Forgot your password?
typodupeerror

Comment: Re:Common sense? In MY judiciary? (Score 1) 457

by DavidTC (#46168137) Attached to: Judge Says You Can Warn Others About Speed Traps

No shit.

I'm all for warning drivers to be legal (Which, it must be pointed out, is applicable to situations besides the police, and can be for all sorts of warnings of road conditions.), but flashing brights at people is *itself* dangerous.

What we need a precedent that turning your lights off for a split second is free speech, not 'driving with your lights off'. (Probably need some sort of threshold of about a quarter second.)

Comment: Re:And so, it begins (Score 1) 383

by DavidTC (#45695907) Attached to: NSA Has No Clue As To Scope of Snowden's Data Trove

Yeah. I always found it funny that the conspiracy theory brought in the British news media. I mean, it's absurd to give anyone a script, but the British news media?

<sarcasm>Because if there's any group that would just fall in line with the Bush administration murdering thousands of people, it's the British news media.</sarcasm>

I remember when the assertion that one of the terrorists was actually still alive showed up...and my response was 'So you assert the US government, instead of just making up Iraqi terrorists to pin this on to invent a war, used pre-existing Saudi terrorists that they could not confirm were already dead?'

And the less said about the 'using missiles instead of planes' theory the better. Man, was that one silly or what?

There are two kinds of conspiracy theories out there. One that postulates plausible causes for actual events. I mean, Jack Ruby _did_ have mob ties, and the Kennedy administration was cracking down on the mob, so if you want to assert that Oswald did a mob hit of JFK, and then was taken out, hey, I don't quite believe you, but you're not _insane_. That is indeed plausible.

The other kind of conspiracy theory is where you take some event and randomly find 'inconsistencies', which are usually just things said in confusion that are untrue, or misunderstandings of what is going on, or things that are completely normal but don't look normal to people who don't understand disaster, and try to build a massive conspiracy using every single one of them. None of which will hold up to the single question of 'Why the hell would anyone running that conspiracy actually do that?'

Which, in the context of the Kennedy assassination, is basically trying to make there be more other active shooters beside Oswald, elaborate conspiracy theories about misunderstanding of physics and bullets instead of just saying 'Yes, Oswald shot him...but _why_?', which is a much better question.

Comment: Re:They have *worse* to hide? (Score 1) 383

by DavidTC (#45695665) Attached to: NSA Has No Clue As To Scope of Snowden's Data Trove

I'm suspecting it's doublespeak. He used other people's credentials...in the sense that they didn't even bother giving each individual person their own login. I'm sure he wasn't technically 'supposed' to have access to some of that information, but that probably means he just copied it directly from some accessible file share instead of using their crappy web UI.

The intelligence infrastructure is a joke. It is a giant uncontrolled operation flailing around randomly sucking up all the data it can, with no controls on anything internally.

And Snowden did a huge service for this country. Not in the information he stole, not in the operations he revealed. That as nice to know, and to all those asshats who assert that intelligence operations need to be kept secret...sure, individual operations should be secret, yes. Not what type of operations and spying exist.

But, anyway, the truely great service is that Snowden demonstrated that literally every intelligence agency in the world already has that information. Trust me, they are, at least, communally, as smart as Snowden, and as it is apparently fucking easy to just be invited to b given access to everything, everyone else already has it.

In fact, considering how shitty the controls apparently are, it makes much more sense for other intelligence agencies to spend their time and effort subverting subdivisions of contractors of our intelligence services than trying to run their own network, letting them use our intelligence resources in real time. Without Snowden, the public at large would have no idea this was happening.

The question is not 'Do you trust our government with all your private information', or even 'Morally, think about how would you feel if you knew the Chinese were doing the esame thing to you, and you'll understand how this makes other countries feel.'...it's 'How do you like the fact that the Chinese are spying on you, right now, using your own tax money and your own government agencies.'

Because they are. Or, at least, could be if they thought you were the least bit interesting. (Incidentally, 'interesting' to intelligence services is not as high a threshold as people think. Do you, for example, work in the technology field and could conceivably be a useful asset to get malware somewhere they want it? Or have access to proprietary business secrets? Or medical information?)

Comment: Re:Air Gaps are Evil (Score 1) 107

by DavidTC (#45530823) Attached to: Researchers Build Covert Acoustical Mesh Networks In Air

Erm, okay, you're talking about something completely different...

...but still not making much sense to me.

The problem is that 'If you instead had a wire to the machine in the room, you could monitor the transactions over the wire. You could ensure a non turing complete language is used in the wire protocol. You can deny humans access. You can apply defense in depth to a wire. No so much to a room full of humans.' you can do _on an air-gapped machine_.

What you have just proposed doing is to put the UI of the secure machine outside the secure machine, and locking down interactions between it and the secure machine...which is fine, but there's no reason you can't put that UI _inside the air gap_. And in fact that makes much more sense.

You, uh, just need two of them in the room. One that people can physically access, and one, locked behind bars, that they cannot, connected via a wire, with an air-gap between that system and the outside world.

This is a bit of an overkill, though. If you are worried about the people who access the air-gapped computer being a weak link, in actuality you _build the UI with security_ (Just like your hypothetical wire protocol, but much easier.) and then don't let them physically access the CPU or disks. (I recommend a external CD-RW drive.)

And you 'analyze' what they do by simply recording the screen and keyboard. Which you can do by either unidirectional wiring or by literally recording it with a camera. Or having watchers.

Or, alternately, if you want, you can do it like I said and just put a UI computer in the air-gap room also. You can even render the UI computer fairly difficult to hijack by building it solely out of read-only storage. It would be the perfect place for some sort of dumb terminal that is just running a web browser connected to the actual secure machine, which is locked up inside a box inside the air-gap and none of the users can get to it.

Comment: Re: Some Technical Details. (Score 1) 107

by DavidTC (#45523367) Attached to: Researchers Build Covert Acoustical Mesh Networks In Air

Now I'm imagining someone trying transmit a Skype conversation over the air-gap via audio. Or just the audio, at least.

It seems extremely silly, but then I started thinking about a hypothetical audio bug that literally just relayed the audio _as_ encoded audio...but in a way that was easier to hear through walls and windows and stuff. Like pumping it at higher volume, but at frequencies we couldn't hear. Or doing it much slower (Presumably with some sort of voice activation so it would only record 8 hours of audio a day, or whatever, and could take 24 to play it back.) which would allow more error correction.

Everyone always talks about the high-than-human audio frequencies, but I wonder...if you encode it tight enough, and can transmit audio 24/7 and it's not recording that much, could you possibly transmit it on _lower_ frequencies?

Of course, no one actually knows if this is workable but the CIA.

But transmitting data is easy if you can get someone inside where the data is. For example, I once had a weird idea for an bug that pretended to be CFL bulb, but it would slightly modulate the light frequency in response to audio. I think intelligence services have actually done that sort of thing before, but it was amplitude modulation whereas I'm talking about frequency modulation.

Comment: Re:Air Gaps are Evil (Score 1) 107

by DavidTC (#45523281) Attached to: Researchers Build Covert Acoustical Mesh Networks In Air

Do you even have the slightest idea how key signing works?

People sign keys on their own computer. Because you signs someone's _public_ key (Which of course you is freely available over the internet, although obviously you should confirm it is their key before signing it.) with your _private_ key.

There's no reason for _anyone_ to access anyone else's computer while signing keys.

But none of that has anything to do with air-gapped computers, which have exactly no role to play in this. Why? Because people do not take air-gapped computers places and leave them unattended. Hell, they probably don't ever take them places, period. That entire concept is perhaps the ultimate in absurdity.

I know it allows you to feel extremely smug imagining some sort of universe where some other smug idiots take air-gapped computers and set them up and _leave them unattended_ while running around handing out keys at a key signing party, and now you're smarter than them.

However, I am sad to say, you have literally just invented those people out of thin air.

There probably are people who have their PGP private keys on some air-gapped computer...and that air-gapped computer is almost certainly stashed in a safe at their house and otherwise never out of their sight. When they sign a key, they get handed it on CD or USB, and it's carried home with them, signed, and carried back out.(1)

Those people are key signing parties? _Those_ people are not air-gapped, and 99% of the time they're downloading everyone's key off the internet and everyone's just wandering by and confirming their hash.

1) Now, they do have to get the key from somewhere, which I guess in theory introduces some sort of security issue in that they are accessing something externally...but if their computer is so insecure as to be exploitable via inserted CD or USB than their computer is probably already hacked, and it's hard to imagine how that is a security issue while transferring things around a random network is not. You actually can confirm a USB device is legit. (Granted, there are firmware hacks and other fake USB things...but that's why you find some old random flash drive somewhere and use _that_ to actually transfer the files in and out. Or just get a DVD-RW.)

Comment: Re:End of November (Score 1) 250

by DavidTC (#45260417) Attached to: Jeffrey Zients Appointed To Fix Healthcare.gov

Only true of the government offerings. You can sign up for private health insurance anytime you damn well please. And none of them can turn you down.

Firstly, there are no 'government offering'. Everything on the exchange is private insurance.

Secondly, none of them can turn me down because of the ACA's preexisting condition ban. You know, the ACA, the thing you just hoped would fail.

The important part of ACA is the mandate and the ban on preexisting conditions. The only thing that can possibly cause the ACA to collapse is if the mandate doesn't work and health people choose not to sign up for insurance. Which would cause the ban on preexisting conditions to threaten to destroy insurance companies, as people would only sign up when sick.

The idea that you think 'none of them can turn me down' but you 'hope they don't vote for any extensions and let this thing collapse and fail under its own weight.' show you really have very little idea of what's going. The fact that none of them can turn me down is exactly what could cause this thing to collapse under its own weight, as it tries to insure only unhealthy people. So if it does collapse, I sure as fuck won't continue to be allowed to sign up!

The exchanges are basically a non-important part of the ACA. Every single aspect of it could have been the same without them. The exchanges are just to provide an easy place to purchase insurance, because insurance companies never bothered to set up any sort of place for people to shop before. (Because they did not particularly want individual customers.) And it provides an easy way for the government to verify subsidies.

Comment: Re:This will only fix the shiny object (Score 1) 250

by DavidTC (#45260253) Attached to: Jeffrey Zients Appointed To Fix Healthcare.gov

You can fiddle with the numbers some, but as long as the truly big cities vote more strongly Dem then vast amounts of GOP real estate vote GOP the GOP is gonna have an edge in House districts.

No. What you're saying was true, in the past.

However, at this point, Democrats are so far ahead it wouldn't actually give the GOP enough of an edge to retain the majority. 'Rural' counties have cities also, and right now cities are being chopped up..by Republicans. They draw a vast rural area, and then a single tiny line into the city to 'eat up' some of the city's Democrats...and do that over and over.

If the districts were actually as compact as possible, following pre-existing political boundaries as much as possible, than the GOP would, indeed, have a slight bias towards them (Both from urban vs. rural and from the fact each state has at least one Representative)...but they'd still lose their majority.

In mid-January if we don't have 7-8 million people signed up on the exchange ObamaCare could look like a total disaster. The GOP could look like saviors for a) getting that annoying website news off our damn screens and b) having a potential solution to the website problem. Moreover in January if the problems aren't fixed Manchin/Landriue/etc. will be under intense pressure to throw Obama under the bus. The GOP will need six Dems to force Obama to veto a plan that solves the debt/budget problems while gutting ObamaCare, and under those circumstances they could get it. Especially if they do a brilliant thing and include some bribes like immigration reform.

ROTFL.

Sure, the 2007 Republicans could do that, no problem.

In 2013? Fuck no. That would be compromise and compromise is, I believe, actually unconstitutional at this point, according to the Republican base. I'm pretty certain just speaking to Democrats can be considered treason.

In mid-January if we don't have 7-8 million people signed up on the exchange ObamaCare could look like a total disaster.

A lot of the 'failure of people to sign up' has been completely exaggerate by the simple fact that insurance companies don't count people as 'enrolled' until people have already paid. And, of course, no one is going to pay now for health insurance they don't get until January. They're going to pay for it a few days before the deadline to get insurance by Jan 1, which is December 15th.

This why 'enrollment is in the single digits' and nonsense like that.

And, on top of that, low enrollment is only a disaster if the people who don't sign up are the healthy people. Interestingly, young people are a higher percentage of early signups than predicted. If only 1 million people sign up, but half of them are young health people, I'm sure the right will try to paint that as a failure, but they're going to do that regardless. It sure as hell won't be a failure in any objective sense, as it will drive rates down.

And, uh, 7-8 million is too high in the first place. There were only 50 million uninsured, and a large portion of those are supposed to be covered (But won't in many states) by the Medicaid expansion, and another few million by their employers. And 11 million are undocumented, who deliberately aren't covered.

There are only about 25 million who are supposed to be covered by the health care exchange, and assuming that a full third of them will already have signed up for insurance by the first day it's provided is a bit silly.

Comment: Re:End of November (Score 1) 250

by DavidTC (#45249137) Attached to: Jeffrey Zients Appointed To Fix Healthcare.gov

The pain it causes will reflect on what a true piece of crap the Obama administration has foisted upon the US, and hopefully, that will be reflected in the next election cycle.

Yes, that piece of crap that will allow me, for the first time in my life, to actually purchase insurance.

That's what I'd do if I didn't have insurance.

Only you deserve to have insurance, apparently.

I don't think the penalties at this point, are worse than paying for the insuranceâ¦so, it would make sense to anyone that does the numbers for themselves, and for many, that is EXACTLY what is going to be the best for them expense-wise.

Which is, uh, why you can't do that. You can only sign up from January to March. (Well, you can sign up early, but you only get insurance Jan 1.)

1 + 1 = 3, for large values of 1.

Working...