Presumably, to get the truck pricing you have to buy by the truckload which is too much concrete for some projects. If doing it onsite was cheaper at quantity, you'd never see a concrete truck on the road -- all the big construction sites would be saving money by mixing onsite.
There is the issue of the TLS connection of images fetched in the app (other things too?) being tied to a domain without a valid cert. In other words, you could MITM the TLS session between the wifi user and the Tindr servers for AT LEAST photos within the app, perhaps more (authentication? other app behavior?).
Because the app isn't strictly enforcing the validation of the cert of the photos domain it's trying to reach to pull photos, your MITM server is free to serve to the app as if it was the server on the Internet.
Personally, I'm resisting the urge to MITM a coffee shop wireless AP and replacing all profile image requests with a request for a random picture of Donald Trump.
Only a half key exists in permanent storage on device. The other half paper key is loaded into memory for transaction signing, and then removed from memory the moment the transaction is sent off
I agree that you need "both halves" in this scenario to sign the transaction.
At some point during the spend from the wallet, the privkey that matches the wallet pubkey has to touch memory. This privkey can in theory be compromised in a number of ways with malware on the spending system (keylogger, screen caps, process memdump, etc).
I think the safest way to go about this is to generate an entirely new keypair/wallet on an isolated system. Spend from your wallet then transfer the balance to the newly created wallet. This minimizes losses as a result of privkey compromise (unless of course your isolated system isn't so secure)
Chat API's are good because the traffic to "facebook.com" probably won't be detected as malicious by most firewalls.
Your fallback should be a peer2peer network in DHT style, scanning the entire IP address space on a well known port to find nodes to connect to.
When a node is found, addresses of other nodes are requested, and a cache of a few thousand infected nodes kept to use as seeds for future connections.
Imagine you have 1 million infected machines, then most new nodes will find and connect to the network within 4000 packets sent across the network. For good measure, build in a list of a few thousand addresses into the malware as bootstrap nodes.
TOR does not protect DNS queries out of the box. You must configure your PC to query through TOR or all of your DNS queries have the potential to leak to your ISP
This seems like a really cool device. One that I would certainly purchase.
What weird stretch goals they have. I wonder if these are jokes?
"$8m = Signatures of entire team printed inside the phone case
$10m = Free encrypted VPN tunnel service for all backers for 1 year
$20m = Candy Crush (clone) available for free"
This is one of the biggest points that I have seen taught in driver training courses and repeated throughout my life. Most of the events people refer to as car accidents are crashes/collisions.
This is definitely a confusing sentence, especially for a non English speaker. You can reword the sentence and add something in front (e.g. "The researchers"). "The researchers are using psilocybin assisted group therapy for demoralization in long term AIDS survivors."
AIDS surviors have "demoralization in them". The psilocybin assisted group therapy is being used for that demoralization.
