Forgot your password?
typodupeerror

Comment: Re:What? (Score 1, Informative) 35

Makerspaces are places where people--either the general public or a group of paying members--can gather together and make things. Makerspaces usually have an abundance of tools, materials, and places to work on hands-on projects. They typically celebrate open source, notions of hacking technology, and playful misuse of technology to do interesting things.

Think: informal, engaging, creative spaces where you can collaborate with people to make things.

Here's a blog I wrote with good pics: Quelab - a Community of Practice. Full disclosure: I'm on the board of directors at Quelab in Albuquerque. Drop by if you're in the area code.

Comment: Re:Get it FIPS certified (Score 1) 360

by Error27 (#46814619) Attached to: Not Just a Cleanup Any More: LibreSSL Project Announced

If you read the article then you'll see that the OpenBSD explicitly rejects FIPS certification as a goal.

FIPS certification is why OpenSSL includes the NSA backdoor DUAL EC pseudo random number generator. The code doesn't work but it's still included and can't be fixed. Anything which leads to an outcome like this... Disgust. Disgust and revulsion.

Comment: that's really stupid of them (Score 2) 173

by Error27 (#46648571) Attached to: ZunZuneo: USAID Funded 'Cuban Twitter' To Undermine Communist Regime

The government already has the CIA for this stuff. It was amazingly dumb of USAID to start doing the CIA's job. The head of USAID should resign followed by a full investigation.

But that won't happen because the government has stopped caring about appearances any more.

Comment: "No evidence of abuse has been found" (Score 4, Informative) 359

by Error27 (#45988645) Attached to: Obama Announces Surveillance Reforms

Obviously LOVEINT is one example. But more details are coming out about how David Patraues was caught having an affair because of "metadata" collected by the NSA.
http://www.charlotteobserver.com/2013/06/17/4111871/metadata-helped-reveal-gen-petraeus.html#.Utlud2nfqCg

When Jill Kelley first reported getting threatening emails about Patraues, the FBI read all her emails as part of "a routine step".
http://www.nytimes.com/2014/01/06/us/from-petraeus-scandal-an-apostle-for-privacy.html

They didn't have a warrant to read her email, they just hacked into google and made a copy of everyone's email. If you report a crime to the FBI they read your email. Simple as that.

Comment: Re:Sensationalist headline is Sensational (Score 1) 292

by Error27 (#45986449) Attached to: Thousands of Gas Leaks Discovered Under Streets of Washington DC

Typically these leaks are very small and are no danger to the public, which is why they are allowed to persist.

You didn't read the article. You didn't even read the summary. There were 12 which were dangerous. They reported them and the gas company had only fixed 3 of them four months later.

Comment: Re:Has anybody seen the actual "evidence"? (Score 4, Insightful) 112

by Error27 (#45906385) Attached to: Security Experts Call For Boycott of RSA Conference In NSA Protest

The wikipedia entry is good on this:

http://en.wikipedia.org/wiki/RSA_Security#NSA_backdoor

RSA has not disputed any of the facts but only argued that they did it out of ignorance. $10 million buys a lot of stupid. $10 million is peanuts for EMC but for RSA at the time, it was quite a bit.

Comment: It's not about fighting terrorism (Score 1) 234

by Error27 (#45862305) Attached to: Even After NSA Leaks, Government Still Trusted Over Private Firms

Reasonable people don't believe that Angela Merkel is a terrorist. Instead talking about terrorism, it's more important to talk about how the NSA spying benifits us during trade negotiations.

Technically, I suppose it doesn't benifit all of "us"... Oh well. Sucks to be you I guess.

Comment: Re:The Case of the Dog That Didn't Bark (Score 1) 291

by Error27 (#45768479) Attached to: RSA Flatly Denies That It Weakened Crypto For NSA Money

The NSA documents on this have been leaking for a while. There are ones that dealt with pushing DUAL_EC through NIST. The documents dealing with RSA are separate corroborating documents which fill in some details.

It's likely that the NSA documents on subverting OpenSSL will leak eventually. Anonymous government sources estimate that at the current rate the NSA leaks will take two more years before they have all been released.

Comment: They're not denying the article really (Score 5, Interesting) 291

by Error27 (#45764951) Attached to: RSA Flatly Denies That It Weakened Crypto For NSA Money

They're just claiming again that they assumed the NSA were good people.

This all happened in 2006. RSA adopted DUAL_EC. RSA was sold to EMC. NIST released the standard. Microsoft researchers showed the flaws in DUAL_EC. The flaws in DUAL_EC have been known since 2006, the only thing we didn't know was that they were deliberate.

Also it's interesting to note that an anonymous organization paid for the same DUAL_EC algorithm to be added to Open SSL. With Open SSL at least they didn't make it the default but it's not far off from what RSA did.
http://arstechnica.com/security/2013/12/nsas-broken-dual_ec-random-number-generator-has-a-fatal-bug-in-openssl/

Comment: The US has this capability, of course (Score 1) 698

by Error27 (#45714311) Attached to: NSA Says It Foiled Plot To Destroy US Economy Through Malware

http://www.theinquirer.net/inquirer/news/2290640/germany-warns-against-using-windows-8-due-to-security-risks

You just revoke the keys and suddenly the machine can't boot.

It's funny how the NSA accuses China of inserting back doors but Snowden shows how the NSA inserts back doors. China hacks into systems but Snowden shows the NSA has hacked into tens of thousands of networks. And now the NSA is bragging about preventing a shutdown button when we already know it did the exact same thing.

If it smells it's chemistry, if it crawls it's biology, if it doesn't work it's physics.

Working...