It's the attacker site that frames the victim site in this attack, not the other way around.

> The NSA compromised lawful Russian interception infrastructure, SORM. The NSA archive contains slides showing two Russian officers wearing jackets with a slogan written in Cyrillic: "You talk, we listen." The NSA and/or GCHQ has also compromised Key European LI [lawful interception] systems.

Are these the same sort of 'lawful interception' systems that western governments are constantly trying to ram through "for the children"? The ones that they constantly assure the public are 'secure' and will only be used for 'lawful purposes'?

Google, Amazon, Cloudflare, Microsoft, etc?

The AI we have today is not capable of the kind of malice that people seem to be afraid of with all of these FUD stories, and will not be any time soon if ever. Even if we add some AI to things like drones which can kill people it is only the malice/incompetence of the developer that causes the destruction that results. If an engineer built a bridge woefully inadequately, either on purpose or because he is incompetent, and it falls down and kills a bunch of people would you blame the bridge or the engineer? We are not even remotely close to the Terminator level strong AI, and it's still a big open question whether such a thing is even possible at all.

Formal logic: Yes Troubleshooting: Yes Basic computer skills: Yes The fewer people who think computers are magical devil machines and can figure out how to solve technical problems on their own the better, but the vast majority of people will not write programs.

When more of them can be used offline (when it's easier to make them work offline), then they will be more prominent.

Half the web developers out there can't even prevent simple cross site scripting let alone the dozens of other common threats that exist in web development. As with adding any other new development feature, it's just giving people who don't know any better more ammunition to shoot themselves in the foot with. There needs to be more focus on educating developers on security instead of trying to cram every new buzzword tech they can into their application.

There was a company that already tried to do this with games, they got some VC money and then ran into the dirt. At this point the vast majority of user hardware is all but useless for mining. This would have worked a couple of years ago, but not now.

That would seem to be a matter of what the default configuration is. Do these DNS servers have these protections enabled by default, and are then disabled? Is it that they left it off by default on older versions? Do they still leave it off by default?

Shockwave hasn't been used much for a quite a while, unless you are referring to flash (but hopefully html video will kill that eventuall). Javascript on the other hand is going to be around for quite a while, what we are more likely to see will be things like signed javascript or some other security mechanism like that added to it.

This article makes very little sense to me. They don't mention what the crypto algorithm was or who was pushing it as the "next gen standard". I don't know of any proposed cryptographic standard with 923 bit anything.

Taking a quick look at the JavaScript they use there doesn't appear to be anything particularly unusual going on such as browser fingerprinting, or even as encompassing as evercookie which can be easily defeated using built in browser options. The only thing that seems different about it is that it attempts to use more storage techniques than other tracking services, browser local storage , e-tag tracking, and ie userdata storage in addition to the common browser and flash cookies. To say that it "can't be dodged", while possibly true for the average user, doesn't hold for anyone who knows how to configure their browser for greater privacy.

Microsoft Malicious Software Removal Tool? Microsoft Security Essentials?

With no flash or javascript you get a gif version, just by taking the first frame and putting it into even a free ocr application it was able to get the letters for the captcha. This is nothing more than more advertising hocus pocus, as a captcha its pretty much worthless. http://imgur.com/5GfsU.jpg http://www.free-ocr.com/

Does the "liveness" test work as well as those for fingerprint scanners?