If you make 31k, you likely don't have the good health insurance of the OP, and your final bill would be hundreds of thousands (i.e. it couldn't be afforded)
In reality you would end up on Medicaid. There would be limits to what hospitals you could go to for treatment, but you wouldn't be stuck with the bill in the end.
Basically the way the American healthcare system works, they will eventually pick up the tab. They just go out of their way to bleed you dry on the way.
If you make $31,000 as a non-elderly single person, you’re at 250% of the FPL and there is an 89% chance you’re insured: https://www.cbpp.org/uninsured-rates-are-higher-at-lower-inc.... Under Obamacare, there really isn’t any health insurance plans that will leave you with hundreds of thousands in costs without coverage (leaving aside surprise out-of-network doctors and that’s a loophole people on both sides of the aisle are trying to fix).
If you delete your remote backups, they are likely be deleted, eventually. If you don't delete your remote backups, they won't be deleted.
There's no business case for keeping backups around for Apple, unless they suddenly became an ad company and started mining your backups for personalization data.
There is a business case - charge the FBI or any government agency for the cost of restoring/delivering it to them, or use the contents to improve any machine learning they are conducting, and I'm sure there are others.
For the longest time Facebook couldn't actually delete photos that you requested the deletion of. They could remove it from indexes so it couldn't be found, but if you had the link it would still be available (akamai cdn). Because, to them, either the cost of the hosting was miniscule compared to the cost of writing the software to ensure things actually got purged from the CDN.
In the EU, big tech companies actually delete your data within a short period of you clicking the delete button because they're scared of the GDPR requirements.
Outside the EU, small companies, or non-tech companies might we'll keep it forever.
It is not a backdoor, nor does it circumvent anything.
It is a front door convenience feature which has distinct privacy/security trade-offs.
There exists no magical way to provide a means of lost password/device recovery which doesn’t grant Apple access to decrypt your data. It turns out that a lot of users want to have a way to recover from a lost device/password and are willing to let Apple decrypt their data.
You do this by ticking the ‘iCloud Backups’ toggle on your iPhone.
A backdoor by definition is not a user facing and configurable feature which is thoroughly explained in end-user documentation.
I’m not sure about that. Face and fingers are typically authentication mechanisms. They can grant access to a key, but they cannot themselves be the key.
The thing doing the authentication can be your local device, or a cloud-device. That thing must necessarily store a validator for your face/fingerprints which it can use to decide your submitted capture is “close enough” to consider a match, after which it grants access to the key, usually indirectly, by allowing certain cryptographic operations with the key.
Apple takes pains to ensure the biometric validators never leave the Secure Enclave of a local device. Possibly they could allow syncing these validators between Secure Enclaves of paired devices but I think you have to re-enroll. Absolutely never do they transmit these biometric validators to the Cloud in a readable form.
So in a lost-device scenario, you are also losing the biometric validators as well as the keys which were unlocked by the validators.
I think storing decryptable biometric validators is worse than storing decryptable device backups. Such a fingerprint database would almost certainly be abused by a government (forced to match a terrorist’s fingerprint against their users).
The singular reason I am willing to use biometric authentication on my phone is because the authentication is done locally.
For example Amazon’s recently announced project to link Amazon Pay to a palm print in stores is a total non-starter for me. Besides the fact that it’s a clumsy and bad idea to begin with, no way I want them having my palm print validator sitting in the Cloud.
> They can grant access to a key, but they cannot themselves be the key.
My assumption is that device recovery is such a special case, that it can use very different algorithms than those used in phones today, they could be very computationally expensive and turn fingerprints into usable keys. And of course there is no need for anyone to store them or being able to match them individually or even just tie to an identity of a person.
There are two things that make this problem “hard” if not “intractable”.
Encryption keys are precise integer values (or can be represented as such) and they gain a large part of their security from two facts; a key that is wrong by even one bit will appear totally wrong / disclose zero information, and two, the key space is unfathomably large.
To turn a fingerprint directly into an encryption key would require first; some sort of mapping between the analog representation of the finger/face (which could be two or 3 dimensional) into a digital value, and second; for that value to be absolutely repeatable over time.
The biggest problem is that of course neither your face, nor your fingerprints, are absolutely unchanging over time.
So the first thing you would somehow need to accomplish is a way to map the biometric scan to a repeatable precise integer value. Such a mapping would require, by definition, a loss of precision.
How much precision? Well, it’s directly a result of how resilient you want the algorithm to be in the face of things like scanning error, micro-abrasions on the finger, body fat percentage, the temperature of your hand, swelling, hair growth, etc...
The less precise you make it, the more different fingers (or different scans of the same finger) must necessarily resolve to the same key.
This is the same thing as saying that we are reducing the key-space.
Once you have reduced the precision of the mapping from a biometric scan into a key that will reliably generate the same key over time, you have, by definition, reduced the key space to the point where the encryption is fundamentally unsound.
The only exception to this would be perhaps using DNA sequences, but even then, I believe DNA is not actually perfectly unchanging over time, and is also not at all random [1]. But assuming you could probably handle the minute coding changes that do occur, and reliably scan the same part of the genome, I think you could end up with enough entropy to generate a secure key. Assuming you are willing to precisely sequence a chunk of DNA in order to generate your key. This is rapidly becoming feasible, if not somewhat dystopian and entirely impractical.
But you still have the fundamental problem that the key is not being generated as a uniformly random value in the key space. This happens to be extremely important to the security of encryption algorithms. You wouldn’t want, for example, a close relative to be able to cut your entropy from 512-bits down to 64-bits and into the realm of brute force.
In short, biometrics will remain an authentication method rather than a direct encryption method, likely indefinitely.
I found some research on fingerprints [1]. At 512 dpi fingerprint sensors have 0.01 bits per pixel of information mutual between samples but still individual, meaning that 160x160 sensors can give 256 bits of information usable for keys. And there are multiple fingers, so it seems enough to derive an encryption key from and even some room for redundancy.
Refreshing it every few years isn't a big deal (as obviously none of it will be used directly as an encryption key for all of your data, but only to encrypt an actual encryption key).
That paper has absolutely nothing to do with generating keys directly from an image of a finger. They are discussing the lower bounds on how small a fingerprint sensor can get.
It doesn’t seem like you read my reply at all.
It’s not a question of raw entropy from the sensor, which is what the paper is discussing. It’s an issue of repeatability.
To quote spoc in ST-TWOK: "not a lie, an ommision".
It isn't a deliberately implemented backdoor. It is a deliberate decision to not install doors at all, just empty frames. I know we are arguing semantics here, and it doesn't make it right, but it doesn't go against the letter of how they've claimed they'll behave.
For reference, 138% of the FPL in 2016 was $16,394. She was laid off in May (let's she got one pay check), meaning that if she was making $44,000 or more, she would not be eligible. After 10 years on the job, it seems likely that she would be making that much.
Last year there were reports out about how watching sport might be tricking us into thinking we've participated in such a way that it increases sedentary behaviour.
Interesting. My friends that watch the most sports seem to be the most overweight. I expected this to be the opposite, but maybe this is normal. Probably just anecdotal.
In a sentence, "Participants that watched sports every day were at higher risk of obesity [odds ratio = 1.39, 95% CI, 1.15, 1.68) after adjustment for age, sex, smoking, alcohol, physical activity, total TV time, disability, and self-rated health."
Based on what they're controlling for, and assuming that the conclusions hold, my guess would be that watching sports on TV is also associated with increased snacking.
Don't donate through Facebook. Their processes are pretty unfriendly to the charity receiving the money. They float the money for an unspecified amount of time, which hurts charities' cash flow. They provide less donor data, so charities can't thank donors or reach out to them again in the future. And if it's a personal fundraiser, even if the money goes to charity, Facebook does charge fees.
Just give directly to the charity. If you're concerned about the fees, just cover them yourself. Industry standard is 2.9% + $0.30.
I run https://hackclub.com, which has received donations via Facebook, through Stripe on our website (https://hackclub.com/donate), through individuals, foundations, and donor-advised funds writing checks, through systems like Benevity (https://www.benevity.com) that facilitate corporate matching programs and send the funds via ACH, and probably through nearly every other method out there.
Here's a breakdown of our processing fees:
* Facebook: None. They cover the credit card fee. If you're interested to see what data nonprofits get from Facebook, here's exactly what I see for our 2018 fundraisers: https://i.imgur.com/lsCFqJh.png. Facebook has not taken noticeably longer to disburse funds than foundations we've worked with.
* Stripe donations: 2.2% + $0.30 for Visa / Mastercard, 3.5% for American Express (this is the nonprofit rate)
* Receiving checks: $25/check. We outsource receiving checks to a vendor to make sure they don't get lost and that we aways have scans on file.
* Benevity / electronic transfers / wires: None (our bank charges no wire fee)
On top of that, it's important to note that checks and manual ACH / wire transfers take the most processing time for me, as for each check I need to work with our accountants to ensure donor information is properly on file and the donor received any needed tax documentation. We're small enough where I'm still doing this myself for each check, which probably takes me 20-30 minutes for each donation. Up to an hour if the donor didn't include all their tax information with the check.
> If you're concerned about the fees, just cover them yourself. Industry standard is 2.9% + $0.30.
I can recognise, from the links in this blog and other posts on the same blog like [1], that the author is giving a double-digit percentage of their income to charity. Maybe as much as 50%.
A person earning $100,000 and giving $50,000 to charity who paid a 2.9% card fee would be giving $1450 to a credit card processor - money that could have gone to the charity had they simply done a bank transfer instead.
Of course, for many charity donors paying by credit card is fine - better a moderately efficient donation that happens than a highly efficient donation that doesn't happen because of the inconvenience barrier!
Yes, if you're giving enough that the credit card fees are substantial, then you should be using another payment method. At worst, mail them a check. There's nothing better for a small non-profit than to open a letter containing a large and unexpected donation check.
In my experience, most people making gifts >$25,000 are either making them through a foundation or through a donor-advised fund, both of which almost always write checks.
Charities send mail because it helps them raise money, and it's one place that direct mail still works, and it works well. You can call the org and have them take you off their mailing list. I would just ask that if you do, also set up a recurring donation. One time donations are nice, recurring donations are better.
But if you're more comfortable giving Facebook more data about you (donations contain a lot of information) but not giving that data to the charity, why are you donating to them in the first place?
> Charities send mail because it helps them raise money
not every activity that helps you raise money is something you should do, even if you're a charity.
if they'd confine themselves to pestering donors who'd given them >$500, or even donated more than once, it'd be one thing.
> You can call the org and have them take you off their mailing list.
been there, tried that. less effective than you'd like me to believe! (and then they've got my phone number, too.)
> But if you're more comfortable giving Facebook more data about you (donations contain a lot of information) but not giving that data to the charity, why are you donating to them in the first place?
i don't care if the charity knows who i am; i don't care if anyone (facebook or otherwise) knows about my donations.
i care that the charities will pester me for YEARS because i gave them less money than they'll spend printing out the wads of full color mail they'll send me.
Are you asking why people don’t want to sign up for getting spammed by charities? Just because it’s easy to unsubscribe doesn’t mean I want to have to do that.
I just want to help out a non profit. My recurring donation is that they don’t need to waste money to spam me anymore.
> [Facebook] provides less donor data, so charities can't thank donors or reach out to them again in the future.
As a donor, I've found myself giving more often through Facebook to keep my contact information more private. I tend to unsubscribe from mailing lists and set up Gmail filters, so perhaps I'm more sensitive to unsolicited mail than average.
In my experience, most of the charities and institutions I've donated to directly (e.g. Red Cross, National Park Foundation, my university) send mail for years after a donation. Some of them like the National Park Foundation share your information with other charities so you get even more unsolicited mail.
In contrast, as far as I can tell, I haven't received any physical mail nor email after donating through Facebook. The privacy, for lack of a better word, is compelling enough I'd prefer to look up a charity on Facebook rather than going to their website directly.
I just donated through FB to see how it works. It looks like FB gives the user an opt-in to share info with the charities. I like this, because I get spammed all the time by previous charitable donations.
Can’t speak to the payment timelines, but the fact that fb gives me more control is nice.
Also, from their documentation, it looks like nonprofits do see my name. The opt in is for sharing my email.
You vastly overestimate the security of safes. It might take a while and you might kill a few drill bits in the process, but you could definitely drill through most safes, especially in home installations.
As far as relockers go, you've already resorted to destructive methods. If you find that it's worth opening after drilling, then you'll find a way in.
The freedom of press in the 1st amendment refers to the printing press and the owners of those presses didn't want to be restricted on what they could print or be forced to print things they disagreed with.
It was not, in any way, intended to refer to "journalists", a group whose only defining characteristic appears to be employment by a certain group of private companies.
