Why does Samsung access my contacts and storage if I use their store?

If I want to access the Galaxy Store on a Samsung Galaxy phone I have to agree to a set of terms (Legal information). These terms are excerpted below:

All content made available to you by the Samsung Galaxy Store is subject to the terms and conditions set forth below…

In order to provide you with and further improve relevant services, the Samsung Galaxy Store accesses Phone, Contacts, and Storage. It also collections your device information (e.g. IMEI and model name) and service usage history…

I understand why it would collect “device information”, as any software downloaded and installed on your device would operate best if the software is tailored for a specific device/OS version etc. I assume these are the same reasons why a web page is given the operating system and browser you are using to access that page.

However can anyone give a good reason why Samsung would access my contacts? I’m not exactly comfortable with this, especially as I don’t see any reason for it for the purposes of making an ordinary app work. Also, when it says that it accesses my storage, does that mean that Samsung has access to my media stored on my phone? By that I mean documents, videos, photos etc?

Also I’m not sure if this question should be asked at another SE site maybe instead of here?

Access to foreign memory address

Question is pretty simple. Modern operating system like windows 10 isolates memory addresses for his processes so … how is possible that Cheat Engine can gets these address and changing their values ? At this forum have been already Question “how get pointers to foreign address ” – and the answer is : it’s not possible, bacause OS has isolated addresses for his programs..

Does the multilingual feat allow me to choose a language I don’t have access to?

The Pathfinder 2e multilingual feat says:

You easily pick up new languages. You learn two new languages, chosen from common languages, uncommon languages, and any others you have access to.

Uncommon character options, including languages, require some special feature to access. For example, Gnome Weapon Training grants access to Gnome weapons.

Does the multilingual feat allow a player to access an uncommon language that they don’t have access to? The text of the feat says you can choose from “uncommon languages”, it’s just surprising to me that a player could get carte blanche access to any language they want.

Secure GET-based remote API access via PHP

I am programming a way in PHP for my users to be able to access a remote API though my website. I was wondering if any of you had some input on whether or not this was secure (NOT considering any vulnerabilities that may be on the remote system)

$  url = sprintf("https://website.com/?uid=%s", $  _GET["uid"]; $  data = null; $  data = file_get_contents($  url); echo $  data; 

Is this secure? if not, can you explain why?

Note: The site does not return any value that is sent using the uid parameter.

Surface shader transparent- how to have access

I’m trying to learn how to use the transparent surface, but I use a texture with a black background, but nothing of the transparency does not happen, what is missing, could you give me a tip?

   Properties {     _MainTex ("Base (RGB) Transparent (A)", 2D) = "white" {}     _MaskTex ("Mask (RGB) Transparent (B)", 2D) = "black" {}     _ColorRed ("Red Color", Color) = (1,1,1,1)     _ColorGreen ("Green Color", Color) = (1,1,1,1)     _ColorBlue ("Blue Color", Color) = (1,1,1,1) } SubShader {     Tags {"Queue" = "Transparent" "RenderType"="Transparent" }     LOD 200      CGPROGRAM     #pragma surface surf Lambert alpha:fade     #pragma target 3.0      sampler2D _MainTex;     sampler2D _MaskTex;     half4 _ColorRed;     half4 _ColorGreen;     half4 _ColorBlue;      struct Input {         float2 uv_MainTex;     };      void surf (Input IN, inout SurfaceOutput o) {         half4 main = tex2D (_MainTex, IN.uv_MainTex);         half4 mask = tex2D (_MaskTex, IN.uv_MainTex);          half3 cr = main.rgb * _ColorRed;         half3 cg = main.rgb * _ColorGreen;         half3 cb = main.rgb * _ColorBlue;          half r = mask.r;         half g = mask.g;         half b = mask.b;          half minv = min(r + g + b, 1);          half3 cf = lerp(lerp(cr, cg, g*(r+g)), cb, b*(r+g+b));         half3 c = lerp(main.rgb, cf, minv);          o.Albedo = c.rgb;         o.Alpha = main.a;     }     ENDCG 

How to make it harder for a VPS provider to access my data?

I know it is impossible to completely prevent a host from accessing the data of a virtual machine (as noted here, here and here), but I think there is value in making it harder to do so. Bare metal servers aren’t always an option, and they are much more expensive.

Here is the threat model I have in mind:

  • Buy a VPS from a fairly small company, maybe even one managed by a single person
  • Harden the VPS as much as reasonably possible
  • Rogue government entity demands all the server’s data
  • The company may not have the time, knowledge or resources to circumvent the hardening
  • The company provides only the encrypted data to the government entity

Of course, said government entity could simply demand direct access to the host machine, but even then, it may still require them a good amount of time to figure it out, by which point the VPS owner may have caught on to what’s happening and wiped it clean.

This leads me to my question. Given the typical steps a system administrator may take to obtain data from a virtual machine, what could one do to make this process harder?

Edit: Here is what I have done so far: encrypt the boot partition (GRUB bootloader supports encryption), encrypt the root partition, encrypt the home directory w/ unmounting on logout, use linux-hardened, disable USB via kernel parameters (I am unsure if this helps?)

Dealing with the indexation of an article from a domain with no access

Good morning,

I’d appreciate if you guys could help me with a situation I have at the moment with the company I work in.

We’re an online newspaper focused in Technology articles, so have our own writers writing about different tech-related topics.

The problem though, is that our founders thought it would be a good idea to sign a contract with a traditional newspaper to give us a bit of a push in terms of traffic. The conditions of the contract are basically that our website is under their domain (mynewspaper.bigtraditionalnewspaper.com) and in return we get links in their webpage through a few widgets located in different sections. Also, we host ourselves our website and the content is of our propriety. Now, this big old traditional newspaper is many times associated with the far-ish wing political ideology in my country.

And now that the contract is about to finish and we’ll have to discuss to them whether to continue with this deal or get out of it, we have the following question:

In terms of positioning and indexing, if we don’t renew the contract and the big old traditional newspaper denies our friendly request of redirecting the current urls to a new domain of our own (mynewspaper.com), since they’re the owners of the current subdomain we are currently indexing for… Is there any way of fix this situation? Our fears are to have our articles indexed with both the old URLs and the new ones and the old ones leading to a 404 error because the other newspaper didn’t want to collaborate. The ideal situation would be them redirecting to the new domain and we handling the permanent redirections so that Google would understand we moved from domain.

How would you guys deal with this?

Thank you very much in advance for your time!

Is it possible to hijack specific e-mail with remote access?

I don’t know exactly how to ask this but I was recently presented with e-mails that look like they came from my e-mail and IP address but I didn’t send them and never saw them. It is a back and forth correspondence with another gmail account. Is it possible someone was able to set up a forwarding without my knowing and make it look like it was coming to and from me? I did find that someone had snuck in AnyDesk and had remote access to my laptop during this time, so they had access to everything.

Cannot seem to access Calculated column in Display Template via Managed Property mapping

Here is my situation:

I have a test/development site on SharePoint Online/Office 365 called TestSite3, and within that site a sub-site called TestBlog3 (a Blog site for making Posts).

I want to use a Content Search Web Part on the homepage to query all Post items from the blog, and then sort them by a custom event date value, but then if event date is not specified (it will be optional), use the post’s created date.

I have also made a custom Display Template in which I have the following managed property mappings:

<mso:ManagedPropertyMapping msdt:dt="string">'Picture URL'{Picture URL}:'PublishingImage;PictureURL;PictureThumbnailURL','Link URL'{Link URL}:'Path','Line 1'{Line 1}:'Title','Line 2'{Line 2}:'LastModifiedTime','Line 3'{Line 3}:'BodyOWSMTXT','Line 4'{Line 4}:'RefinableDate03','SecondaryFileExtension','ContentTypeId','IsAllDayEvent'</mso:ManagedPropertyMapping> 

In the Post content type, I have added two custom columns:

  • ZTest3Date: a Date column that is optional to the user to specify, supposed to function as an ‘event date’ for posts about events coming up
  • ZTest3Calculated: a Calculated column returning a Date. What I want is for it to return the event date (ZTest3Date) if it is set, otherwise return the post’s created date (Created).

Here is the formula I have in ZTest3Calculated: =IF(ISBLANK(ZTest3Date),Created,ZTest3Date)

I have seen formulas use brackets [] around the column names, but when I try saving the formula with that it automatically removes them, leaving the above.

I go into the site’s search schema to look at the Managed and Crawled Properties. I use ‘z’ in the search box to filter them down. The ZTest3Date column I made shows up in Managed Properties as ZTest3DateOWSDATE. There is no Managed Property for the ZTest3Calculated column.

In Crawled Properties, I see ows_ZTest3Calculated, ows_ZTest3Date, and ows_q_DATE_ZTest3Date.

I can put ZTest3DateOWSDATE into my Display Template in Line 4 and it works, but that’s only half my solution; I want to handle when there is no event date set.

Since ZTest3Calculated is not available as a managed property, I understand that it is recommended to map the crawled property to one of the pre-set columns SharePoint provides, so I mapped ows_ZTest3Calculated to RefinableDate03.

I have re-indexed the Post list and waited a while, but it does not seem to be working; I have also tried assigning an alias to RefinableDate03 and updating the Display Template, still no luck. When I debug the JavaScript code I put in my display template file to read what is coming into Line 4, it is blank always, whether or not the event date is set. So either the RefinableDate03 mapping isn’t working, or my ZTest3Calculated column isn’t working. Or something else I’m not aware of.

Sorry this is so long, but I feel like supplying the context and my setup is important. I have driven myself crazy with this over the past few days, and would appreciate if someone might have some knowledge of what I’m missing.

I appreciate any help, and thank you for reading all this!