Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:Anyhows (Score 1) 186

They don't need to crack the traffic, if they de-anonymize the clients in and out of Tor, it's cleartext on both ends. With SSL and VPNs now being as wide open as cleartext and easily broken, it's a moot point.

http://blog.erratasec.com/2013/08/anonymity-smackdown-nsa-vs-tor.html

And direct yourself and others to Project Meshnet:

https://projectmeshnet.org/

Comment Re:NSA (Score 4, Interesting) 251

They do not need to do real-time processing of the data: that is only necessary for filtering.

That may be true for passive surveillance (http traffic, emails, IMs), but most-definitely not for VPNs, as in this specific case.

You absolutely need to trap the packets in real time in order to actually break the VPN connection open so you can get at the actual payload (cleartext, post-decrypted) data within the stream. The initial cryptographic handshake has to be captured, in order for them to peel it open and get inside.

You can't do that days later, when all you have is an encrypted stream of bits.

Comment Re:Eighty Nine Percent.... (Score 1) 138

Eighty Nine Percent of New Zealanders oppose new legislation to broaden the powers of the GCSB, the New Zealand Signals Intelligence agency that has tradisionally been used to spy on other countries.

But wait, that also means that at least 51% of the population actually voted for those who put these laws and legislation into effect. Can the same people who voted them into power, also vote them out?

Comment Re:How will they be compensated? (Score 5, Insightful) 382

It doesn't matter if she was searching for 'pressure cooker bombs', because that is not illegal!

She has not committed any crime, nor should she be suspected of one. In fact, she shouldn't have let them in the house, because they have no warrant, nor any valid reason to suspect her of doing anything against the law.

Since when was curiosity or knowledge seeking a crime? Is that where we are now? Living in fear of learning more, because those who think they're holding the power, are looking at everything we do?

Comment Re:Sigh. (Score 1) 339

Sorry, no.

http://www.serendipity.li/wot/other_fires/other_fires.htm

Here's one example:

In October 2004 in Caracas, Venezuela, a fire in a 56-story office tower burned for more 17 hours and spread over 26 floors. Two floors collapsed, but the underlying floors did not, and the building remained standing.

See http://www.cbsnews.com/stories/2004/10/18/world/main649824.shtml

Comment Re:I hope they ask SpiderOak for mine (Score 1) 339

But... how do you KNOW they're doing what they say they're doing? Really? Without an intentional MiTM machine you can use to analyze what is ultimately being sent upstream to SpiderOak, you can't be sure.

Remember too, peeling apart and masquerading SSL/https sites is VERY easy to do, including certificate forging. Many companies do this today to decrypt (yes, decrypt) SSL traffic to then scan the plaintext content of the request. Heck, you can even set up Squid to do that if you want.

http://blog.blackfoundry.com/2011/06/02/break-open-dropbox-ssl-traffic-with-squid-proxy/

http://www.squid-cache.org/Doc/config/ssl_bump/

Comment Re:Companies shouldn't have this anyway (Score 1) 339

His point was that the system maintainer might be forced by a spy agency to alter the code so that the password variable is not temporary, but instead logged in persistent storage.

That's easy: Build your hashing systems such that there IS no persistent storage. Make it out of DRAM, and enforce rules to scrub the memory and temporary storage before and after each password hashing request or attempt. Additionally, just create a tmpfs volume, encrypted with a one-way hash/salt, and write your scratch data there, then dump it and scrub those bits when done. Problem solved.

Comment Re:Who watches the watchers.... (Score 1) 508

You do realize that recording public officials, law enforcement and the like is going to land you in jail, right? Actually, it's already been demonstrated, when a black teen recorded a police officer publicly harassing and beating another black teen. So the one who got 8 months in jail and is facing 7 YEARS in prison? Not the 15 year old behind the police officer's baton, but the one who RECORDED the event with his camera phone.

https://www.youtube.com/watch?v=g1e9Htc6FMY

When it becomes legal and admissible evidence for an officer to bring in his dash camera footage, but ILLEGAL for a citizen to record an officer breaking the law, what have we become as a society? Seriously. This stuff is happening NOW.

And it scares the bejezzus out of me, and thousands of my compatriots.

Here's another of a fan running on a field, the cops chase him down, start beating him up ON THE FIELD in front of thousands of fans, when the fans storm onto the field and beat the crap out of the cops.

https://www.youtube.com/watch?v=rBfEh4aBt1g

With Google Glass, how soon before cops start smashing your $1,500 device, or shatter your phone, to prevent any evidence of their wrongdoing?

Comment Re:Chips implanted in our brain? (Score 1) 198

Maybe "The Final Cut", almost 10 years ago wasn't so far off:

http://www.imdb.com/title/tt0364343/

"A Zoë Chip is chip placed in your brain at birth to record your entire life. When you die, the footage from your life is edited into a “Rememory”-- a film shown at your funeral pieced together by an editor. A toy for the privileged, Zoë Chips are changing the face of human interaction, but there are those who are against this emerging technology, and believe that memories are meant to fade."

Slashdot Top Deals

It isn't easy being the parent of a six-year-old. However, it's a pretty small price to pay for having somebody around the house who understands computers.

Working...