Dude, that article is about the
Microsoft's Operating system security guide
The guide... is a big document. The NSA/DoD security hardening guide is quite well known and frequently used by system administrators.
Try again?
mmmm vagina-babble
That made me LOL.
Actually, there was. They were called "Jim Crow" laws, and they allowed separation of races in public spaces and provided punishments for those who refused to comply.
Rosa Parks was arrested and served time in jail for refusing to stand up for a white man. The law mandated that she obey the driver regarding the segregation of the seating on the bus.
Quote:
Jim Crow laws in various states required the segregation of races in such common areas as restaurants and theaters. The "separate but equal" standard established by the Supreme Court in Plessy v. Ferguson (1896) lent high judicial support to segregation.
A Montgomery, Alabama, ordinance compelled black residents to take seats apart from whites on municipal buses. At the time, the "separate but equal" standard applied, but the actual separation practiced by the Montgomery City Lines was hardly equal.
It was most certainly a "city ordinance" and therefore a law in 1955.
[Heads up, Yes, I know ARP does not cross subnets on a properly configured network. You dont have to tell me that.]
[snip]
Wouldn't it cause considerably more damage to logically coordinate your zombies to do a distributed ARP poisoning attack, and route high-bandwith traffic through the target network block(s) instead?
LOL. ARP traffic does not cross subnets. It has nothing to do with being properly configured. It's a layer two protocol. Routers do not forward layer 2. Correctly configured or not, it doesn't happen.
What you're describing (ARP poisoning) would require you to have zombies on the SAME layer 2 broadcast domain as a VERY poorly configured backbone switch. I'd wager that's not going to happen. These networks are very tightly controlled.
I instruct the zombie drones along those routes to start spamming out ARP packets. These ARP packets confuse the shit out of the rest of the subnet's automatically generated routing tables, which then causes at least some portion of the normal traffic that these subnets are transporting to get re-routed along the path I specify.
ARP doesn't impact routing tables in a carrier network (nor, really, in any network). It's possible to redirect the traffic of one host to a different location on the same layer 2 network through ARP poisoning, but carrier backbone networks virtually all use port security to prevent malicious arp. Even if they don't, the backbone networks do not have a substantial broadcast domain. Two routers connected to each other via an inter-city FDDI or somesuch. You don't just "find zombies" on that broadcast domain. The only two nodes are the two ends of the fiber in secure data centers. Even if you could impact the layer 2 delivery of packets in a carrier network, you would ALSO have to redirect it to a multi-homed network device, since a router is simply going to pass it right back to the proper interface referenced in the routing table.
EG-- Think of what would happen if you used ComCast's various local networks (the neighborhood branch networks that the cable modems are attached to),
Nothing would happen. A cable modem is supposed to be a layer 3 device and regardless, its layer 2 network ID is manually programmed into the distribution switch during activation. But even if you could attack the endpoints and redirect a few homes worth of packets to a different upstream IP... uhm. where the hell is the traffic going to go? You would have to rewrite the routing table on the router, which has NOTHING to do with ARP.
Now, there are flaws in OSPF and BGP routing protocols which MIGHT enabled someone to rewrite the tables (various vendors are working on standards upgrades right now to address these). But you have to have direct access to a backbone-level peering arrangement to make this happen. See: China's "accidental" routing of massive bits of traffic for a few hours this summer.
This would DDoS the entire [snip... blah blah blah...] AND your nodes wouldn't be generating fingerprints all over some remote server's access logs.... [snip blah blah]
Simply spoofing the return address in the IP header is often adequate in a DDoS. Most carrier networks don't enforce egress IP filtering (despite it being best practice) due to complex routing issues, especially from server-class and business clients. Simple, and a plus is that you can use the spoofed addresses to generate false traffic at another location consisting of responses from the first target. Additionally, in some networks it can be useful to use the device's own IP as a return address. Especially with protocols like "echo" (which shouldn't be on the Internet, let alone turned on but still is sometimes), which can generate a DoS without the other D, very quickly.
Is that a sentence? Or three?
Because I have absolutely no idea what you jut said.
Tor is not a transparent proxy, it uses multiple levels of encryption. One would have to compromise the entire onion stream (all three servers) in order to have real insight into the data packets, without massive, global core network control and amazingly sophisticated traffic analysis attacks against multiple country's infrastructure.
Considering that tor exit node operators often find an enormous amount of illegal material going through tor, yet I've never heard of prosecutions for tor-based network activity, I have to presume that, while they may have some limited insight into the network and might be able to reconstruct some traffic from the network stream, they cannot eavesdrop on the data willy-nilly.
The simple answer is "they don't have to"
They can't arrest all drug users, they can't arrest all downloaders of child pornography, they can't arrest all hackers, they can't arrest all drunk drivers.
But it doesn't stop them from trying and those who DO get arrested (one might call them the "low hanging fruit") have their lives fucked pretty hard.
Those that don't think they're pretty smart, but really, often, they're not really that smart, but are just lucky that someone else was even dumber than they were, and/or had more bad luck.
That's a dangerous game to play "They can't arrest all of us", especially in a country that values "law and order politics" as much as the US does.
It's just that they don't have the overpriced monopoly land-line business to subsidize the initial cost of the wireless infrastructure as AT&T and Verizon did.
This totally explains why cellphones are even cheaper in countries that have no appreciable landline infrastructure.... right? right?
Oh, wait...
There is NO reliable way of communicating with land from the middle of the ocean (or more than about 50 miles offshore) via shortwave.
The only alternative solution are HF radios, which require an FCC license, require an antenna around 80 feet in length (the backstay of a sailboat is commonly insulated to use as an HF antenna), and provides very slow data-only service which is relayed to the global telephone or internet via regular users on shore (security issues, etc).
An Iridium or Inmarsat satphone setup is the ONLY viable solution for open-water shipping, unless you are within 50 miles of a repeater or base station.
Well, roughly 2% of US households are not covered by traditional cell service. It's more like 5% in Canada.
That is about 9 million people in the US and Canada that cannot get cell coverage at their home. They are often people who own a great deal of land, so, presumably, they would be potential sat phone customers.
Does that count?
You could get around the need for high power by setting up local receivers that bounce the signal to the satellites or even through the normal land based network! It could result in a revolutionary improvement to global communications!
I think you're being sarcastic.
However, if you're not. That's called a cell phone. Congrats.
You know, everyone I know likes SGU. But then again, they all disliked SG-1, because it was campy to the point of cheese, but without actually playing to it. It was like... campy, but pretending to be all serious.
I mean seriously.... I've seen like 5 episodes and there is always some mad super villain wearing a giant metal helmet shaped like some Egyptian hat living in an underground fire lair dungeon, orbiting a planet who is about to explode.
Sometimes the super villain changes. They always get captured 15 minutes into the episode, and then rescued 42 minutes into the episode and the hero is always ignoring prudent advice and doing something extremely dumb, yet he always gets lucky and nothing happens to him.
Shit, where is the tension in that?
the equivalent to arresting citizens for reading classified material on wikileaks.
what an interesting analogy.
People reading the leaks must encourage more leaks. This is actually likely true.
Interesting interesting...
Is there seriously any child porn "industry"?
I know it existed in the 1970s. You could buy it in the back room of bookstores in Manhattan, apparently.
But wasn't most child porn distributed via USENET? How does one go about paying for distributed copies of base7 encoded binary files? And if there was no money being exchanged, should it be legal?
Interesting questions without real answers...
Should snuff films also be legal to own, in your view?
They are. In fact, realistic (simulated, of course) death is a regular part of our culture. CREATING a snuff film is certainly illegal, but possessing one is not and has never been, despite people's mistaken assumptions.
The reason that child pornography is illegal to own is that it does encourage the production of child pornography. I believe that the laws prohibiting possession of child pornography have been shown to reduce the production of same.
Citation needed. I have never heard such a thing. I'm calling shenagins unless you can produce evidence.
Hopefully we can agree that abusing children and forcing six year olds into sexual situations is bad, and reducing the occurrence of said abuse is good.
Yeah, for sure, but does this? I mean other than "well yeah, sure, think about it". I've seen a couple of discussions about this and the conclusion is usually "uhm, we have no idea, really, so might as well do it".
Which seems to me to be an error prone approach (albeit understandable).
If you have ever seen the underground conduit in an urban environment, it's actually a fair bit worse than that.
The simple difference is that we can afford to bury our cables 15 feet underground here in the west (and are generally required to in the city).
Not debating the other points....
The trouble with computers is that they do what you tell them, not what you want. -- D. Cohen
