Forgot your password?
typodupeerror

Comment: Re:The real study (Score 2, Interesting) 182

by Jahava (#47936855) Attached to: Snowden's Leaks Didn't Help Terrorists

I appreciate your summary, as it accurately summarizes my impression of the material as well. I want to piggyback off your conclusion to make a small point.

Now, I don't think Snowden had anything to do with Ukraine, but let's at least keep our minds straight.

As the Snowden leaks named several US technologies, techniques, and even specific targets, it seems highly likely that Russia (and other nations) found actionable information in those leaks which, when acted upon, degraded the US's ability to extract information and bolstered their security posture. Awareness of what an opponent knows about you and can do against you is information that can be leveraged to increase your changes of success and impact.

I agree it's unlikely Snowden caused Russia to engage Ukraine or directly helped the terrorists, but I think it's naive to think those respective organizations didn't use the information he provided to strengthen their stances and hone their strategies. They'd be fools not to. To the extent that there was actionable information in those leaks, Snowden's actions helped those organizations.

Comment: This is great for those with poor signal, too! (Score 3, Informative) 162

by Jahava (#47875985) Attached to: Google Hangouts Gets Google Voice Integration And Free VoIP Calls

I have T-Mobile and I am generally pretty pleased, but one thorn in my side is that where I live the signal is poor-to-none. This isn't usually a problem, as I don't generally voice chat and have other call options (e.g., Google Voice, Hangouts). However, it is definitely inconvenient to have to bootstrap every call through a laptop.

This affords me the mobility to easily make calls, wander around, enjoy my deck, etc. and removes that thorn from my side. Thanks, Google!

PS: For those who are waiting for a new Hangouts version, that's not how this is distributed. FTFA, you have to install an add-on dialer app to Hangouts and instant feature! Works great in my limited test runs.

Comment: Re:Unintended consequences ... (Score 1) 233

by Jahava (#47756775) Attached to: California Passes Law Mandating Smartphone Kill Switch

I predict it will be less than a year before law enforcement decides to shut down all cell phones of people they disagree with (like protesters).

They'd have to go through all of the trouble of identifying the individuals and gaining cooperation of the carriers/vendors. When they're close enough to identify individuals by name, why go to the trouble of locking phones? They'll just do what they do now and arrest them.

I predict it will be less than a year before hackers figure out how to brick or otherwise damage cell phones.

This depends on how the lock is implemented. iOS and Android already have some remote lock/wipe features that haven't been heavily hit by hackers. Mass phone wipes haven't been a thing yet. I'm sure people will try and I'm sure some will succeed (likely in controlled circumstances), but identity establishment and crypto are both well-known in the industry.

Because, as usual, when you try to pass a legal solution to a technical problem, you will introduce new technical problems, and if law enforcement can abuse something they will.

This is hardly a technical problem, as it's been solved and implemented in various forms for years (e.g., iOS7). This is a policy problem, and a legal solution is quite appropriate. For example, carriers have blocked Samsung from including an activation lock. This kind of thing is what the legal solution solves by taking the decision out of the vendors' (who care about products and reputation) and carriers' (who care about profits) hands. The decision seems pretty reasonable, as existing legislation/policy has resulted in measurable drop in device theft for those devices.

This will be misused, it's only a matter of time. And, since manufacturers will decide to make the phone the same for everywhere, we're all fucked because of a decision in California. And I don't trust that the carriers won't brick a phone you own if your bill is late, instead of just cancelling your service they'll kill your phone.

Existing lock options are done through the phone vendors, not the carriers. If the carriers did this to your personally-owned device, it is property damage. And if the government wanted to deny an individual cell service, they can do it now (and have been able to for all of cellular history) with a warrant through the carrier. The government/carrier has always been able to shut off your service.

Comment: Re:Guilty (Score 2) 102

by Jahava (#47744923) Attached to: Ross Ulbricht Faces New Drug Charges

Of facilitating voluntary transactions between consenting adults.

The illegality of those transactions is the only reason they are massively profitable, and that is likely the only reason he engaged in them.

Whether or not you agree with that illegality is irrelevant. By profiting from facilitation of illegal activity, Ulbricht leveraged an unfair market position to get ahead of the rest of the world. Anyone can break the law for disproportionate profit. He's That Guy, and if you live within the system (as most of us do), you need to support stamping him down. The alternative is that everyone break the law for profit, which consequently becomes non-disproportionate with a few other side effects.

Comment: Re:Hilarious Irony (Score 1) 148

by Jahava (#47355445) Attached to: Lawrence Lessig Answers Your Questions About His Mayday PAC (Video)

Why is it ironic? The whole point here is that money has undue influence in politics, so in order to effect political change (including the reduction of that influence!) you need money. It's trying to beat the system with the tools that are empowered by that system.

This reminds me of Richard Stallman leveraging copyright law to essentially enforce restrictions on liberties traditionally associated with it (Copyleft).

It's the strength of a vested established system that is also its weakness: it's so strong that only thing that can defeat it is itself.

Comment: Use this to reflect on privacy as a whole! (Score 4, Insightful) 513

by Jahava (#44985303) Attached to: Snowden Strikes Again: NSA Mapping Social Connections of US Citizens

Keep in mind that Facebook and countless other sites are already admittedly collecting the same (and more) information and behavior associations, oftentimes with as little publicly-released details, accountability, and oversight, and then using it actively and aggressively to manipulate every single person (American or otherwise) into altering their financial behaviors, public perceptions, political persuasions, social interactions, and much more.

This is obviously not the same as a government agency per se, but it is useful to reflect on the differences and (more so) the similarities between what is specifically unsettling about a government and a large corporation having this information. Throughout this series of revelations, I've found it useful to contemplate any concern that I feel regarding my government possessing this degree of intimate information in the context of the Facebooks, Googles, and LinkedIns of the world. They are (to a far wider degree) actively targeting you (and everyone you know) directly and collecting and using all of the same associations with no need for suspicion of terrorism, illegal associations, FISA courts, or any real oversight. They sell this information in troves to the highest bidder with loose terms and are willingly or unwillingly subject to their members' respective governments' information request laws. They and their associates and clients are applying that information actively to change you.

While I can't stress enough that the gravity of one's government's actions should not be grouped with likeminded corporations, I do worry that Internet corporations are collecting more information with less oversight and accountability and using it in far more objectionable ways against a far wider audience! It's a different kind of threat, but in many ways I fear them far more than the government.

I (personally) hope that the outcome of this series of revelations is a global reflection on privacy and information sharing and not just a narrow-minded focus on a particular agency's actions.

Comment: Re:I am Jack's total lack of surprise... (Score 4, Insightful) 221

by Jahava (#43238859) Attached to: Google Keep Labelled "Delete"

Google knows what it's doing when it comes to search (including maps), and (after several years) Android - everything else is stuff built/rolled out/supported by disparate uncoordinated groups with no coherent strategy or purpose beyond "hey, this looks like something the PR guys would like."

What a stupid statement. "They only knew what they were doing those times they did well." Most of their projects, with the exception of search, started out as disparate uncoordinated groups with no coherent strategy.

Comment: Re: Its hard to tell (Score 0) 440

by Jahava (#43060391) Attached to: Bradley Manning Makes Statement

The reason we have rules of war is so we can react with some degree of international cohesion when they are broken. It's a deterrent for the little guys: follow the rules or the wrath of god will come down on you. Supporting you will be poison and in all likelihood you have damned your cause.

Honestly it seems like a win-win for humanity. The premise is, of course, that larger nations have the incentive and wherewithal to avoid total war. This cornerstone becomes the foundation to pull other nations without the maturity or international presence up to these standards.

Obviously if any nation, alliance, or cohesive group is adequately threatened they will never pull total war off the table. Rules of war / engagement help keep it off the table in areas where armed conflict is a threat with a much higher frequency than the first world. Frankly, autonomy and sovereignty have not existed since economies globalized, and that's also probably a good thing. We're moving towards a humane and cohesive world, but we're not there yet, and constraining war is a triage until we are.

A world without war is not a pipe dream, and, I would argue, an inevitability as countermeasures and technology continue growing in destructive power and ease of acquisition. However, looking at the state of the first world, much less its trading partners and the rest of humanity, we all have a lot of rapid cultural development and normalization to go through before we're ready.

The Internet will be the herald of all of this. So, tech world, keep up the good work.

Comment: Re:I HATE this (Score 2) 473

by Jahava (#42741005) Attached to: Hacker Faces 105 Years In Prison After Blackmailing 350+ Women

It wasn't one instance of it though - it was more than 350 women. If you steal one orange, you'll get a slap on the wrist, you steal a truckload and that's a totally different thing as far as penalty.

I would personally disagree that blackmailing even 350 people is worse than murder. Regardless, I think OP's point still stands. Things like murder are in a completely different category of crime.

Comment: Re:Will not work on 64 bit (Score 2) 208

by Jahava (#42696417) Attached to: Hacker Bypasses Windows 7/8 Address Space Layout Randomization

The address Space of 64 bit processes is vast compared to available memory. The process will run out of memory before the address Space could be filled.

Unfortunately many browsers still run 32bit even on 64bit systems because of plugin compatibility. Time to move to 64 bit browser processes.

Note also that this attack is only feasible against browsers. Like other ASLR bypasses it will not Work against e.g. Outlook or Word where the attacker has very limited ability to control memory allocation.

It's worth mentioning that the critical component here is using client-executed trusted/sandboxed code (in this case, JavaScript) to exhaust the memory space. The code must be able to allocate memory, and it must be able to identify the virtual address of the memory that it allocated, else when it begins opening a hole for ASLR determinism, the shellcode won't know where to target.

Any client-side language that can allocate arbitrary memory and identify the allocated address should be able to be used in this capacity. JavaScript is identified in the PoC, but I wouldn't be surprised at all if VBA can do the job in Office (e.g., Word/Excel/Outlook/etc.), and if other trusted/sandboxed codes could do the job in other languages (Java, C#, etc.).

An obvious defeat is to either have application-enforced restrictions on embedded language allocations (e.g., I can allocate up to 10G of memory, but my embedded script can only allocate 1G) to guarantee the presence of some random areas. Another option would be to allocate dynamically-loaded library memory in a different restriction context than standard process memory so that their respective allocations don't draw from the same pool.

Comment: Re:Gnome: I never got the hype or the recent rage (Score 4, Informative) 378

by Jahava (#41941469) Attached to: GNOME 3.8 To Scrap Fallback Mode

Not much else to do but agree. However, you should really give KDE4 another shot. Ever since KDE4.5 or so, it has been a fully-usable (albeit heavy) desktop environment. It's achieved the level of maturity and configurability I've always associated with the KDE3 line, and has added several features that are genuinely useful (such as window grouping, tiling support, a full semantic desktop, and several powerful UI scripting techniques), as well as the traditional KDE integration technologies. After some early 4.x struggles, I'm once again in love with the full KDE user experience.

I've done my tour of GNOME2, XFCE, KDE3, Enlightenment, xmonad, GNOME3, Unity, and KDE4, and I would, for primary desktop purposes, choose KDE4 without hesitation at the moment. Definitely worth giving it another shot if you haven't already.

Comment: Really, Linux won't (currently) support CT (Score 5, Informative) 434

by Jahava (#41333587) Attached to: Intel Says Clover Trail Atom CPU Won't Work With Linux

So, as an aside, isn't the entire point of a tech aggregator to provide a technical summary? Not just copy and paste the article's summary... anyway...

FTFA:

Intel went to great lengths to highlight the new P-states and C-states in which it can completely shut down the clock of a core. The firm said the operating system needs to provide "hints" to the processor in order to make use of power states and it seems likely that such hints are presently not provided by the Linux kernel in order to properly make use of Clover Trail.

In other words, Intel has added new capabilities to Clover Trail that allow enhanced power management, and Linux doesn't currently support it. Anyone who thinks that this will continue to be the case for much longer is a moron, especially if Intel continues to release its architecture datasheets, which we have no reason to think that they won't.

The article really says: It can't run Linux because there's no support for it in Linux, and there's no support for it because it's literally brand-new.

Money can't buy happiness, but it can make you awfully comfortable while you're being miserable. -- C.B. Luce

Working...