In other news, medical research slowly comes to a crashing halt in test phases. Millions of people die due to reactions which were not seen in simulations. Environmental moonbats everywhere cheer.
These are searches with warrants, so no NSL.
It depends what they are doing. TFA describes a situation where a murderer was found because he kept the victim's phone (on!) in his house. I have no problem with using cell phone intercept to track down a murder suspect in a situation like this, although the degree of stupidity required for this to work is astonishing. So based on the article we don't actually know that there were lax procedures. I'm not saying there weren't, but getting a court order for this sort of thing is precisely what they should be doing, so I'm having trouble seeing this particular revelation as something about which we should be deeply concerned. 25,000 searches over eight years is really not that many in a city the size of Baltimore if, e.g., they are using the device to track down stolen phones.
I've exited the security industry after 15 years, no longer believing that it does any good. And TFA is pretty spot on.
The issue is that security is both wide and deep. You need to cover all your weak spots, and you need to cover them completely. As an industry, we have succeeded in finding technical solutions to almost every challenge, but we've failed in creating a systematic approach to the field. Look at the "best practice" documents - they are outdated and mostly a circle-jerk. I did a quick study some months ago checking the top 100 or so for what the academic or scientific or just substantiated-through-sources basis is, and the result is pretty much: None at all.
Even the different standards, including the ISO documents, are collections of topics, not systematic wholes. It's like high school physics: This month you get taught optics, next month Newton mechanics, the third month electromagnetism. The only thing they have in common is the class room.
Nowhere is it more visible than our treatment of the user. It's clear that most security professionals treat users as disturbances, as elements outside their field of security. I imagine what roads would look like if their planners would look at accidents and say "cars are a threat to our road system. They clog it up and very often they crash into each other and cause serious issues to traffic. We need to protect the road system against cars. Can we automate roads so they work without cars as much as possible?"
We need a much more systematic, holistic view on the whole field than we have right now. In a pre-scientific field, snake oil is the norm. It was the same in medicine (where the term originates), in chemistry (alchemy), in psychology (astrologie, numerology, one hundred other primitive attempts at understanding and predicting human behaviour) and virtually every other field, even many non-scientific areas, such as religion/magic.
That's interesting. I hereby amend my comment: s/lettuce/regular non-medicated lettuce/
It seems like they didn't so much flip the switch as jam a penny in the fusebox.
Yep. A physicist trying to explain a balanced line to other physicists, without knowing the word for it.
Haldane would be spinning in his grave.
6rd is for when you want v6 but your uplink doesn't support it, so not an issue here. The DNS lookup doesn't cause much delay.
Some operations did indeed screw up initially but others got it right first time.
Windows has had IPv6 stacks since Windows 95 and Microsoft even started supplying them as of 98.
IPSec is perfectly usable.
Telebit demonstrated transparent routing (ie: total invisibility of internal networks without loss of connectivity) in 1996.
IPv6 has a vastly simpler header, which means a vastly simpler stack. This means fewer defects, greater robustness and easier testing. It also means a much smaller stack, lower latency and fewer corner cases.
IPv6 is secure by design. IPv4 isn't secure and there is nothing you can design to make it so.
IPv6 would help both enormously. Lower latency on routing means faster responses.
IP Mobility means users can move between ISPs without posts breaking, losing responses to queries, losing hangout or other chat service connections, or having to continually re-authenticate.
Autoconfiguration means both can add servers just by switching the new machines on.
Because IPv4 has no native security, it's vulnerable to a much wider range of attacks and there's nothing the vendors can do about them.
No, but it *IS* what I said that you apparently didn't comprehend the first time.
Each level is given the parent's prefix plus one or two bytes. Yes, you can announce that and it is easily summarized.
Anycast tells you what services are on what IP. There are other service discovery protocols, but anycast was designed specifically for IPv6 bootstrapping. It's very simple. Multicast out a request for who runs a service, the machine with the service unicasts back that it does.
Dynamic DNS lets you tell the DNS server who lives at what IP.
IPv6 used to have other features - being able to move from one network to another without dropping a connection (and sometimes without dropping a packet), for example. Extended headers were actually used to add features to the protocol on-the-fly. Packet fragmentation was eliminated by having per-connection MTUs. All routing was hierarchical, requiring routers to examine at most three bytes. Encryption was mandated, ad-hoc unless otherwise specified. Between the ISPs, the NAT-is-all-you-need lobbyists and the NSA, most of the neat stuff got ripped out.
IPv6 still does far, far more than just add addresses and simplify routing (reducing latency and reducing the memory requirements of routers), but it has been watered down repeatedly by people with an active interest in everyone else being able to do less than them.
I say roll back the protocol definition to where the neat stuff existed and let the security agencies stew.
If you offer coaching for a marathon, you are doing nothing wrong. Nor is the runner who hires you.