Forgot your password?

Comment: Evil TOR Conspiracy or OverConservative Lawyers? (Score 2) 50

Given what the actual authors of TOR have said about their system over the years, the likelihood that the talk was cancelled because they've suddenly become evil (or have suddenly revealed that they've been evil all along!) vs. the likelihood that it was cancelled because the lawyers at CMU were being overly conservative and paranoid, I'll go for the latter explanation. There are projects for which that wouldn't be the case.

TOR has its limitations and weaknesses, and the developers have always tried to be upfront and public about them, both for the threat model / design and for the code itself.

Comment: Cowpox is where "vaccine" comes from. (Score 1) 186

No, we wouldn't need our own live smallpox to construct a vaccine against a weaponized smallpox. The original vaccine was made from cowpox, and eventually the closely related vaccinia disease, and was much safer than smallpox-based inoculation which was the other prevention available at the time.

The only reason to keep the stuff around is to attack the Russians in case they attack us with their smallpox, and we can be better people than that. Time to destroy it, and convince Putin to destroy his stockpiles also.

Comment: Terrorist missiles/bombs killed 600 Israelis (Score 0) 427

by billstewart (#47511315) Attached to: MIT's Ted Postol Presents More Evidence On Iron Dome Failures

If you look at the program in its entirety, terrorist rockets, missiles, and bombs have killed about 600 Israeli citizens in the last few weeks. 2 of those citizens were Jews killed by Hamas rockets. The rest of the Israeli citizens were Palestinians, primarily civilians in Gaza, and Iron Dome did nothing to stop them. It may have stopped some of Hamas's incompetent rocket attacks, but it didn't protect Israeli civilians from the militant Army's better equipment.

Comment: Re:The machine I let "Microsoft Repair" hack (Score 1) 125

by billstewart (#47511205) Attached to: FTC To Trap Robocallers With Open Source Software

It was too long ago, and I didn't save them. I think one was named something like "Login123". Basically all of their "repair" tools were remote login tools, probably run by entirely different companies that they were just customers of, and they'd load the actual attacks after they got in.


Experiment Shows People Exposed To East German Socialism Cheat More 594

Posted by Unknown Lamer
from the roll-high-or-be-sent-to-siberia dept.
An anonymous reader writes The Economist reports, "'UNDER capitalism', ran the old Soviet-era joke, 'man exploits man. Under communism it is just the opposite.' In fact new research suggests that the Soviet system inspired not just sarcasm but cheating too: in East Germany, at least, communism appears to have inculcated moral laxity. Lars Hornuf of the University of Munich and Dan Ariely, Ximena García-Rada and Heather Mann of Duke University ran an experiment last year to test Germans' willingness to lie for personal gain. Some 250 Berliners were randomly selected to take part in a game where they could win up to €6 ($8). ... The authors found that, on average, those who had East German roots cheated twice as much as those who had grown up in West Germany under capitalism. They also looked at how much time people had spent in East Germany before the fall of the Berlin Wall. The longer the participants had been exposed to socialism, the greater the likelihood that they would claim improbable numbers ... when it comes to ethics, a capitalist upbringing appears to trump a socialist one."

Comment: Re:Yes, they're separate (Score 1) 214

by billstewart (#47492837) Attached to: Cosmologists Show Negative Mass Could Exist In Our Universe

Yup - Dark matter is simply stuff we haven't seen yet. It might be tiny particles of types we don't understand, it might be supermassive black holes, it might be lots of small black holes, it might be lots of free-floating planets not around stars, or Jupiter-sized gas planets that weren't big enough to ignite into stars, it might be little rocks, it might be accounting errors. It might be weird stuff, it might be non-weird stuff. There's enough of whatever it is to have enough mass that galaxies act differently that we'd expect from the amount of matter we can see (i.e. mostly stars.)

Dark energy is a lot weirder. It's not defined as just the energy form of dark-matter-on particles, it's a different problem.

Comment: Honeypot Credit Card Numbers (Score 1) 125

by billstewart (#47492759) Attached to: FTC To Trap Robocallers With Open Source Software

Tracing the phone calls hasn't worked very well, but the way to go is to follow the money. Flooding them with honeypot credit card numbers would generate a trail that might be followable (e.g. have an FTC web page that'll generate a credit card number and billing name/address, and have Visa track the merchant information for anybody trying to process a charge against those numbers; the risk is that you have to make sure those numbers don't get used for fraud, even if they're set up to always reject charges.)

I don't know how much information the scammers try to get, such as SSNs; generating fake ones of those has its own risks, though it's always fun to give them 078-05-1120 or Richard Nixon's SSN 567-68-0515. It turns out there is a publicly available official list of SSNs of dead people, which is intended to detect people using invalid SSNs, but it's possible that Rachel's gang doesn't bother filtering on it, considering that they don't filter on phone numbers of people who've told them not to call back.

Comment: Re:She's baaaaaack (Score 1) 125

by billstewart (#47492731) Attached to: FTC To Trap Robocallers With Open Source Software

They really did go away for a while, or at least slow down a lot, when one of the big "Rachel from Cardholder Services" gangs got busted and shut down. But it's such an easily replicable scam, and probably multiple sets of it are being run independently. I'm pretty sure the call center end is independent contractors or else shady call-centers (I know some are in Canada, and I suspect some are run by prison-labor call centers and some are in the Caribbean.)

Comment: Why Whitelisting Fails (Score 1) 125

by billstewart (#47492725) Attached to: FTC To Trap Robocallers With Open Source Software

First of all, Caller ID is trivially easy to fake, and the scammers all do it. For now, most of them pick random or fake numbers to avoid getting blacklisted, but if whitelists were common, they'd start forging real numbers to get through.

But many people (ok, me, at least) get lots of calls from numbers I don't recognize, and robocalls that I want that might not come from the number I recognize for somebody. Most of the robocalls are the pharmacy saying I've got something to pick up, or the dentist's office with a reminder about an appointment, or that kind of thing, and the calls from humans might be from some doctor my wife is going to or some business we were trying to reach that has different numbers for outgoing calls than incoming (like the painter calling from his cellphone instead of his office, or a big business calling from their call center or local office instead of their toll-free number.)

And yes, I could just let the answering machine pick up, and you can too. Some of the robocallers' robots do a better job of dealing with that than others.

Comment: Re:The machine I let "Microsoft Repair" hack (Score 2) 125

by billstewart (#47492707) Attached to: FTC To Trap Robocallers With Open Source Software

It's a virtual machine. Running Linux. Firefox instead of Internet Exploder (Sorry, it's a work machine, the IT department installs Firefox instead of IE.) With NoScript and AdBlockPlus. Amazing how much stuff just "didn't work" when I tried it - I'd go to their web pages, and I'd hit the Download button and nothing would happen, or I'd run the installer and it wouldn't work. (I wanted to see all the different things they were trying - most of them were different Remote Login or Remote Execution programs that would have let him log into my machine and then do his real attacks.)

After about half an hour the guy realized I was faking him out, and we had another entertaining half hour while he tried to convince me that what he was doing really was a legitimate kind of business, and after that his boss came on and spent five or ten minutes yelling at me for wasting his employee's time.

Comment: Re:competitors to Comcast for data services. (Score 1) 125

by billstewart (#47492683) Attached to: FTC To Trap Robocallers With Open Source Software

At least in most states, DSL service from the main telco can not only carry telco-provided ISP services, but also competitive ISPs, such as Sonic and Speakeasy and whatever Megapath and Covad are called these days. The competitors tend to cost a bit more, but also offer things like static IP addresses at more reasonable prices, and usually don't have usage caps or "no servers at home" policies. They may be renting just the wire from the telco, or maybe the wire and the DSLAM, and usually also some regional distribution network, but it's usually their own email and web servers and upstream bandwidth.

My experience with is that about every 5 years, something goes wrong that takes a day or two to fix, either a telco problem in a box down the street, or my DSL modem getting too old and dying. So I call them up by phone or send them email from work or Starbucks, and get a quick response back from somebody who can diagnose the problem but may need to call the telco to actually fix.

Fiber-based telco services don't have to share with competitors, unlike copper, and I'm not sure if AT&T U-Verse gets resold or not. But copper DSL is definitely not just the local monopoly.

Comment: Didn't work for me (Score 1) 125

by billstewart (#47492645) Attached to: FTC To Trap Robocallers With Open Source Software

I work from home most days, and Rachel and her robot army usually call a couple of times a day. I've tried anything from stringing them along to yelling at them for being criminals to putting the phone down, and they still call back. (The one serious thing I haven't tried is the combination of reorder tone and a "The number you are calling has been disconnected" announcement, which I should just have as a handy .wav to play at them.)

I wonder where they get their labor - some of it sounds like Canadian or Caribbean call centers, but there are a lot of US prisons, including the for-profit ones, that run call centers as something more lucrative to have prisoners doing than farm work or making license plates. Given how they're wasting their workers' time almost as badly as the people they call, it must be really cheap.

Comment: Re:Really? (Score 1) 125

by billstewart (#47492625) Attached to: FTC To Trap Robocallers With Open Source Software

I don't do that to them, though I have occasionally called them a bunch of names (besides crook and scammer.) Sometimes I'll ask how their family feels about them being criminals, or how they feel about working for criminals, or asking why I should trust them with my information now when they've a bunch of lying crooks, or I'll tell them "just a sec" and put the phone down.

Lately I've been telling them that the last time they called, I got cut off, and asking what notes they have on their computer screen from the last time they called. Some of them hang up right away, but the one yesterday said she doesn't have a computer, she just takes my information on paper.

What a cheapass bunch of scammers! Back when I designed PBXs and call center equipment, the main costs changed from telecom charges (early 80s) to labor (90s), but even now, when phone call minutes are basically free, and exploitable workers are pretty cheap, it still seems hopelessly inefficient not to give them good information so you can maximize the money they scam from customers and minimize the labor it takes to call your victims, probably even if you're also ripping off the call center workers by having them work from home on "commission".

The confusion of a staff member is measured by the length of his memos. -- New York Times, Jan. 20, 1981