The Westgate attackers were, afaik, all captured or killed. Had they struck, killed a bunch of people, and then faded away into the shadows, then I think there would be a lot more fear shown by the Kenyan people.

The attackers themselves were pawns. The guys at Al-Shabab that rented the storefront, got the weapons and organized the attack and the twitter-coverage are still very much alive and probably still capable (perhaps not immediately) of striking again in the future.

Don't confuse the mastermind with the poor shmuck that he sends off to kill and die.

They are doing the least risky thing they can come up with. Right the ship, partially re-float it and haul it off to be scrapped some place else where it will be easier, safer and/or less likely to be a problem for the environment.

I agree with your post except that for this last sentence, and I think we should be honest: the goal is to scrap it in a place where no one cares about the environment or the health of the workers. That's why Alang gets so much business -- no one cares where the waste goes or if there are injuries. In the first world, that sort of work would cost many times as much.

The "Burn Notice" feature lets the sender set a time for a text, video, voice recording or picture to be erased from the recipient's device.

No, it can't. The recipient could be using a tampered application that ignores the timeout directive. Or it could modify the JVM to lie to the executable about the time or refuse to fire timers. Or modify the JVM to write all the memory transactions to disk (or host) even after the application frees (or GCs) it. Or modify the screen rendering APIs to capture the rendering. Or attach with JDB over ADB and halt the executable while the plaintext is in memory and slurp it out. And, of course, there are apps in the store that will just take a video of the screen.

FWIW, I support the app and I believe the encryption-in-transit is a very worthwhile feature. But the "Burn Notice" is, from a security point of view, useless. If you trust the recipient with the plaintext, you trust the recipient with the plaintext, end of story. Anything else is DRM-esque attempts to put restrictions on a device that you do not own.

Vermont Yankee is the oldest running plant. It should be decommissioned in favor of newer designs.

Part of the dysfunction of the current nuclear regulatory regime is that it's so expensive and difficult to open a new plant, that we end up with an older set that has a worse operating-cost and safety record than could be achieved with new technology. It's a bit like setting new-car safety and economy requirement so high that people continue to repair and drive their decades-old models -- sure it looks good on paper, but the reality is a net decrease in safety and economy.

So yeah, Vermont Yankee, please shut it down. And let's build something from the last few decades to replace it (and maybe some of the other 60s-era designs) which will undoubtedly be a huge safety increase.

So why now? Why not in Rwanda in the 90s? Why not in Burma in the 80s? Hell, why not when Assad Sr bombed the shit out Hama in 1982, killing 20 thousand of his own people?

The perfect is not the enemy of the good. In the perfect case, we would intervene in all the cases which intervention was warranted (in Rwanda*) and skip the ones that would be failures (Iraq v2). In the real case, we have to decide in each instance whether our invention is likely to do more harm than good, independently of our other fuckup actions or fuckup in-actions.

The alternative is to throw our hands up and say that because we are fallible humans, we can never try to do the right thing because we might (and definitely do sometimes) fuck it up and make it worse than if we did nothing at all. There are a lot of muslims alive in Kosovo that might regret that position.

* Rwanda present another real-world complication: it's far from our bases in the ocean and so harder to hit. Meanwhile we could strike Libya and former-Yugoslavia from land bases in Europe and floating bases in the Med.

NSA what? I'm sorry I can't hear you over all this FREEDOM.

You know, one doesn't have to be pro-NSA to imagine that the contemporaneous events really don't have anything to do with each other. The Syrian civil war started before Snowden. The NSA didn't order Assad's goons to use chemical weapons.

ETags on the other hand store an arbitrary attacker-provided string, which is an outright security vulnerability.

I hate to break it to you, but the entire browser is nothing but a device for storing (and then parsing!) arbitrary attacker-provided strings. It's even got a perverse sort of link-chaining mechanism where, after receiving one such string, it will go out and fetch (and parse!) another one at the attacker's choice of address.

This is not a security vulnerability, it's the design of the system in which there was never a requirement to ensure that a client could visit a server multiple times without the server knowing (or inferring) that it was the same client. It's meaningless to say that a protocol is vulnerable because it doesn't meet a property that it was never designed for (any more than RSA is broken because it doesn't offer repudiation).

Now a client can always elect to send random e-tags, slowing himself down (most dynamic content is not time-cached) and adding to the bandwidth load on the server. I'm sure someone will cook up an extension that does this, and we'll be back to where we were before this non-story.

3taps [...] believes that by making public information publicly available on the Internet, without a password, firewall, or other similar restriction, craigslist has authorized, and continues to authorize, everyone to access that information.

This sounds plausible until you realize the subtle trick they are pulling in conflating the information itself with the instance of the information stored on CL servers. 3T does, in fact, have every right to access and publish that information. What they do not have is the right to use any particular server to access that information against the express desire of the owner of that server.

It's a bit like confusing the contents of a book with a particular copy of it. Anyone can read Shakespeare, but if the library forbids you from entering, you can't read the particular copy that is on their shelf -- even if they generally let everyone in without checking ID. Craigslist has not forbidden 3T from accessing the information, they have forbade them from accessing CL's servers.

If I put up a web site that forbid anyone working for or on behalf of any TLA or law enforcement agency from accessing any publically accessible content on my site could I use CFAA against the government when they ignore my wishes and suck the whole thing into a NSA database?

No. Read the opinion.

Now, if you gave notice to the individual agencies that they weren't welcome and instituted a technological control measure to block them from accessing it and they circumvented that block, then it would fall within the four corners of the opinion.

[ And anyway, there's probably a provision in the CFAA exempting law enforcement, but even if there weren't, your hypo doesn't even being to cover the fact pattern necessary here. ]

The way the opinion is structured, neither the IP ban nor the C&D letter does enough work by itself. The former does not by itself provide the target with sufficient notice that their conduct is no longer authorized, while the latter doesn't provide the sort of technological barrier (albeit weak) that is circumvented.

The two work together in concert, each providing an element of the crime that the other lacks.

No, the judge explicitly cites the C&D as part of the evidence that 3Tap was on notice that they no longer had authorization to access the site. From the the opinion

The notice issue becomes limited to how clearly the website owner communicates the banning. Here, Craigslist affirmatively communicated its decision to revoke 3Tapsâ(TM) access through its cease-and-desist letter and IP blocking efforts. 3Taps never suggests that those measures did not put 3Taps on notice that Craigslist had banned 3Taps; indeed, 3Taps had to circumvent Craigslistâ(TM)s IP blocking measures to continue scraping, so it indisputably knew that Craigslist did not want it accessing the website at all.

The kind that can review apps like Facebook, Twitter or Blah-With-Friends that are not meaningful except in conjunction with a web service.

The reason for this disconnect is that macroeconomics also factors in a strong premium for reliability and availability (and de-risking). A trucking company needs to guarantee its customers that it can consistently deliver the goods within a fixed window and hence requires its fuel supply to be likewise guaranteed. The same applies in IT -- business critical service require that the storage backend works 100% to deliver their promises, so even though a home-built storage server can do the same job as $10k (+$500/TB) professional storage solution, but there are many more unknown risks, support risk and a huge premium paid to deliver a reliable solution.

If a farmer wants to grow a bit of extra bio-fuel or pump a dying well, he is cushioned by the fact that if it doesn't work, he can still go to town and get what he needs. But the macro view here is that this is much less valuable than a reliable mass-scale system that can make stronger (but not perfect) availability guarantees.

Also, as a side-note, I'd wonder what the effective wage that a farmer that runs his own wells is paying himself for his own labor in setting it up and tending to it. This might end up being like owning a restaurant where it's only nominally profitable because the owners put in a huge amount of their own time and pay themselves only minimum wage. If they had to hire someone with the appropriate expertise to manage the restaurant, they would not be able to pay the prevailing wage and still make a profit. At some level, I suppose, there is a marginal non-fungibility of labor on your own farm/restaurant as there is on the open market, much in the way that engineers invest thousands of dollars in their own time on pet projects when a market solution would be nominally more efficient.

... will be that the user can tamper with the SSL root certificates (or just add her own) and trick Chrome into giving up the password to a locally-hosted web server presenting an apparently-valid cert for the target domain.

In order to remedy this, Chrome must adopt the policy of asking the server to pinky-swear that they are really the named entity.

As Adi Shamir (the S in RSA) has been trying to point out, cryptography is a method for transferring data between two trusted hosts. So the F-16 zooming above Washington can get some radar data from the airbase in Virginia and no one listening in can decrypt it. At the point where some luser picks up a USB drive off the parking lot floor and plugs it into a computer inside the airbase, all the encryption in the world matters not one whit.

It's a massive change to the model we use to conceptualize the threat -- instead of Alice and Bob trying to communicate with each other and keep Charles from decrypting, we have Alice and Bob trying (a) to protect their machines from Charles compromising it and (b) trying to limit the data done if he does compromise it. This isn't your father's security any more.

What is also means is that we are going to need a lot fewer secrets that are really worth keeping or else spend much more time partitioning our virtual worlds. As BEAST/CRIME show, if you treat your Facebook login cookie as a secret, then you need to access it from a partitioned browser where a malicious page cannot make requests using it.