Forgot your password?
typodupeerror

+ - NSA's "QUANTUM" hack's IRC and HTTP-based criminal botnets.

Submitted by realized
realized (2472730) writes "From the article:

“Today QUANTUM packs a suite of attack tools, including both DNS injection (upgrading the man-on-the-side to a man-in-the-middle, allowing bogus certificates and similar routines to break SSL) and HTTP injection. That reasonable enough. But it also includes gadgets like a plug-in to inject into MySQL connections, allowing the NSA to quietly mess with the contents of a third-party’s database. (This also surprisingly suggests that unencrypted MySQL on the internet is common enough to attract NSA attention.)”"

+ - "Trusted" computing to contain key logger? 2 question at end.

Submitted by charliemerritt
charliemerritt (2437060) writes "As I hear more about "Mystery Meat" trusted computing being installed, undocumented, no schematics, CLOSED everything — well I do not come close to trusting a software OFF switch. There are not enough Open Source Paranoids to get Open Everything Motherboards, I guess at least not at a price most of us can afford. With all the stories about the NSA running a parallel fibre system leading to Ft George Mead, or Utah — with all major carriers corrupted with FISA "say nothing" orders... HOW could I trust a "Trusted" computer. What do they snoop? Where is it sent? Where is that forwarded? — Well that last question I know, "To contact the NSA, just pick up the phone and start talking". Can "Wire Shark" (and friends) block, or flag trusted computing information?

Good Grief, I built an Altair 8800 — in those days peripheral boards came as "you solder the chips in and save $50" and a template driver was included, so that you could write your own, better one. These drivers were super well documented with references to test points on the board. Yes clock speeds were around 1-2 MegHz, with "wait states" included for stability — technology has passed out of the garage.

Mother COBOL (Grace Hopper) handed out Nano Seconds (one foot strings) at the start of a speech. Nano Second = Clock Speed of 1 GigHz. A 2 Gig Mobo has two clock ticks alive at one time — not to mention distance between pins — FAR beyond a guy/gal with a soldering iron, hemostat and jeweller's loop. So we must TRUST the magicians and their 4 layer Mobos. — HOW do we do that?

A key logger would be pure simplicity,
I hear about NSA Ordering (via FISA) the
keys, seeds, salt, and keystrokes of clients.
(Oh BTW, key loggers in anything you import or build)
Keystrokes should never go further than your box, damn it!

Can we form a TRUSTED COMPUTER (from a customer POV) certification .org?
Can we get a software suite that monitors our modem connection automatically, with alerts? ...cm"

Comment: Re:This is why encryption isn't popular (Score 1) 399

by charliemerritt (#44530959) Attached to: Ask Slashdot: How Do I Request Someone To Send Me a Public Key?

I was one of three that wrote DEDICATE/32 6 years before PGP 1.0

It seems things are not one bit easier now than then.

We had all the glory in math, actually doing RSA within a year of the Scientific American article, on a 12 MEGA Hertz 8 bit micro.

I think the problem now is house keeping
Janitors need some glory too.
The tools are there, they just need to be glued together (yuk)
so, may I suggest the title of SECURITY PSYCHOLOGIST.

BTW: I was, at the time a 27 y/o HS Dropout. ...cm

+ - Rise of the Warrior Cop: How America's Police Forces Became Militarized

Submitted by FuzzNugget
FuzzNugget (2840687) writes "An awakening piece in the Wall Street Journal paints a grim picture of how America's police departments went from community officers walking the beat to full-on, militarized SWAT opterations breaking down the doors of non-violent offenders.

From the article: "In the 1970s, there were just a few hundred [raids] a year; by the early 1980s, there were some 3,000 a year. In 2005, there were approximately 50,000 raids." It goes on to detail examples of agressive, SWAT-style raids on non-violent offenders and how many have ended in unecessary deaths.

Last year, after a Utah man's home was raided for having 16 small mairijuana plants, nearly 300 bullets in total were fired (most of them by the police) in the ensuing gunfight, the homeowner believing he was a victim of a home invasion by criminals. The US miltary veteran later hanged himself in his jail cell while the prosecution sought the death sentence for the murder of one officer he believed to be an criminal assailant. In 2006, a man in Virgina was shot and killed after an undercover detective overheard the man discussing bets on college football games with buddies in a bar. The 38-year-old optomitrist had no criminal record and no history of violence.

The reports range from incredulous to outrageous; from the raid on the Gibson guitar factory for violation of conservational law, to the infiltration of a bar where underage youth were believed to be drinking, to the Tibeten monks were apprehended by police in full SWAT gear for overstaying their visas on a peace mission. Then there's the one about the woman who was subject to a raid for failing to pay her student loan bills.

It's a small wonder why few respect police anymore. SWAT-style raids aren't just for defense against similarly-armed criminals anymore, it's now a standard ops intimidation tactic. How much bloodshed will it take for America to realize such a disproportionate response is unwarranted and disasterous?"

Comment: Re:Idiots (Score 1) 433

I live in Costa Rica, really MORE than 3rd world. The Biggest Video Rental chain in the Central Valley (3/4 of population) rents out ONLY copied DVDs. I (long time ago) wanted to test de-css and could not, all "targets" were "in the clear". Funny thing, I have copied some of the rented movies for time shifting, (I won't eat disk space for movies). EVERY SINGLE DVD has the name of the rental place, and sometimes the name of a technician. SONY etc HAS to know this, this chain is HUGE! "Block Buster.cr" There are street corners in the city I shop in (part of metroplex) where DVDs are sold for 1,000 Colones ($US2). EVERYBODY that watches DVDs knows this - including SONY. I rent movies for a week (2X1 on Wednesdays) and the only objection is that they don't do a great job of printing the labels. Small print blurs. The rental chain - very high class, my customer name is in the computer and they know my face, so no ID, no muss, no fuss, forget to return and they call you. They "reserve" movies they think fit my profile for Wednesdays. AND remember their name, and phones are in the first few bytes of the CD - talk about an easy bust! These are high quality copies with all the features, sub titles on/off, languages, trailers, and NO FBI warning. AND STILL, long lines at the theatres, often sold out - for movies that have been for rent weeks before the "Official Opening" in CR. You see - the rented ones don't come with a girl to sit next to. Just my $0.02 ...cm

Comment: FREE and OPEN and FREE (Score 1) 577

by charliemerritt (#39861619) Attached to: Oracle and the End of Programming As We Know It
What more do you need? (I know, my contributions [lately] have been minimal) Stick to free Beer and Speech - as tangle footed as we have become, it will be an extraction as major as Linux itself. But find something to swear on, and from now on, it is free, or I don't do it. Yeah, difficult. Say Ohhhhm with rms as often as needed. Oh yea, most "free" programmers work at ACME Software Products - gotta feed the kid. But can't you convince the Boss that staying away from lawsuit encumbered software (LSE-tm) will be good for ACME SP, inc? --By a guy *OLDER* than rms ...cm

Comment: Who should be a raider? (Score 1) 1

by charliemerritt (#39124945) Attached to: Physicists raid Tevatron for parts

I hope they open this up to scientists that worked there for first pickings - then High School science classes (teachers and nerds). Then public. There should be a law, or at least a contract, to prevent re-sale of anything. I DO NOT want to see "Cheap Charlie's Parts" getting a million dollars worth for resale at 4-5 million. ...cm

Comment: Re:Raspberry Pi (Score 1) 439

by charliemerritt (#38548376) Attached to: Doctorow: the Coming War On General-Purpose Computing

The fact is that with a super computer on your desktop, and the programing languages, compilers, and education - something that hundreds of thousands, if not millions of Americans have now - "Big Content" (Warner, Sony, Disney...) can not block content from you and still keep the blocking simple enough to work on any old consumer gadget. So, in order to block you from "illegally" seeing a cartoon, "THE SYSTEM" is willing to dumb down society. Yea - I'm starting to understand this "Occupy xxx" movement. Mickey Mouse is willing to keep me from studying math, or astronomy, or population statistics - ON MY OWN, in MY way - so that he can protect his billion Dollar year end bonus. EVIL.

They don't want to enforce laws, bust people that steal intellectual property. No, if you want to use a Taliban analogy: Cut the hands off everyone and we won't have thieves.

Unfortunately, "I" can't really make my own computer - "I" soldered an Altair, but without Intel's chip - nothing. So if "Big Content" makes a deal with "Big Chip" - the party is over. Most folks will be happy getting on FaceBook using their i-pad, even think they are "computing" - but they are NOT.

Keep your books on your Kindle, where Amazon has ALREADY taken books back (once, I think). Why take up all that room for a bookshelf?

Keep your data on their cloud. Where THEIR computers can study your journal, book collection, date book, letters. Their "cloud" will be used to generate content. Yes. You don't think the "FBI" wouldn't want to study all that personal data?
NOW I CAN use a real computer to totally encrypt what I put on their cloud.
Try THAT on an "i-dummy" that has been filled with epoxy to, ah, make it more reliable. ...cm

 

Comment: Re:Oh look, the pendulum. It swings back. (Score 1) 493

by charliemerritt (#38328954) Attached to: TSA Facing Death By a Thousand Cuts
I agree - it's all those video cameras. I predict two things: 1). Video cameras (functioning) will be made illegal. 2). OK, we give in - USING video to capture "sources and methods"... Well, gee, that has worked for other federal agencies - why not us in the TSA? Because they are "Thousands Sanding Around" They are NOT COPS. They are as far down the food chain as algae. They are not medical people. They are actors in the "Theatre of Security" - we are the props. Really - WE ARE THE SHAREHOLDERS and should get rid of whatever idiot created this theatre - and hired actors that do not have the medical training to poke around in places, that if *I* did it would get me free room and board at the State B&B. (I speak of congress-critters - we need a new bunch) In KCI I was run through the magnetometer 3 times - did I get wanded? NO! A huge idiot tells me I will be groped. My wife was distracted so she could not see what was going on - NOTE PEOPLE - tell your travel mates to video the testicle (breast) exam and tell anyone that gets in their way to MOVE. What was the problem? Snaps on suspenders! A fast wanding would have discovered this, but I got something just short of a prostate exam. [The TSA with the McJob asked me if I had "anything sensitive" in my genital area.] I told him "only the usual male anatomy". He offered to take me in the "Privacy Room" - I told him I preferred witnesses. That caused McFeel to inform me this was not a joking matter. (Who did this idiot think was joking?) My main witness [wife] was intentionally blocked visually and distracted. Don't let it happen to you! I DO think the "privacy room" is a good idea [Adult Diapers, Colostomy Bags - uhg don't want to think about it - BUT TAKE A WITNESS! This too, will pass - but we have to do it. Occupy the USA!!

Comment: Re:Ugh... (Score 2) 250

by charliemerritt (#38116760) Attached to: Amazon, Apple, Microsoft, and Google Chase 'Got Milk?' Patents
"I don't know who exactly, needs to step in and say "YOU DID NOT INVENT REMINDING PEOPLE TO DO STUFF!" " The USPTO (They are in charge of patents). But oh no, if you go to enough "schooling" you can get a license to be a professional lier (did I mean lawyer?). They like to talk of "professional ethics" - but they will use a mouse while writing a patent for a mouse - and the patent examiner will use a mouse while granting the patent. Then the little guy trying to sell a computer with a mouse can pay $5 each for use of "mouse" - or buy himself a better lawyer than (corporation with BIG bucks). I have a VERY OLD GPS that I have set up to beep every time I pass the grocery store, remembering eggs involves a phone call to wife ;-)

Comment: 5 Levels of ISP EVIL -- OPEN VPN (Score 1) 243

by charliemerritt (#37081680) Attached to: The Five Levels of ISP Evil
Anyone care to pay for a GOOD Open VPN? There are sneaky SOBs that offer free trials on pptp account (requires you run their binaries) (HA- HA-HA) and THEN there are openvpn accounts. They cost a little, and the good ones change your DNS - so your ISP has no IDEA what you are up to. You connect via IP number, and the rest is hidden - all of it. ...cm

* * * * * THIS TERMINAL IS IN USE * * * * *

Working...