It's not really a good option, however SMM mode could be (you'd need to figure how to do network calls, though). The only thing changed by UEFI in this case is unified interface to register SMM components (You can have UEFI system with no SMM).
Followed the link and the read me is bit spare on details. For the less technical this still would require the phishee to manually enter credentials which then can be relayed to the attacker. Correct? The article mentions this happened while the author was asleep — any thoughts on how that would work?
One thing that can happen is you get enduring credentials from the OTP sign-in, and they last despite other credentials simultaneously existing elsewhere.
I only use Facebook trapped inside Facebook Container in one Firefox on one computer. But my understanding is that it's possible to sign in to Facebook from say a phone and a laptop at the same time, so the bad guys could get you to give them working credentials one day and persist those until you're asleep before using them. If you went to Facebook's security settings "Where you're logged in" and it lists two logins, one in "Paris" while you are in New York, you might realise there's a problem and force them out. But most people likely never look at that, why would they?
What is less clear to me is why he borrowed so much money to setup this business? The debt had as much or more to do with his going broke than the flawed whistleblower process. As with many things in life this is a cautionary tale about not counting on something before it’s done.
I would take a look at this article for a good primer on multi-tenancy patterns as it relates to Rails. I have not used the apartment gem but there are numerous tutorials on how to set this up.
Agreed, terrible name. Can you imagine getting on an airplane with Boom painted on the side or waiting in the Boom terminal? I like fast airplanes, but I think they need to come up with a better name.
Thanks for the feedback -- I see your point about finding a balance between "anything" or just one thing -- I will look to incorporate this in the next update.
This is my first project, while trying to teach my self about web development. I should have been more clear that this site only searches the data posted to Tesla's US pre-owned website. My goal was to allow people looking for a used Model S greater searching capability than is available from Tesla. I would appreciate any feedback. Thanks!
