Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
United States

Journal Journal: "Another Important Difference" 1

"Another important difference between my administration and the Bush administration is that when the Bush administration secretly spied on you, the Bush administration could not point to a single judge willing to say their program was legal. We, on the other hand, can point to such a judge. I'm not going to tell you who this judge is, or why he or she thinks our program is legal. If I did that, it would, obviously be harder for me to convince you that the program is legal. Instead, I'm just going to tell you that we secretly found one judge who was willingly to secretly say that it was legal for us to collect all of your data..."

http://www.youtube.com/watch?v=w25GDPlF12g

Education

Journal Journal: 101 5

"Banks love securitization because it's cheaper for them than holding loans on their books, and having to pay for them in equity capital and FDIC insurance. But those requirements are precisely what make a market safe and fair. They are buffers against risk, which in securitization gets transferred to investors. The market proved incapable before and during the crisis of properly pricing that risk, and now everyone knows it. So the investors are wisely staying away. And if these markets no longer work, then perhaps it's time to rethink the wisdom of the 30-year fixed rate mortgage (which most other countries don't have) and come up with a way for lenders to retain the risk while still protecting themselves against catastrophe."

http://www.nakedcapitalism.com/2013/07/david-dayen-a-revealing-episode-in-dc-groupthink.html

United States

Journal Journal: Obama's Soft Totalitarianism 10

Obama's Soft Totalitarianism: Europe Must Protect Itself from America

A Commentary by Jakob Augstein
Is Barack Obama a friend? Revelations about his government's vast spying program call that assumption into doubt. The European Union must protect the Continent from America's reach for omnipotence.

On Tuesday, Barack Obama is coming to Germany. But who, really, will be visiting? He is the 44th president of the United States. He is the first African American to hold the office. He is an intelligent lawyer. And he is a Nobel Peace Prize laureate.

But is he a friend? The revelations brought to us by IT expert Edward Snowden have made certain what paranoid computer geeks and left-wing conspiracy theorists have long claimed: that we are being watched. All the time and everywhere. And it is the Americans who are doing the watching.

On Tuesday, the head of the largest and most all-encompassing surveillance system ever invented is coming for a visit. If Barack Obama is our friend, then we really don't need to be terribly worried about our enemies.

It is embarrassing: Barack Obama will be arriving in Berlin for only the second time, but his visit is coming just as we are learning that the US president is a snoop on a colossal scale. German Chancellor Angela Merkel has said that she will speak to the president about the surveillance program run by the National Security Agency, and the Berlin Interior Ministry has sent a set of 16 questions to the US Embassy. But Obama need not be afraid. German Interior Minister Hans Peter Friedrich, to be sure, did say: âoeThat's not how you treat friends.â But he wasn't referring to the fact that our trans-Atlantic friends were spying on us. Rather, he meant the criticism of that spying.

Friedrich's reaction is only paradoxical on the surface and can be explained by looking at geopolitical realities. The US is, for the time being, the only global power -- and as such it is the only truly sovereign state in existence. All others are dependent -- either as enemies or allies. And because most prefer to be allies, politicians -- Germany's included -- prefer to grin and bear it.

'It's Legal'

German citizens should be able to expect that their government will protect them from spying by foreign governments. But the German interior minister says instead: âoeWe are grateful for the excellent cooperation with US secret services.â Friedrich didn't even try to cover up his own incompetence on the surveillance issue. âoeEverything we know about it, we have learned from the media,â he said. The head of the country's domestic intelligence agency, Hans-Georg Maassen, was not any more enlightened. âoeI didn't know anything about it,â he said. And Justice Minister Sabine Leutheusser-Schnarrenberger was also apparently in the dark. âoeThese reports are extremely unsettling,â she said.

With all due respect: These are the people who are supposed to be protecting our rights? If it wasn't so frightening, it would be absurd.

Friedrich's quote from the weekend was particularly quaint: âoeI have no reason to doubt that the US respects rights and the law.â Yet in a way, he is right. The problem is not the violation of certain laws. Rather, in the US the laws themselves are the problem. The NSA, in fact, didn't even overreach its own authority when it sucked up 97 billion pieces of data in one single 30-day period last March. Rather, it was acting on the orders of the entire US government, including the executive, legislative and judicial branches, the Democrats, the Republicans, the House of Representatives, the Senate and the Supreme Court. They are all in favor. Democratic Senator Dianne Feinstein, chair of the Senate Intelligence Committee, merely shrugged her shoulders and said: âoeIt's legal.â

A Monitored Human Being Is Not a Free One

What, exactly, is the purpose of the National Security Agency? Security, as its name might suggest? No matter in what system or to what purpose: A monitored human being is not a free human being. And every state that systematically contravenes human rights, even in the alleged service of security, is acting criminally.

Those who believed that drone attacks in Pakistan or the camp at Guantanamo were merely regrettable events at the end of the world should stop to reflect. Those who still believed that the torture at Abu Ghraib or that the waterboarding in CIA prisons had nothing to do with them, are now changing their views. Those who thought that we are on the good side and that it is others who are stomping all over human rights are now opening their eyes. A regime is ruling in the United States today that acts in totalitarian ways when it comes to its claim to total control. Soft totalitarianism is still totalitarianism.

We're currently in the midst of a European crisis. But this unexpected flare-up of American imperialism serves as a reminder of the necessity for Europe. Does anyone seriously believe that Obama will ensure the chancellor and her interior minister that the American authorities will respect the rights of German citizens in the future? Only Europe can break the American fantasy of omnipotence. One option would be for Europe to build its own system of networks to prevent American surveillance. Journalist Frank Schirrmacher of the respected Frankfurter Allgemeine Zeitung newspaper recommended that over the weekend. âoeIt would require subsidies and a vision as big as the moon landing,â he argues.

A simpler approach would be to just force American firms to respect European laws. The European Commission has the ability to do that. The draft for a new data privacy directive has already been presented. It just has to be implemented. Once that happens, American secret services might still be able to walk all over European law, but if US Internet giants like Google, Apple, Microsoft and Facebook want to continue making money off of a half-billion Europeans, then they will have to abide by our laws. Under the new law, companies caught passing on data in ways not permitted are forced to pay fines. You can be sure that these companies would in turn apply pressure to their own government. The proposal envisions setting that fine at 2 percent of a company's worldwide revenues.

Government

Journal Journal: If You Still Believe You Live in a "Liberal Democracy"? 34

You're just not as bright as you like to congratulate yourself.

It is very simple. Follow the money. Years ago the wealthy needed a strong middleclass. Henry Ford even commented that a strong middleclass bought the products of the wealthy. But the wealthy no longer make products. Money is earned through money games. And the economy is global.

The goal now is the destruction of the middleclass. Why? So that we'll work for nothing. A sort of coal mining economic theory. Work for nothing and then give what little money you have back when you buy life's necessities at the company store.

As the wealth gets concentrated and the middleclass destroyed there might be some uprisings. The Corporate Government will be able to get the leaders very quickly and thereby diffuse the uprisings literally before they start. Like arresting the persons behind "Occupy Wall Street" before the occupation.

With indefinite detention being the law of the land there will be no need for trials.

And with all that anti terrorism security money going to crowd control weapons like sonic beams that make you burn those crowds that do assemble will be quickly dealt with.

It is always about the money.

Posted by: Ray | Jun 29, 2013 9:27:54 PM

User Journal

Journal Journal: The Other Side of the Table 6

In recent times I've been fortunate enough to be the one conducting interviews instead of the one being interviewed. It's been an eye-opening experience. The first few times I was very nervous in case I asked a wrong/stupid question. I wouldn't want to put someone off or give a bad impression of the company.

Without wanting to sound conceited or pompous, I have been absolutely astounded at the apparent lack of ability of some candidates.

Put it this way: I'm completely self taught. I have spoken to people who are claiming to have developed software for nearly 20 years in some cases and make a big song and dance about all the hardware they've programmed for, and all the fancy IDEs, static analysis tools, industry standards they've followed etc. and about their wonderful C and C++ skills.

But what really beats me is how anyone can have been coding for longer than a fortnight and not know what an array is, or to have been doing C++ for 15 years and not know about parameterised types.

Privacy

Journal Journal: DARK SIDE OF THE MOON 7

NSA Trigger Words for PRISM:

This is an (admittedly huge) list of words that supposedly cause the NSA to flag you as a potential terrorist if you over-use them in an email.

We found this on Reddit, where James Bamford, a veteran reporter with 30 years experience covering the NSA, is answering questions from the community. This list comes from Reddit user GloriousDawn, who found it on Attrition.org, a site that very closely follows the security industry.

http://attrition.org/misc/keywords.html

Waihopai, INFOSEC, Information Security, Information Warfare, IW, IS, Privacy, Information Terrorism, Terrorism Defensive Information, defence Information Warfare, Offensive Information, Offensive Information Warfare, National Information Infrastructure, InfoSec, Reno, Compsec, Computer Terrorism, Firewalls, Secure Internet Connections, ISS, Passwords, DefCon V, Hackers, Encryption, Espionage, USDOJ, NSA, CIA, S/Key, SSL, FBI, Secert Service, USSS, Defcon, Military, White House, Undercover, NCCS, Mayfly, PGP, PEM, RSA, Perl-RSA, MSNBC, bet, AOL, AOL TOS, CIS, CBOT, AIMSX, STARLAN, 3B2, BITNET, COSMOS, DATTA, E911, FCIC, HTCIA, IACIS, UT/RUS, JANET, JICC, ReMOB, LEETAC, UTU, VNET, BRLO, BZ, CANSLO, CBNRC, CIDA, JAVA, Active X, Compsec 97, LLC, DERA, Mavricks, Meta-hackers, ^?, Steve Case, Tools, Telex, Military Intelligence, Scully, Flame, Infowar, Bubba, Freeh, Archives, Sundevil, jack, Investigation, ISACA, NCSA, spook words, Verisign, Secure, ASIO, Lebed, ICE, NRO, Lexis-Nexis, NSCT, SCIF, FLiR, Lacrosse, Flashbangs, HRT, DIA, USCOI, CID, BOP, FINCEN, FLETC, NIJ, ACC, AFSPC, BMDO, NAVWAN, NRL, RL, NAVWCWPNS, NSWC, USAFA, AHPCRC, ARPA, LABLINK, USACIL, USCG, NRC, ~, CDC, DOE, FMS, HPCC, NTIS, SEL, USCODE, CISE, SIRC, CIM, ISN, DJC, SGC, UNCPCJ, CFC, DREO, CDA, DRA, SHAPE, SACLANT, BECCA, DCJFTF, HALO, HAHO, FKS, 868, GCHQ, DITSA, SORT, AMEMB, NSG, HIC, EDI, SAS, SBS, UDT, GOE, DOE, GEO, Masuda, Forte, AT, GIGN, Exon Shell, CQB, CONUS, CTU, RCMP, GRU, SASR, GSG-9, 22nd SAS, GEOS, EADA, BBE, STEP, Echelon, Dictionary, MD2, MD4, MDA, MYK, 747,777, 767, MI5, 737, MI6, 757, Kh-11, Shayet-13, SADMS, Spetznaz, Recce, 707, CIO, NOCS, Halcon, Duress, RAID, Psyops, grom, D-11, SERT, VIP, ARC, S.E.T. Team, MP5k, DREC, DEVGRP, DF, DSD, FDM, GRU, LRTS, SIGDEV, NACSI, PSAC, PTT, RFI, SIGDASYS, TDM. SUKLO, SUSLO, TELINT, TEXTA. ELF, LF, MF, VHF, UHF, SHF, SASP, WANK, Colonel, domestic disruption, smuggle, 15kg, nitrate, Pretoria, M-14, enigma, Bletchley Park, Clandestine, nkvd, argus, afsatcom, CQB, NVD, Counter Terrorism Security, Rapid Reaction, Corporate Security, Police, sniper, PPS, ASIS, ASLET, TSCM, Security Consulting, High Security, Security Evaluation, Electronic Surveillance, MI-17, Counterterrorism, spies, eavesdropping, debugging, interception, COCOT, rhost, rhosts, SETA, Amherst, Broadside, Capricorn, Gamma, Gorizont, Guppy, Ionosphere, Mole, Keyhole, Kilderkin, Artichoke, Badger, Cornflower, Daisy, Egret, Iris, Hollyhock, Jasmine, Juile, Vinnell, B.D.M.,Sphinx, Stephanie, Reflection, Spoke, Talent, Trump, FX, FXR, IMF, POCSAG, Covert Video, Intiso, r00t, lock picking, Beyond Hope, csystems, passwd, 2600 Magazine, Competitor, EO, Chan, Alouette,executive, Event Security, Mace, Cap-Stun, stakeout, ninja, ASIS, ISA, EOD, Oscor, Merlin, NTT, SL-1, Rolm, TIE, Tie-fighter, PBX, SLI, NTT, MSCJ, MIT, 69, RIT, Time, MSEE, Cable & Wireless, CSE, Embassy, ETA, Porno, Fax, finks, Fax encryption, white noise, pink noise, CRA, M.P.R.I., top secret, Mossberg, 50BMG, Macintosh Security, Macintosh Internet Security, Macintosh Firewalls, Unix Security, VIP Protection, SIG, sweep, Medco, TRD, TDR, sweeping, TELINT, Audiotel, Harvard, 1080H, SWS, Asset, Satellite imagery, force, Cypherpunks, Coderpunks, TRW, remailers, replay, redheads, RX-7, explicit, FLAME, Pornstars, AVN, Playboy, Anonymous, Sex, chaining, codes, Nuclear, 20, subversives, SLIP, toad, fish, data havens, unix, c, a, b, d, the, Elvis, quiche, DES, 1*, NATIA, NATOA, sneakers, counterintelligence, industrial espionage, PI, TSCI, industrial intelligence, H.N.P., Juiliett Class Submarine, Locks, loch, Ingram Mac-10, sigvoice, ssa, E.O.D., SEMTEX, penrep, racal, OTP, OSS, Blowpipe, CCS, GSA, Kilo Class, squib, primacord, RSP, Becker, Nerd, fangs, Austin, Comirex, GPMG, Speakeasy, humint, GEODSS, SORO, M5, ANC, zone, SBI, DSS, S.A.I.C., Minox, Keyhole, SAR, Rand Corporation, Wackenhutt, EO, Wackendude, mol, Hillal, GGL, CTU, botux, Virii, CCC, Blacklisted 411, Internet Underground, XS4ALL, Retinal Fetish, Fetish, Yobie, CTP, CATO, Phon-e, Chicago Posse, l0ck, spook keywords, PLA, TDYC, W3, CUD, CdC, Weekly World News, Zen, World Domination, Dead, GRU, M72750, Salsa, 7, Blowfish, Gorelick, Glock, Ft. Meade, press-release, Indigo, wire transfer, e-cash, Bubba the Love Sponge, Digicash, zip, SWAT, Ortega, PPP, crypto-anarchy, AT&T, SGI, SUN, MCI, Blacknet, Middleman, KLM, Blackbird, plutonium, Texas, jihad, SDI, Uzi, Fort Meade, supercomputer, bullion, 3, Blackmednet, Propaganda, ABC, Satellite phones, Planet-1, cryptanalysis, nuclear, FBI, Panama, fissionable, Sears Tower, NORAD, Delta Force, SEAL, virtual, Dolch, secure shell, screws, Black-Ops, Area51, SABC, basement, data-haven, black-bag, TEMPSET, Goodwin, rebels, ID, MD5, IDEA, garbage, market, beef, Stego, unclassified, utopia, orthodox, Alica, SHA, Global, gorilla, Bob, Pseudonyms, MITM, grey Data, VLSI, mega, Leitrim, Yakima, Sugar Grove, Cowboy, Gist, 8182, Gatt, Platform, 1911, Geraldton, UKUSA, veggie, 3848, Morwenstow, Consul, Oratory, Pine Gap, Menwith, Mantis, DSD, BVD, 1984, Flintlock, cybercash, government, hate, speedbump, illuminati, president, freedom, cocaine, $, Roswell, ESN, COS, E.T., credit card, b9, fraud, assasinate, virus, anarchy, rogue, mailbomb, 888, Chelsea, 1997, Whitewater, MOD, York, plutonium, William Gates, clone, BATF, SGDN, Nike, Atlas, Delta, TWA, Kiwi, PGP 2.6.2., PGP 5.0i, PGP 5.1, siliconpimp, Lynch, 414, Face, Pixar, IRIDF, eternity server, Skytel, Yukon, Templeton, LUK, Cohiba, Soros, Standford, niche, 51, H&K, USP, ^, sardine, bank, EUB, USP, PCS, NRO, Red Cell, Glock 26, snuffle, Patel, package, ISI, INR, INS, IRS, GRU, RUOP, GSS, NSP, SRI, Ronco, Armani, BOSS, Chobetsu, FBIS, BND, SISDE, FSB, BfV, IB, froglegs, JITEM, SADF, advise, TUSA, HoHoCon, SISMI, FIS, MSW, Spyderco, UOP, SSCI, NIMA, MOIS, SVR, SIN, advisors, SAP, OAU, PFS, Aladdin, chameleon man, Hutsul, CESID, Bess, rail gun, Peering, 17, 312, NB, CBM, CTP, Sardine, SBIRS, SGDN, ADIU, DEADBEEF, IDP, IDF, Halibut, SONANGOL, Flu, &, Loin, PGP 5.53, EG&G, AIEWS, AMW, WORM, MP5K-SD, 1071, WINGS, cdi, DynCorp, UXO, Ti, THAAD, package, chosen, PRIME, SURVIAC

The Matrix

Journal Journal: Liquidating Todashev

"APB: At Least Two Missing "Law Enforcement Personnel," Last Seen at Ibragim Todashev Homicide Scene". The 'law enforcement personnel' written out of the story are, of course, the assassination team.

To summarize, the FBI was disturbed by the first interview, as Todashev indicated he knew the brothers were set up. It was thus imperative to:

1. reinterview Todashev to find out what he knew, and more importantly, identify whoever else knew; and
2. liquidate Todashev.

Why didn't they just arrange for a drive-by shooting, or a home invasion/murder? They needed to interview him to find out who else they had to murder, and then immediately liquidate Todashev before he could talk to anyone else. The incompetence of the liquidation was probably caused by Todashev realizing what was going to happen, fighting for his life rather effectively (as he was a trained fighter), resulting in the panicked murder, and a most ludicrous attempt at a cover-up.

http://xymphora.blogspot.com/2013/06/assassination.html

Security

Journal Journal: LuxTrust on Ubuntu 12.04 LTS 3

Intro: I was complaining on social networks that the LuxTrust hardware tokens are forced upon all teachers in my country. That's a huge problem because I got my mother in law on Linux and this thing is very very badly supported. Officially the website say "Ubuntu 10.04" supported. Funnily enough, their website also doesn't mention Windows 8 as supported. Anyway, they're a useless company in my eyes... I wish them the most ill possible.

Here is my little test run:

So, I decided to test the LuxTrust support under Ubuntu GNU/Linux 12.04 LTS i686[1]. I installed a virtual machine from the ISO, and from that blank slate, I wanted to try how "easy" this is. Well, there you go, I downloaded their "middleware".

The good news: Ubuntu Software center presented it as installable and it installed it without apparently problems after clicking the Install. Good! If this were enough, I'd say "it's supported"[2]. Let's test it. So, I go to CCP-Connect, one of the few banks known to work well with LuxTrust under Linux. The thing needs Java[3], and I as expected, and I don't have it installed. I get redirected, at once to http://www.oracle.com/java. The sheer number of options is intimidating. If I weren't very familiar with Java, I wouldn't have a clue what to select. Now, this might be P&T Luxembourg doing it wrong, but the site you should send end-users to is http://www.java.com/. Never send an end-user to a developer site, it's a horrible mistake.

Anyway, I do what is needed and surprise[4], there is no Oracle Java for Ubuntu. A RPM and a tar.gz. Now, if I weren't who I am, I would be blocked again. So, I download the tar.gz and I'll be honest to you, dropped right to the command line, tar zxvf later to /opt, and doing an update-alternatives --install of the new java, oh, and while we're at it, make a symlink for the plugin [5]. Now, of course, I understand it's Oracle whom I have a problem with, but I bet that you won't get this documentation at LuxTrust and they sure as hell can't walk you though this. Of course, the way I did this, I'm now responsible for updating my Java. Of course, there is a PPA, but can I trust that? (I'll have to, if I want automatic updates, but you get the point, no?)

Now, going back to the banking site, it seems to run. I get to the point where I have to select their product and then a screen saying there is no signing stick. (Obviously, I don't have one.)

For kicks 'n giggles, I tried OpenJDK/JRE with the icedtea plugin. No surprise, but that doesn't work: gray pane instead of the applet, but other java applets works fine. So, Oracle Java mandatory. Heck, even Minecraft runs op OpenJDK for crying out loud!

At least their middleware didn't install some kind of daemon, which I what I would have expected with something called "Middleware".
Funny also: The Oracle Java VM warns you from running applets all the time, even the test applet on the java.com site. Scary. Well, not to me, but to a normal end user.

[1] i686 for a good reason, from what I read getting it to run is significantly harder on amd64.
[2] I knew that it wasn't going to work
[3] Wait, isn't that what dependencies are for... Naaaah, dependencies. Who uses that?
[4] Not really, I've been here before
[5] Probably better use update-alternatives for that one too!

Slashdot Top Deals

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...