Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Comment Re:20 years on a plea... (Score 1) 39

I was thinking from the Fed's perspective, they were essentially partners, so they wanted a similar sentence. I can understand that and also their desire to make an example out of them.

That's not to say I agree, I don't believe the DoJ should be in the business of making an example out individuals. And I don't necessarily agree with either sentence. The US has some often draconian (or inconsistent) sentencing in general.

Comment Re:20 years on a plea... (Score 3, Insightful) 39

If I'm not mistaken, Ross Ulbricht was offered a plea deal for a mere ten years and instead went to trial. Getting a 20 year maximum on a plea, especially for a 62-year old, is draconian.

I get the arguments that Ross Ulbricht contracted murder-for-hire (which turned out to be DEA agents snaring a trap, no one was actually killed) so he deserves it, but what did Variety Jones do that brings him to the level of mafiosos and hitmen?

I think it seems justified given from Ulnricht's journal, Clark was his most important advisor on almost every aspect of the Silk Road including:

"Clark was pivotal in key moments of the the Silk Road’s history—including a particularly dark incident when he and Ulbricht resorted to violence, which loomed large in Clark’s sentencing. Clark played a crucial role in convincing Ulbricht that it was necessary to commission the murder of one of his employees who he believed had betrayed him and stolen bitcoins from the market. “At what point in time do we decide we’ve had enough of someones shit and terminate them?” Clark wrote to Ulbricht at one point following the discovery of the theft, as recorded in chat logs that were recovered from Ulbricht's computer after his arrest. “We’re playing with big money with serious people, and that’s the world they live in.

After Ulbricht agreed to have the staffer killed—in a bizarre turn, his death was instead faked by US federal agents investigating the Silk Road— Clark told Ulbricht that he had made the right move. "If you had balked, I would have seriously re-considered our relationship," he wrote. “We’re playing for keeps, this just drives it home. I’m perfectly comfortable with the decision, and I’ll sleep like a lamb tonight, and every night hereafter.”"

Comment Re:Lessons Learned (Score 1) 130

Actually, the lesson learned is to use encryption, not zip passwords.

The zip protocol he was using does use AES encryption for the contents of the files in the zip using a hash of the password as a key; however, Microsoft is attempting to decrypt them using the tokens identified in the email contents, file name, etc as well as a list of commonly used passwords. His simple password 'infected' was among those tokens, so the zip files were decrypted, unzipped, and scanned.. then deleted when the malware was identified.

OK, so I retract this, it's not clear the researcher was using a zip archiver that has this capability even though they are easily available or that Microsoft scanning technique can decrypt AES encrypted file, though if they did, the technique they are using could still allow them to scan the files.

Comment Re:Lessons Learned (Score 2) 130

Actually, the lesson learned is to use encryption, not zip passwords.

The zip protocol he was using does use AES encryption for the contents of the files in the zip using a hash of the password as a key; however, Microsoft is attempting to decrypt them using the tokens identified in the email contents, file name, etc as well as a list of commonly used passwords. His simple password 'infected' was among those tokens, so the zip files were decrypted, unzipped, and scanned.. then deleted when the malware was identified.

Comment Very nice nerd (Score 4, Interesting) 21

A couple decades ago when I was an undergrad and a research assistant, the director of the lab I worked in knew Vint Cerf from the ARPAnet days. I ended up visiting his house in McClean, VA and helping him with tech support. It was basic stuff like setting up wireless access point, printers, and other things. It wasn't that he didn't know how to do it, but he was busy working on other things.

I remember he was very nice and liked to talk about the underlying protocols with a bit of glee in describing them. I didn't know then that I would go on to get a phd many years later and gain a much more in depth understanding of his work, and a lot of the work that came later built on it.

He also asked me to help a disabled friend with some computer issues in her DC condo once.
He paid very well for that help, and for my broken car window from when my car was broken into helping the friend in DC (grrr).

Comment Re:Convieniently (Score 2) 27

It's not mentioned *anywhere* in that article that it was the Obama Justice Dept. that threatened him with that grossly disproportional sentence.

... as if it would have happened any differently under a Trump, Biden, or some other administration's Department of "Justice."

They often throw everything at you* to try to force a plea.

* Some exclusions apply depending on levels of affluence

Comment Re:I smell a setup... (Score 5, Informative) 50

Not credible that someone with his knowledge & skills who worked for the CIA just had this lying around unencrypted

But it was encrypted... Not only was it encrypted, it was stored inside of an encrypted virtual machine, but also inside of an encrypted volume inside of the VM. The CP was then apparently neatly organized by preference in a series of folders in the encrypted volume.

However, all of that encryption didn't count for much when he had terrible operational security... he stored all of his passwords on his phone unencrypted, which he gave to them unlocked. doh.

The New Yorker has a decent article about him and the whole case.

Comment Re:This is interesting (Score 1) 106

Unique is ambiguous in this context. It could simply mean unique to him and unlikely to be used by others (not necessarily exclusive to one site). If the dataset of FB passwords was posted somewhere, I think it would be noticed pretty quickly and incorporated into HIBP, though it's not impossible that it's out there.

Comment Re:This is interesting (Score 4, Informative) 106

These are pretty common these days. It could be facebook, but more likely one of hundreds of other breaches (if you used the same password on another site) when the data gets posted to pastes on the net or "darknet."

If you're not already doing it, you should check have i been pwned using common usernames/email addresses you've used to see all of the ways your info has been compromised.

You can sign up to get notified if your info shows up in future breaches.

Comment Re:I don't get it (Score 1) 44

A blockchain ledger relies on their being lots of nodes to maintain the ledger along with a mechanism to produce consensus. I think their idea is to produce something that could be used across all sorts of other "sharing economy" services and not just AirBnB. That is kind of the only way the idea would work using blockchains as AirBnB shouldn't control all of the nodes. I don't think the point is to avoid bad reviews, but to establish some level of trust in the source of the reviews. I'm largely speculating because the article doesn't have much detail.

Slashdot Top Deals

You may call me by my name, Wirth, or by my value, Worth. - Nicklaus Wirth

Working...