How a check-box from a barely trained, barely paid poll worker constitutes audit-ready data would escape even the most experienced Arthur Andersen associate. Here's a hint: after you get home and you see the results on the news that Candidate ABC got 2 votes and Candidate XYZ got 0 votes (its a tiny town), how would you go about demonstrating that the ballot you cast in support of Candidate XYZ actually pushed the tally higher? OOPS! Audit fail.

If only it were as easy. DDoS attacks come from botnets. Botnets don't come from somewhere, they come from *everywhere*. If they played the "cut off the offenders" game they would need one hell of a huge IP-level blacklist, or they would cut off literally every link they had since compromised hosts are everywhere. If you are going to say "just force the end ISP to disconnect them" then again it's amazingly complicated since an ISP in Georgia (the country) isn't going to listen to some twat in the UK or US complain about a certain group of hosts that are participating in a DDoS, just like ISPs in those countries wouldn't listen to some ahole in Georgia complain about a DDoS host since he might just want to take it offline for political reasons and there isn't nearly enough international cooperation to keep up good relationships between all the concerned parties. Moving up a tier, there is too much good traffic coming from any given ISP to simply write it off as blocking the whole thing.

LOLwut. Geiger counters are for alpha, beta, or gamma ionizing radiation (they count how often stray ionizing particles hit the collector). You won't find any ionizing particles when radar-band transmission is used.

You probably meant to say "use an off the shelf car radar detector".

More importantly, the article mentions using "overseas locations" to retaliate. Really all this is (or would be) doing is dirtying the water to make it harder to find out who the real malicious actors are. Better to spend your resources tracing down the exact source, or better yet on public awareness campaigns about malware (since all DDoS "attacks", and a lot of other attacks, come from compromised bystanders). Otherwise, you are just going to push your attackers on to a different group of hosts and will get hit again before too long.

If you really do spend all your time at your desk, get a small, cheap UPS and plug the laptop in to that, and remove the internal battery completely (after running it to about 80% SoC). It will be mostly charged if you should need to pick up and go in a crisis, and you can have it fully charged in about an hours notice.

The only way to truly preserve the life of a modern Lithium battery is to get it into a comfortable SoC at around 80%, and then unplug it and keep it in a cool dry place. Draining it just for the sake of giving it some time off the charger is going to at best result in no improvement (if the charger was over-charging it), and at worst result in killing it faster (if the charger had it balanced and you put it through a discharge/charge just for shits and giggles). The charger knows to disengage when the battery is full (at least, for properly functioning laptops) so trying to preserve it any way other than just removing it completely is foolish.

So some information comes out that it might be someone outside of NK or sponsored by NK (at least based on this little bit of information that isn't really even classifiable as evidence) and you are ready to beat your chest about how right you were? Sounds like you are exactly as right as everyone who said it was NK last week. I would start a slow clap, but...

Educate? The users? Asking users to only connect to "The REAL Marriott wifi" is all kinds of nuts. You might as well issue them a 802.1x username/password since they are as likely to get all that shit right as they are to tell the difference between "Marriott" and "Marriot" and "Marriott Wifi" (and know which one is legitimate). Your best hope is that you are able to give them a unique WPA2 key that would fail when connecting to anything but the right AP. Even then you have to impress on the importance of actually putting the key in and not just connecting to whatever pops up and doesnt require a key, and since users follow the path of least resistance this option is bound to fail as well. A signed certificate for Wi-Fi SSIDs is hugely overdue, and the fact that we have gone through so many iterations (b, g, a, n, ac) and haven't even taken a crack at it is very disappointing.

While I don't think Marriott, etc should be allowed to do this (since it is clearly in violation of the ISM rules) it's sensible since it was clearly effective (otherwise they wouldn't have lost that judgement).

From the description of the bugs, they are related to a server being queried and not related to the expected response. So, only when running ntpd as an internet-facing daemon do you have a problem. It's also a much more convoluted attack to spoof a response from a time server, assuming the attacker hasn't used the vulnerability to take control of the one you happen to be using. Since these vulnerabilities are not in a configuration a reputable time server is likely to use (i.e. the NIST servers) the general public is pretty safe.

He had a top secret clearance and worked as a system administrator on some of the lowest level pieces of the NSA's infrastructure (backup systems, etc) meaning that for him to do his job they had no choice but to give him at least some possible paths to get at the data. Whether or not he used stolen credentials to facilitate the access that let him download all the documents is a question still open.

That's presuming that Citizen Four is about simply how the leaks took place, and does not mention any of the material in them. Given the completely cavalier attitude adopted by the central figures (Snowden, Poitras, Greenwald, etc) toward sharing the information, I doubt that this is the case.

If anyone played those games and thought "well how could all this batshit stuff all happen in the same place?" now you have your answer.

Where did it actually say that? They know the credentials given to Fazio were used to access the Target systems as the point of entry, but they don't know how the miscreants came into possession of them. The most likely method was a spear phishing attack that allowed a keylogger on to one of the PCs at Fazio. It's simply too far fetched to think that someone trolling with a script happened across Fazio, then just realized they could use it as a backdoor into Target, and then also be in possession of some very sophisticated malware that, oh gee look, matches the Target POS systems exactly down to the firmware rev number.

That's not entirely true. It's not clear how many other targets the miscreants who hit Home Depot, Target, etc had, but they did a lot more than scripted attacks (they used social reconnaissance, then spear phishing, then multiple point-of-entry probes, for starters) in order to get inside, and once inside they put a hell of a lot of work into pulling off their attack, and mixed that with a ton of luck in order to actually succeed. The Target hack actually would have been dead from the start if Target trusted their FireEye consultants who tried to warn them of the impending data theft.

"Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September"

While a big deal, Shellshock was very limited in scope and the large scale exploit implications were stamped out very quickly through updates to vulnerable web front-ends (which was just about the only exploitable path, despite so many proclamations that the sky was falling and every internet-connected linux device will get rooted in a matter of days). If this is as severe as Shellshock, I will take notice but at the same time sigh that it's not going to be very bad at all.