Forgot your password?

Comment: Re:And if they hade a place to store the waste. (Score 2) 179

by DarkOx (#47796441) Attached to: Feds Want Nuclear Waste Train, But Don't Know Where It Would Go

You are probably right but there are some things to consider here.

1) Transporting nuclear waste by rail is not exactly blue sky research. I don't think anyone seriously doubts we can find a way to get that done. Which is not say it will not take a great deal of thinking, research, testing, around the safety engineering of it or that it would be expensive to do.

2) It may prove politically impossible to ever transport these materials on a large scale. After the recent accidents with oil on rail, have the public pretty squeamish, about hazardous materials moving thru their back yards. Decades of propaganda have lots of people afraid and opposed to atomic* or nuclear* in general. In the wake of Fukushima we have already seen major western nations shutter their nuclear generating. If these trains were ready to roll today and there was a disposal site, politics would never let it happen. So there may be no need to undertake 1.

3) For practical reasons there may never be any disposal site. First for technical reasons breaders probably still make more sense, and solve the spent fuel problem. If we move in that direction most of the spent fuel isn't spent at all and it may be better to keep where it is now so its accessible. Reduces the need for 1, although only partially we still might need to move the stuff between sites.

4) Politically there may never be a disposal site. Reid has basically killed Yucca. If we can't muster the political will to put a storage facility in sparsely populated low economic value desert I don't know how we'd ever get it done anywhere else.

5) Environmentally it has been determined that even Yucca, most promising spot identified today is really not as ideal as we once thought. There may not be anyplace that is really 'good' to use as a radio active waste dump. Again killing the need for 1.

So in light of the fact that 1 is a known obstacle which we are confident is solvable, while the fundamental issues are more open questions it probably does make more sense to try and resolve the other issues first.

Comment: Re:Putin: "Your move, West" (Score 1) 823

by DarkOx (#47778243) Attached to: Russian Military Forces Have Now Invaded Ukraine

Removing elected officials from office because of their corruption is not contrary to the rule of law.

Umm yes it is contrary to the rule of law unless you:
A) have an established process by which a leader can be impeached
B) follow process A

The winner won because the whole "should we split up the country" issue breaks down geographically and the pro-Russia part of the country more or less could not vote. Just like the pro-Western groups in Crimea more or less could not vote. Either both of those 'elections' is legitimate or neither is. The Fact is neither election was anything close to what we would regard as inclusive, free, and fair.

I am not buying any of the propaganda about the current leadership and its legitimacy. The Fact is the previous president was compelled to leave office via extra-legal means.

Fled vs Ousted is really a Symantec argument as nobody does what would be described as "fleeing" except under duress, otherwise its just "leaving" and nobody is saying he just left. It comes down to if you want to add a connotation of cowardice and guilt or not.

You can spin things as much as you like. If you want to say we helped oust a corrupt, leader who was trying to give the nation away to his Russian counter parts. That might be true, but you cannot claim it was done by standing up for the rule of law. That is plainly false.

I remain convinced that better maneuvering around this issues was perfectly possible. A little more prudent and careful action could have gained us the westernized Ukraine we wanted without escalating apparent tensions with the Russians it jsut would have taken a few more years.

Comment: Re:Putin: "Your move, West" (Score 0, Flamebait) 823

by DarkOx (#47775645) Attached to: Russian Military Forces Have Now Invaded Ukraine

"sovereignty" what a fucking joke. They ousted a lawfully elected president, using an unlawful process at our urging. Lets face it when Obam says "elections have consequences" he means "election have consequences, if the elected is me". We have seen this with Morsi as well.

I am not saying Yanakovich was good guy; but we could have taken all their air out of this thing at the start if we would have backed Russia, in insisting the rebels/rioters just go home. Putin did not like Yanakovich either but had more or less backed him publicly at the time. It would have been much more politically challenging for him to get away with invading Ukraine while the sitting Russian leaning president was in office and than after he lost the next election to a European leaning one. Now we a situation where people can argue about the the legitmacy of the current office holders, Putin can and does make the very correct argument they are no more or less legitimate than the separatist leaders.

We could have avoided all this if Obama had been a little more patient and not tried bring Ukraine under Western influence so aggressively and quickly. It would have happen, was happening just needed time.

Now this is really Russia's game to loose. Ukraine is strategically more valuable to them than us. We have more immediate threats to deal with ISIS, Assad, IRAQ, Hamas, North Korean, and the African coast. All of those pose much greater economic and security risks to us than what happens in Non-NATO Eastern Europe.

Comment: Hopefully a return to real science (Score 4, Insightful) 87

by DarkOx (#47731063) Attached to: What's After Big Data?

The problem with 'Big Data' is everyone is trying to use it as a substitute for actual hypothesizing and experimentation.

I am not suggesting it isn't useful, it is, and it can be a huge help in identifying non-intuitive relationships that may exist. Its not being marketed that way though! Everyone is trying to sell it as the solution to all their unresolved problems and knowledge gaps.

At the end of the day all it can ever show is correlation, never causation. All the fancy AIs we add on top are really just correlation engines as well. One day real-soon-now WATSON or something like it will diagnose your cancer. It won't 'discover' the cure though, it will just apply the 'KNOWN' treatment that statistically correlates with the best outcome, hopefully excluding some which correlate with especially un pleasant side effects.

Same is true with the financial markets. Big Data alone will never discover a unified theory that explains market behavior. It will probably make a handful of people stupid amounts of money based again or event correlation and speed. As long as those are the drivers though we will remain forever at risk of sudden meltdowns.

Comment: Re:Must be an alternate earth. (Score 1) 441

by DarkOx (#47730863) Attached to: Tech Looks To Obama To Save Them From 'Just Sort of OK' US Workers

I have worked with lots really sharp guys from India, mind you they have been here in the US. Which implies selection bias, they were ones who had the interest, ability, and resources to get here. I have worked with lots of guys and from all over Europe an South America as too. Some great some not so great.

I don't think 'where' has much to do with it, talent is talent and it cares not about the label applied to map marking ones place of birth.

That said I don't think much of these programs. I expect 'my government' to look out for the 'general welfare' of 'my fellow countrymen'. I think the long term economic wisdom of importing all these workers from elsewhere is highly questionable. Based on intuition, labor statistics, and anecdotes, I fail to to reach the conclusion that the vast vast majority of tech jobs could not be filled by current citizens. Its not even clear it would alter the long term cost structure of these companies much; even if it did hurt the next few quarters.

So I suggest we dispense with all of the crap, the unsubstantiated economic voodoo, the nationalism, and the Xenophobia. Lets stop incentivising off-shoring and importing of workers. Lets not disincentivise it either. Get rid of the tax loop holes; dump payroll taxes entirely. Just allocate what is required for entitlements like SS and Medicare from the general fund. Get rid of the tax exemption on benefits make them taxable as regular income. Provide that no employer may require an employee to participate in their benefits program. That will make the heal-care market place more open and take that dimension mostly out of labor competitiveness.

Then adopt a permissive immigration policy, no quotas no incentives. Let as many people come as want to but require they prove at least one of the following:

1) An offer of gainful employment
2) Existing financial resources on which they can live for at least two years.

Comment: Re:Host your own DNS (Score 1) 101

by DarkOx (#47695191) Attached to: ICANN Offers Fix For Domain Name Collisions

Denying access as the default and explicit allowing exceptions is much more secure than the opposite.

Well no argument there but there are appropriate places to install filters and in appropriate ones. Its the job of the firewall to prevent connections to outside resources or possibly a proxy or gateway server, not the DNS servers because if the ip can be discovered some other way the control is bypassed.

Naturally in a high security environment you might need to control DNS. It can after all (at least with a cooperative) remote server be used for ingress and egress. You might configure an internal DNS server to return records only for zone on which it is an authority and perhaps whitelist specific external zones like; but you certainly are not going to say allow it to resolve any .com and not any .mail|.food|.biz that makes no sense.

Comment: Re:Host your own DNS (Score 2) 101

by DarkOx (#47693941) Attached to: ICANN Offers Fix For Domain Name Collisions

Right so we can repeat the problems where dip shit network admin decided to not read any documentation and used something other than RFC1918 address space for internal routing. Now Bob in customer service is trying to get to the clients website which happens to be in the same IP range internal hosts uses, and wonders why he can't.

Seen it. You can't just exclude conflicting TLDs because sooner or later someone might need a resource on one of those tlds.

Comment: Re:Not much of a fix (Score 3, Interesting) 101

by DarkOx (#47693751) Attached to: ICANN Offers Fix For Domain Name Collisions


There is a universal truth out there nobody, not even Vixie, fully understands DNS in terms of all its interactions with it self scaled globally and what assumptions (correct or otherwise) software that uses it makes.

I fail to see how this proposed behavior solves anything. Most software out there was written to assume that if you get back an address DNS resolution worked, if there was a problem you get back something like NXDOMAIN. Lots of apps are not going to report any problems if they get back, there are going to sit and wait for the connection to time out or depending on how the system is configured report connection refused. Leaving the user with no way to know the name was wrong.

Its not good for developers writing new code either, because now they have to do somethig like this:

Try addr = gethostbyname($hostname) //stupid hack to test for
raise NSException.NXDOMAIN if addr == aton("")
catch NSException => e
echo 'Name resolution problem' + e.msg >> $strerr

Which is ungly confusing and stupid.

Of course the real issue here nobody is taking care of is the security one. Bob is happily using his laptop to read his mail on the corporate network connected to mail.some_now_public_tld and then he goes to the coffee shop, the guys operating some_now_public_tld fixup their dns to answer for mail and wait for Bob to send his credentials. It will work too because Its a certain that the same folks who thought it was a good idea to ignore the rfcs and use some_now_public_tld are the same ones who still think its okay to run services with no authentication to the client. So Bobs mail app not configured to use SSL etc never checks any server cert and just sends his password.

Comment: Wait (Score 1) 166

by DarkOx (#47683981) Attached to: Watch a Cat Video, Get Hacked: the Death of Clear-Text

many otherwise well-informed people think they have to do something wrong, or stupid, or insecure

Wait how does executing code delivered over a clear text channel without some other strong attribution and integrity controls in place not count as stupid or insecure.

Then we have slashdot here were we shove our session cookies back and forth in clear text. Not ideal but I don't execute code from slashdot (noscript) and I don't reuse my user name ore password elsewhere. So that lowers my exposure somewhat.

The browser makes need to at this point:
Disable the execution of any script or content of any script tag that was not transferred securely or loaded from local media; by default. Perhaps provide a white-list function to accommodate legacy intranets and stuff. They should similarly deny embedded objects like flash, sliverlight, acrobat, etc in those situations.

This would do a lot to protect people from both inject attacks and various forms of phishing. It would also really push site operators and web hosts to make sure SSL is available everywhere.

Comment: Re:On come on now Edward (Score 1) 194

by DarkOx (#47666485) Attached to: Snowden: NSA Working On Autonomous Cyberwarfare Bot

He admits to the acts but not to the intents. Intent is a big part of criminal culpability. He would also dispute many of the claimed harms done.

I work in Information Security, much of what I do phishing, exploit development, etc would be illegal except for intent and harm. There is no harm because any property I obtain or gain control of is not converted for my use but promptly returned unimpaired. I have no intent to illegally convert anything for my use or disclose any information about your organization but rather to fully comply with the NDA and scope of activities agreement I signed with your boss.

And for those reasons it isn't fraud when I call you pretending to be from the IT Directory from the European Subsidiary needed you to install the emgency "patch" I am about to e-mail you.

The law is not as simple as "what you did" why you did it matters and so does what the outcome was and even what the potential outcomes were.

Comment: Re:Don't allow jpg or gif or ... (Score 3, Funny) 299

by DarkOx (#47666375) Attached to: Writer: Internet Comments Belong On Personal Blogs, Not News Sites

many of the highly rated comments are really just wisecracks which might be funny, but don't add anything to the discussion.

Two comments on that.

The wise cracks tend to actually be moderated as "funny" by simply not including a funny moderation options a site would probably do a lot to discourage modding comments of that type up. A site could also easily offer user preferences for not including funny up mods when determining how to sort comments for display time.

A bit of levity might not directly contribute to the conversation by may encourage others to participate who otherwise would not have. IT may also inspire creative thinking in others leading to additional insight. Humor is something many people use to tackle issues they find challenging.

+ - NSA not Assad brought down Internet in Syria->

Submitted by DarkOx
DarkOx (621550) writes "In his most recent interview with Wired Edward Snowden makes the claim that in 2012, the NSAâ(TM)s TAO hacking group was attempting to install surveillance malware when it accidentally brought down a crucial router at a Syrian Internet service provider, and the nation's Internet connectivity with it.

The NSA allowd the public to blame the Assad regime, while others within the NSA apparently considered pointing the finger at Israel for the botched intrusion. This revelation raises even more questions about the legality of the NSA actions, as they would seem to be very similar to electronic atacks other officials have suggested the USA would consider acts of war if used against infrastructure based in the USA.

Could the reckless behavior by the NSA cause our nation to be drawn into war?"

Link to Original Source

Comment: Re:On come on now Edward (Score 4, Informative) 194

by DarkOx (#47665467) Attached to: Snowden: NSA Working On Autonomous Cyberwarfare Bot

if he was a true patriot as he claims he'd have faced the music

Oh come on, what the hell is patriotic about being shoved in an oubliette some place, after a show trial where you can't present any evidence because everything is classified?

Snowden would never get anything resembling a fair trial before a jury of his peers. A show trial is the most he could hope, but its just as likely he'd be held pretty much indefinitely without trial on some flimsy constitutionally unsound national security pretext. If you want to know who the cowards are its Kerry, Clapper, and Alexander who want to burry him or avoid tackling his criticism with lies and indirection rather than confronting it with actual facts.

Going through the system, and there is evidence he did try does not work. Just try filing and FOIA request about anything that is connected to "terrorism" in their wildest imaginations (like animal rights) and see what happens. The first time you will probably get a nice letter back telling you: "they can't tell you why they can't tell" you what you wanted because 'national security'. Send a another request for ANY information on how they handled your first request and they will probably just stonewall. Which is ILLEGAL the law say they have 20 days to do something and the three letter agencies won't do that.

Statistically you are more likely to die falling out of bed than you currently are from any kind of terrorist attack. Logic would then dictate at the very least we would create a "Bedtime Safety Authority" to make sure we are all tucked in at night before investing more in counter terrorism and yet we keep allocating more and more federal to that; well that is what the NSA tells us they are doing with them anyway preventing terrorism. Then we also dump more money into policing while crime nears all time lows, and yet no recruitment fliers for the BSA are there to be found.

There are no good reasons for these people to be doing what they are so they instead just want to silence critics like Snowden. No Snowden is no coward he is the guy that gave up home, family, and a cushy job in paradise to keep this issue alive.

Comment: Re:Should we really be worried? (Score 2) 194

by DarkOx (#47665227) Attached to: Snowden: NSA Working On Autonomous Cyberwarfare Bot

Automating war is a scary. What people should really look at is things like the flash crash to know why; or even the recent BGP hijacks for that matter.

The more automation your create and the more those autonomous systems interact with one another the more potential you have for bizarre positive or negative feedback problems. Eventually the system becomes so complex it is no longer very predictable but plenty dangerous.

The stock market today can plunge 700 points for no fundamental reason what so ever. One machine starts selling, which triggers another machine to act and so on. Its bad enough when its only money, and these people want to weaponize it!

Or one person manages to compromise one machine and instructs it do something like advertise a route and the next thing you know thousands of other machines react to it making the attack possible.

Not to go all SkyNet but something like this could quite literally inflict massive damage on the world before any person even realizes something is wrong. Be pretty sad if a software bug ends modern society as we know it because some asshat military-industrial-complex guy thought automated strikes were a good idea.

We can predict everything, except the future.