Slashdot Mirror

What good would it have been to know the names of Timothy McVeigh, the Unabomber, or the DC snipers before they were arrested? Palestinian suicide bombers generally have no history of terrorism. The goal is here is to know someone's intentions, and their identity has very little to do with that.

http://www.schneier.com/essay-034.html

Right on. The DRM problem on a general-purpose computer is, from a security standpoint, completely impossible. If I have absolute control over my entire computer, and this is still possible today because systems like TCPA haven't been forced down everyone's throats, then any attempt by anyone to restrict what bits I can and cannot copy is doomed to failure. And once I have done it, I can publish my break to the world if I so desire. These people might as well go on rolling a huge boulder up a hill, only to have its weight defeat them just as they are approaching the top. The task of DRM is equally futile. The only way that has a snowball's chance in hell of success would be to ban the general-purpose computer entirely (e.g. a TCPA-based media console), and it is doubtful that they will ever succeed in making such a thing happen, especially as the ban would have to be international in scope and there are some places (e.g. China) that don't care a whit about these matters.

Right on. The DRM problem on a general-purpose computer is, from a security standpoint, completely impossible. If I have absolute control over my entire computer, and this is still possible today because systems like TCPA haven't been forced down everyone's throats, then any attempt by anyone to restrict what bits I can and cannot copy is doomed to failure. And once I have done it, I can publish my break to the world if I so desire. These people might as well go on rolling a huge boulder up a hill, only to have its weight defeat them just as they are approaching the top. The task of DRM is equally futile. The only way that has a snowball's chance in hell of success would be to ban the general-purpose computer entirely (e.g. a TCPA-based media console), and it is doubtful that they will ever succeed in making such a thing happen, especially as the ban would have to be international in scope and there are some places (e.g. China) that don't care a whit about these matters.

I remember in the weeks after 9/11, a reporter asked me: "How can we prevent this from ever happening again?" "That's easy," I said, "simply ground all the aircraft."

The truth is that we're not hopelessly bad at making security trade-offs.[...]There are several specific aspects of the security trade-off that can go wrong. For example:

      1. The severity of the risk.
      2. The probability of the risk.
      3. The magnitude of the costs.
      4. How effective the countermeasure is at mitigating the risk.
      5. How well disparate risks and costs can be compared.

The more your perception diverges with reality in any of these five aspects, the more your perceived trade-off won't match the actual trade-off.

Bruce has more at his website.
http://www.schneier.com/essay-155.html

As he says, we really should have two different words for the "feeling of security" and "security".

This is neat, but it's not exciting. I've written a smartcard proxy service that could also be used for evil. It works by capturing the client certificate request from a tls handshake, and sends the signed response to the server (some older web apps don't know how to use pkcs#11 libraries, which is what this is used for..it strips the client cert request out of the handshake so the client is none the wiser). I could rewrite my proxy to sign all kinds of data with the smartcard once the user gives the proxy his/her PIN...I could logon to banking sites and transfer money to me, buy stuff, essentially anything that the computer could do, and not inform the user.

I think Bruce Schneier's paper said it best. Sure the card is trustworthy, but when you're using any kind of smartcard, the card isn't the trust boundary. The card plus the computer (or pinpad in this case) that you're using it on is your trusted device conglomerate.

I think the real demonstration of this attack is that pinpads have vulnerabilities. Even that isn't earth-shattering. So does everything else where physical access is granted.

Which isn't to say that it isn't newsworthy (people should definitely be careful where they stick their card), but it does feed into idea #4 on the six dumbest ideas in computer security.

TrueCrypt is a great program but it might not be enough. I don't know what changes were made to Vista, but this entry on Bruce Schneier's weblog:

http://www.schneier.com/blog/archives/2007/01/choo sing_secure.html

talks about Forensic Toolkits and how they will go through your hard drive, sector by sector, because Windows "memory management leaves data all over the place in the normal course of operations".

It is an interesting article, and the comments are worth reading too.

Governor Deval Patrick told the Associated Press: "It's a hoax -- and it's not funny."

"It's almost too easy to be a terrorist these days," said Jennifer Mason, 26. "You stick a box on a corner and you can shut down a city."

Governor Deval Patrick told the Associated Press: "It's a hoax -- and it's not funny."

"It's almost too easy to be a terrorist these days," said Jennifer Mason, 26. "You stick a box on a corner and you can shut down a city."

Having just completed a Forensics bootcamp, I was frankly amazed at what the current state of the art practices are in password cracking.

Bruce Schneier had an interesting bit about this a few weeks ago...

Michael

I'm glad to see that happening. The way this bill was passed in the first place was just despicable. A national ID database would be costly, time consuming and mostly ineffective.

Bruce Schneier has a great write up about this very subject:

http://www.schneier.com/blog/archives/2007/01/real id_costs_an.html

Home security and website security are very different things:

• Homes can be attacked by anyone who is physically near them. Websites can be attacked by anyone on the Internet, regardless of physical distance.
• Attacking a home requires physical presence, and is therefore risky for the attacker, who may be caught in the process. Websites can be attacked from a remote location, anonymously, with a much smaller risk of being caught.
• Attacking a home causes damage. Attacking a website may (but will not necessarily) cause damage.
• Attacking a home can put people's lives at risk. Attacking a website will not unless the people in charge of the website are grossly negligent.
• Homes cannot be designed to be attack-proof, since cutting tools and explosives are cheap. Websites can be designed to be attack-proof, since a computer will only do what it's programmed to do.
• Homes are (usually) not open to the public. Websites are.

None of that necessarily excuses what this guy did, but computer security is different from home security, and needs to be looked at separately.

You have some fundamental misconceptions about computer security. Read this.

See Bruce Schneier's comments on "security theater"
http://www.schneier.com/crypto-gram-0608.html

Bluetooth might be designed as a short range communications protocol, but that doesn't mean it can't be used over longer distances..... Very similar to the pringles directional antenna boost people use to hook into 802.11 networks from afar.

I'm sure few people here actually read this. I can hardly blame you -- it's long, and it's mostly just bland generalities, with the details both rare and disappointing.

There's nothing new in the speech. She talks a lot about data breaches. Those are devastating, sure, but they're hardly an "issue." Being against data breaches offends no constituency (who *isn't* against them?) -- it's like being "tough on crime." She seems to be against a lot of things that nobody is for.

However, she spends very little time on what most of us think of when we talk about "privacy" -- that is, the government's prohibition, under the fourth amendment, against searching us without probable cause, and without a warrant. In fact, she comes to the conclusion that the warrantless searches the Bush administration are doing are probably fine. She believes in the same odious calculation that defines rights and security as mutually exclusive constraints, that have to be "balanced."

Rather, she only takes Bush to task for not letting congress in on the action. That is, had only Bush asked congress for "authorization" -- which would surely have been forthcoming -- everything would have been okay. "Let is in on the action," she seems to say, "and we'll make sure you get the warrants so your policies will be easier to sell to the masses." Instead of real criticism of a policy that's both illegal and that actually makes us less safe, we get criticism over tactics, and parochial self-interest.

The title and blurb for this are completely misleading.

Schneier proposed such a competition in March 2005: http://www.schneier.com/crypto-gram-0503.html#1

PC World commented on the issue in 2005
Also Bruce Schneier wrote about it back then.

I guess it takes a while for the US government and Microsoft, et al to take action on the news.

For the average Internet user, this news is not a cause for panic. No one is going to be breaking digital signatures or reading encrypted messages anytime soon. The electronic world is no less secure after these announcements than it was before.

How you got modded insightful is beyond me. This shit is real, very real, not just some propaganda from the Chinese. The attack on MD5 has been demonstrated by generating a couple of forged X.509 certificates based on the MD5 hash. It has long been suspected that MD5 harbored significant weaknesses, but it was confirmed in 2005 when Wang and her team demonstrated in a 2005 paper (warning PDF link) that it is possible to generate MD5 collisions with only about 2^39 hash computations (approx. 500 billion), a level of computational work which is doable in a matter of a few days even on the computer which I am using to type this post, and a very long way from the 2^64 computations required by a brute force attack. MD5 is well and truly broken, and not just in the academic sense, and anyone who says that the break doesn't affect the vast majority of its uses is either hopelessly uninformed or willfully ignorant. Checksums and digital signatures based on MD5 are now all suspect, and the only major application of the algorithm that remains unaffected is its use as a message authentication code, and the fact that the algorithm shown significant weakness in so many other areas should make anyone think twice before using it even for that. The biggest names in cryptography have been watching her work and that of her team with the keenest of interest, and there was an announcement (also here) that SHA-1 collisions could be found in 2^63 operations, which, while not feasible on my humble little PC, is within the realm of feasibility of today's fastest supercomputers and distributed computation clusters. Meaning that the NSA could probably generate SHA-1 collisions if they wanted to. Her most recent peer-reviewed paper on the subject gave a work factor of 2^69 for generating collisions, which while quite high, is quite a ways from the 2^80 required by true brute force, and that would make any serious cryptographer worried about using the algorithm.

Er, it's true dude. http://www.schneier.com/blog/archives/2005/02/sha1 _broken.html

Not the end of the world, but time to go for SHA-256 or better for new software and protocols.

"According to a Beijing digest, this SHA-1 encryption includes the world's gold standard Message-Digest algorithm 5 (MD5)."

Where do I start? SHA-1 stands for 'Secure Hash Algorithm 1' and is not an encryption scheme. Neither does it include MD5 which is a completely different hash (or message digest) algorithm.

See Schneier - http://www.schneier.com/blog/archives/2005/02/sha1 _broken.html and http://www.schneier.com/blog/archives/2005/02/cryp tanalysis_o.html for actual coverage of the break. "They can find collisions in SHA-1 in 2**69 calculations, about 2,000 times faster than brute force. Right now, that is just on the far edge of feasibility with current technology. Two comparable massive computations illustrate that point." That's down from 2**80, so it's a concern, but not exactly the end of the world.

New apps being written should probably be using SHA-256 (256 bits) rather than with SHA1 (160 bits only).

"According to a Beijing digest, this SHA-1 encryption includes the world's gold standard Message-Digest algorithm 5 (MD5)."

Where do I start? SHA-1 stands for 'Secure Hash Algorithm 1' and is not an encryption scheme. Neither does it include MD5 which is a completely different hash (or message digest) algorithm.

See Schneier - http://www.schneier.com/blog/archives/2005/02/sha1 _broken.html and http://www.schneier.com/blog/archives/2005/02/cryp tanalysis_o.html for actual coverage of the break. "They can find collisions in SHA-1 in 2**69 calculations, about 2,000 times faster than brute force. Right now, that is just on the far edge of feasibility with current technology. Two comparable massive computations illustrate that point." That's down from 2**80, so it's a concern, but not exactly the end of the world.

New apps being written should probably be using SHA-256 (256 bits) rather than with SHA1 (160 bits only).

1) Hashing IS encryption. It is one-way encryption where the length of the ciphertext is much shorter than the length of the plaintext. It is used for message integrity and digital signatures of private key+plaintext. "Collision" is an inherent weakness of hashes due to the much shorter ciphertext to plaintext ratio.

2) MD5 was "cracked", by changing as few as 24 bytes of a 1k packet. The technique is the same as cracking CRC32 by changing just 4 bytes of a packet. Example: http://www.x-ways.net/md5collision.html

3) This is all old news, reported in Jan 2005 and discussed at length at: http://www.schneier.com/blog/archives/2005/02/sha1 _broken.html

End of the day, message integrity can be compromised which makes this a big deal, of much more concern than cracked passwords.

While the article is pretty much useless, there may be something to the overall point. I mean, it's not as though anyone can expect your average newspaper reporter, much less a Chinese state run paper reporter, to know much about the subject of encryption/hashing/etc..., so I think it's useful to look past the obvious errors in the article, and talk about what the underlying story actually is. _IF_ this is a new report of a collision in SHA-1, that wouldn't be surprising. Prof. Wang and her team have been responsible for discovering more than a few attacks against SHA and MD5 ( http://www.schneier.com/blog/archives/2005/02/sha1 _broken.html ), so it's possible that she discovered a method of causing a collision in full SHA-1 in even less than the 2^63 operations that had previously been the max. This article could just be poorly reporting that. Or it could be 2 years behind the times. Either way, MD5, SHA-0 and SHA-1 have been known to have collision issues for a while now. At least in my own applications, I've moved on to using SHA-512 (a SHA-2 variant with a larger block size and 512 bit output), and as far as I know, there've been no reports of a collision attack against it.

For the average Internet user, this news is not a cause for panic. No one is going to be breaking digital signatures or reading encrypted messages anytime soon. The electronic world is no less secure after these announcements than it was before.

A short note about the attack has been available for a couple of years as well. The note shows collisions for two different reduced versions of SHA-1.

Though it's not absolutely certain, my guess is that the reality behind the new announcement is that they've actually found a collision for the full version of SHA-1, and possibly for MD-5 as well. OTOH, maybe the mention of MD-5 is just a journalist's hashed (no pun intended) version of the fact that SHA-1 is based closely enough on MD-5 that an algorithm that's successful against SHA-1 will probably be effective with respect to MD-5 as well.

An absolute waste of money. The only thing it's good for is making defense contractors richer.

At least one security expert agrees:

• Schneier on Security: Airplane Defense Security Trade-Off
• Schneier on Security: Anti-Missile Defenses for Commercial Aircraft
• Schneier on Security: Airline Security, Trade-offs, and Agenda
• Schneier on Security: Anti-Missile Defenses for Passenger Aircraft

An absolute waste of money. The only thing it's good for is making defense contractors richer.

At least one security expert agrees:

• Schneier on Security: Airplane Defense Security Trade-Off
• Schneier on Security: Anti-Missile Defenses for Commercial Aircraft
• Schneier on Security: Airline Security, Trade-offs, and Agenda
• Schneier on Security: Anti-Missile Defenses for Passenger Aircraft

An absolute waste of money. The only thing it's good for is making defense contractors richer.

At least one security expert agrees:

• Schneier on Security: Airplane Defense Security Trade-Off
• Schneier on Security: Anti-Missile Defenses for Commercial Aircraft
• Schneier on Security: Airline Security, Trade-offs, and Agenda
• Schneier on Security: Anti-Missile Defenses for Passenger Aircraft

An absolute waste of money. The only thing it's good for is making defense contractors richer.

At least one security expert agrees:

• Schneier on Security: Airplane Defense Security Trade-Off
• Schneier on Security: Anti-Missile Defenses for Commercial Aircraft
• Schneier on Security: Airline Security, Trade-offs, and Agenda
• Schneier on Security: Anti-Missile Defenses for Passenger Aircraft

You may be interested to know that Schneier devoted a blog entry to linking to this description:

http://www.schneier.com/blog/archives/2007/01/secu rity_theate.html

From the horse mouth:

http://www.schneier.com/blog/archives/2006/11/figh ting_fraudu.html

My CU implemented a system whereby I now have two passwords. I guess they are probably following the law, but I'm not safer from anything now, especially since they put some text by the second password telling me what it is about. One of the better comments from the Schneier post points out that two factor authentication isn't worth much if they both use the same channel. Another goes ahead and calls it multiple single factor.

One of the better solutions is to require a phone call(ooh, another channel) for 'high risk' transactions. There are problems with that, but at least it adds some security. Fobs and scratch cards are decent too, but they are susceptible to man in the middle attacks(or whatever you want to call them, they just make phisher more sophisticated).

A few years ago I was ready to believe the NSA recognized we're all safer with more secure general-purpose computers and networks, but in the post-9/11 take-the-gloves-off eavesdrop-on-everybody environment, I simply don't trust the NSA to do the right thing.

A few years ago I was ready to believe the NSA recognized we're all safer with more secure general-purpose computers and networks, but in the post-9/11 take-the-gloves-off eavesdrop-on-everybody environment, I simply don't trust the NSA to do the right thing.

You can fly without ID. You could when Gilmore's case started, and you still can now. In fact, here's how. In fact, Gilmore's own site tells you how, in the form of the court decision specifically authorizing it.

The exact wording:

The identification policy requires airline passengers to present identification to airline personnel before boarding or be subjected to a search that is more exacting than the routine search that passengers who present identification encounter.

The very page describing the case says that he would have been allowed to travel at SFO without ID if he submitted to a search. That alone devastates the "secret ID law" claim, as allowing him to fly without ID, search or not, would have been in violation of that law.

First of all, his primary question is: Do citizens currently need to show ID in order to travel in their own country?

The answer is a resounding "no". He is free to travel by foot, bike, motorcycle, car, boat, or other device himself while not violating applicable pedestrian or traffic laws, or by bus or train, entirely anonymously.

Further, in his quest to "expose" this situation, he found at one of the largest airports in the country, San Francisco International Airport, that he WAS indeed allowed to fly without ID (if he submitted to a search).

Claims variously made by privacy advocates assert that showing ID is worthless; that the September 11 hijackers all had valid, government issued photo ID. Sure they did. But some form of identification, fake or not, gives authorities a place to start in an investigation, rather than nothing at all.

But please, even in light of that, remember: he WAS allowed to fly with no ID at SFO, and chose not to. I expect that he thought he'd find he would be denied everywhere, but then still chose not to fly at SFO simply because he didn't want to be searched and so it wouldn't stop his little "Achtung! Papers, please!" stunt before it started. That's his choice. And if you'd argue against a search, then you might as well argue against ALL security measures at airports.

There are some discrepancies here, most likely because of lack of communication or lack of proper specific words used to define things. First, TSA directives are secret. But they're not "laws". That's why they're called security "directives". These directives instruct the airlines and airports in terms of how to handle security; they're not arbitrary requirements that passengers must submit to or know about ahead of time: they are guidelines and directives for the handling of security issues, some routine and some special or time-specific, within airport and airline processes. That's the TSA's job. And didn't some call for the federalization of airport security?

I'm glad he's asking these questions, but I wish he'd be less sensationalistic and tinfoil-hat about it - especially since his primary claim is that he can't travel anonymously, which is not only tremendously wrong considering there are so many other public and private means to travel with no ID, but also because he would indeed have been able to fly with no ID.

Yes, all the 9/11 hijackers had valid IDs. So what? The ID requirement doesn't pretend to "prevent" issues; it's simply a place to start for investigators AFTER an incident, regardless of whether the IDs were real or fake...enabling investigators to get a list of names (again, real or not), issuing agencies for the IDs, and sometimes even pictures (which are many times real, even if the ID itself is fake). This information could be critical to an investigation when other lives may be at stake.

But, in any event, he already found he could travel by plane, without ID.

Okay, a few people have responded by saying something along the lines of, "Yes, but the issue is one of being able to tamper with the device this way." Yeah, true...so what? That's an issue for anything. Hell, ATM's are being tampered with like that, and they're both more mature (the bloody things have been evolving for decades) and secure. Add to that the fact that, unlike an ATM, chip and pin devices need to be cheap to be practical, and I don't see how this can be avoided, no matter what. Leave a device in the hands of an attacker, and the device can no longer be trusted, this is not news.

So, what then...don't do chip and pin, right? Uh...has anyone thought about how the vulnerability we're talking about here ALSO applies to...normal credit card readers? And last I saw, the sky wasn't falling, and credit card/debit card payments were rather widespread, to the benefit of consumers, retailers, and financial institutions (like credit card companies and banks). So, under this threat model, life goes on, and the cost of the threat is vastly overcome by the value of the method of payment. And I don't see why it wouldn't be with chip and pin, too.

By "population" I am referring to an entire nation or region, not flyers. The later being a far more manageable group.

Right, because the billion or so air passengers per year in the USA alone makes the candidate pool sooo much smaller.

Put up or shut up - show us something beyond politician's speeches and press releases and or admit you are just speculating. This guy was a member for the IT working group for the Secure Flight program and what he says contradicts your claims.

"I worked on an advertising project that involved tracking your preferences which pulled information from your profile .. We didn't pass your information on to other firms unless it was noted in our privacy contract" I don't want people tracking my preferences, not for any nefarious purpose, it's just none of your business. Even so see what happened to this Fireman, er .. gender neutral/fighter when he bought something with his Store Card.

"Philip Scott Lyons .. was arrested last August and charged with attempted arson .. Police investigators had discovered that his Club Card was used to buy fire starters of the same type used in the arson attempt.

"All charges were dropped against him in January 2005 because another person stepped forward saying he set the fire and not Lyons. Lyons is now back at work after more than 5 months of being on administrative leave from his firefighter job"

Funny that, a firefighter having to buy firelighters, er .. fire starters. Wouldn't he know how to start a fire using common household items.

Re:Nothing to see here, move along..... (Score:1)

As far as I know it boils down to this:

Windows XP
DRM is implemented in individual applications such as iTunes. No fundamental support for DRM. You don't need to use DRM even if you use applications that potentially support DRM (again, such as iTunes).

Mac OS X
DRM is implemented in individual applications such as iTunes. No fundamental support for DRM. You don't need to use DRM even if you use applications that potentially support DRM (again, such as iTunes).

Linux
Kernel-level support for TPM.

Vista
DRM is a fundamental part of Vista. You can't get around it.

These activities are available to you without problems on Windows

That won't be true anymore with Vista

Geez, your post reads like you were just making it up as you went along, yet it got modded 5. Fascintaing.

1. While some Intel Macs had TPM hardware, it was never used, not even for making sure Mac OS X ran on a Mac. More recent Macs don't even include it anymore (much to the chagrin of some people who actually did make use of it)
2. Unlike Mac OS X, Linux does include drivers for TPM by default
3. If Apple's DRM is so draconian, how come it's the most lenient out there?
4. Nothing that Apple has ever done can't compare to what MS is doing. I mean, even remotely. It's not only not the same league, it's not even the same sports they're playing. Sorry, but MS very much is leading this charge.

I don't think you understand just how much DRM there is in Vista. Read this and weep.

Apple simply can't compare with this.

1. Apple doens't use the TPM hardware. Unlike Mac OS X, Linux actually does include drivers for this hardware, as far as I know (Quote Linus: "A lot of commercial companies want to do some really bad things with DRM. So people dislike DRM and want to make it harder to do. But the silly thing is that DRM really is just technology, and like most everything else, the badness comes not from the technology, but from what you use it for. There are actually valid uses of the exact-same technology, even if it ends up being called something different ("privacy rights," "security," what-not)."
2. Apple uses DRM in the iTunes store, but that DRM is relatively lenient, compared to what Microsoft allows for.

This simply doesn't compare to what Microsoft is doing.

So what are you going to do? Write your own OS?

We read it here first.

While there is that problem, and related problems, most everyone in the western world (covers me and my family) have mobile devices whether that is a phone, pda, or pager. These devices can be registered with the service in question as the place to send the token for 2nd factor authentication.

Even assuming that you can set up your laptop or PDA to be "the device" as you seem to suggest, you still have to register with multiple services, most likely loading (potentially conflicting) software for each, with all the problems that entails.

Unless and until the technique is standardized (an institution can recognize physical devices from multiple device providers, or can interoperate with one or more programs provided by security vendors), I don't think we will see widespread adoption. Even then, it can be compromised without much effort. See this link http://www.schneier.com/blog/archives/2005/03/the_ failure_of.html/ for a discussion on how easily this can be accomplished

In this case, he would have been better off just telling people it could be done IMO.

CSO Online told people about it in February 2006. Slate told people about it in February 2005. Senator Schumer told people about it in February 2005. Security expert Bruce Schneier told people about it in August 2003.

We're more than a little beyond "telling people" being productive.

Worse, apparently a proof of concept isn't enough. The TSA is busy trying to presecute the messenger, but they still haven't fixed the core problem. I'd sadly forced to conclude that the TSA will not fix a real threat to airline security until terrorists successfully exploit that threat. While honest people are stuck measuring their shampoo out of fear of a deeply implausible liquid-bomb threat, anyone with access to a printer and a reasonably plausible state ID can get into the "sterile" area of the airport. (I find it darkly humorous that the boarding pass vulnerability makes the cost of getting 30 ounces of liquid explosives onto a plane just 10 fake boarding passes for almost no cost and 10 evil conspirators.)

He crossed the line from researcher to (potentially) criminal when he published a tool on the web that had no other purpose than to make it possible for others to circumvent security.

The purpose was to shame the TAA into fixing a problem which was widely known and publicized: August 2003 by security expert Bruce Schneier, February 2005 in Slate , February 2005 press release by a US Senator, February 2006 article in CSO Online . The TSA has been ignoring the problem for over three years. Bad guys have known about the attack for at least three years, possibly longer. For all we know bad guys are using it right now; we have no way of knowing. Even without Soghoian's program, it was really, really trivial to exploit; all you need is a very basic understanding of HTML, enough to change one name to another, to execute the attack Schneier described in 2003. The media has been letting the TSA continue to ignore this. If Soghoian had simply published a "I can make fake boarding passes and get into the "sterile" area of an airport he would have gotten an article or two and nothing would have changed. By providing a working exploit things just became that much harder for the TSA. News coverage exploded. Finally something will happen.

The TSA has proven itself grossly incompetant. There is little to no oversight and zero public accountability. Drastic measures were necessary, as rational measures have clearly failed. The really sad thing is even in the face of such a drastic failure, they're not fixing the core problem.