Forgot your password?
typodupeerror

Comment: Re:Yes Google and FB are the ones to protect us? (Score 1) 111

by niftymitch (#47730697) Attached to: NSA Agents Leak Tor Bugs To Developers

I happen to know a highly skilled person working as a security analist. He says his main customer for 0days is the NSA.......

Golly someone connected directly to gwolf has now been outed.
Unless you are Kim Kardashian with 23 million followers a zero
level direct connection might well be an individual name.

Further with 23 million followers for Kim; 600,000 for Robert Scoble;
83,000 for /. ; 42 million for B. Obama.... we are all connected within three
or so degrees of K Bacon

Comment: Re:Yes Google and FB are the ones to protect us? (Score 1) 111

by niftymitch (#47730611) Attached to: NSA Agents Leak Tor Bugs To Developers

He suggests a massive company like Google or Facebook will eventually have to take up the task of making Tor scale up to millions of users.

If one of those guys gets their hands on it you can forget about using it to hide anything from the government.

"Here's some bugs we've fixed for you guys. Trust us."

Oh yeah, because the current debug team we can trust so much...

There are two parts..
      * Here is the bug.
      * Here is a bug fix.

The first has a lot of value in an open source community.
The second if taken with blind faith is a potential disaster.

As a pair the time window for attack can be reduced.

Gifts from the NSA are an interesting thing... Some might be triggered
because they have evidence that others have knowledge of the
flaw and are exploiting it. As the need for human intelligence
grows the need for secure communication increases from individuals
(assets) far afield. In that regard bug disclosures would be self
serving but still be quality fixes the Tor community needs.

One important point to me in terms of global security is that
"actions speak louder than words" and if the TLAs like the NSA
pay attention to global bad actors things might find clarity in contrast
to the thought police reaching out four+ degrees of connectivity
for co-conspirators (almost the entire world today)

Speaking about bad actors... our news media outlets seem to
have abandoned all attempts at quality, completeness and
truth. The web does not have time editorial limitations the way
airtime programming does and unedited content should be available.
It is not obvious how one might edit out the payment for cigars
unless the shop is a source of illegal Cubans for the local big
wigs...

Decades ago news broadcast (Walter Cronkite time frame) news
was a mandate and effectively a cost center not a profit center.
This has gone to stink with the advent of cable and broadcast
outside of the airwaves. But if the FCC can get in the middle
of net neutrality these magazine format sensation and headline
grabbing outlets could find their finances and marketing vastly different.

Comment: Python in 1968 (Score 1) 2

by niftymitch (#47721897) Attached to: What You Wish You'd Known Starting Out As A Programmer

I wish I knew about Python, FORTH and Haskell in 1968
when FORTAN, Snowball, Lisp... were the dominant choices.

Implied in this is the dream that students then had access to
tools like a Raspberry Pi and all that implies.

Why... well I am excited by the future and would like to push the
clock ahead 40+ years both hardware and software. I do find the
use of JavaScript to be a step backwards and sadly a bit of the
path of least resistance.

Comment: Well sure... (Score 1) 572

by niftymitch (#47705613) Attached to: Munich Reverses Course, May Ditch Linux For Microsoft

Well sure -- I do not know but would assert() that MS gave them a major
sales effort. Full court press perhaps with promises and discounts.

Linux is not free. It does take work and is not monolithic.
The biggest gap is one that customers of Munich must bridge
in terms of document tools, multimedia tools, codecs and
even Adobe Flash tools and development.

Having said this it is clear from the most recent blue screen
of death Tuesday updates that any critical business could find
themselves in a monster tangle with a botched patch, an aggressive
zero day attack and any number of other risks. All of which would
be worse if there was only one OS in the house.

Some might recall the old IBM executive directive that overhead
slide presentations be prepared ONLY with a typewriter and only
in black and white. The flood of artistic efforts and costs to contrive
fancier more marketing rich eye catching song and dance presentations
and production company tail wagging the dog expense was diverting
and distracting from the ability to communicate content.

Decades ago at Silicon Graphics there was a move over MAC program
to focus the company and eat your own cooking in the decision making
levels of the company. If an SGI executive could not communicate with
other parts of SGI with ONLY SGI tools customers would have the same
problem and no mater how worthy the hardware could not get the job done.

The important lesson for the world and especially the US to understand
is monoculture is a big risk as any that have looked into the Dutch Elm
disease that killed more trees than Xerox (perhaps an exaggeration).
The attack surface for computers and digital infrastructure and data should
not be in the hands of one company or one QA, or one release test group.

There are a couple of ways to divide and identify the issues and needs.
There are a lot of smart people on /. and we could make some positive
comments --- but hey this is /.

   

Comment: And they could add stuff... (Score 1) 158

And interesting specific yet easy to detect substances
could be added to money to make it easy to track from
one place to another. Each of the 12 reserve banks could
use a unique easy to detect substance....

One step beyond serial number records... and one step
beyond ultraviolet and edge stack marks.

Comment: Re: Well at least they saved the children! (Score 1) 790

by niftymitch (#47611835) Attached to: Google Spots Explicit Images of a Child In Man's Email, Tips Off Police

Replace "Child Porn" with "Subversive Material" and suddenly it doesn't see like such a good thing, does it?

Or, for you folks who like to "share", copyrighted movies, music, etc.

Or replace with any financial instrument bought and sold.

Remember Martha was locked up over a lost post-it note
that implied that the sale/purchase of such and such a stock
was likely profitable...

Given the interconnectivity of the modern world the vast majority
of the technical community are connected to individuals that know
or MIGHT have access to sensitive financial information.

Any recruiter or resume system that sees a bump in traffic from XYZtech
might assume trouble as the rats flee the ship. They do not even
have to mine it... it is visible.

Social issues, financial, sexual (legal), religious, emotional, medical.....
can be fabricated from real and fabricated content....

Comment: Re:Well at least they saved the children! (Score 1) 790

by niftymitch (#47611805) Attached to: Google Spots Explicit Images of a Child In Man's Email, Tips Off Police

There is some trouble lurking here:
"The Electronic Communications Privacy Act (ECPA) [18 U.S.C. Sections 2510-2521, 2701-2710], which was signed into law in 1986, amended the Federal Wiretap Act to account for the increasing amount of communications and data transferred and stored on computer systems. The ECPA protects against the unlawful interceptions of any wire communications--whether it's telephone or cell phone conversations, voicemail, email, and other data sent over the wires. The ECPA also includes protections for messages that are stored--email messages that are archived on servers, for instance. Now, under the law, unauthorized access to computer messages, whether in transit or in storage, is a federal crime." http://www.pbs.org/wgbh/pages/...

It is not clear to me that Google has the legal right to look into email beyond the notion of
presenting marketing content that lines up with a user profile and perhaps a blind data
base match against market content and marketing profiles.

Since CP is illegal no profile or other marketing activity can be sold or participated with
by Google. To me nothing in any market driven activity can generate a CP profile
and match.... the implication is that someone was buying or selling Google services
to engage in CP.

It is possible that an image was discovered and a federal warrant caused Google to
search for a match against a very specific image. The sharing of such images outside
of law enforcement may itself be illegal especially if a service to discover such an image
if Google was paid to search for it.

It is possible that an image transfer to a different suspect or legal honey pot
was detected but that should trigger a search warrant.

As others have pointed out anything seen and disliked or disliked and searched
for but not illegal could trigger a witch hunt. I know individuals that have a
visceral dislike for: Rush Limbaugh, CNN, FoX, Kate Gosselin, Jodi Arias,
Joe Arpaio and some would have inclinations to make accusations if they
thought they could get away with it.

The good thing at this moment is that I do not know enough about this
in any detail so others will have to dig into the reality.

Comment: Re:ROI for drug development (Score 2) 390

by niftymitch (#47603753) Attached to: "Secret Serum" Used To Treat Americans With Ebola

Given that Ebola is currently confined to Africa, and that a relatively small number of people have caught it (less than 4000)...and these outbreaks seem to only come along once every 20 years, where was the incentive for the drug company to create this drug? Was it good timing that it has something ready to go just now.

Will each dose be prohibitively expensive to administer in Africa, or it remains to be seen if WHO will foot the bill to the tune of 10's of millions $$.

Not once in 20. Every two years... en.wikipedia.org/wiki/List_of_Ebola_outbreaks
Yes the number of inflicted individuals is too small \ to trigger major financial investment.
Yes the inflicted individuals are mostly too poor to trigger major financial investment!
Yes global risk is so large most research is department of defense funded.

This is so serious and so bad a global risk I dislike thinking about it except that
the world needs to pay attention. Today the context for disease is big $$ pharma
and big $$ agriculture. This has risks so large none with $$ want to touch it
outside of some rarified well funded well secured facilities (a good thing IMO).

Comment: Re: Funny (Score 1) 135

by niftymitch (#47603431) Attached to: Cell Phone Unlocking Is Legal -- For Now

Consider how the EPA has extended its mandate to include the CO2 that you exhale and incur simply by eating and making a living and soon will be carbon taxing you... too. [...] Some historic "solutions" came to light January 27, 1945...

That's cute. But parody is better when it's not so exaggerated. Even the US right wing aren't stupid enough, insane enough, to go around saying that the EPA is going to tax breathing, nor invoke Nazi death camps to condemn US environmental regulations. The premise of the joke has to at least be believable.

Yes a bit of exaggeration yet the relentless move to legislate regulatory agencies that then craft regulations with the power of law is astounding.
The terrible part is that to tear down man bad regulations the entire agency must be dismantled which
does not happen for agencies that mostly do the right things.

The EPA is easy to point fingers at yet they do constantly work to extend their charter and reach.

Of interest was a bunch of EPA mandates involving rainwater runoff in Virginia. The state of Virginia
won the first batch of litigation and the EPA was pushed back. However the fact that rain water catchment
basins do not respect state boundaries. Coal does not respect state boundaries. Fumes from coal and other
fuel fired power plants does not.... Then there was the individual in Oregon that put a rain barrel between his
roof and garden. Oregon felt his roof water run off was property of the state of Oregon.

Comment: Re:Typical (Score 1) 162

by niftymitch (#47592113) Attached to: Bose Sues New Apple Acquisition Beats Over Patent Violations

ALso, noise-cancelling technology isn't unique to, or even invented by BOSE. It's, AFAIK, a military patent.. and used in almost every modern headphone and smartphone made.

But what military?

Of interest if a military design was classified and if someone invented
the same thing how could this be litigated. In some cases the disclosure
need only be a public RFP that implies it is possible for another skilled
in the art to go and do it.

Since the secrecy order covers methods and capabilities it could be
that military hardware designs will never be used to show prior art.

FIrst rumor I heard on noise cancellation was for Israel tank communication
systems. Second was old AT&T stuff in the acoustic labs at bell labs for
navy designs.

The patent system is a closed ecosystem and if no one ever filed a patent
on something invented 2000 years ago by a Roman a patent would get issued
and used to extort funds from small players where the cost of litigation
vs. the cost of paying extortion makes the decision.

The other issue is language. Many inventions use alternative language
to isolate their filing from all others. Multiple devices to virtualize large
storage could be used and not trigger a match from a filing involving
redundant array of inexpensive disks etc...

Technical readers could discover some of these but there is no $$ in doing
it. Some large organizations involved in natural language processing might
crack this open as inventions in many nations are stolen and used
in others. This is hard but translation from IEEE publication to PartentOffice to
Chinese, Russian and more might prove to generate matches of interesting
to national security and industry in general (pick your nation... no fixed answer
is correct here).

Comment: What could go wrong... (Score 1) 409

What could go wrong here....

I would love to see retrofit of cast off steel shipping containers
delivered to foreign soil as emergency hot zone mini hospitals.

In some areas of the US we have piles of long and short shipping
containers. Pant white, seal the inside with a tough liner like folk use for
pick up truck beds. Add a solar powered air vent or redundant two
with LED lighting. Airlift with helicopters or truck in on skid trucks.
Room inside for gowns, antibiotics, bleach and basic sanitation kit too.

These and technology like this will be needed in abundance should
Ebola make it to our shores and run amok.

In part we need to find a way do deliver to hot zones world wide
the ability to care for those that need care. This is my current
favorite way to address this need. They can be tied to the earth
with footers and bolted down well enough to endure a hurricane.
Insulation kits (internal or external spray foam) can make them
cold or hot weather tolerant. Screens and doors, mosquito proof
with a simple cutting torch and install kit all inside the box.

Comment: Re: Funny (Score 1) 135

by niftymitch (#47590483) Attached to: Cell Phone Unlocking Is Legal -- For Now

I'm really hoping this is a joke. You realize Congress passes the laws that get to Obama's desk?

Less of a joke than one might think.

Too many laws establish a regulatory framework that then writes regulations
with the force of law. The agency established by the law is under the direct
management control of the executive office.

This is not new with Obama but the recalcitrant congress has made this
more and more visible and "necessary". Consider how the EPA has
extended its mandate to include the CO2 that you exhale and incur simply
by eating and making a living and soon will be carbon taxing you... too.

Some of the worlds worst has been delivered by bureaucratic middle management
given a mandate to solve a problem with little oversight as to how. Some
historic "solutions" came to light January 27, 1945...

Comment: Re: Funny (Score 1) 135

by niftymitch (#47590457) Attached to: Cell Phone Unlocking Is Legal -- For Now

Thankfully Obama passed this, because our congress is do nothing. Now, off to get my Verizon phone unlocked so I can switch to AT&T!

Hmmm off to get my phone unlocked while I can....

FWIW I unlocked my previous AT&T phones (never give one up) bought some prepaid SIM cards with other carriers
and gave their networks a try. Here in the heart of Silly Valley -- we have the worlds worst cell coverage. Too many phones,
too few towers. My most reliable phone is a 15 year old unlocked Nokia flip phone. One charge lasts a full week -- a
replacement battery costs about $7. I power it down... put it in a zip lock bag in clean pair of socks while hiking...

I have been shopping for a modern dumb phone that is it's equal and am having
little luck. I would buy one... voice+text+GPS(for 911 safety) if it had a full week+ of
standby time.

The dumb thing about smart phones is the battery life.... it stinks.

+ - Passport database outage leaves thousands stranded. 1

Submitted by linuxwrangler
linuxwrangler (582055) writes "Job interviews missed, work and wedding plans disrupted, children unable to fly home with their adoptive parents. All this disruption is due to a outage involving the passport and visa processing database at the U.S. State Department. The problems have been ongoing since July 19 and the best estimate for repair is "soon.""

"The trouble with doing something right the first time is that nobody appreciates how difficult it was." -- Walt West

Working...