If all he'd released was the evidence you've cited, I'd have virtually no issue with Manning. Unfortunately, he released a shitload more than that. Try again.

Worse, he was a USMC Lieutenant Colonel.

I will note for the record that I draw a heavy line between Manning and Snowden. The former I would like to see executed, the latter I'd like to have a beer with. Anyone interested in the civil liberties of US citizens would understand the fundamental distinction between the two named persons.

As a very happily married man with a wife whose posterior is quite round, I'm continually confused by the prevalence of jokes about big butts which assign a negative value to that trait. Apparently, many women think most men want to date twigs.

Or, gee, I dunno, encrypt the email itself (along with its attachments) with PGP/GPG. I only have eight accounts with keys assigned to them.

Hi, former Navy guy here. Unfortunately, the US military hasn't executed anyone since 1961, although plenty of service members have committed capital offenses since then. I say this as someone who is a staunch opponent of capital punishment in the civilian sector, but has no patience or forgiveness for those convicted of espionage or treason while wearing a uniform.

You're completely out of your depth here, as you apparently aren't aware of the numerous and nasty cases of service members walking around with TS clearances who got into financial trouble and decided it was somehow a good idea to attempt to sell classified materials to foreign powers to make up for their losses.

I'm speaking as someone who served, and someone who was in service when a particular submariner was caught doing exactly what I just described. He's far from alone in his transgressions, and such offenses have occurred on both the enlisted and commissioned sides.

Stop talking about things you have no experience with.

I find that many ACs tend to be more interested in their egos than signed-in users, especially the ACs that habitually check for replies to their anonymous posts.

You must have missed the bits about the absolute importance of determining who you're talking to the first time you make a connection.

You seem to be placing an inordinate amount of trust in network operators, trust which is sorely misplaced, as I've seen firsthand. You've also handily demonstrated an utter and complete lack of understanding of how PKI encryption operates.

If you think only large projects run their own CAs, you're smoking some strong stuff. Every single employer I've worked for operated a CA for both internal and external purposes. I happen to operate three for various purposes. Be sure to inform your forum members that you don't shit two shits about their privacy.

It's been a couple of days since you made this unwarranted accusation. Adults apologize when they screw up. Are you an adult?

I probably shouldn't be replying to a troll, but what the hell, this one is just too hard to pass up. Thousands of companies around the world, including many of your favorite Fortune 500s, use Perl for tasks ranging from mission critical systems programming, to application integration, to enterprise reporting and sure, web applications. You must be living a pretty sheltered life; if you truly work in an enterprise environment, have you bothered taking a look at what powers your company recently? Hint: there's an awful lot of Perl (and Python, too) driving it, probably in places you don't even know exist in your infrastructure.

Son, I've been doing this professionally for fifteen years. Have a nice day!

Unless you know what you're doing and have a very good reason to use the modules under the Crypt namespace directly, you should generally be using Crypt::CBC with them, at least for most common purposes.

The actual Blowfish cryptography core of Crypt::Blowfish is written in C. You can verify this by downloading the tarball and looking at the source. There is a pure Perl version available as well, but it's slower.

The cores of Crypt::DES, Crypt::Rijndael, etc are also written in C.

I do most of my work in Perl, and I happen to heavily utilize Blowfish and Twofish. Perhaps you should think about what your application pipeline requirements actually need in terms of crypto and then look into the various modules that interoperate under the umbrella of Crypt::CBC.

If investors actually pay any attention at all to this news, the price will go up. IBM has essentially proven to its shareholders that they can once again go up against the federal government in cases like this and come out paying virtually nothing in fines, while not being required to take any meaningful action as far as policy revision goes. That's called "enhancing shareholder confidence."

You probably shouldn't have sold those shares.

This is a good idea.

The method you've described for determining trustworthiness is worthless with self-signed certificates that you haven't already verified out of band (or chosen to trust the local signing CA for the cert) or in cases where the chain of trust for a certificate has been compromised. The people operating the shop on East Street could be honest merchants, and without being able to fully trust the PKI chain that verifies exactly who you're speaking to, a man in the middle could silently intercept (and potentially modify in transit) every byte of your communications with the East Street shop. After you've transmitted your credit card number, billing address, shipping address, etc, the MITM could simply log that data for later use.

A well known tactic of skimming/carding operations (both online and at brick and mortar stores) is to capture cardholder data and sit on it for a few weeks or months, then sell a large batch of such data to other criminals. Months down the road, unless you've used a unique card number everywhere you've shopped, you're going to have an extremely hard time determining where the compromise originated, and all the while the East Street merchant did nothing wrong.

You should care very much whether or not the web shop I'm connecting to is on East Street or West Street, and you should do your best to research merchants before transacting business with them. The usefulness of "web of trust" models is best realized under circumstances where groups of people with an interest in transacting such business communicate with one another regarding the trustworthiness of those they wish to do business with, along with those responsible for ensuring the cryptographic integrity of such communications.

In addition to my last reply, more astute readers might notice that the filenames for images served from screen.palegray.net might be cryptographic hashes. Indeed, they're Whirlpool hashes, which means in addition to the content being served over HTTPS, someone who really cared about verifying that the content hadn't been altered in transit could simply compare the Whirlpool hash of a downloaded file to its name. There's even a handy Perl Whirlpool module for such purposes.