Follow Slashdot stories on Twitter


Forgot your password?

Comment Re:Zero-days are not "back doors". (Score 1) 82 82

Re: "Unless the zero day flaw was put there intentionally, as back doors are put there intentionally, a zero day flaw is not a back door, it's just some incompetent who should be employed"
The US and UK security services have noted that difference and can shape generations of code, funding, standards, trade and competition policy.
An average company thats incompetent due to hardware and software limitations gets contracts, good press and friendly govs buy in for their own staff, education and clear standards for banking.
Thats a lot of historic power and cash to shape funding to a few US brands globally within the 5 eye nations and other friendly Western powers.
The next method is to set encryption at a level that keeps the press/other users out of a network but is 100% law enforcement friendly.
Over decades that access, funding, standards offers a perfect look down system into wider consumer networks.
If all that still cannot keep weak networks and plain text access try the Cybersecurity Information Sharing Act, or CISA.
Immunity to share all data with govs and mil looking for "cyber threat indicators". All that strong encryption for the network reverts to plain text at some point in the system and thats where a company will be waiting to sort domestic data.

Comment Re:How? (Score 1) 377 377

Re "And yes, "make someone else solve it" is a valid option but only if having the sites apply that solution by making the politicians the "someone else" is also a valid option."

The UK can ask the US banking system, political system and big pipe internet providers to to "fix" the pipes and payment options into the UK.
ie the ".com" just fails to load in the UK and a log is sent to some local UK authority about the access attempt.
If that fails the UK could fund US political leaders who understand the UK's gov internet request. PAC Britannia to reshape the US political landscape with people who are more understanding the UK's position long term.
Map out every .com site of interest and ensure they never get loaded in the UK?
An Integrated Cyber Policy. A series of costal super computer centres ensuring no blocked site ever reaches a UK provider under the leadership of a Cyber Supremo.

Comment Re:What about America? (Score 1) 34 34

One Nation under advertising, indivisible, with liberty and CISA for all.
Other parts of the world may want to consider what CISA will be about on any US provided connection.
Cybersecurity Information Sharing Act
"How Big Business Is Helping Expand NSA Surveillance, Snowden Be Damned" (Apr. 2 2015)
"A government surveillance bill by any other name is just as dangerous" (13 June 2015)

Comment Re:Treason - Peace on (Score 1) 107 107

West Germany needed a powerful tool to stop documents from walking that could embolden any local fascist, communist or cults that threatened emerging fragile post 1945 "democracy".
So any material could could walk out from the West/German bureaucracy or military has some powerful sanctions with none of the US wisdom with "... free press is the duty to prevent any part of the government from deceiving the people "
Upset West/German democracy and the gov has a huge bureaucracy set up just to correct that.

Comment Re:Won't or can't? (Score 4, Interesting) 107 107

It depends how Germany now understands the NSA and all its help setting up West German telco systems after WW2.
German decryption teams found gainful employment in 1945 with the UK/US TICOM teams.
Generations of West Germans worked with the NSA and traveled to the US to view emerging US systems, hardware and other crypto systems.
That kind of generational contact has allowed the US to handle elite German crypto staff and keep them away from any domestic West/German legal or political process.
That deal with the USA gave West German total mystery over its internal and international communications networks for decades.
So a few German elected political leaders are facing the might of decades of US/German military friendship at a top level beyond German law.
Other US West German intelligence contacts can be understood from the Gehlen Organization years

All German political parties know is their communications have been tasked by the USA even when declared safe by decades of expert West/German crypto officials.
Any inter party or elected party efforts on this topic that where discussed over a secure German network of any kind would have been intercepted.
Given the years of US/UK access to West/German political communications it would be hard to find a cleared German crypto expert who could even present the scope of what was done to German communications networks.
The clearance levels that exist in Germany for German experts would not be of any use to any committee and no German staff with US systems access would be cleared by the US to talk to anyone in Germany at any level.
The US and UK have that domestic legal staff aspect covered in an nation they 'help' :)
US security work given to local German staff out rank any domestic German legal traditions or German fact finding political settings.

Submission + - Germany won't prosecute NSA, but bloggers->

tmk writes: After countless evidence the on German top government officials German Federal Prosecutor General Harald Range has declined to investigate any wrongdoings of the secret services of allied nations like NSA or the British GCHQ. But after plans of the German secret service "Bundesamt für Verfassungsschutz" to gain some cyper spy capabilities like the NSA were revealed by the blog, Hange started an official investigation against the bloggers and their sources. The charge: treason.
Link to Original Source

Comment Re:Umm, I hope that translation is to blame. (Score 1) 34 34

Different trading companies had spice investments.
The UK had its large HMS Anderson (1941-57) sigint station and later the GCHQ had its Perkhar (1957-65) listening station (four hundred acres) in Sri Lanka.
It was one of the best sites the UK had in the Indian Ocean.

Submission + - Windows 10: A Potential Privacy Mess, and Worse->

Lauren Weinstein writes: I had originally been considering accepting Microsoft's offer of a free upgrade from Windows 7 to Windows 10. After all, reports have suggested that it's a much more usable system than Windows 8/8.1 — but of course in keeping with the "every other MS release of Windows is a dog" history, that's a pretty low bar.

However, it appears that MS has significantly botched their deployment of Windows 10. I suppose we shouldn't be surprised, even though hope springs eternal.

Since there are so many issues involved, and MS is very aggressively pushing this upgrade, I'm going to run through key points here quickly, and reference other sites' pages that can give you more information right now.

But here's my executive summary: You may want to think twice, or three times, or many more times, about whether or not you wish to accept the Windows 10 free upgrade on your existing Windows 7 or 8/8.1 system.

Link to Original Source

Submission + - CISA: the dirty deal between Google and the NSA that no one is talking about->

schwit1 writes: It's hard to find a more perfect example of this collusion than in a bill that's headed for a vote soon in the U.S. Senate: the Cybersecurity Information Sharing Act, or CISA.

CISA is an out and out surveillance bill masquerading as a cybersecurity bill. It won't stop hackers. Instead, it essentially legalizes all forms of government and corporate spying.

Here's how it works. Companies would be given new authority to monitor their users — on their own systems as well as those of any other entity — and then, in order to get immunity from virtually all existing surveillance laws, they would be encouraged to share vaguely defined "cyber threat indicators" with the government. This could be anything from email content, to passwords, IP addresses, or personal information associated with an account. The language of the bill is written to encourage companies to share liberally and include as many personal details as possible.

That information could then be used to further exploit a loophole in surveillance laws that gives the government legal authority for their holy grail — "upstream" collection of domestic data directly from the cables and switches that make up the Internet.

Link to Original Source

Comment Re:Different approach (Score 1) 76 76

A fence, trusted staff on site, limited internal networks that are not connected to the outside world works well and are not that expensive.
But that wont get a cyber security contract long term to "fix" the system after every expensive logged intrusion.
The new networks have one good plus, wealth creation for the support, upgrade aspect.

Comment Re:Obligatory "why" post (Score 1) 76 76

So one cheap engineer can watch diverse networks rather than a vast unionized on site workforce per shift, every shift.
In the past low skilled staff would have to be in place, drive to or be on site 24/7.
The cost savings add up for the brand but the quality of the network installed expected correct commands on a private network not a network open to the world.
Years later all the limited networks open to the "net" per nation have been transversed and studied by a long list of people and other nations.
The "why" was to get costs down and remove staff while staying compliant with less on site experts.
It works but for the "internet" been allowed in as part of the trusted network.

Comment Re:You don't fight "cyberbattles". (Score 1) 77 77

Cyber-attacks, cyberspace are just a fancy way for wealthy US contractors to get more/new no bid funding and enjoy decades of wealth creation with new terms and sales.
It depends how a nations understands its strengths.
The US hopes the other side will always have a cell/sat phone, voice print, home computer, travel, be in CCTV range.
That political leaders can be contacted and make coup offers or let US "advisers" enter ie
The Soviet Union, East Germany would study the outside life of the mil/gov staff members of interest and look for lifestyle choices that would make then open to some interaction or create their own Western staff over decades.
Once established a turned person can stay in place for years, even selecting projects.
The UK perfected both technical and human options thanks to its skill sets needed in Ireland and tracking all Irish funding from the US.
Whats the best small nation, low cost system? GCHQ, MI6, SAS. That gives a nation the broad digital propaganda narrative, with that perfect personal covert in country touch when needed.
Re the submissions "Few would argue that cyber-attacks are not prevalent in cyberspace."
What is cyberspace to a nation, cult, faith, idea, flag? Propaganda, shills, sock puppets have to actually know what they are doing pre culture, pre coup.
Most nations and their wider, educated diasporas are very resistant to such "cyber" efforts. Color revolutions with outside funding soon fail.

Comment Re:DC power (Score 1) 238 238

Yes looking up from a home setting AC? Or down the grid (HVDC). and
The DC air conditioner might still be interesting with a savings % on site for solar been more direct and less AC to DC conversion loss.

Comment Re:DC power (Score 1) 238 238

Re "On a more serious note, what are the benefits/costs of using AC over DC in the home?"
AC gives you the national grid, hydro, power stations and epic scale.
DC gives a solar setup one less DC to AC to DC loss conversion to get the same result in the home setting (lots of roof panels, sun, short DC wire length to correctly sized air con unit).
Re: Do modern TVs run on AC, or are they just converting it to DC internally as well?
A boat, RV or truck shop can help with a list of DV 12v and 24v devices. Wire thickness, length, amps, devices used, storage then gets to be interesting design cost in the home setting.
With AC within reason any electrician can give you a great deal of "power" from the grid, 24/7 per room. With DC the length, width, usage, voltage math starts to get more interesting per device added.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.