Slashdot Mirror

Conspiracy bits aside, if the FBI found something, why would they demand he open the gates to more? Could they not simply prosecute him based on just what they have so far?

The most damning piece of evidence that they found are eMule log files listing what had, presumably, been downloaded. Downloaded file names include repeated and clear references to child pornography. It is hypothetically possible, of course, that the files actually contain Disney cartoons, so they can't convict based on filenames alone. On the other hand, at this point it sounds reasonable to ask him to show those files (which is presumably what's on the other disks) to prove or disprove that.

especially after reading: http://www.wired.com/politics/law/news/2007/07/fbi_spyware?currentPage=all

Seems like they'll stop at nothing to catch their man, even if it means turning us into a police state.

All of this information is in the initial filing, which wired posted here, including the fact that the government figured out partial patterns to his passwords. You should read the filing, though I warn you, you will want to retch by the end of it: http://www.wired.com/images_blogs/threatlevel/2013/04/fedswantdecryption.pdf

After reading the request, I am amazed that the judge issued the first ruling at all. The download logs clearly showed entries that graphically describe pedophilia being written to a secure disk. I think the agents freaked out a bit, and assumed the disks would self destruct (as far as I know, the maxtor disks don't in fact do so).

I know it's unpopular to say on slashdot, but the government has a job to do, and is doing it well.

Regardless of the circumstances, ordering someone to decrypt a hard drive should be against the 5th amendment. I look at this the same way as any other "evidence is in a very hard place to get" situation.

If I lock evidence in a locker or a house, the authorities are going to break my lock or break down the door. They can't order me to give them the key if the location of the key is unknown to them. If I have an electronic keypad, they can't order me to give them the passcode.

If I kill someone and, having decided that a "shallow grave" is likely going to get me caught, bury the body in a 1000ft grave (suppose I own a drilling company), they can't make me dig up that body. It is upon them to dig it up. If I weigh someone down and dump them in the ocean, they can't force me to tell them the exact latitude/longitude. They can gather evidence all day long through any legal means, but forcing someone to actively incriminate themselves has never been, and should not be, legal in the US.

The fact that we now have locks that are effectively unpickable and unbreakable is unfortunate for law enforcement, but that doesn't change the 5th amendment. There should be no exceptions. The nature of the crime or the amount of other evidence doesn't matter to the 5th amendment.

http://www.wired.com/design/2013/05/james-turrell/?viewall=true

Speaking of alternative game consoles.... Ouya http://www.wired.com/gamelife/2013/05/ouya-impressions/

This is quite possibly the most pointless blogspam ever. At least provide a link to a reputable outlet.

Did y'all know that the original spec for Ethernet was to be a wireless network???

One of the earliest networks allowing collisions and using collision detection was the ALOHA network, and that was wireless, but that also wasn't Ethernet. Are you thinking of ALOHAnet?

I can't find a copy of Metcalfe's "Alto Ethernet" memo, but this Wired article has a diagram from the memo that does include "radio ether" but also includes "cable ether" and "telephone ether".

Note that Google Authenticator does not generate the 'multi-factor' password after receiving the first password from the user.

The multi-factor password is streamed passed to the (pager, phone, etc.) every X seconds.

No it's not. Google Authenticator implements TOTP which depends only on having a reasonably accurate clock and a previously-agreed-upon shared secret from which the codes are generated.

When one uses Google Authenticator, one gets a shared secret from Google (which can be easily input in the form of a QR code, though one can manually input it as well) and adds it to the GA app. When one wishes to authenticate to a service (e.g. a Google Account or any other service that implements TOTP), the app uses the current time and the shared secret to compute the code for that 30 second time period. The service that the user is authenticating to also had the shared secret and computes the code for the same time period. They should match. If they don't, the service will usually calculate the codes in a time window surrounding the current time (e.g. +/- 2 minutes) in case the client's clock has drifted.

TOTP (and Google Authenticator) do not rely on network access at all -- you can use Google Authenticator as a TOTP code generator for other sites without having anything going through Google at all. For example, I have a TOTP hardware token that had the shared secret programmed by the factory (they don't keep any record of the secret, unlike RSA -- they print it on a piece of paper that comes with the token and that's it). I configured my various TOTP-enabled services (e.g. a secure website) with the shared secret and require the TOTP code during authentication. There's no dependence on outside services or network connections at all. Very handy.

SAP aren't the first to do this.

Thorkil Sonne at Specialisterne in Denmark has built a consultancy of autistics.

Actually SAP is cooperating with Specialisterne:
http://economictimes.indiatimes.com/news/news-by-industry/jobs/sap-to-work-with-specialisterne-to-employ-people-with-autism/articleshow/20210322.cms

No one uses WebM.

YouTube does. Wikipedia does. Wired Video does. Microsoft's Channel 9 does. Revision3 does. Et cetera and so on.

SAP aren't the first to do this.

Thorkil Sonne at Specialisterne in Denmark has built a consultancy of autistics.

You might sound convincing, but what you are describing is BS.

Hackers take aim at prison locks and other real-world targets
Vulnerability allows hackers to open prison doors, hiding activity from central command

Hacking Prisons - John Strauchs, Tiffany Rad, & Teague Newman
Researchers Say Vulnerabilities Could Let Hackers Spring Prisoners From Cells

Clearly, they're all full of shit too.

Electronic locks require voltage to unlock, which is not local to the door, especially in a prison.

The electronic locks run on magical sky energy. There is no voltage in those wires.

Also, this doesnt take into account the cameras, and doors that do not have card readers for egress. These doors require remote unlocking with visual verification.

Right, because there has never been a case of a system being thought of as so foolproof that it didn't need to be monitored. (Ominous look upwards) And what the hell is this "visual verification" you speak of? It sounds impressive, but it could mean "I had to look at the lock," in the same way I have to visually verify that my car's ignition and not just blindly stick the key wherever.

Microsoft did say that if a disc was used with a second account, that owner would be given the option to pay a fee and install the game from the disc, which would then mean that the new account would also own the game and could play it without the disc.

and simcity like "features"

Xbox One will give game developers the ability to create games that use Microsoft’s Azure cloud computing service, which means that they might be able to offload certain computing tasks to the cloud rather than process them on the Xbox One hardware itself. This would necessitate the game requiring a connection.

http://www.wired.com/gamelife/2013/05/xbox-one-analysis/

A) Call it what you want specifically targetting innocents is terrorism. What exactly excludes them from the general framework of "terrorist"? If the terrorist organization attacking is an international organization (read point B) why would the context simply be domestic terrorists? Also I don't think there IS a such thing as "typical" when you're talking about terrorist threats. Brown guy with black beard is statistically atypical.

They've all used entirely different tactics from each other. Timothy Mcveigh used an ANFO bomb, the boston bombers used an improvised pressure cooker "explosive," al-queda used planes. How about malware: http://www.wired.com/threatlevel/2009/04/put-nsa-in-char/

How about the beltway sniping incident? One would create a distraction, so the other could get a better shot. Not with bombs, but still the same principle. How about the daschal anthrax incident, or the molotov cocktails in 2000 at NYC?

The point is there IS NOT a "typical" terrorist. If they think of an idea, they think it will cause damage, and can execute it...they will. You can't simply "eliminate" a "smoke alarm bell" style attack because it would be atypical.

B) The terrorists you speak of attacking us domestically...do you know where the bulk of their victims are located? In their own countries.
C) Do you think that a sympathetic base doesn't exist for these terrorists as well? There are radical (also non-radical) muslims in all countries of the world. There are radicals in other aspects as well. Pro-life terrorists, environmental liberation groups, black power groups, anarchists, and people with agenda we wouldn't even imagine or think of. Maybe radical right-wing anti-obama rednecks? I'm somewhat conservative, but I can't think of the left-wing equivelant. The environmentalism terrorists I suppose.

That's not even touching on good ol' fashion crazy.

http://www.wired.com/dangerroom/2007/09/tiny-drone-ethe

Why does video on Slashdot require Flash? If Wired can achieve HTML5 video with WebM support (http://video.wired.com), why can't Slashdot?

http://www.wired.com/threatlevel/2012/05/google-nsa-secrecy-upheld/

http://arstechnica.com/business/2006/10/8105/

http://www.infowars.com/google-exposed-as-nsa-front/

http://epic.org/foia/epic_v_nsa_google.html

what happened to the Vesuvius?

Strongbox technically is very strong, without a doubt. But, being TOR based, it will be hard to use. Worse, a potential leaker not only must use their own computer (ideally a throwaway computer), but they can never have VISITED the Strongbox information page from work, because otherwise any leak to the New Yorker will be suspicious.

And Strongbox's information page drives Ghostery crazy! Not a good sign for a privacy tool.

Probably more important is general Operational Security, including burner phones and/or burner computers.

Julia Angwin has an excellent additional point: Physical mail (dropped in a random post-box with a bogus return address) is perhaps the best way for anonymous one-way communication. The USPS will record address information when asked by law enforcement, but (currently) doesn't record this on all mail. Thus there is no history and, even if there was, this can only be traced to the processing post office. Perhaps the best use of the mail is simply to send the reporter a burner phone preprogrammed so that the reporter can call your burner.

Each to their own http://www.wired.com/underwire/wp-content/gallery/images/PintGlass.jpg

She was part of a brony group in high school

I take it the op was a success then (brony = bro pony).

That isn't Sam. Caption from http://www.wired.com/threatlevel/2012/12/ff-john-mcafees-last-stand/all/ "McAfee’s girlfriend Amy Emshwiller, now 18."

http://pandodaily.files.wordpress.com/2013/02/sam-3.jpg?w=584&h=328 Is Samantha Vanegas from http://pandodaily.com/2013/02/23/we-go-on-a-double-date-with-john-mcafee-and-samantha-vanegas/

http://www.wired.com/gadgetlab/2010/09/segway-death/

Had Been. Is no more.

android is outselling iphone by a mile, but apparently android users are likely more mature than the trendy teenybopper isheep that stay glued to their imaster every second of the day, so i guess from a web app developer point of view it does make more sense to develop for ios. i wouldn't call ios users "mindshare" though... maybe "mindless".

http://www.wired.com/gadgetlab/2013/04/ios--android-usage/

Nothing in the summary links to the actual article in which the charges are noted as dismissed. Here's the relevant link: http://www.wired.com/threatlevel/2013/05/video-poker-hacking-dismissed/

The source of the problem on the Yorktown was that bad data was fed into an application running on one of the 16 computers on the LAN. The data contained a zero where it shouldn't have, and when the software attempted to divide by zero, a buffer overrun occurred -- crashing the entire network and causing the ship to lose control of its propulsion system.

Source: http://www.wired.com/science/discoveries/news/1998/07/13987

Jesus, this was barely a year ago:
The NSA is building the world's largest data center in Utah. They are expected to be able to store a lot of data there, some of it for up to 100 years.

Also they OBVIOUSLY don't store everything that flows across the Intertubes, that would be moronic. They use standard DPI techniques, and probably a bunch of classified fancy DPI techniques, to pick out the 0.1 to 1% most interesting traffic, and store that. Presumably they store records of who is communicating with whom at any given time, but they don't store entire copies of those pirated .mp3's you're downloading, because why bother? But presumably any individual IPs, e-mail addresses, domains, etc. that they have identified as "interesting" or "possible threats to national security" have a lot more detail stored about them. If you visit known bad-guy sites or fetch content that their heuristics suspect is more deserving of scrutiny for whatever reason, then expect all of that traffic to be stored and analyzed by automated algorithms.

This is just common sense, especially since after 9/11 they knew they could get away with it.
Don't you remember Bill Binney?
Don't you remember Thomas Drake?

And if 15-minute videos are too boring for you, watch this hilarious (and chilling) rap news video which is only 6 minutes.

...All without a single patriot in the government going public and blowing the lid off this

Thus far, we've had the same story from a number of whistleblowers:

Former NSA technical director William Binney.

Former house intelligence committee staffer Diane Roark

Former AT&T technician Mark Klein

At what point would you consider the lid blown?

Seriously, you mean a data center like this can't handle the traffic?

http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/

and the 5 million people (as of 2011) with security clearances aren't enough?

http://www.wired.com/threatlevel/2012/07/security-clearances-increasing/

and the NSA recruiting at Defcon and math colleges all around the country isn't happening?

http://www.federalnewsradio.com/411/2890348/NSA-hiring-reforms-serve-as-model-for-government

These guys have cash and are all of their activities are shielded under FISA and the National Security Act and State Secrets Privilege.

http://www.aclu.org/national-security/fix-fisa-end-warrantless-wiretapping

It's happening, it is a reality, and it is more than possible. Even with an inside whistle blower, the courts will not limit the power of the government to spy on us.

https://en.wikipedia.org/wiki/Room_641A

The only thing we really have going for us is the Catch-22 on the use of the data. If it is every used in a trial, chain of custody and 4th amendment issues likethe exclusionary rule will suppress the evidence since it was obtained without a warrant. The only thing that stands in the way of the NSA and fully implementing 1984 is the 4th amendment.

Seriously, you mean a data center like this can't handle the traffic?

http://www.wired.com/threatlevel/2012/03/ff_nsadatacenter/

and the 5 million people (as of 2011) with security clearances aren't enough?

http://www.wired.com/threatlevel/2012/07/security-clearances-increasing/

and the NSA recruiting at Defcon and math colleges all around the country isn't happening?

http://www.federalnewsradio.com/411/2890348/NSA-hiring-reforms-serve-as-model-for-government

These guys have cash and are all of their activities are shielded under FISA and the National Security Act and State Secrets Privilege.

http://www.aclu.org/national-security/fix-fisa-end-warrantless-wiretapping

It's happening, it is a reality, and it is more than possible. Even with an inside whistle blower, the courts will not limit the power of the government to spy on us.

https://en.wikipedia.org/wiki/Room_641A

The only thing we really have going for us is the Catch-22 on the use of the data. If it is every used in a trial, chain of custody and 4th amendment issues likethe exclusionary rule will suppress the evidence since it was obtained without a warrant. The only thing that stands in the way of the NSA and fully implementing 1984 is the 4th amendment.

Is that how hard up for "news" this site has gotten?

yeah, I thought it was interesting...the company is borderline criminal, almost certainly Republican-linked, and should have learned from Anon pwned that security company last year.

I don't read or comment at reddit.com, but in spite of its 'all AC all the time' quality I still visit the site. I checked out Obama's 'AMA' and a few odds and ends.

I did visit a few 'sub-reddits' (dumb name) once to get some design ideas and it helped but the comments were weeks apart.

Both reddit and 4chan and w/e else the kids use these days is worth noting on issues like free speech/Republitard legal trolling.

For a business in an actual free market reputation is everything, brand name is everything. The owners of the business know that the only thing that actually is worth something is their brand. If people know that a company has been in the market for years and it consistently puts out good reliable products, then people are more willing to accept that their next product is good and reliable.

It is EXTREMELY EASY to lose good faith with stupid business decisions.

Of-course governments don't give a shit if your private property is harmed, your business is harmed as long as governments can achieve their oppressive nefarious goals. The worst part is that by not cooperating you are putting yourself into the cross-hairs of the government thugs that are absolutely willing to pull the trigger. Of-course the smaller fish you are, the easier it is to punish you for not giving the government thugs what they want.

I can't believe most antivirus companies would turn a blind eye to the tools used by law enforcement agencies and national governments. They only do that if the malware is installed by someone _really_ important. Like Sony:

http://www.wired.com/politics/security/commentary/securitymatters/2005/11/69601?currentPage=all

Good point. Let us not forget that Nicaragua invaded Costa Rica and planted a flag a mile or two over the border a few years ago because of an error on Google Maps. http://www.wired.com/dangerroom/2010/11/google-maps-error-blamed-for-nicaraguan-invasion/

http://www.wired.com/gadgetlab/2012/12/oops-did-vice-just-give-away-john-mcafees-location-with-this-photo/

No way... By then, we'll have Time Crystals!

People's perceptions of how good they are at mental activities generally rely on complete ignorance about how the brain actually works. And they nearly always overestimate their own abilities.

For example, the fact that small changes in physical sensation can alter how you react to a stranger.

http://tierneylab.blogs.nytimes.com/2008/10/23/heart-warming-news-on-coffee/?ei=5070&emc=eta1

And then there's the MRI scans showing that decisions are largely made before we're aware of them:

http://www.wired.com/science/discoveries/news/2008/04/mind_decision

being utilized here:

Controversial Pesticide Linked to Bee Collapse
Citations: “Neonicotinoid Pesticide Reduces Bumble Bee Colony Growth and Queen Production.” By Penelope R. Whitehorn, Stephanie O’Connor, Felix L. Wackers, Dave Goulson. Science, Vol. 335 No. 6076, March 30, 2012.

Captcha: rainbow

Private companies are good at developing new products in established fields and using existing engineering and research practices (so long as they promise returns, which is another matter). They're usually the one who create the most recognizable products. But they simply don't do much in terms of fundamental research.

It's interesting that you mention Bell Labs. Their heyday was back when AT&T had a (government-granted) monopoly. They were able to focus on stuff which didn't belong to their core products of the day. Things have changed since then.

Alcatel-Lucent, the parent company of Bell Labs, is pulling out of basic science, material physics and semiconductor research and will instead be focusing on more immediately marketable areas such as networking, high-speed electronics, wireless, nanotechnology and software.

This has been in the works long, long before the crisis caused by the financial industry catastrophe of 2008.

So were the scientists at the chemical companies right or were the 3 million people who signed a petition right?

Or were the scientists claiming links between neonicotinoids and colony collapse disorder right?

As long as they don't break +word searches in the name of The Social(tm), I guess it's an improvement over Google.

Not in the USA.

Works may be moved back into copyright so sayeth SCOTUS.
http://www.wired.com/threatlevel/2012/01/scotus-re-copyright-decision/

Fritz Lang's Metropolis was one big one moved back into copyright by Congress.

One could argue that, but one would be talking out of one's ass in doing so.

I don't think the code signing is directly screwing Microsoft, but it's part of an element of 'customer hatred' that really shows the way they are going. We all know how development works. You choose to do one feature or another. Code signing the way Microsoft chose it, has almost no customer benefits and plenty of long term customer negatives in terms of reducing competition and your own freedom to fix your system when needed (even fixing the bottom layer of Windows is blocked). Almost certainly one of the key features which makes Android better was dropped to do this. For example maybe Gesture Typing - a bit like the Swype Nokia used to have on the N9 before it was cancelled.

Compare that to Google's "Data Liberation Front" features designed to let you export your data when you want to. This has very little direct benefit for Google, but the customer benefit is massive and comes at the point when you least expect it. Short term this looks stupid, but long term it means that users come to "trust" Google which is to Google's long term advantage as well.

Microsoft has a long history of choosing features like Active-X and directly executable email content which allow them to deliver proprietary control of your machine to themselves at the cost of problems (in those case security problems) for customers later. Customers may not know that they are being screwed now, but they remember that they were screwed before and are beginning to expect that. The Microsoft ban on GPL software in Windows Market place is an example. They don't like the software so they make the choice for you. The choice to have a fixed user interface around hubs, not allowing Apps to change things is another example - at the beginning it makes things more consistent; it makes it easier for them to sell you more similar devices; but later on it means you can never achieve the full power of a customized mobile device and is part of a whole attitude problem leading to continual app disappointment.

Simply put, code signing is a symptom of Microsoft's hatred of their own customers (just one of the first links to pop up searching for Mirosoft customer hatred. They look at their "ecosystem partners" as a bunch of suckers ready to be screwed when the chance comes up. That used to work in the old days when every tech company had to come round Redmond to get permission before doing a big new launch. Now it's just getting users and partners annoyed.

The NSA Is Building the Country’s Biggest Spy Center (Watch What You Say) nearby in Bluffdale Utah. There is no coincidence.........

This has been a fascinating phenomenon, and it's only going to evolve more as time goes on.

Crowdsourcing or witch hunt? Reddit, 4chan users try to ID Boston bomb suspects

Boston bombing: How internet detectives got it very wrong

'I didn't do anything!' High school track runner forced to deny involvement in Boston Marathon bombings after a picture of him and his coach is widely circulated

Social media as breaking-news feed: Worse information, faster

Worse information, faster -- this neatly sums it up, and I'm a huge proponent of social media and its benefits, including to government.

And for the record, no, the FBI wasn't seeking to "censor" anyone, and the "next logical step" (as I have seen asserted elsewhere) won't be to "shut down" internet or social media resources during major public emergencies; however, law enforcement agencies absolutely can request, once they have identified suspects via investigative and legal processes, that people focus on those instead of playing CSI: Internet.

Sadly, the echo chamber of the internet enables some people, in seemingly increasing numbers, to go a step further and choose to believe everything is automatically a "false flag" conspiracy with the stated perpetrators "framed"â¦..

The "wisdom of crowds" can be a misnomer.

This has been a fascinating phenomenon, and it's only going to evolve more as time goes on.

Crowdsourcing or witch hunt? Reddit, 4chan users try to ID Boston bomb suspects

Boston bombing: How internet detectives got it very wrong

'I didn't do anything!' High school track runner forced to deny involvement in Boston Marathon bombings after a picture of him and his coach is widely circulated

Social media as breaking-news feed: Worse information, faster

Worse information, faster -- this neatly sums it up, and I'm a huge proponent of social media and its benefits, including to government.

And for the record, no, the FBI wasn't seeking to "censor" anyone, and the "next logical step" (as I have seen asserted elsewhere) won't be to "shut down" internet or social media resources during major public emergencies; however, law enforcement agencies absolutely can request, once they have identified suspects via investigative and legal processes, that people focus on those instead of playing CSI: Internet.

Sadly, the echo chamber of the internet enables some people, in seemingly increasing numbers, to go a step further and choose to believe everything is automatically a "false flag" conspiracy with the stated perpetrators "framed"â¦..

The "wisdom of crowds" can be a misnomer.

Did you actually look at the patent you're referencing? Because I did before I made my last post. And what you'll see is that they made a claim for the ornamental design depicted in the series of diagrams they made. I.e. Something that looks just like those diagrams. So, while rounded corners are indeed an aspect of the claim, the design patent also includes the flat back and front, the curved surface that ties the front to the back, and the fact that the corners are all uniform in shape and circular rather than oval shaped.

While I agree with you on many points.

It is possible serverrooms are going to look very different in the coming years:

http://www.datacenterknowledge.com/archives/2013/01/22/silicon-photonics-the-data-center-at-light-speed/
http://www.wired.com/gadgetlab/2010/07/silicon-photonics-50-gbps/
http://www.opencompute.org/ocp-summit-iv-videos/

They were ordered to do this nearly two years ago. They're just barely getting to it because the court didn't say "when."
http://www.wired.com/threatlevel/2012/08/nude-scanner-order/