Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment Re:Fishing operation: 2015 edition (Score 2) 157 157

The good news its more in the press and people are talking of constitutional protections. People can see the US legal digital Berlin Wall in use.
US based brands now have the interesting legal complexity of user data flowing to the US gov in the US.
Options?
Become more of a multinational and move US based big data to Ireland or other parts of the EU?
The NSA and GCHQ needed network access but the brands had to keep the freedom front up. If the press keeps on reporting on US big brands court issues interesting people will just use social media less. The UK was always aware of how any population might become highly sensitised to surveillance and did its best to find ways just to watch.

Comment Re:SHOCKING! (Score 2) 64 64

Re "Haven't we been reading about this for a few years now?"
Considering the decades of early cell phone like devices, pagers, consumer desktop computers, smart phones, personal digital assistant/handheld PC, tablets?
Thats a lot of easy, court free access over many, many years :)
One pubic example found in the press would have been constant pressure on the US from the UK over Ireland/US connections in the 1970-90's over emerging computer and advanced phone use.
Very old ideas that got tested on every US network connection or computer system of interest decades ago.

Comment Re:Malware types (Score 1) 64 64

Re "many times of malware"
Thats the key to the magic of one time bespoke malware that a user/group of interest is fooled into allowing. What can an AV cloud with behavioural analysis do? Would a smart admin see it time time? The ip the data flows out to is unique, the software was user 'installed' and does not match any understood pattern or emerging threat.
If a city, state, county or federal investigation only uses the expensive software one time, its magical vs all domestic and international AV products, cloud and behavioural analysis or internal OS logging.
The trick fails when nation states fails read the instructions about the crafted malware been a one time deal.

Comment Re:Does it really matter any more? (Score 1) 132 132

It depends AC. If the user opens 10 or 200? tabs in one window for some reason?
Optical bandwidth, 64 bit OS, i7, real gpu, 32 gigs of ram can cover for a browser with slow code issues?
The browser has to be fast to serve ads, keep banking secure, keep the MS branding fresh in the users mind and be web standard compliant.
The days of only working with a MS web site creation application are over but the same MS branding issues will always be the same.
Fast is easy. Ad blocking, security, branding is the ongoing issue for M$. How much will any new computer cost with Windows 10 Pro?
Will ad blocking work? Will ads display at the desktop level if a brand pays enough vs the browser?

Comment Law enforcement malware (Score 2) 64 64

With the NSA and other nations providing total network access its hard to then undo the vast parallel construction effort with local malware on one computer to build a multi year case.
The problem for the use of digital and voice product in court is the mentioned "reasonable ex post notice to a computer’s owner" in an open court.
Soon the entire US judicial system and the press would be aware of methods, law enforcement friendly US developed operating systems and antivirus issues, malware providers and their experts in open court testimony.
Everyone of interest would quickly understand privacy and anonymity cannot be found on any US network or device designed or sold that connects to a US network.

Over the years many efforts have been made to support law enforcements own understanding that some networks and phones are 'safe'.
Even local, state and low level federal officials then understand and help propagate the no trapdoor, back door cover stories they saw in a local tech demo
The cover story that some brands, generations or easy to buy products are totally secure is often positioned as random talking points in the national media and on computer related sites.

The UK had many issues with advance phone tracking methods leaking from the court system in the 1970-80's as computer, phone and cell phone technology was been made public.
The US wanted to ensure the same would never happen with its cell phone tracking so it uses IMSI-catchers and light aircraft with dirtbox like units well outside the US court system. Every wifi, cell device and other signals over vast areas per year.

Onion router like networks face the same constant mapping and software/network OS layer issues.
Collect it all is the new cheap, easy way to map entire local communities every year. The real magic is keeping methods away from courts, the press, citizen journalism with walk in FOIA requests at a city or state level or other legal teams.
The hardware paper trail still exists in some city and regional bureaucracies just waiting for a correctly worded in person FOIA request.
The UK was much smarter as it centralized its expert help to law enforcement well beyond the courts, press.

Comment Re:I'm okay w/ watermarks, but not secrecy (Score 1) 100 100

The US and UK became very interested in the photocopier aspect when the UK found a photocopier without a counter or security in an area with its security document vaults. An individual had been using it to make all the copies wanted of secure documents and walking out with the clean copies.
The US and UK then upgraded and further restricted photocopier access policy with counters, educated security staff and by installing cameras in the photocopier units to record what was been copied and by what person.
Very old ideas that had to be rushed out to solve unexpected wider problems.
The tracking of digital files worked in the same way. Baited access to plain text databases to see how staff would respond and what they searched or did not attempt to search.

Comment Re:Hot (Score 1) 54 54

AC a bit of reading shows Australia has some super computer ambitions and spending.
Quantum computer work has been great for funding.
"Quantum storage breakthrough key to 'unbreakable' encryption A new quantum hard drive jointly developed by researchers in Australia and New Zealand could lead the way to an 'unbreakable' worldwide data encryption network."(January 12, 2015)
http://www.zdnet.com/article/q...
"Powerful quantum computers move a step closer to reality A research team from Australia has pushed quantum computers closer to fruition, but a former NSA director warns that the technology could break encryption" (October 2014)

Comment Re:Hot (Score 1) 54 54

Re "What do they need this for?"
Small nations usually buy big computer for a few historic reasons, very advanced weapons design or a crypto race.
Australia has given up on its own advance weapon design and fully imports its needs from the USA.
Huge amounts of data collected in Asia for itself and the NSA/GCHQ flows into remote secure collection sites.
That bulk flow might find its way into a dual use civilian military telco system with global suppliers and other nations been very close to internal domestic military networks.
The only way to ensure its mil/gov networks stay secure its to try exotic new crypto it is trying to build all on its own.
For that it needs some free dual use fancy "weather" super computer to test its home brew crypto.
Australia also has to be able to break any encryption it find in Asia outside of the NSA and GCHQ help.
A "weather" super computer sounds just a bit more real than one for banking, agricultural or classic one site academic use.
ie a decades long quantum encryption boondoggle needs testing. Lots of testing, over time and the project is at the really big US computer stage.

Comment Re: Perspective helps when talking about large num (Score 1) 154 154

Re "I'm sure there are much large potential savings in the defense budget, so why waste our limited time and attention on something so small, proportionally speaking."
The US seems fixated on moving data from satellite to satellite avoiding parts of the world and having to add extensive encryption to its own bespoke satellites. Data flow was the key from Australia, Japan, UK, Slivermine South Africa and other interesting locations.
The NSA and GCHQ seemed to distrust all other methods and hoped to stay ahead of the game buying ever more for the flow of gov/mil data.
The private sector soon learned of this need and set prices to match.
Why the interest? It shows the mind set of the US and UK going back decades vs a Russia or China who could only try to secure their networks or use http://cryptome.org/eyeball/ss...
The High Frontier Broadcast: 02/05/2005 http://www.abc.net.au/4corners...
has a transcript http://www.abc.net.au/4corners... thats suggests some of the US gov spending on communications in the private sector.

Comment Some of the list (Score 1) 65 65

1. "Add public keys to major services"
The security services just use their own or find others or find the users.
2. Build better random number generators
Yet strange limits seem to be added to many public and private crypto like products efforts every decade. From banking to what shipped with personal computers.
3. Expand trusted hardware
That gets found and upgraded during while in the safe hands of the trusted global postage or delivery services. (supply-chain interdiction/Tailored Access Operations).
4. Add Merkle trees to the file system
More logging, tracking and understanding of any network or site helps. The main issue is who gets to see the files after an event? Domestic or federal investigators just take it all away to cover parallel construction or another gov/mil access?
Many of the more skilled nations are opting for their own code, designing their own cpu and networking hardware to escape most of the the more direct ways into their own existing networks.

Comment Re:Perspective helps when talking about large numb (Score 1) 154 154

Re "Why is this news? I'm all for efficiency, but savings that small are not worth it in a budget that freaking large"
Go back over the years of getting:
"That year, about $280 million worth of satellite capability was bought outside the DISA process. If the GAO is correct, then the military could have gotten that same service for about $45 million less."
Back to 1990? 2000? 2010? The decades add up. The billions of $ needed to just to buy into the private sector can be very expensive.
The linked "DOD Needs Additional Information to Improve Procurements" at http://www.gao.gov/products/GA... had a "Full Report" pdf
http://www.gao.gov/assets/680/... has :
"DISA also estimated that if DOD used a capital lease or purchase of a single band satellite based on commercially available technology, the department could avoid
costs of about $4.5 billion over 15 years compared to the current baseline.
This was the lowest cost alternative identified by the analysis."

Comment Re:Waste of Time vs Waste of Money (Score 1) 154 154

The numbers have been around for years in public. The US gov/mil is fixated on buying from the private sector every decade.
"The High Frontier" (Broadcast: 02/05/2005)
"Outer space is open for business. It’s a booming $50 billion a year industry"
http://www.abc.net.au/4corners...
from the transcript at http://www.abc.net.au/4corners...
".. makes $100,000,000 a year, buying and selling airtime on communication satellites. ...."

Submission + - Ashley Madison Hackers Threaten Release Of All Data Unless Site Closes->

heretic108 writes: According to KrebsOnSecurity, the infamous Ashley Madison affairs hookup website has been hacked by a group calling itself The Impact Team. This group are demanding the immediate and permanent shutdown of Ashley Madison, as well as a related site Established Man, or else they will publicly release all customer personal data.
Link to Original Source

Comment Re:The problem is systemic (Score 1) 36 36

Re "So what is necessary to address the problem?"
A strong compartmentalized, air gapped database that has real human oversight? The US can make and run that for every agency, department and project it needs to over decades.
They dont leak by design. Nobody networks out with plain text anything. Every access internally is logged. There is no external access.
It seems the US wanted a database, networked and usable. Who would want such a networked database?
If you need a contractor with skills and its not logged. Thats a positive for projects that needed a lot of staff in different parts of the world at some time in the past.
Internally staff feel they can look up anything. A great way to see is looking up what and why while they feel like its an open network at their desk.
Great for testing and seeing who is looking for what when alone. Hard to do if they have a person next to them and an encrypted time limited window thats logged by default.
Re What will actually happen?
A wait to see who goes looking over huge lists of interesting sounding fictional projects.
For an Operation Bodyguard https://en.wikipedia.org/wiki/... to work the mix has to be interesting.

We are drowning in information but starved for knowledge. -- John Naisbitt, Megatrends

Working...