> Politics remains the entertainment arm of the military-industrial complex. After all, people would be
> mildly non-plussed to learn that they were secretly ruled by spooks and banksters.

It is all Bread and Circuses. The whole system is really great in a way. We have a diffuse democracy at all the low levels, feeding up in a pyramid scheme to a few people at the top. The total resources of 300 million people is taxed and at the disposal of under 1000 elected people...

You almost couldn't ask for a better situation for playing global games for profit.

Oh I don't think any amount of carnage will ever be what prevents war. People have an amazing capacity to ignore it, that part is easy, there is a reason reporters became "embedded".

What I do think is that anyone capable of actually building and fielding a truely modern army in a major engagement capacity is capable of doing the math and realizing what a stupid idea it is for him. I also think those same people can do the math and realize how insanely profitable the status quo is for everyone involved on a broad range of issues.

It could be worse. I'm eating steak off of a screwdriver :{

That depends which definition of trust you mean.

Do I trust them to respond in a certain way under a given set of circumstances?
Yes, I believe I can predict exactly how they will abuse and eventually clusterfuck OpenDNS, and I predict it will not be pretty.

But do I trust them to have my best interests at heart?
Hell no.

I honestly don't think a real "organized" war of that kind is likely to ever happen again. We have long since passed the point where the major actors are just too big and powerful to risk war with eachother, so they engage in little more than proxy wars against eachother's minor interests.

Even that doesn't really seem to describe the present day since the major powers major interests are so aligned they don't even proxy war with eachother so much as with the fallout from the decades worth of mess they made with their proxy wars.

Maybe some small time actors will have "real wars" with each other, or maybe we will have one against a small time actor, but, I suspect anything even as large as a US/Iran war is all but impossible at this point.

In general nothing. However, in this particular case the implications are amusing.

Note he very specifically said:

Now, it is true that some of my reporting has been based on hacked cybercrime forums and hacked cybercriminals, but I can't recall an instance wherein I was the one responsible for the hacking

Now..... I would believe a hacker who was breaking into forums and stealing data might forget who he hacked and when. Similarly, if Magic Johnson told me "I don't recall sleeping with that woman", I might believe he doesn't remember THAT woman.

However the thing I have trouble with is the idea of seeing that line between investigating and actively attacking a host. You know, that line where the port scans end and the nop slides begin.....its a pretty bright line. The only way I feel he "doesn't recall" writing about his exploits is, by having so many exploits of his own he can't recall which ones he may have written about.

Thats what I find funny.

Well if IPv6 packets can pass at all, clearly they support IPv6.

The problem is that they likely are accidentally supporting it with no knowledge about doing so.

Would you put your Windows box on the IPv4 Internet with no firewall what so ever?
I don't mean having a firewall and accidentally misconfiguration it, I mean having a firewall and not adding a single rule.

Well, that's exactly what these VPN providers did for the IPv6 protocol. They have zero IPv6 firewall rules.

So while inbound IPv4 packets are filtered with a default deny rule and any allow rules the customer wants, also likely filtering some outbound as well, their IPv6 rules are default allow.

Odds are if you fired up a PC with IPX or NetBEUI as the protocol, their firewall would gladly allow that traffic unfiltered as well.

For example in the Linux iptables packet filter, you can disable the IPv6 protocol completely with a single command:
iptables -I INPUT -p 41 -j DROP

If course using IPv6 properly is a bit more work, as you have to allow the ipv6 protocol in the main iptables, and use ip6tables or something like that for filter rules on the other IP stack.

Either way, allowing everything (no matter what protocol) has always been said to be unwise, and now these companies and their customers can see why.

Great answers but, when I got to this: "Now, it is true that some of my reporting has been based on hacked cybercrime forums and hacked cybercriminals, but I can't recall an instance wherein I was the one responsible for the hacking."

I couldn't help but laugh at the lack of a true denial. I have trouble imagining not being able to recall something like this. Hell, I can recall times I was tempted to put on a dark hat and attack someone's box (I was pretty sure he was the guilty party I was helping track down as a favor for someone....pro-tip: if you are going to engage in cybercrime, don't use the same screen name known to your victims to post youtube videos showing your IP address ... best part is, I didn't even know the screen name until I told them who I thought it was, and they said I just named one of their suspects)

Actually, I am pretty sure you are right but for the wrong reasons.

As I recall the existing protocols were basically finding and manufacturing specific phages for each case, which makes for a bit of a labor intensive protocol. There is probably room to profit off that but its going to be in running a clinical lab itself or supply of specialized equipment.

Its not about cheap, its about where the cost is and what it is on.

I AM American and live here, and I don't even care. Big deal, a bunch of aristocrats declared independance and now we have an abusive empire....swell, totally worth celebrating.

The 13 words in your post are currently under copyright protection and owned by me.
(As symbols required for interaction are now copyrightable, aka APIs, aka all words in a language)

You can paypal my $10000 per word usage licensing fee and I will refrain from opening a lawsuit against you.

As you say, pay up and deal with it.

Funny thing is, those terms and stickers don't even always hold water.

There was a hilarious case a while back where some PC manufacturer lost a lawsuit where they had refused a warrantee repair. Basically the courts told them PC buyers expect to open the case so you can't refuse warantee service over an expected operating condition, but, they can require the customer to revert any changes they made before they qualify for service.

Didn't stop the proliferation of stickers of course, because they may not actually void anything, but they may make you decide not to try a warantee claim.

Hell my monitor has an ugly bracket for the stand on the bottom, if you want to put it on an arm, you have to either leave the bracket sticking down off the bottom, or, remove a sticker to get it off.... lol, sticker removed.

For what it's worth, it was exactly that which drove me away from yahoo search and onto google search back in 98-99.

And I never did mind that yahoo search had links at the top to yahoo maps and yahoo games and such, nor do I mind google doing the same.

It was actually the 20+ ads on the main yahoo page (top, left, right, and center) that drove the last nail in. At least on that one aspect, google continues to win by a landslide to this day.

Yes it was mildly annoying when google changed their sponsored ads from having a nice different color background from the search results, but even now there is still a nice and noticeable yellow "Ad" icon next to those results that serves the same purpose.

It sounds like your opinion on where the threshold for abuse falls differs from mine, but for me personally google still hasn't crossed it.
It's just surprising and saddening that no one else seems to believe me regarding my opinion, saying I must be wrong or worse a stupid idiot for making an informed conscious choice in the matter...

This. The only time I ever click on them is accidentally.

But you have to realize, most people don't really know half of whats going on behind the scenes as they browse the web. Hell, I don't, I know enough to know how much is going on and how to find out more if I want, but who really looks? All the time? At some point you have to trust trust and everyone has to do it at a high level.

Most people don't have any conception of what a potentially hostile environment they have entered. Browsing the web is like replacing the hand shake with receptive anal sex and going out to a diner party:
"Hi there ReputableSite.Com my good friend"
"Hey there browser, come meet all my friends, we have a private room for 500, and they ALL want to meet you! Oh, is that condom? You need to leave that here or the door wont work."

The only part I've found complex is finding out where and how various apps actually store their data, particularly when I don't really have much interest in the app.

Apart from that however, system restoration is pretty trivial.

For example, let's say a basic Apache webserver.
Apache stores it's master website in /var/www and personal websites under a users homedir.

So you have a pre-backup script (or just a cronjob) that runs:
dpkg --get-selections >/root/current-packages.txt

Backups should always consist of /root , /home , and /etc no matter what.
As mentioned with Apache, we need to add /var/www to that mix.

Now to do a restore, you install from the debian disc, then restore your directories from backup.
Then run:
apt-get update && dpkg --set-selections /root/current-packages.txt && apt-get install

At that point all your software and dependencies are back from the listing in /root , and services started up from your own configs in /etc , and in this case Apache is happily again serving from /var/www and homedirs.

That's it. One CD boot, one reboot into the live OS, and a few commands to restore all data/software/apps/libraries/dependencies which get started after install and run from your edited configs just as before.

Again, the only real trick is not missing any application data. Especially from a sysadmin point of view.
A user of the machine asks for WierdSQL. What do I care about learning a new SQL server? I just want to make sure I can make consistent and regular backups of its data.
I don't want to hear someone say "Oh the raw DBs are in /var/blah/blah" which are always in use and always changing.
I want to hear "Use this command to backup the data to date/time stamped .bak files where ever, then go backup that whereever dir - and here are the commands to restore .bak files into a fresh install"

For servers I setup for myself, it's pretty guaranteed I either know the software already and can answer all of the above questions, or I'm just learning it and so there is no risk or useful data to be lost and it doesn't matter.
But for servers I run for others, yes it can be a lot more work to learn those things, and is certainly not nearly as fun as the former.