Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Comment Re:And innocent Russian govt never hacked anyone (Score 2) 114

Broken reasoning? My reasoning?

The CrowdStrike blog makes it pretty clear that they think it's not just a lone individual and that it's an group with enough resources, time, and organization to suggest that it's backed by a nation-state.

Seriously, what the fuck? In what universe is it broken reasoning to think that a government might attempt to spy on another government, particularly the USA and Russia? I don't even understand what you're trying to argue here.

It's possible that there are other explanations to what happened, but the DNC servers were compromised multiple times over the span of at least a year. It's not even plausible to argue that it's the work of a lone Romanian hacker. Like I said, the one thing that is almost certainly not true here is that this guy is Romanian, and it's even less likely that the first attack by an apparently separate organization is also Romanian.

The big picture here is that wholly unsurprising political espionage occurred and multiple signs point to it having Russian involvement. It's bordering on delusional to believe that a native Russian-speaking Romanian who claims only to be Romanian is the cause of it all.

Comment Re:Notepad ++ (Score 1) 286

I do use np++ a lot for note taking, but I don't like to have to disable the function autocomplete feature every time I want to take general notes.

The session saving feature does make it nicer for taking general notes, though. Not having to save a document before you close is kind of awesome.

Highly agree and slightly disagree. I use sublime text 2 like this, partly because it had some multi-cursor and other text editing stuff that I thought was neat, including the autocomplete junk. It's not that important, but I like it. I would definitely shut it off if I weren't used to it, or if it completed things without me noticing more often. I do love most of those little features like autocomplete and matching brackets and the minimap.

Highly agree because the major, major reason I like it is that I can just open up tabs and close the whole thing without having to save, or organize, or whatever. I make a new project, give it a general topic, and then have tabs of notes with the tab getting an auto-title from the first line. Because the main difficulty for me with taking notes like this is with organizing them, this setup is almost perfect for me. I just never have to worry about it other than not deleting my projects folder. The sessions are all in plaintext, too, in what looks like json, so if you encounter an error or need to grep it or something you can do that.

I also installed some emacs-style keybinds. I'm sure something like np++ would be just as good, I just happened to start doing this with sublime.

Comment Re:There are much more discrepancies in his legend (Score 1) 114

The motivation primarily seems to be fame-seeking.

You might think so, except for how he doesn't even present any kind of nom de hacker to the world. If you seek attention, do you really name yourself as someone else 2.0?

While it may be conjecture, his original blog post is pretty clearly written by a native Russian speaker to anyone capable of making conjectures based off of it. The chances of him actually being Romanian are very, very small.

Comment Re:And innocent Russian govt never hacked anyone (Score 3, Insightful) 114

When anything like this can be clearly pin-pointed to China and Russia, then you can bet it was staged as such.

"If there's ever evidence of Russian hacking, it must have been fabricated"

Whatever, guy. Anyone who looked at his blog can tell that whoever wrote it is a native Russian speaker. Not only that, but he stole someone else's nickname?

The only thing clearly fabricated here is the idea that he's Romanian, which he almost certainly is not. It's about as clear as you either having language difficulties of your own or clearly lacking any technical knowledge. The post you're replying to was not speaking of internet proxies or compromised machines, but of people or groups of people. The people are not known at all, they've just used the same style and techniques.

I suggest you read to CrowdStrike blog post about it because it explains pretty thoroughly why they believe it to be a nation-state actor. Considering the likelihood of a nation-state actor acting for the benefit of the Russian Federation without any ties to Russia itself are basically zero, it's idiotic to suggest anything else.

As far as I can tell the only thing even suggesting that this might be a singular hacker is how jealous he was about CrowdStrike calling him or them out on having inferior skill to the other already established DNC hack which he ended up exposing when his was caught, but that would be true of a group as well.

Comment Re:adblock option? (Score 1) 135

As far as I know, you can only install Chrome extensions in Vivaldi by typing in the internal extensions page address, enabling developer mode and then manually downloading and adding each extension.

Then it was a very recent change.

This is not a recent change. The Chrome Store is just a webpage which you can visit, and which treats Vivaldi as if it were Chrome for everything I've tried. You go to it, click on an extension, and it shows the overview for it, including an "Add to Chrome" button. It's been this way since at least November, 5 months ago.

Comment Re:I must know the other half ... (Score 1) 585

All the government is asking is for Apple to help assist it bypass the encryption on its own phone. In other words, this isn't a privacy issue like it's being made out to be. This is a company refusing to help an owner bypass a lost password on their own device, even though the circumstances are extraordinary.

I just posted this somewhere else, but what is the difference?

A permission slip from the owners (San Bernardino County) is as good as permission slip from the government (signed search warrant).

It might even be less important knowing that its the owners are requesting it. Why should the owners of a phone be required to be given a newly special-crafted firmware so that they can brute-force their way into their own device? It's their own goddamn device, they already have had all the access to it that anybody could hope for.

Comment Re:Wrong (Score 1) 585

that said that apple shouldn't be forced to create a backdoor to add to a phone, but they should be required to unlock any existing phones

I hope this detail was just lost in your paraphrasing, but Apple has been ordered to create a backdoor to add to an existing phone, which basically makes this statement nonsense.

Or, rather, Apple has been ordered to implement a potential backdoor which does not exist yet.

Comment Re:Cluster Fuck (Score 1) 401

If Apple breaks the encryption, there is no way that it will be just for this one phone and that's it.

Just this once, I swear!

If Apple rolled over on this, they'd probably be fighting the same fight a couple of years from now when they got a judicial writ requiring them to have the same kind of firmware backdoor on the iPhone 12 that used to exist on the iPhone 5c

Comment Re:Right to Privacy (Score 1) 341

Also Apple uses Child slave labor in China and to do this they hand over _whatever_ China asks for - they do not take a stand for humanity where it really can lead to serious consequences.

So what? You think Apple should roll over to everything government's authoritarian tendencies because they've done it in China?

If apple has the capacity to help in doing this they should or be held in contempt of court.

If Apple has the capacity. What does that mean? Apple does not have access to the phone right now, they have the capability to create access to it by making custom firmware and installing it on the device.

What about phones that don't have this kind of firmware backdoor? I mean, they certainly have the capacity to manufacture phones with potential firmware backdoors, as should be obvious by the existence of this one. Is that part of Apple's capacity to help? Would creating phones that are completely cryptographically secure be eschewing their duty to help the government execute search warrants?

I would recommend the judge jail the CEO in contempt.

Absolutely ridiculous. For filing an appeal???????? You're nuts.

Comment Re:Nope (Score 1) 341

What the FBI is asking is not to install a backdoor or whatever on every iPhone sold by Apple.

They kind of are. They (and the court) have said that Apple is obligated to help them access a locked and encrypted iPhone for which there is currently no access. The access to this is through means of a firmware backdoor, which the FBI and the court have said that Apple must create and implement.

It's not asking them to do it to every iPhone now, but it might be asking them to do this in the future. If Apple is required to help the FBI access this phone, does this mean they can or cannot create a securely locked-down iPhone in the future for which there is no possibility of a firmware backdoor? That is unclear.

Comment Re:Not sure I understand this. (Score 1) 435

what the FBI is asking for is, from a technical standpoint, reasonable

From a technical standpoint only, yes, and only then in very specific cases. Apple might be able to, without having to unlock the phone via passcode, install new firmware on the phone which has zero restrictions on number of attempts or penalties (such as auto-wipe) for incorrect attempts. Purely from a technical standpoint, that is something which appears to be factually correct. What is also factually correct is this capability is something which must be created -- Apple does not already possess a zero-penalty iphone firmware and would need to create it.

How content are you with a corporation being legally required to create a new means of access to a previously inaccessible device? Here it might make sense to some people, seeing as it was a terrorist's phone which was actually owned by San Bernardino County, but what if it was someone whose guilt was not so apparent?

What if another shooting happens next year, and Apple is legally obliged (via judicial writ) to create a new means of access for one of its newer iPhones,which does not have the same firmware "backdoor" already in place? Would Apple have to come up with some new means of access? Would Apple feel pressured to only have weak passcodes with weak firmware in place which could easily be subverted when the court ordered them to? Does this mean it would be illegal for them to manufacture phones with secure firmware and access restrictions which they would be unable to circumvent, no matter how much the court demands it?

Lots of people think that should be the case, and a lot of others will say "well, this isn't that case, we'll get to that when we get there", but as far as I can tell Apple should absolutely be pushing back on this. If they don't push back, then they are either forced or coerced into cooperation. With no pushback, the government will simply continue taking whatever it can get. And what it can get has been unbelievably huge: you can find an almost infinite amount of video clips of Michael Hayden, former director of the NSA, telling any videocamera which will film him that "we need access to x,y,z, because without giving us access to x,y,z, you will cause another 9/11 to happen." Everybody has been buying it for 15 years and giving up everything they have, even when it is obviously untrue.

I agree with much of what else you posted, but I don't understand this line of reasoning:

so far, the only things that have changed are that Apple stopped agreeing to help,

If you think Apple shouldn't be forced to do this, how can the above be any justification for it? It doesn't matter what Apple's stance on this is so much as that they are not forced to comply and have chosen not to comply. Their prior stance on it doesn't really matter except in the case where their prior stance was a legal obligation, and even then, it shouldn't matter: they have every right to appeal.

There are a bunch of people out there flabbergasted by their refusal and open letter while simultaneously saying "we should have a conversation about this", but that's precisely what will happen because of the open letter and subsequent court hearings of the appeal. I'm REALLY glad Apple is standing up to this, even if it turns out to be wrong.

Comment Re:Right to Privacy (Score 3, Informative) 341

There are lots of vague deductions, but the Constitution is perfectly clear: it ensures the right of people to be secure in their persons, homes, papers, and effects. It is reasonable to suggest that transmitting data over the internet, trusting in its care to someone else, relieves one of that security, but it is not reasonable whatsoever to suggest that the person or entity you are entrusting it to does not also have the right to be secure in their papers and effects.

Ultimately it doesn't really matter how we define "privacy" culturally, because there is basically no definition under which you could argue that the data on your smartphone is not part of one of those four categories. It only begins to get interesting when you reach the point where someone has encrypted data, is served a valid warrant, and refuses to decrypt it.

Slashdot Top Deals

Somebody ought to cross ball point pens with coat hangers so that the pens will multiply instead of disappear.

Working...