I would imagine they're using some sort of bandwidth optimisation between ground and plane (something like a Riverbed, perhaps). They could do the same with encrypted packets, but the hit rate on those is practically zero, so they'd get no gain. Instead, they decrypt on the ground, compress the stream and send it up to the plane, which uncompresses the stream, re-encrypts whatever it needs to and sends it out the clients. They obviously can't use the original cert for that re-encryption, so they use their own self-signed one.

It seems to me this is the first generation of such services. It's got so many compromises it's pretty awful. When they crack the bandwidth to plane, then they won't need to do so much traffic molesting and the service gets a lot more interesting.

...or how about the car works all by itself on major roads and highways. On crappy side roads that aren't properly documented in the GPS maps, let alone suitably paved, lit or maintained, it says "I'm sorry, I can't drive down this road, but you can". A solution like this would mean 80% of all journeys would be 100% autonomous and it would mean the vast majority of accidents would be avoided, as considerably few accidents happen on shitty side roads than they do on the major ones.

I doubt anyone would accept a car that might suddenly say "eek, I can't do this - please take over" while driving 50 down a windy road in the rain. I think we'd all expect it to find a safe place to stop and let us take over from there though.

A good while back, an "overhead cam shaft" was a selling point (maybe not a major one, but it was mentioned openly by dealers/manufacturers). Nowadays, as noted above, the camshaft might as well be in a locked vault at the dealers house for all the serviceability benefits it has.

Things aren't repairable because we don't want them to be. If we all asked manufacturers for service manuals, they'd get around to writing some ;-) Of course, since this is /., I should also mention that DRM is specifically created to stop repairs (or modifications).

Most of the big internet companies do something this (try doing some Google searches over Tor for an example). Things get more complicated when you use a CDN because whilst you can block the IP yourself, the CDN keeps sending their traffic to you. You need to either get the CDN to block as well, or inspect the request that came via the CDN to see if it was actually from a blocked IP (which is more expensive to you than an ordinary block).

The tricky thing about ddos attacks is they they are usually very distributed (vddos?). That means a given IP may only hit you up a few times in an hour, so won't trip your thresholds for abuse. Trying to figure out who's running an infected computer and who isn't is an exercise in futility though (who's to say it's infected?). Getting ISPs to do anything about anything in vaguely close to real time is also futile (even if you see a specific IP abusing you constantly for hours and think it's an 'open and shut case', you'll struggle to get any ISP to do anything about it - whomever it is will probably give up and stop before the ISP even starts to look at the problem).

If I was hired as the CEO, the first thing I'd do is whatever the hell the board asked me to do.

Redphone: https://whispersystems.org/ Not P2P, but beats this offering.

Maybe it's time for reverse-gzip - the rebigulator, if you will. The idea is to start with a small message:

"Hey, fancy going for a pint tonight?" ...encrypt it:

"asdhasdjkhasdkjasdkashdasdwqw" ...rebigulate it:

"dsfshfuykhfferwerrhwerhjkfsdofiueioroeirerqwehqweudyasdadwkljqoeiweorujk" ...send :-)

I have a white, male British friend - it's a bit of a running joke that he gets checked every time. Years ago, he and I went to/from Canada via the US. On departure from London, there were three American goons (yes, imported goons!) doing 'random' bag searches on the way to the gate (extra to the actual security screening). He got checked by all three - presumably the first two were incompetent so the third guy had to do it right. Or maybe the whole system was a complete sham. Should anyone ever want to smuggle anything, just go along with my mate. He'll get checked for everything, you won't get checked for anything and you get to take your contraband wherever you like.

The cock pits of most planes isn't en-suite, so you'd have to fix that up too. I should imagine that external doors cost lots of money and add lots of weight, so less of them makes sense in that regard. Having a door for just 2-3 people to escape from makes that one an expensive door ;-)

Would you be able to put up a lens instead? Potentially you could just widen the beam, or refract it somewhere else... Clearly, not practical on a missile, but if they were aiming it at your boat, you might be able to do something, I guess...?

My last two UK jobs have required a "CRB" check to be performed (CRB = Criminal Records Bureau) - I believe these are now called DBS checks. One of those employers was American, and had a non-existent HR presence in the UK, so I assumed it was "just do whatever we do in the US" that meant the check was required. My current job is for a UK company, but they're heavily regulated around the world, so I assume that's the reason. Before that, I don't remember any such checks (even for a security cleared role, although I guess the security check implicitly did something similar).

So here in the UK, you might need to be checked if you want to work for regulated industries (banking, gambling, trading, etc). Otherwise, probably not. Even in these regulated places, there's a reasonable chance you wouldn't be checked if you were a consultant - as a contractor you might get checked though, depending on what work you were doing and how diligent the company was, I guess. You absolutely wouldn't be checked as a supplier though, so make a product and be self-employed (easier said than done, I guess though).

I agree with you and the GP.

I equate this situation to civil unrest. For civil 'direct action' to work, someone has to be inconvenienced. Hopefully, that 'someone' is the government, and hopefully only them, and hopefully they're inconvenienced a great deal. However, in reality, the government is just a bunch of people with lives and jobs, and they use the services of non-government people. So no matter how targeted some civil action might be, it's going to end up inconveniencing some 'ordinary' people.

The question is are the 'ordinary' people responsible for the government's actions? You might argue 'no', but you'll find a lot of people arguing 'yes' - ultimately, it's the 'ordinary' people that give the government the power to do whatever the unrest is about. We can argue about the indirect nature of that power provision, but no matter how corrupt or misdirected, the fact remains that it exists. It's the game we've chosen to play; don't argue about the rules.

And so back to Sony Pictures. Whatever the beef is with them, they were able to do that thing because of the people that work for them. You can argue that if those people didn't work for them that a whole load of other people would just take their place, but if the majority of people thought about who their employer was and what they do day-in, day-out, the shit kickers of the world would have a much harder time hiring good, honest decent and talented people. That might make them think twice about their business practices (or in the case of the NSA/GCHQ etc, their purpose in life).

[Anecdote: one of my previous employers used to get extra discounts on hotel rates because it was well known that the staff were nice people - sort of the reverse of what I'm trying to describe above]

Don't misunderstand me - if my employer got screwed over this badly, I'd be screaming innocence and "I'm just a brick in the wall, I'm not responsible" and so on (after all, I'm "just" a lowly techie, right?). But the fact remains that my work for my employer potentially facilitates someone else here to do bad things more easily. For what it's worth, I do have a moral compass, and so don't work for some of the worse companies out there (despite recruiters trying to get me into them), and I haven't seen my employer doing bad things. Other people may view their actions differently though, and perhaps they'd judge me differently as a result.

If they'd had traffic shaping in place, there's no way anyone would have got 100 terrabytes of anything out of the company ;-)

It's okay though - GCHQ watched the whole thing happening, and have totally figured out who did it. Those people will be rounded up and dealt with very soon. Yeah right.

I saw the bits of "The Interview" that were on the news because apparently NK are upset about it. "intellectual property" seems a bit strong ;-)