLION. Your 13 character passcode will have 1.54 nonillion possibilities (1,540,000,000,000,000,000,000,000,000,000) if you were to include just at least one "extra special character" into the mix.

    Now imagine how many options it'll have if we include Emoji. I'd wager that some people could remember better with a pictographic password.

    PS: It's never a good idea to tell people how long your passcode is because, for example, that eliminates having to try any combination that is more or less than 13 characters. If you're running a system to crack passwords you would start with the most common passwords and then dictionary words before starting from the shortest and going through them in order. Since you told me it's 13 characters I would use dictionary words with a length of 13 characters. High entropy is good, but not knowing what that entropy is is even better. Your 62^13 password possibilities has been changed to 62^13 - 62^12.
    Xedmuthuk_vanalingamroundaboutnowjony0
  • It's Apple Card payment due date for most, and an outage is causing problems

    If that happens you'll likely get any late fees and interest penalties waved, but you may have to call in to get it worked out which means using your time as well dealing with the stress that comes from a responsible person not being able to pay their bill on

    For those reasons, you may want to pay it earlier in the month. A good time to pay your GS Apple Card around the middle of the month. This is because they seem to report to credit bureaus around the 3rd week of the month. What they report is if you paid on time since the last update, your credit usage, and your credit limit—the last two which tell the bureaus have much of your revolving credit is currently utilized.

    This means that even if you pay off your card in full each month, if you use it heavily each month you could have a utilization rate each month that negatively affects your credit score and certainly works against your debt to income ratio if you're trying to make a large purchase, like a house. You can sometimes google this info,z but I've mostly found that I've had to call to find out when my creditors are usually doing the reporting.
    Xed
  • iPad cellular signal crucial to rescue of family stranded after plane crash

    Nice! That's got to be scary at any age. I hope the 13yo doesn't get a fear of flying after this experience. I'm guessing it doesn't have a modern ELT (emergency locator transmitter) in it if they had to rely on cellular-based device for location. Less likely, but still possible, is their ELT failed.

    I had an Artex 345 installed because even if I wasn't injured from the crash itself, the time between the crash occurring and being rescued could be the difference between life and death. The archaic location system that came with the plane only pinpointed a very large area (and I'm not even sure it would've done that if you read the link I posted below), which means search and rescue would have to navigate an excessively large grid looking for wreckage—782 square miles. For the price of a new iPhone it seemed worth it to get an upgrade that increases the accuracy to 339 square yards. I hope I never have to use my ELT.

    The Cessna 150 was produced from 1958 until 1977. This Cessna 150 is from 1967 with tail number N6714S (not the same plane in the photo, which is a CA plane built in 1969).

    Neat stuff in that article:
    JWSCroundaboutnowmuthuk_vanalingamXedravnorodomtokyojimu
  • Flying with iPad mini: A pilot's review

    dan4rth said:
    Hmm, so Mr. Oglesby is 35 years old and has been flying planes since 1985… Perhaps he became a pilot while in the womb?
    The article says he has 35 years in aviation, not 35 years old. 2021 - 1985 = 36, so his experience is likely 36 years, and could round to 37 years depending on when we started in 1985.

    crlee said:
    Just curious…. How does one in small planes like this connect to the internet while in the air?
    This is a very complex and lengthy explanation if I were to detail all the ways in which Foreflight works. It's an amazing piece of SW that I was personally was happy to see mentioned by Apple a couple times during the event, and is now shown on their website. I think this was the first time they've done this.

    Adding to what others stated, you usually create your flight plan while you have access to the internet. You can adjust your flight at any time and it will updated on the fly, but there are things that may not "pack" if you're not connected. Typically you'd already have the maps for your areas and types and flying downloaded, but they may have to be updated if they're out of date which is every 56 days for visual flight rules (VFR) maps. Then you create a plan on the path you'll fly which will then "pack" everything you need for your trip like icing, turbulence, and surface analysis layers, and other info that can help a pilot fly safely from origin to destination. You also get various maps showing current and projected weather conditions. Pretty much everything you need to make an informed decision before you leave the ground.

    If your iPad is connected to modern avionics you can get up to date traffic and weather in Foreflight on your iPad as an overlay . Additionally, you even have the option of being able to send a new flight plan to your avionics (instead of just receiving info on your iPad in flight) with a quick drag-and-drop of your finger on the iPad.

    Garmin has their own software that works in a similar way, but Foreflight is the most popular option. I only have Garmin avionics in my plane and it all connects to Foreflight with ease.


    muthuk_vanalingamXedwatto_cobraroundaboutnowFileMakerFeller
  • AirTag hacked and reprogrammed by security researcher

    OT: @Soli, nice to see you back. Where have you been?
    It's good to be back.

    dewme said:
    This is an interesting argument that reminds me of the difference between "communication" and "connection," both at a technical level and a human level. Commenter ppietra's points are valid for many networking protocols that support both connected and unconnected messaging, where connected messaging generally infers that there is a notion of session/connection state information that is maintained by the endpoints and intermediaries that exists even when packets are not being actively sent of the wire. This contents, context, lifetime, semantics, and roles related to this state information is protocol specific. That's all fine and good.

    The human side of this argument falls along the lines of the distinctions drawn between communication and connection that are the primary focus of writers, speakers, and presenters like John C. Maxwell, most notably in his book "Everyone Communicates, Few Connect." I'm not going to rehash the book here, but it is very evident that there's a whole lot of communication taking place around the topic of connections, but not very much connection is actually happening.
    Your mention of sessions makes me think I know where those chuckle heads were misunderstanding basic networking lingo. Take TCP v UDP for example, which many here probably learned about at one point. One is considered connection-less, but that's simply because it doesn't do the three-way handshake before sending data, which is first reaching out, then being informed that you were heard by the recipient, and then having the initiator reach back out to the recipient to say they got their message before sending the encapsulated data. There are also additional messages (read: overhead) for verifying the data that was received yada yada yada that makes TCP a heavier protocol over UDP, but in both cases a connection has to be made, it's just that with UDP and many others don't first establish a connection prior to transmitting data. You let other protocols and often higher layers figure out what was and wasn't received and then make additional requests as needed.

    But that's all higher up in the OSI model. Even if you could use all connection-less protocols (read: protocols that don't establish a prior connection before transmitting) they still need would need to be run on on a connected network at the lower layers before they can operate and then would need other layers to verify that data was received. Even something as basic as plugging in an Ethernet cable connects something. In this case it's physical connection, and that can sometimes be the problem if there is a fault in the hardware.

    Each connection opens up the possibly for more complex connections but the model still works the same regards of how technologies evolve. I've spent decades designing, building, optimizing, and troubleshooting networks. I can't tell you have many times I've had to come in to resolve was I was told were unsolvable problems that turned out that they were simply digging at the wrong layer, so to speak. I can't fault those who don't work in IT for not knowing, but I'll be forever perplexed by someone in IT that can't figure out why someone's [insert app] isn't connecting without them ever trying to ping an IP, go to another website, or even check the bloody physical connection to narrow down the scope of the problem. A systematic approach has never failed me.

    I preciously used the example of establishing links to satellites because there is no handshake. Usually you see the word link in this context, but a link is just a connection. First the physical layer, which will mean the radios and antennas with the correct modulation for that medium and without obstructions/interference. If these aren't congruent then there is no connection. Period. Then the data link layer, and so on. These are still connections even if we don't see a physical cable running to the satellite, without a three-way handshake between nodes, and without the satellite verifying that we're receiving data.

    PS: I'm still laughing about someone saying that Bluetooth and NFC aren't a part of networking. I guess this place hasn't changed much.


    Xed