# Rant

Random ramblings, bad mood, foul language - everything the internet was invented for.
Tuesday, February 18, 2020

Made a bit of progress on the bypass sms verification code when signing up for a new Google account. The whole system is breathtaking from a technical, legal as well as a psychological persepective.

At least on Android, the user is deliberately steered into a “sunk cost falacy” type of situation that suggests that s/he just wasted a couple hundred bucks on a toy that won’t work properly unless connected with a Google Account. Of course, the phone screen is too small to read the terms compfortably and the default is to skip reading your contract anyway. If you want to know what you actually agree to, you pretty much have to look at the wire protocol (it is a lot). How on earth is it that we don’t have laws against this?!

Monday, February 3, 2020

Gosh, I hate SSL/TLS. What most people don’t know is that it’s not a cryptographic protocol in itself, but rather a means for negotiating which cryptographic protocol you want to use. Of course, you have to be an expert in the field to choose wisely, so the general advice is to stick with the defaults. Obviously, I can’t do that, so now it’s Passierschein A38 hell.

Tuesday, October 29, 2019

Stop telling me, I need an anti virus app…

Guys, computer viruses were a MS DOS phenomenon: code fragments that basically just scanned the filesystem for executable fiels (COM, EXE, Bootsector) to implant a copy in. There were two preconditions for a virus infection:

  1. The user needed full read/write access to the whole filesystem.
  2. Users had to carelessly swap infected floppy discs.

Android apps are sandboxed from each other and the app store concept ensures that you are no longer share infected binaries with each other. You don’t need anti virus apps and you should not install them either.

Wednesday, July 13, 2016

*Poof* your GMail has been disabled

Can't happen? Does! Be careful what you sign up for (pun intended).