Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Comment Re:How does technology sanctions work with this? (Score 1) 74

Any hardware they buy in to think about expanding their ability to build a super computer comes with free NSA and GCHQ hardware added during shipping. e.g.
people may recall DEITYBOUNCE, IRONCHEF, MONTANA, BULLDOZER, KONGUR, NIGHTSTAND.
So it then becomes a race to buy in safe top end consumer kit and fill a hall or older super computers without attracting the FBI, CIA, MI6 while exporting.
Nothing allowed to be floating in the educational or consumer realm will really help.

Comment Re: Pierson's Puppeteers (Score 1) 591

The people on top of the pile now have every reason to preserve the status quo. Of course they want to discourage class warfare -even if they got to the pile by winning it in the past. The problem with class warfare is it never ends -you just end up replacing one set of overlords with another set. Hence why I said the only way to end it is to change the layout so the overlords have only barely more wealth and power than the underdogs - in that layout, they can't abuse their power because there isn't enough of it.
Even then, that state is not inherently stable and must be actively preserved.

Comment Re:Pierson's Puppeteers (Score 1) 591

Okay, move to the more modern world - pretty much since Greek times onward a key aspect of humanity has been that parents shared resources with their children allowing their children to achieve more than they had. This has been the basis of social mobility for most of recorded history. The only times it didn't happen was when class structures were rigidly enforced by law and upward mobility was effectively prevented by the force. Even that wasn't completely effective - in a very real sense the power of the nobility in Europe was broken when the merchants started making more money than them. They simply could not prevent it forever - and where they kept trying, it led to violent revolutions as people were desperate to uplift themselves and their children.

Our ancestors didn't just pass knowledge along, they passed resources along. As far back as the Mesopotamians they would build cities which their descendants would live in (for thousands of years) without having to rebuild them.

The pattern persists - and when the system makes it hard to ensure your children will have a better life than you - you have a recipe for revolution (the US should watch out - 30 years of Reaganomics is turning the US into a prime condition for such an event - the rise of Trump is in many ways the first stirrings of exactly that).

But in this case - we're not talking about conserving resources, we're just talking about not destroying the long-lived resources (like cities) which we've been inheriting for a very long time so our children won't have to rebuild them. It's a lot easier to expand a city over time than to build a new one.

Comment Re:SMS-Based? Dear Flipping ${GOD}... (Score 1) 28

I'm seriously asking here, because I don't understand the problem. It might be trivial to listen in on the text messages that are being sent and received by phones in your vicinity, but how is an attacker supposed to do that from, say, 2,000 miles away from where your phone is? Is the protocol really so broken that towers blast out every text message everywhere, and then rely on everyone's phones to ignore the ones they should not be listening to?

Your description is not far off. But for serious as you suggest it would still be useful if you take the vendors stated goals at face value.

The problem here is that vendors don't really give a shit about "enhancing" security they care about not being harassed constantly by customers contacting them and uttering those infamous words "I forgot my password". Managing password resets is costly with aggregate cost estimated to be in the billions / year.

What this means in the real world is rather than enhancing security the second factor is not additive.. It isn't what you know + what you have. It is what you know OR what you have.

Email has been used the same way for "verification" for decades... every system has an "I forgot" button you can press that enables you to reset your password or to send you an email with a verification code. Ditto for SMS.

Before you know it your email account gets hacked or you install an App and grant it permission to read/send SMS gets your identity uploads it to a criminal enterprise and your "2FA" buzzword laced second factor advertised as enhancing security becomes the reason you got owned.

There is no shortcut.. no quick fix... and no market based incentive for vendors to give a fuck.

Submission + - BleachBit stifles investigation of Hillary Clinton

ahziem writes: The IT team for presidential candidate Hillary Clinton used the open source cleaning software BleachBit to wipe systems "so even God couldn’t read them," according to South Carolina Rep. Trey Gowdy on Fox News. His comments on the "drastic cyber-measure" were in response to the question of whether emails on her private Microsoft Exchange Server were simply about "yoga and wedding plans."

Perhaps Clinton's team used an open source application because, unlike proprietary applications, it can be audited, like for backdoors. In response to the Edward Snowden leaks in 2013, privacy expert Bruce Schneier advised, "Closed-source software is easier for the NSA to backdoor than open-source software," in an article in which he stated he also uses BleachBit. Ironically, Schneier was writing to a non-governmental audience.

Comment Securing the core/network is a fools errand (Score 1) 25

Plans With Information Sharing and Analysis Organizations. Plans to incorporate relevant outputs from Information Sharing and Analysis Organizations (ISAOs) as elements of the licensee's security architecture. Plans should include comment on machine-to-machine threat information sharing, and any use of anticipated standards for ISAO-based information sharing.

Oh look CISA slipped into an omnibus and now the empty rhetoric about sharing being "voluntary" are revealed for what they are.

Slashdot Top Deals

The only problem with being a man of leisure is that you can never stop and take a rest.

Working...