Forgot your password?

Comment: Re:Another liberal activist judge (Score 1) 144

So the end justifies the means?

I guess then we may assume you'd be in favor of weekly raids of your house (and everyone else's)? That should pretty much ensure we can eliminate any and all drug cooking and growing happening nationwide.

The end justifies the means, after all.

Comment: Re:Problem? (Score 1) 144

So I guess the whole security theater that sprung up after 9/11 is ok? If it only saved the life and virtue of even one....

Child porn, terrorism, or in earlier days communism. I can only hope that one day we'll have some Welch again asking "At long last, have you left no sense of decency?"

Comment: Re:When the cat's absent, the mice rejoice (Score 4, Insightful) 144

Disagreeing with one crime is no excuse for agreeing with another.

Yes, I do expect law enforcement to act within the law. For the very simple reason that if there's some way to rubber stamp a way around it with "serves to protect against child porn/terrorism/organized crime/money laundering/choose the horrible crime of the month", whenever it is convenient, any kind of check that serves to protect you from your law enforcement invading your privacy can as well be abolished. A law that only exists as long as the one limited by its existence allows it to be, if it can be ignored at will by the entity subject to it, is void by definition.

Comment: Saw it at the Smithsonian a few years ago (Score 5, Informative) 72

by dpilot (#47901817) Attached to: Original 11' <em>Star Trek Enterprise</em> Model Being Restored Again

We took the family to DC for a vacation, and of course one of the things I had to see was Smithsonian Air and Space. I didn't know that the original Enterprise model was there, and was surprised to see it on the lower floor.

The next surprise was that the model was never finished. One side had all of the lights, striping, and everything. The other side had a little striping, and was otherwise pretty much blank. I remembered reading that in one of those books, and how all shots were of the finished side, or mirrored in post-processing.

Comment: Re:No, no. Let's not go there. Please. (Score 4, Interesting) 684

by nine-times (#47899683) Attached to: Why Atheists Need Captain Kirk

I think part of what you're pointing out is that atheism is not a belief system, and so people shouldn't expect atheists to all think the same way or believe the same things.

However, it's a nice little piece of irony that, since people who claim to be "atheists" can believe different things, they can also disagree on what it means to be an atheist. I've talked to quite a few people who identify themselves as atheists, for whom it does seem to be a belief system. For them, being an atheist includes a deep respect for science, a belief in empiricism, a responsibility to proselytize. It's not uncommon for there to be a rejection of morality outside of utilitarianism. There's usually a general belief that there's nothing to this world beyond physics, the math behind the physics, and the application of physics to build up the physical world around us. There's often an associated desire to find awe and reverence in science and physics, and to treat that as a sort of pseudo-spirituality, while talking about how stupid religion is.

I find whenever you start talking about atheism, you actually end up with a fair amount of disagreement from all sides about what atheism actually is. You're confidently saying one thing, and someone else will say something else with just as much confidence. It's pretty much impossible to have a meaningful conversation unless we can agree on our terms somehow.

Comment: Re:Not true. (Score 1) 85

by nine-times (#47888683) Attached to: Mining iPhones and iCloud For Data With Forensic Tools

Of you know the user's account name and password it can log in to their iCloud account

And then you're pretty much screwed right there, regardless.

A fake WiFi spot can probably gather at least the user name in plain text

I wouldn't bet on that. Apple should be passing credentials over SSL. However, given that the username is the same as your email address, it's not impossible for people to find that out.

Apple allowed infinite rapid guesses of the password

Well.... no. They allowed an indefinite number of guesses, or an unlimited number of guesses, but not an infinite number of guesses. It may seem like I'm just being picky with word choice, but it they allowed an infinite number of guesses (somehow) then all of their accounts would be compromised. By allowing an unlimited number of guesses, they only open the door for a given account to be compromised after some kind of investment of time. The investment of time required depends on the quality of the password.

So if your password is extremely weak, then it might possibly get compromised by a general attack-- trying known user accounts with a small dictionary of passwords. If your password is pretty weak, then it might be compromised by a targeted attack on your specific account. If your password is extremely strong, then a brute force attack is unfeasible.

Comment: Re:No no no... (Score 1) 85

by nine-times (#47883725) Attached to: Mining iPhones and iCloud For Data With Forensic Tools

As I understand it (and I may be wrong), the accounts were accessed by abusing the "forgot my password" service.

I hadn't heard this exactly, but Apple's public statement did include a mention of security questions. Their statement was pretty vague. They say that there was "a very targeted attack on user names, passwords and security questions".

Still, that's not really an exploit of iCloud's service. If they chose security questions that someone could find the answer to, I wouldn't consider that an iCloud exploit. I do think that the use of security questions should be reevaluated, but they're a pretty standard practice these days. Even if someone forces a reset of your password, under normal circumstances you should notice that the password has changed the next time you log in.

Comment: Re:Eat real foods, mostly veg, not too much (Score 1) 288

by nine-times (#47883245) Attached to: Link Between Salt and High Blood Pressure 'Overstated'

Part of the problem is that these things are being reported badly by the press. A study shows some minor correlation between coffee drinkers and... let's say... people who suffer from heart disease. The news the next day is, "Coffee causes heart attacks".

Another part of the problem is, for a while, we apparently didn't even bother to study things scientifically. Research would show a correlation between being overweight and heart disease, and that was pretty valid. But then the assumption was made: If you want less fat on your body, you should have less fat in your diet. Since you have to eat something, replace meat with bread. Since you want food to taste good, replace fat with sugar. Or replace fat with vegetable products, because vegetables are healthier than meat, right?

Except that we hadn't really studied that stuff. It turns out, the bread and sugar and transfats are probably worse than having some level of meat and fat in your diet.

Finally, the fact is that we have a hard time studying diet. It's rare that you see anything resembling a controlled study, and you certainly don't see controlled studies going over long periods of time. We can't just gather up a couple thousand random people and give them a highly controlled diet for 20 years to see how their bodies respond.

Comment: Re:Not true. (Score 2) 85

by nine-times (#47882469) Attached to: Mining iPhones and iCloud For Data With Forensic Tools

The article is about fake Wifi hotspots.

I don't think it was even that simple. I didn't read the article in detail because it seemed dumb, but the author seemed to be talking about spoofing a trusted destination for WiFi iPhone backups.

So if you set up your iPhone to sync over WiFi, and if you connect to a compromised WiFi network, and *if* that network has a machine that manages to spoof the computer that you sync your iPhone to, the iPhone will sync to that computer instead, which might sync sensitive information.

That's a very special set of conditions, and it's not clear how you would spoof the computer that's serving as a sync destination.

Comment: Re:No no no... (Score 4, Insightful) 85

by nine-times (#47882405) Attached to: Mining iPhones and iCloud For Data With Forensic Tools

I do think Apple was a bit disingenuous regarding the "bad passwords" used by celebrities, given the iBrute tool apparently was able to keep trying different passwords against Find My iPhone without any sort of delay - a shortcoming Apple apparently fixed a few days back.

First, I don't think that it's known that the accounts were compromised with iBrute. People made the connection because the leak happened shortly after iBrute was announced, but there have been many suggestions that the photos had been acquired months or years before that. That makes it pretty unlikely that the accounts were accessed using iBrute. And Apple seems to deny that the accounts were accessed by exploiting "Find My iPhone".

Second, their comment about "bad passwords" is valid regardless, and would be valid even if the passwords had been accessed through brute force attacks. Brute force attack mitigation is specifically helpful in protecting accounts with weak passwords. If your password is strong enough, a brute force attack should still take a prohibitively long time to succeed.

From what I've been reading, it seems most likely that only some of these photos came from compromised iCloud accounts, and those accounts were probably not compromised due to an exploit of iCloud's service. There was just a news story about 5 million Gmail passwords being leaked, but it doesn't seem that it was from a exploit of Google's services either. Most likely, they were all acquired by phishing, or other non-technical attacks.

"Oh dear, I think you'll find reality's on the blink again." -- Marvin The Paranoid Android