Slashdot Mirror
Whom Must You Trust?
CowboyRobot writes: 'In ACM's Queue, Thomas Wadlow argues that "Whom you trust, what you trust them with, and how much you trust them are at the center of the Internet today." He gives a checklist of what to look for when evaluating any system for trustworthiness, chock full of fascinating historical examples. These include NASA opting for a simpler, but more reliable chip; the Terry Childs case; and even an 18th century "semaphore telegraph" that was a very early example of steganographic cryptography. From the article: "Detecting an anomaly is one thing, but following up on what you've detected is at least as important. In the early days of the Internet, Cliff Stoll, then a graduate student at Lawrence Berkeley Laboratories in California, noticed a 75-cent accounting error on some computer systems he was managing. Many would have ignored it, but it bothered him enough to track it down. That investigation led, step by step, to the discovery of an attacker named Markus Hess, who was arrested, tried, and convicted of espionage and selling information to the Soviet KGB."'
But I know what I've been up to...
if (it != oneThing) it = another;
Trust is a weakness.
The predicate comes first in this sentence?
Support my political activism on Patreon.
Who vs. Whom
This rule is compromised by an odd infatuation people have with whom -- and not for good reasons. At its worst, the use of whom becomes a form of one-upmanship some employ to appear sophisticated. The following is an example of the pseudo-sophisticated whom.
http://www.grammarbook.com/gra...
What do you want?
For all intensive purposes, "whom" is no longer a word. That begs the question, "who cares"?
Once it's gone, it's gone.
“He’s not deformed, he’s just drunk!”
TRUST NO ONE
Get free satoshi (Bitcoin) and Dogecoins
The headline indicates a necessity to trust anybody or any entity. There is no necessity to trust anyone. Least of all myself, because time plays tricks with me and I keep changing all the while.
If you keep throwing chairs, one day you'll break windows....
NOT NOBODY!
NOT NOHOW!
Chas - The one, the only.
THANK GOD!!!
imagine something like linkedin's 'how are you connected to this person' - except instead of 'we worked together' the edges are all of the form 'i trust this person to this extent.'
you take a bunch of statements of this form (node X trusts node Y with level 0.4), all signed by private keys. if you meet someone else, you can see all of the trust paths from you to them, to decide how much you trust them, and to what extent.
then, instead of having to personally know someone else personally, i can say 'there are 300 paths from me to this woman. 250 of them are strictly positive with trust levels over 0.7 which is my default threshold for comfort. all of the negative ones turn negative over two hops from me, and only three are intensely negative. i already had weak trust levels for intermediary nodes between myself and the negative inbound edges to her. she's fine, and i have more confidence in my negative assessment of those intermediary nodes.'
this could be huge. it would let us have more trust in strangers, and it would let us do things like this:
That's a great one, should be required reading for anyone into computer security. As far as "trust"? Trust NO one, not even yourself (@ times).
* Especially online - over the years, for example, I've been on forums (majorgeeks or its predecessor 3dFiles, where some dude posed as a woman, & TONS of "drooling geeks" fell for it (not myself of course, lol) - but "Lo & BEHOLD" - it turned up a guy! Another dude there was selling PC parts that were all busted, & the site owner + the affected ripped off parties sicked the law on them... that's just 1 site I've seen that happen at, there HAVE been others, with the EXACT same thing going on...
Of course, as I am SURE you all know (ala Barbara, not Barbie = TomHudson OR TrollingForHostsFiles = Zontar The Mindless) MANY here use "sockpuppets" to attack opponents, seemingly DIFFERENT PEOPLE but only fake accounts used to mod themselves up, & their opoonents down with etc. - et al...
Pretty sad - those are just 2 examples, literally HERE ON THIS FORUMS, where I caught those people doing what I just noted, red-handed, sockpuppeterring...
THAT has a cure: Allowing users to CONFRONT who downmodded them... of course, THAT will NEVER happen here... why?
Look who designed that system... it speaks WORLDS of THEIR OWN DECEITFUL NATURE & it allows "the way of the weasel" as I call it... sure, it MAY work out well for spurring debate & thus, posts + views, but it speaks worlds!
(How? Simply by not allowing you to confront a detractor etc. (pretty sad, but when you make software folks? Part of YOUR CHARACTER goes into it, & IT SHOWS, like it or not.... YOUR GHOST? It truly IS, in the machine...))
APK
P.S.=> Pretty sad I had to close it that way, but 1/2 a century of life's taught me that much @ least unfortunately... wish it didn't have to be that way, but "there 'tis": There's the way it OUGHT to be, & then, there's the way it really is... oh well! Gotta keep on, keeping on anyhow until we all go 6 ft. under is all...
... apk
I see that alot.
Arthur remained very worried.
"But can we trust him?" he said.
"Myself I'd trust him to the end of the Earth," said Ford.
"Oh yes," said Arthur, "and how far's that?"
"About twelve minutes away," said Ford, "come on, I need a drink."
systemd is Roko's Basilisk.
But one has to take precautions. And one does get surprised.
You don't invite the pizza guy into your house.
And since this crappy economy started, I have been doing my own car repairs and the things that mechanics have done really pisses me off.
Damage, shoddy repairs, and other things were done to my car.
I do not trust business. The profit motive makes people evil.
Seriously, if Bruce Schneier can't be trusted, who can?
I'm a good cook. I'm a fantastic eater. - Steven Brust
Anyone demanding my trust, automatically loses it. Same goes for respect.
Who do you serve, and who do you trust? - Galen
The Computer is your friend.
The linked article, which I did read, seems to have no thesis. It meanders from "C compilers can be subverted" to "see if people leave their purses out to judge if a neighborhood is safe". It is as if a high schooler had to write a paper on trust, and cut a paragraph out of each of the top 20 web search results.
It's been a quarter century since I chased down those hackers. Hard to think back that far: 2400 baud modems were rarities, BSD Unix was uncommon, and almost nobody had a pocket pager. As an astronomy postdoc (not a grad student), I ran a few Unix boxes at Lawrence Berkeley Labs. When the accounting system crashed, my reaction was curiosity: How come this isn't working? It's an attitude you get from physics -- when you don't understand something, it's a chance to do research. And oh, where it led...
Today, of course, everything's changed: Almost nobody has a pocket pager, 2400 baud modems are a rarity, and Berkeley Unix is, uh, uncommon. What started out as a weirdness hiding in our etc/passwd file has become a multi-billion dollar business. So many stories to tell ...
I've since tiptoed away from computer security; I now make Klein bottles and work alongside some amazing programmers at Newfield Wireless in Berkeley. Much fun debugging code and occasionally uncorking stories from when Unix was young.
Warm cheers to m'slashdot friends,
-Cliff
I'd like to say your book & your work (+ PERSISTENCE) were a REAL inspiration to me (big fan of yours, by the by): NOBODY would believe you in law enforcement (amazing) until you pointed out MILITARY INSTALLATION were being hit (iirc, it's been decades since I read your book "The Cuckoos Egg" -> http://it.slashdot.org/comment... & it set me on the path/road to getting into computing (well, along with RUSH2112 the album before it/around same time).
* Thank you Sir!
APK
P.S.=> You're an inspiration to us all & IF for anything? Making your point, & following thru on it + doing well... apk
ACM seems like a reputable publication so I was going in to it thinking I was about to read some interesting stuff, and then this happened:
Even the time of day can be exploited. In 2013 a network attack known as NTP Amplification used Network Time Protocol servers across the Internet in a distributed denial-of-service attack. By spoofing the IP address of a requester, an ever-larger stream of packets could be aimed at a target, swamping the target's ability to respond to TCP/IP requests.
lolwut. The time of day was not exploited, not even a little. The boneheaded "Feature" of having a command to recall a large chunk of data via unauthenticated UDP was exploited. They go on to explain a basic denial of service attack and finish it off by misusing a term as basic as TCP/IP (it doesn't matter what protocol you are using when you are the target of a DDOS, your pipe is blocked period). I will go ahead and stop reading now.
Learn to read - when Wladimir Palant of AdBlock did, after he emailed me 1st stating "hosts are a shitty solution", I asked him to show us that "Almost All Ads Blocked" (crippled by default's why) can do MORE than custom hosts files do, + that AdBlock can do it more efficiently?
HE OUTRIGHT RAN!
APK
P.S.=> So much for your "hero" (or is that YOU again, Wladimir?) - See, there's New Zealander ingenuity (pretty bad on CPU & RAM @4++gb extra in FireFox https://blog.mozilla.org/nneth...
THEN, there's AMERICAN INGENUITY (by "yours truly") & it outright BEATS THE HELL out of his blatantly INFERIOR handiwork (imagine that - all those "Open SORES" eyes couldn't outthink OR outprogram "little ole' me" doing MORE with FAR LESS, better) -> http://start64.com/index.php?o...
... apk
Using "the OLD" you'll certainly know about that works FAR better on more levels, more efficiently, than "the new" in browser addons & even shores up redirect deficiencies in security in DNS -> http://it.slashdot.org/comment...
APK
P.S.=> Thanks for the further inspiration, & I've done "pretty ok" via some of my personal "favorites":
----
Windows NT Magazine (now Windows IT Pro) April 1997 "BACK OFFICE PERFORMANCE" issue, page 61
(&, for work done for EEC Systems/SuperSpeed.com on PAID CONTRACT (writing portions of their SuperCache program increasing its performance by up to 40% via my work) albeit, for their SuperDisk & HOW TO APPLY IT, took them to a finalist position @ MS Tech Ed, two years in a row 2000-2002, in its HARDEST CATEGORY: SQLServer Performance Enhancement).
WINDOWS MAGAZINE, 1997, "Top Freeware & Shareware of the Year" issue page 210, #1/first entry in fact (my work is there)
PC-WELT FEB 1998 - page 84, again, my work is featured there
WINDOWS MAGAZINE, WINTER 1998 - page 92, insert section, MUST HAVE WARES, my work is again, there
PC-WELT FEB 1999 - page 83, again, my work is featured there
CHIP Magazine 7/99 - page 100, my work is there
GERMAN PC BOOK, Data Becker publisher "PC Aufrusten und Repairen" 2000, where my work is contained in it
HOT SHAREWARE Numero 46 issue, pg. 54 (PC ware mag from Spain), 2001 my work is there, first one featured, yet again!
Also, a British PC Mag in 2002 for many utilities I wrote, saw it @ BORDERS BOOKS but didn't buy it... by that point, I had moved onto other areas in this field besides coding only...
Being paid for an article that made me money over @ PCPitstop in 2008 for writing up a guide that has people showing NO VIRUSES/SPYWARES & other screwups, via following its point, such as THRONKA sees here -> http://www.xtremepccentral.com...
It's also been myself helping out UltraDefrag64 project (a 64-bit defragger for Windows), in showing them code for how to do Process Priority Control @ the GUI usermode/ring 3/rpl 3 level in their program (good one too), & being credited for it by their lead dev & his team... see here -> http://ultradefrag.sourceforge... or here http://sourceforge.net/tracker...
... apk
I generally don't trust anyone who says "Trust me".
Slow down, cowboy! It has been 4 hours since you last posted. You must wait another few hours.
ACM can go fuck themselves. They snail mail SPAM people.
wear do i edit hosts file on mah iphone? I don't wanna unlock it. I just want no ads when i read slashdot with my iphone. APK? wear on the iphone for the hosts file?
"Trust no one." :P
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
Why? Just because you f'd yourself running like a scared rabbit, Wladimir?? See subject-line, but your own bad coding & stupidity did you in, totally...
Yes - in fact??? Hey - you just KNOW that I've just GOTTA say it, now don't you???? Ah, but of COURSE you do:
THIS? This was just "too, Too, TOO EASY - just '2ez' & it always is...
APK
P.S.=> After all - it's ALL here in black & white truth -> http://it.slashdot.org/comment...
ALL THE DOWNMODS IN THE WORLD CAN'T HIDE IT & YOUR "REACTION" TO TRUTH (nothing hurts like it, does it) TELLS IT ALL...
(or should I forward the email to anyone asking? I can do that you know... wouldn't look TOO good for you, & it doesn't already considering your "ware" is a bloated memory hog + tears up CPU like mad too, lol!)... apk
Per my subject-line, a devtool like ADB & its 'pull' command will do.... check your devtools for IPhones I suppose!
For your reference: ADB = "Android Debugging Bridge"...
APK
P.S.=> Since MacOS X is BSD based, it has hosts - not sure on IPhone (never looked into it, but it's most likely there, ASSUMING (which I don't *like* doing) it's close enough to the BSD based MacOS X, which I suspect it MAY be)... &, there ya go! Good luck...
... apk
[To configure Android's DNS resolver], a devtool like ADB and its 'pull' command will do
But when I try to adb push a file back, I get an error "Read-only file system". Google apparently doesn't want end users to be able to specify whom to trust. Apparently I have to back everything up, wipe the device, and pray that everything restores properly before I'm allowed to edit system files.
Perhaps they changed things? Look into OTHER commands like chmod existing in the ADB commandset then, & good luck!
APK
P.S.=> All I know is, I did ADB 'pull' on my nephews phone (RIT graduate CSC/CIS/Info. Security) & HE WORKS @ APPLE no less now (odd that, considering he used ANDROID's forever, eh?) - we DID have to delete some files to make room for the HUGE hosts I put in there though - but the performance was better when we used a LESSER SIZED hosts than mine (2.5 million entries, 72mb size)... apk
That's probably PART of the reason why ANDROID's in the lead now as far as usership - free devtools per what you state.
APK
P.S.=> Nothing I can do about that though... but, it's most likely "doable" via what the original ac poster asked ('wear' one above) - unlocking it... apk
My nephew's ANDROID, afaik back then (2010 iirc) wasn't (but it's HIS phone, not mine - I just knew what had to be done)... & my hosts "way back then" wasn't 72mb as it is now currently (my bad for NOT specifying that earlier, details matter, but they're hazy for me now too), but more around 20-30mb maybe @ most? Not sure anymore.
I do however know we had to delete things like "Angry Birds" (was huge) to make room for it even @ that smaller size.
APK
P.S.=> I'm not sure anymore but I do KNOW we had to make storage room using ADB & also using the "pull" command from my Windows 7 PC + ADB to do it... worked pretty alright & BETTER with a more "optimized" (meaning current data only so it's MUCH smaller (& iirc, we only used hpHosts data - best one there is for hosts imo & experience, which is pretty vast here on THIS topic of hosts @ least), not decades of it like I have because of "FastFlux" botnets reusing hostnames over & over again via "bogus" hosting providers etc.)
... apk
Well, have fun blocking only on specific urls, basically every time something "unwanted" and "wanted" share a hostname.
OTOH, a hosts file does have it's own use, you can apply it easily enough for a WLAN, while filtering on http urls is way uglier, without running an application level proxy on your router, which again is far from trivial.
The APK link on the other hand looks a little bit like spam to me.
"Distrust and fear are the parents of security". Benjamin Franklin.
Before you answer who you trust, think about that.
In other words, with trust and lack of fear you have given up security. No answer the question of who you trust?
Isn't that the idea behind the European-type notary public? (as opposed to the US-type)
Hosts are better, by FAR, on multiple levels in efficiency + added speed, security, reliability, & anonymity:
APK Hosts File Engine 9.0++ 32/64-bit:
http://start64.com/index.php?o...
(Details of hosts' benefits enumerated in link)
Summary:
---
A. ) Hosts do more than AdBlock ("souled-out" 2 Google/Crippled by default) + Ghostery (Advertiser owned) - "Fox guards henhouse", or Request Policy -> http://yro.slashdot.org/commen...
B. ) Hosts add reliability vs. downed or redirected DNS + secure vs. known malicious domains too -> http://tech.slashdot.org/comme... w/ less added "moving parts" complexity + room 4 breakdown,
C. ) Hosts files yield more speed (blocks ads & hardcodes fav sites - faster than remote DNS), security (vs. malicious domains serving mal-content + block spam/phish & trackers), reliability (vs. downed or Kaminsky redirect vulnerable DNS, 99% = unpatched vs. it & worst @ ISP level + weak vs FastFlux + DynDNS botnets), & anonymity (vs. dns request logs + DNSBL's).
---
Hosts do more w/ less (1 file) @ a faster level (ring 0) vs redundant browser addons (slowing up slower ring 3 browsers) via filtering 4 the IP stack (coded in C, loads w/ OS, & 1st net resolver queried w\ 45++ yrs.of optimization).
* Addons are more complex + slowup browsers & in message passing (use a few concurrently - you'll see)
** Addons slowdown SLOWER usermode browsers layering on MORE - & bloating memory consumption too + hugely excessive CPU usage (4++gb extra in FireFox https://blog.mozilla.org/nneth...)
SO - Instead, I work w/ what you have in kernelmode, via hosts (A tightly integrated PART of the IP stack itself)
APK
P.S.=> "The premise is, quite simple: Take something designed by nature & reprogram it to make it work FOR the body, rather than against it..." - Dr. Alice Krippen "I AM LEGEND"
...apk
If something unwanted is on a particular domain, that entire domain is suspect and ought to be blocked until it is proven absolutely clean and free of malicious code threats. Apk's program's rated best of its kind by its hoster, a respected source in the security community (malwarebytes' hpHosts) too http://hosts-file.net/?s=Downl... and it's a far more efficient solution than adblock is tearing up 5gb of RAM and tons of CPU https://blog.mozilla.org/nneth... and hosts do far more than any single browser addon for more speed, security, reliability, and anonymity as well. Can't beat that.