I appreciate your summary, as it accurately summarizes my impression of the material as well. I want to piggyback off your conclusion to make a small point.

As the Snowden leaks named several US technologies, techniques, and even specific targets, it seems highly likely that Russia (and other nations) found actionable information in those leaks which, when acted upon, degraded the US's ability to extract information and bolstered their security posture. Awareness of what an opponent knows about you and can do against you is information that can be leveraged to increase your changes of success and impact.

I agree it's unlikely Snowden caused Russia to engage Ukraine or directly helped the terrorists, but I think it's naive to think those respective organizations didn't use the information he provided to strengthen their stances and hone their strategies. They'd be fools not to. To the extent that there was actionable information in those leaks, Snowden's actions helped those organizations.

I have T-Mobile and I am generally pretty pleased, but one thorn in my side is that where I live the signal is poor-to-none. This isn't usually a problem, as I don't generally voice chat and have other call options (e.g., Google Voice, Hangouts). However, it is definitely inconvenient to have to bootstrap every call through a laptop.

This affords me the mobility to easily make calls, wander around, enjoy my deck, etc. and removes that thorn from my side. Thanks, Google!

PS: For those who are waiting for a new Hangouts version, that's not how this is distributed. FTFA, you have to install an add-on dialer app to Hangouts and instant feature! Works great in my limited test runs.

They'd have to go through all of the trouble of identifying the individuals and gaining cooperation of the carriers/vendors. When they're close enough to identify individuals by name, why go to the trouble of locking phones? They'll just do what they do now and arrest them.

This depends on how the lock is implemented. iOS and Android already have some remote lock/wipe features that haven't been heavily hit by hackers. Mass phone wipes haven't been a thing yet. I'm sure people will try and I'm sure some will succeed (likely in controlled circumstances), but identity establishment and crypto are both well-known in the industry.

This is hardly a technical problem, as it's been solved and implemented in various forms for years (e.g., iOS7). This is a policy problem, and a legal solution is quite appropriate. For example, carriers have blocked Samsung from including an activation lock. This kind of thing is what the legal solution solves by taking the decision out of the vendors' (who care about products and reputation) and carriers' (who care about profits) hands. The decision seems pretty reasonable, as existing legislation/policy has resulted in measurable drop in device theft for those devices.

Existing lock options are done through the phone vendors, not the carriers. If the carriers did this to your personally-owned device, it is property damage. And if the government wanted to deny an individual cell service, they can do it now (and have been able to for all of cellular history) with a warrant through the carrier. The government/carrier has always been able to shut off your service.

The illegality of those transactions is the only reason they are massively profitable, and that is likely the only reason he engaged in them.

Whether or not you agree with that illegality is irrelevant. By profiting from facilitation of illegal activity, Ulbricht leveraged an unfair market position to get ahead of the rest of the world. Anyone can break the law for disproportionate profit. He's That Guy, and if you live within the system (as most of us do), you need to support stamping him down. The alternative is that everyone break the law for profit, which consequently becomes non-disproportionate with a few other side effects.

This reminds me of Richard Stallman leveraging copyright law to essentially enforce restrictions on liberties traditionally associated with it (Copyleft).

It's the strength of a vested established system that is also its weakness: it's so strong that only thing that can defeat it is itself.

One thing is clear: Meta-pundits will use this opportunity to stir fears about what pundits will do.

Keep in mind that Facebook and countless other sites are already admittedly collecting the same (and more) information and behavior associations, oftentimes with as little publicly-released details, accountability, and oversight, and then using it actively and aggressively to manipulate every single person (American or otherwise) into altering their financial behaviors, public perceptions, political persuasions, social interactions, and much more.

This is obviously not the same as a government agency per se, but it is useful to reflect on the differences and (more so) the similarities between what is specifically unsettling about a government and a large corporation having this information. Throughout this series of revelations, I've found it useful to contemplate any concern that I feel regarding my government possessing this degree of intimate information in the context of the Facebooks, Googles, and LinkedIns of the world. They are (to a far wider degree) actively targeting you (and everyone you know) directly and collecting and using all of the same associations with no need for suspicion of terrorism, illegal associations, FISA courts, or any real oversight. They sell this information in troves to the highest bidder with loose terms and are willingly or unwillingly subject to their members' respective governments' information request laws. They and their associates and clients are applying that information actively to change you.

While I can't stress enough that the gravity of one's government's actions should not be grouped with likeminded corporations, I do worry that Internet corporations are collecting more information with less oversight and accountability and using it in far more objectionable ways against a far wider audience! It's a different kind of threat, but in many ways I fear them far more than the government.

I (personally) hope that the outcome of this series of revelations is a global reflection on privacy and information sharing and not just a narrow-minded focus on a particular agency's actions.

Perhaps he intended for "lead" to be in the past tense? It's that silly English language...

What a stupid statement. "They only knew what they were doing those times they did well." Most of their projects, with the exception of search, started out as disparate uncoordinated groups with no coherent strategy.

The reason we have rules of war is so we can react with some degree of international cohesion when they are broken. It's a deterrent for the little guys: follow the rules or the wrath of god will come down on you. Supporting you will be poison and in all likelihood you have damned your cause.

Honestly it seems like a win-win for humanity. The premise is, of course, that larger nations have the incentive and wherewithal to avoid total war. This cornerstone becomes the foundation to pull other nations without the maturity or international presence up to these standards.

Obviously if any nation, alliance, or cohesive group is adequately threatened they will never pull total war off the table. Rules of war / engagement help keep it off the table in areas where armed conflict is a threat with a much higher frequency than the first world. Frankly, autonomy and sovereignty have not existed since economies globalized, and that's also probably a good thing. We're moving towards a humane and cohesive world, but we're not there yet, and constraining war is a triage until we are.

A world without war is not a pipe dream, and, I would argue, an inevitability as countermeasures and technology continue growing in destructive power and ease of acquisition. However, looking at the state of the first world, much less its trading partners and the rest of humanity, we all have a lot of rapid cultural development and normalization to go through before we're ready.

The Internet will be the herald of all of this. So, tech world, keep up the good work.

I would personally disagree that blackmailing even 350 people is worse than murder. Regardless, I think OP's point still stands. Things like murder are in a completely different category of crime.

It's worth mentioning that the critical component here is using client-executed trusted/sandboxed code (in this case, JavaScript) to exhaust the memory space. The code must be able to allocate memory, and it must be able to identify the virtual address of the memory that it allocated, else when it begins opening a hole for ASLR determinism, the shellcode won't know where to target.

Any client-side language that can allocate arbitrary memory and identify the allocated address should be able to be used in this capacity. JavaScript is identified in the PoC, but I wouldn't be surprised at all if VBA can do the job in Office (e.g., Word/Excel/Outlook/etc.), and if other trusted/sandboxed codes could do the job in other languages (Java, C#, etc.).

An obvious defeat is to either have application-enforced restrictions on embedded language allocations (e.g., I can allocate up to 10G of memory, but my embedded script can only allocate 1G) to guarantee the presence of some random areas. Another option would be to allocate dynamically-loaded library memory in a different restriction context than standard process memory so that their respective allocations don't draw from the same pool.

Not much else to do but agree. However, you should really give KDE4 another shot. Ever since KDE4.5 or so, it has been a fully-usable (albeit heavy) desktop environment. It's achieved the level of maturity and configurability I've always associated with the KDE3 line, and has added several features that are genuinely useful (such as window grouping, tiling support, a full semantic desktop, and several powerful UI scripting techniques), as well as the traditional KDE integration technologies. After some early 4.x struggles, I'm once again in love with the full KDE user experience.

I've done my tour of GNOME2, XFCE, KDE3, Enlightenment, xmonad, GNOME3, Unity, and KDE4, and I would, for primary desktop purposes, choose KDE4 without hesitation at the moment. Definitely worth giving it another shot if you haven't already.

So, as an aside, isn't the entire point of a tech aggregator to provide a technical summary? Not just copy and paste the article's summary... anyway...

FTFA:

In other words, Intel has added new capabilities to Clover Trail that allow enhanced power management, and Linux doesn't currently support it. Anyone who thinks that this will continue to be the case for much longer is a moron, especially if Intel continues to release its architecture datasheets, which we have no reason to think that they won't.

The article really says: It can't run Linux because there's no support for it in Linux, and there's no support for it because it's literally brand-new.