http://www.cio.co.uk/news/3227786/metropolitan-police-extends-contract-with-capgemini/

Rubbish IPv6 makes it harder to track traffic, besides if your downloading stuff across various networks that distribute copyrighted content then why the hell are you downloading stuff without a Blocklist & Blacklist all those IP addresses that belong to the idiots who call themselves the copyright police. Secondly you should be encrypting all your traffic from you to the peer, that way they know you are downloading, they can see the huge spike in the network traffic, but as to what you are downloading they remain totally clueless. I await the day I get a letter from the Copyrot & Copyleft police in anticipation, perhaps it'll say "we hereby notify you that your traffic was encrypted to a military standard and we where unable to see what you where transferring and with whom, we are just writing to make you aware that we are aware and are asking you to desist from using such an impregnable form of cryptography across a distributed sharing medium over which we acknowledge that we have no control. May we have a cookie?"

1. The only IPv6 "routing and discovery" packets that should be flying around are local-network only. So that means anyone who bypasses your wireless WEP or WPA keys and has access to your local network. 2. More than likely, you screwed up configuring your public web server when setting it up for IPv6. Maybe, perhaps, I wouldn't know as I use IPSec & TCPCRYPT for my tunneling not IPv6. 3. You need to sit down and figure out how things work, security-wise, on IPv6. Oh I have and whats more I have all the tools to hack into it. 4. I hear there is some sort of distributed naming system that lets you assign names to IP addresses, maybe that will help. Bind9 and no not really that just set's you up for DNS Cache spoofing!

IPv6 is a hackers paradise, thats why there are whole toolkits made for hacking it by reputable parties such as the Hackers Choice.. Backdoor deployment Enable IPv6 6to4 tunneling Run Backdoor on IPv6 address Not detected by port scanning Harder to analyze traffic IPv6 protocol exploits tools can be coded in just 5-10 lines Sounds like hacker heaven! Nat-upon-NAT!?!? I guess the phrase Double NAT escaped your notice.

Not a lot actually, what I hear you have to do is use Methylated Spirits and Caustic soda, approx half a tea-spoon per 1 litre of grease + 1 cup of meths, then you shake it like hell, wait 24 hours for the Glycerin to separate siphon that off as its worthless then chug the rest into the fuel tank.

There are unfortunately legal precedents that establish clearly that ignorance of the law is not a defense. In this case, it means that if you downloaded an illegal file, hacked commercial application, cracked DVD movie, or whatever, you are indeed guilty of an illegal act and can, theoretically at least and thusly liable for prosecution. Part of the problem is that some of the tasks you can do on your computer are indeed considered illegal, even if common sense suggests that they should be perfectly legal and fair. For example, if I buy a DVD, it is unclear to me why it's illegal for me to copy it to my laptop so I can watch it while I travel. Or if I buy an album from the iTunes Store or copy one I already own on CDR, then why can't I convert that data into a format that will work on my non-Apple mp3 player. Both of those are illegal and one of the big issues that people will be debating for years is this very topic of "fair use" versus "digital rights management".

How to make a network secure, well lets see, enable OpenVPN configure IPSec, make sure everything inter-departmental is using a PKI token and ensure everyone has PGP. Separate various parts of the network after the employees have better things to be doing than browsing facebook or youtube updating their twitter status and reading there hotmail from a government system. Throw out all those copies of Windows (tm) software their really not doing you any good in a virtual environment or other, is everyone using the latest version of a secure and trusted OS like OpenBSD or Linux on their desktop?

Lol at people bashing debian saying it's the distro's fault that the end user can not take the time to fix libraries or patch applications that are unstable by downloading the latest stable branch and compiling it themselves be that out of the debian archives or direct from the source. As an example I was using Uncomplicated Firewall (ufw) and the GUI in the current debian stable build is broken, try using it to delete a rule from the firewall.. So the fix, well lets see, go directly to the maintainer on launchpad for ufw version 3.0 and then compile it and then go directly to the 11.04 gui (gufw) launchpad and my god look at that now it works without a hitch!

oh sure ext4 is way behind the Zune Filing System, because we all want roll back features on a file system like the LvM2 with Advanced Encryption Support...

Anyone who has their Phone Unlocked Legally by a Telephone Unlocking Provider like those guys wearing a turban on most street corners who do it for as little as ten bucks will evade this system in heart-beat. When you unlock your mobile phone you remove the service provider locks, that means you can not obtain the IMEI unless you the customer have it written down and are ready to part with it.

Would you like me to draft you a signed CA by me with 2048bit Data Encipherment complete with a revocation Certificate, how long would you like it to last as an Server SSL CA? Is until the year 3000 long enough!?!

Thats what I mean by become your own Certificate Authority.. Once you can create all the certificate signing requests, manufacture the certificates, sign the certificates, enroll them as PKS1,2,3,4,5,6,7,8,9,10,11,12 then you are truly laughing and giving two fingers to any other third party who presumes to sell you there SSL CA solution. CSR, CRL, SCEP, XPI, Attribute Cert... The list goes on and on... VeriSign & Comodo have had their day... Time for them to move out of the way...

Yes and I can sign my own CSR as well.. So that removes the CA from the picture in it's entirety!

I've been using my own PKI for about a year now.. Capable of spawning RSA+SHA512@4068bit how is an attacker going to steal a copy of my CA? It's mine, so therefore you cant steal what I don't share!

Why the hell would people pay for a CA from a signer like VeriSign or Comodo when both of those corporations retain the rights to the security certificates issued to you in the first place. It is far easier to employ your very own CA and remove both of these signing authorities from the picture entirely. After all lets face it if your not sharing your SSL keys with the entire world, then it really is a lot harder for people who should not have a copy of them gaining one.