EDIT: Didn't realize you were referring specifically to the sneaky pop-up. Agree with you on that one.
From a brief reading of it the other day, it seems data that is necessary to provide a contracted service (like, say, providing access to a cellular network) has a specific exemption to express consent.
Check out items 1a & 1b in Article 6 of Chapter 2[1]:
"1Processing shall be lawful only if and to the extent that at least one of the following applies:
A: the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
B: processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;"
Re: your second point: cellular providers will "automatically" get to track you in real time for the purpose of cell tower hand-over etc.
They do not automatically get to keep that data forever, or sell it to a third party. According to how I read the GDPR - I'm not a lawyer ; this is not legal advice, etc.
I don't think anyone is saying that prison labor is in any way reintroducing the economic impact of 18-19th century slave trade. But, as a country, the US:
1) Incarcerates people at a higher rate than any country besides Seychelles
2) Abolished slavery for all persons except prisoners:
"Neither slavery nor involuntary servitude, except as a punishment for crime whereof the party shall have been duly convicted..."
Between local, state, and federal prisons, we're looking at roughly 500,000 imprisoned for drug-related offenses[1]. Yes, the labor of these people is a trivial portion of the overall economy, but it still produces huge profit for those running the show: CoreCivic has a market cap of ~$2.6 billion. They exist to extract value from the lives and labors of the people who their institutions keep under lock and key.
There is a direct incentive for these corporations to increase the number of prisoners in the system, and they leverage their power to pursue that incentive, lobbying for and even drafting legislation that enforces three strike and mandatory minimum rules.[2] They are actively pushing governments to imprison more people, and profiting from the resulting state sanctioned slavery.
> Whether to call it a back door / flaw / trade-off is just quarreling over semantics
I think this is writing off a significant portion of the meta-story here, semantics matter very much in journalism. While the technical nuances of trust are important, they won't be understood or digested by the average reader. What will be remembered is the headline, which doesn't say "Whatsapp is as secure as iMessage" it just says "Whatsapp has a backdoor".
The story you tell is framed by the audience that's listening, and the framing the Guardian chose unfairly paints Whatsapp as not just secure, but less secure than alternatives by singling them out. That's not an accurate story.
Anyone have experience with this program without an academic CS background?
As someone with a BS in Materials Science & Engineering (at best a tangentially related field via sparse EE coursework) who does some level of programming at a tech job now, I'm curious what my prospects for admission would be. I'm confident I could handle the coursework, provided I could get my foot in the door.
As a related question, they mention taking courses to fill holes - are they receptive to Coursera offerings?
Yes, many of our students come in with either tangentially-related backgrounds or even unrelated backgrounds -- we look for students with outstanding analytics potential, regardless of background.
And yes, online learning and/or self-taught learning is definitely fine as hole-fillers; we just want you to have the necessary background to succeed, and however you get that background is up to you.
> TIL I'm as good as a state level intelligence team.
Not to totally ignore the pithiness, but I feel like your comment touches on something I see a ton here (and elsewhere): an offhand dismissal of the 'state level' intelligence capacity.
At the end of the day, the systems were exploited. That more sophisticated methods went unused should be a measure of efficiency and not necessarily execution. Why break out the trick play if your opponent can't keep from you running it up the middle?
If you are targeting a US political entity, using a staging server in Russia probably isn't the worst idea, so unless the IP address directly ties to the Russian government/intelligence services, it's still only weak evidence of Russia's involvement.
>hat more sophisticated methods went unused should be a measure of efficiency and not necessarily execution. Why break out the trick play if your opponent can't keep from you running it up the middle?
I question how efficient it is to get caught red handed in the cookie jar of the worlds only super power.
Sure Vladimir Putin could invite President Obama to a state dinner and then proceed to blow his head off with an AK-47 but that would lack the subterfuge I expect from "state level actors". If this is indeed the Russians, they are as laughably incompetent as our elected officials in regards to infosec and thus a threat to no one.
Publicly assassinating the president of a country is slightly different then pilfering clumsily guarded emails of campaigning politicians. One starts world wars. The other doesn't.
http://www.allgeneralizationsarefalse.com/