Slashdot Mirror
NSA Says They Have VPNs In a 'Vulcan Death Grip'
An anonymous reader sends this quote from Ars Technica:
The National Security Agency's Office of Target Pursuit (OTP) maintains a team of engineers dedicated to cracking the encrypted traffic of virtual private networks (VPNs) and has developed tools that could potentially uncloak the traffic in the majority of VPNs used to secure traffic passing over the Internet today, according to documents published this week by the German news magazine Der Speigel. A slide deck from a presentation by a member of OTP's VPN Exploitation Team, dated September 13, 2010, details the process the NSA used at that time to attack VPNs—including tools with names drawn from Star Trek and other bits of popular culture.
I'm pretty sure the NSA has technology to use foreign IPs. Just block all traffic by slicing all cables.
Right. Because the NSA doesn't have access to IP addresses outside the US. Good luck there chief.
"An unarmed man can only flee from evil, and evil is not overcome by fleeing from it." Col. Jeff Cooper
Have VPNs not improved over the past 4 years? I would think just the efforts to get around the Chinese GFW ought to have mitigated whatever the NSA could do four years ago.
NSA gets...popular culture take on "Damn Yankees".
doesn't it seem likely that the NSA doesn't need an IP address at all to read
or inject traffic into a VPN?
Win.
Left MS Windows for Linux Mint and never looked back!
Vote for Bernie in 2016!
Good luck with that. You can block all IPs assigned to ARIN in the US, but thanks to IP address shortages, you'll find many of those sites with ARIN-allocated IPs are actually located geographically in Europe...and some APNIC IPs are located in the US...etc etc
Then what will they do?
What they always have been doing, drinking Dr. Pepper and playing minesweeper...
“He’s not deformed, he’s just drunk!”
I'd say its because they've been influencing it at the school level CS classes.
"Its too hard" - "its too easy to make mistakes"
-"let those who know what they are doing handle it"
ubiquitous.
First, the CIA says UFOs are theirs. Next the NSA. Bunch of buzz-kills. Was this someone making good on some sort of New Years resolution?
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
We all know there's no such thing as the Vulcan Death Grip.
This....
I'm told not to implement (or try) my own crypto so I instead use a pre-cracked version that I'm told is secure.
Even if my crypto isn't as good, a real human likely has to try to crack it and think some thoughts about it's design.
I'd take that over automated collection any day. Learn to roll your own crypto.
At some point, we will all just disconnect and call it a day.. Then what will they do?
Send an MQ-9 Reaper to "deliver" a Hellfire missile to your residence. Obviously if you are offline you have something to hide. And if you have something to hide, you must be a terrorist.
to get a "dead" Kirk past the baddies. Now, if they had them in a Vulcan nerve pinch, I'd worry.
"Win treats sysadmins better than users. Mac treats users better than sysadmins. Linux treats everyone like sysadmins."
Plus don't forget, the NSA simply must be the only agency in the world trying to do this sort of thing. I'm sure that no other nation has any interest whatsoever in gathering this type or depth of information, for any reason at all.
The living have better things to do than to continue hating the dead.
That is harder than you'd think. A surprising amount of data ends up going through the US. A lot of the EU-Asia traffic ends up going through the US as the indian ocean routes are relatively slow, and AFAIK Russia hasn't built any extensive cross continent fiber networks.
So if they have the PSK, then they can decrypt your VPN connection?
Yeah, not surprising.
Nowhere does it say they actually have effective techniques for extracting the PSK from, say, a Diffie-Hellman exchange. Because.... well... pretty much, nobody can.
But, sure, if you plug in your VPN PSK into a router that's then compromised, your PSK is then public knowledge. Hell, in most places it's listed in your Cisco CLI and extractable if you have access to it (http://www.cisco.com/c/en/us/support/docs/security/pix-500-series-security-appliances/82076-preshared-key-recover.html).
Isn't this why we have several things, not least SSL VPN with proper keychains, certificate revocation, passphrase-protected keys, etc.?
You can try to scaremonger all you like (this is, what? The fourth of fifth article this month with scaremongering like this about Tor, SSL, etc.?). Fact is nobody has demonstrated, or even pointed to suspicious circumstances that may hint, that the NSA or anyone else are doing anything different to the bad guys out there - finding out that compromising the devices is generally easier than decrypting proper TLS security. And nobody's been seen to actually have a shred of evidence that they can decrypt TLS by any way other than being handed the keys.
All this does is tell me the exact OPPOSITE of what the little guy (and presumably anyone reading this article, shame on you Slashdot) would take home. The NSA aren't able to do anything more than I thought they could. That the encryption is serving it's purpose to the point that it's easier to compromise the routers en-masse than it is to break the encryption.
All this does is say to me "Keep doing what you're doing". Use proper PKE with decent size keys and secure them as much as humanly possible.
All I've thought about these kinds of articles for the past year is "What are you trying to scare me onto?" Truecrypt, SSL, PFS etc. It all points towards a certain set of algorithms which are hailed as the "solution" to all these problems - Elliptic Curve. Strangely, one of the "official" curved was designed in co-operation with these people and they won't provide justification for it, and their track-record in this area is quite well-known. These are the people who paid RSA to weaken their encryption, the people who didn't want us to be able to have large-bit encryption available in any case, and who wanted us to have backdoored chips protecting our devices.
PKE is doing it's job at the moment. I'd hate to think that we all jump-ship to the thing that's ACTUALLY broken, in our haste to secure things against this kind of propaganda.
Breaking into VPN isn't that easy.
This is actually good news. The clearly state that "Ubiquitous Encryption" is a threat to the NSA. They are currently assuming that encrypted traffic is something they should target so if everything's encrypted... viola.
So go out, encrypt everything you can. I'm looking directly at you SlashDot. Fix your 10yrs out of date website for christs sake. You want me to start using "Beta"? Secure it!
Well, technically the definition is someone who, by their stupidity, removes themselves from the gene pool. Unless she has a twin sister, her genes are history.
Nominees significantly improve the gene pool by eliminating themselves from the human race in an obviously stupid way. They are self-selected examples of the dangers inherent in a lack of common sense, and all human races, cultures, and socioeconomic groups are eligible to compete. Actual winners must meet the following criteria:
Reproduction Out of the gene pool: dead or sterile.
Excellence Astounding misapplication of judgment.
Self-Selection Cause one's own demise.
Maturity Capable of sound judgment.
Veracity The event must be true.
Nowhere does is say that they can't already have kids. Putting a loaded gun where your kid can get it is incredibly dumb, and this dummy won't continue to pass their genes along. Natural selection means that eventually, as gun-totin' mamas produce fewer offspring before dying, they will be out-competed (natural selection at work).
So, she can take her place among the other people of Walmart
"Transparent" is a shit show that trades on every stereotype going. A man in drag is NOT a transsexual.
Intel Management Engine . Direct download document
My guess is that you overlooked the "USA, AUS, CAN, GBR, NZL" at the top of the slides.
I am very small, utmostly microscopic.
I like truecrypts approach of layering more than one encryption pipeline. (e.g. AES+twofish)
In fact I first realized all this is what they were doing when I saw prominent cryptologists (I forget who) recommending against this as "less secure".
TOR is free and totally not dominated by government-run endpoints in the US. I mean the stories of LEOs taking down various NGO endpoints to create natural GO chokepoints on the US part of the network is way overblown. TOR is very secure and anonymous!
http://www.schneier.com/blog/a...
Examples of better approaches and some exemplar secure products:
https://www.schneier.com/blog/...
1. the CIA covertly taps cables all over the world.
2. Even if they didn't, there are the other four of the "five eyes", the brits, canucks, ozzies, and kiwis.
3. Even if that weren't true, you'd have to avoid all routes that pass through the USA/5 eyes, other countries with agreements.
For that a person would need a real computer service at both ends of a network with good encryption at both ends and along the network.
So the home computer would have to encrypt that connection from some distant country to the USA.
The computer in the USA would have to then exit to the internet use and pass the network back to some distant country and the home computer.
That service and networking product would have to be registered in the USA and that would allow for ip ranges to be tracked as exits from a global VPN ending in the USA.
The question of how to find that computer user in some distant country who trusted the US VPN seems to be a not very hard problem even with great crypto at both ends.
Is the crypto tame? Would the US VPN have some responsibility to log and track all ip requests in the clear? A never ending legal letter covering all international networking use? A version of the Communications Assistance for Law Enforcement Act (CALEA) for all US VPN users and services?
VPN providers should be able to understand their own internal networks and hardware?
The "specific repository" would hint at some long term international standard been junk.
So to help with this a VPN would really need some new skills and really have to reinvent every connection as requested per session and then reset.
Back to needing powerful bespoke connections that are not part of some tame junk international standard on a cheap shared server.
The user has to trust that service and all the networking and staff.
Number stations and one time pads do seem the more interesting solution.
Domestic spying is now "Benign Information Gathering"
Does any other nation have an intelligence budget that even approaches that of the U.S.?
With those ping times, you sure won't have the first laugh.
It's really nice when a tyrannical government agency gets cute and gives its tools of oppression pet names.
You are welcome on my lawn.
Not only off-topic but also factually incorrect. Utah is to Idaho as California is to Oregon or as South Australia is to Northern Territory or even as England is to Scotland.
Aussies.
cheers, cobber.
My computer has a Corbomite device. If I am compromised, everyone please avoid this IP address for the next 20 solar years..
But no cookie :(
It appears that all of Walmart's IP's are in one netblock.
Here is the link to the report:
http://ipinfo.io/AS46312
161.169.64.0/18 Wal-Mart Stores 16,384
I believe that all of their web stuff is on ackamai.
Most Respectfully Yours Mark Allyn Bellingham, Washington
Great movie.
Deserves more praise than Inception and the Last Christmas Doctor Who special.
... I downloaded the Tor browser and I'm, like going to cnn, disney, xvideos, and then I try going to my Facebook page and WHAM!!!!
I'm in validation mode,
That's much better than the "command mode" ("commode" for short), but I had to prove I am me by sending Facebook my passport and giving them my phone number.
The fucking NSA isn't allowed to blow their cover and stuff.
It little behooves the best of us to comment on the rest of us.
No more.
If the NSA can do it, maybe you can too!
Do you mean the Black Sabbath singer or the character on the 60s TV sitcom?
Any insufficiently advanced magic is indistinguishable from technology.
You are misrepresenting the slides IMHO, its clear they take control of the routers doing the VPN, Cisco, Juniper and Huawi were mentioned specifically. The rest isn't 'brute force' anything. Its grabbing the keys from vulnerable machines and open comms outside the VPN, so if they have the email explaining from IT on how to set up the VPN to your accounting department, they have your companies financial data.
If that fails they hack the machines at either end. If all else fails they break in to the room and and bug the computers.
"But for those that aren’t successfully cracked, the VPN Exploit Team’s presentation noted, the team works to “turn that frown upside down” by doing more data collection—trying to capture IPSec Internet Key Exchange (IKE) and Encapsulating Security Payload (ESP) traffic during VPN handshakes to help build better attacks. In cases where the keys just can’t be recovered, the VPN Exploit Team will “contact our friends for help”— gathering more information on the systems of interest from other data collection sites or doing an end-run by calling on Tailored Access Operations to “create access points” through exploits of one of the endpoints of the VPN connection."
You are pretending they just catch weak passwords and thats garbage.
My content sent over VPNs is original work encrypted to protect it against those not authorized to have a copy. It is thus covered by copyright law. The NSA is circumventing encryption to obtain illegal access to copyright work.
SSH is great technology because the certificate is self signed and relies on TIME to protect it, even the NSA can't travel back in time and do a man in the middle attack on the first SSH link and every subsequent SSH session between those computers, to swap that cert.
Likewise the documents said NSA was intercepting 10 million TLS (HTTPS) a day. By now, three years later that will be 100 million or a billion. The problem is the certificate authorities are US companies and all backdoored by the NSA. SSH doesn't have this problem, the certificate is self signed, we don't trust the certificate authority to verify the source of the certificate as us and not the NSA.
Also my port 22 SSH is blocked, and I live in one of those Asian repressive regimes, so I take it as a sign that SSH is considered secure by said repressive regime because they block it.
Does any other nation have an intelligence budget that even approaches that of the U.S.?
While the USA uses "intelligence budget" some other nations may only use "intelligence" alone...
Votez ecolo : Chiez dans l'urne !
No, it isn't.
Trust me, no one here spells it with an Oh-Zed.
Sounds like a fun place to work. They have all the toys.
We should switch to using Cardassian Codes - the NSA and their Vulcan advisors won't be able to decrypt that.
Unless she has a twin sister, her genes are history.
Her genes are in the kid that shot her, unless the kid gets the death penalty.
No, that's not how it works. Her genes would only be in the kid if the kid was a clone.
Oh, good lord. Fine. Then by your pointlessly pedantic semantic lawyering, no mammal has ever passed on their genes, and every individual's genes are culled from the gene pool.
You can't split hairs by trying to disingenuously pretend the "passing on genes" synecdoche is understood differently than it is. People understand that children aren't clones, and they still call it passing on their genes.
I would decidedly not go that far. But a nice, concerted industry push to never, ever hire anybody that has been working for the NSA before or its contractors would send a clear message to bright young people looking for opportunities.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
And you would be correct, for reasons of simple mathematics. No other country has the capability or budget even if they wanted to do it.
Here is Australia. That our neighbours in the US have a more colourful sense of spelling is no surprise to us at all.
Trust me, no one here spells it with an Oh-Zed.
You've never heard it referred to as Oz?
I have heard those 2 letters used in conjunction as reference to Australia many, many times during my travels there.
Now the term "ozzies" is somewhat new that I haven't heard before. Could be a recent development.
If you're making a parallel with the wizard then maybe but one would normally abbreviate to 'Aus'
Aussie is not derived from that. Ozzies is like calling Americans Yankiis, sounds right but nobody does it unless they are guessing at spelling. The "oz" thing came later, probably not until well after the movie.
NSA already has the capability to decrypt anything commercially available put in front of them. CALEA just gives other agencies access to similar information, but through more transparent channels (SNMP provisioning of traffic mirroring in ISP backbone routers). NSA is actually NOT the brain trust of our government when it comes to IT/Network security. The most talented group of technologists actually work for USAF Central Command. My opinion, of course. If I were sitting on a tank of gasoline hung over a bonfire, and the only way I escaped was if a security expert broke the payload of some piece of data transiting the globe, I would want a guy from USAF CentCom working on the challenge. Not saying NSA analysts aren't capable, but I'd trust those guys over an outsourced NSA contractor any day of the week.
You'll have to block Sweden
Mendacem Memorem Esse Oportet
I am pretty sure that MS, Cisco and Checkpoint will have mandatory backdoors for their VPN services, and that it wont help to your security not using private certificates.
You don't think there's still the old-school hacker way to break into systems, by hacking, not buying backdoors from corporations? I'd wager that a team of no more than 5 or 10 top-notch hackers could pull off a Stuxnet- or Sony-style attack. And it may only take the cost-equivalent of 50 soldiers-with-tanks-and-support-column to do it. Normal soldiers are actually really expensive when you think of all the supplies and equipment they need in addition to just the pay and benefits. To house and feed a literal army of men for years at a time probably costs much more than putting up a roomful of hackers. Have you ever heard of the term "asymmetric warfare"? Many countries are missing entire branches of military like navy and air force and their associated expenditures. Think of the R&D funding for that alone going to hackers - you could have a hacker army. All you need is the right recruiting program, which is probably easier to put together than the US military budget. I predict we will see many more high-profile breaches before people start taking security more seriously.
They act far more like Cardassians, they should use the planet that fits their role best.
Vulcan's only pull that crap in that lousy Enterprise series.
Democracy Now! - uncensored, anti-establishment news
Not irrelevant. The parent poster was concerned about protecting his system, then proceeded to discuss protecting from the US without considering other threats.
The living have better things to do than to continue hating the dead.
But that has nothing to do with capabilities we're talking about. You're throwing out an obvious red herring here to deflect attention from the subject. We're talking about wholesale dragnet style intelligence gathering. Not targeted strikes. That's why reference was "NSA" and not "CIA".
They really call it VULCANDEATHGRIP? As I recall (and Memory Alpha confirms) the "Vulcan death grip" does not exist, it was merely a ruse used to fool the Romulans. Given the code name I surmise that the ability to crack VPNs doesn't exist, the NSA just wants us to believe that it does.
Next they'll be telling us that if they go "by the book, hours will seem like days". We see through your clever wordplay, NSA!
P.S. Deal me in for the Tuesday night fizzbin game. I want a piece of that action!
Chelloveck
I give up on debugging. From now on, SIGSEGV is a feature.
IPv6 is fine there. If an ISP shares a single subnet b/w all its users, other than the /64 that it gives them, anonymity is achieved.
Read the Spiegel article and learn the security methods that might still work. Using these methods, secure all your communication all the time. If everyone does that, then the NSA has to hire more people to sort away the chaff. The more people they hire, the greater the likelihood that they again hire someone with a conscience.
Method 2. Live two lives, one that's fake and boring, and another that's secret and furtive. Hide the limited second life amongst the chatter of the first. This method will work better if everyone with boring lives are securing all their communication all the time.
I suppose you guys will shred me for this, but I took on this topic in my SCI-FI story, "The Observer Effect" where a scientist attempts to prove the existence of god through a kind of "cat in the box" experiment using a large cluster spun up on AWS. You can imagine that it doesn't end well. http://insidehpc.com/2013/11/o... For my day job, I write tech news at insideHPC. Forgive me for sharing my hobby here, but I think it has something to say about this topic. -Rich
1. Lobby for internet standards to change and remove the ability from any governments to encroach on it.
2. Overthrow the government and replace it with a better functioning governing body.
3. Elect officials who want smaller government and aren't corruptible.
4. Use snail mail.
I am Bennett Haselton! I am Bennett Haselton!
Snowden did and look where it got him.
Instead of people waking up and lobbying their CongressCritters to put an end to it even threatening to remove them from office for inaction, oh look Honey Boo Boo.
I am Bennett Haselton! I am Bennett Haselton!
We will see. While I tend to agree that a new global totalitarian catastrophe is in the works, I am not totally convinced that it will happen this time. The problem is that totalitarianism and fascism are exceedingly bad for business. They always result in an economic collapse, might just take a few decades. I have some hope that plain, old-fashioned greed may safe us this time. Wouldn't that be ironic?
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
When they gather every data across all VPNs, they will still be able to analyse a tiny fraction of it all. What they want is the capability to decrypt anything, but then they'll only listen to what is on the topic of the day, because too much data is too much. So a targeted attack might be as good in many scenarios.
Write boring code, not shiny code!
The problem with a hacker army is hackers don't hold up very well to carpet bombing. If you're a country with nuclear capabilities, sure, go ahead and have a poke at your opponents under the assumption they won't escalate. But otherwise I wouldn't recommend conducting computer assaults on anyone as a nation if you can't back it up with physical firepower.
When things get complex, multiply by the complex conjugate.
If you're making a parallel with the wizard then maybe but one would normally abbreviate to 'Aus'
Exactly. "Land of Oz" is the slang reference that I first heard when I was visiting. At the time I was traveling with backpackers (including locals, not just foreigners), so maybe it was just a humorous joke and in less common use than I thought. I'm sure no official document would spell it that way.
Thanks for the insight!
Snowden's leaks revealed how Cisco routers set to be exported were intercepted and physically compromised. I wouldn't say that the information reveleaed about the NSA's techniques is mundane in the least.
Needlessly? How else should I debunk his baseless claim that I was "rude and insulting" when Jane/Lonny Eachus was actually just projecting his own obscene insults onto me? And if you have a better approach in mind, why not just suggest that better approach rather than repeatedly suggest that I kill myself?
Once again, Rujiel accuses me of being a paid oil shill. But once again, why would the oil industry pay me to debunk the same baseless accusations they're helping to spread? I've been debunking misinformation about climate from Jane/Lonny Eachus and many others for 5 years now. Again, why would the oil industry pay me to do that?
Really? Among other things, I've contributed open source software to estimate mass changes on the surface of the Earth using GRACE satellite data. Here's my dissertation which explains the methods. Does that count for anything, or should I kill myself?
I really don't understand why people like Jane/Lonny Eachus and Rujiel are filled with so much hatred. However, sociology research suggests that people are less likely to hurl abuse at other people after seeing their faces. So here I am at JPL's open house explaining that our CO2 emissions are melting ice sheets. And here's a clip from the Weather Channel where I explained (at 19m36s and 26m34s) how NASA measures these ice sheets from space.
Rujiel, now that you've seen my face, do you still hate me so much that you still think I should kill myself? Or would you like to retract those odious statements?
A familiar name. :) You talking about a message that the best opportunity is to ally with NSA to subvert things because otherwise won't get hired? I agree. Further, I still promote my mantra of judging what a person produces rather than the person themself. Anyone can be had in security of all types. Trust but verify: more than one person working on stuff with controls and review activities to ensure stuff is being done right. No guarantees but much better than guilt by association. Besides, most malicious insiders I've seen looked great on the surface.
-Nick P
Certain industry members are already doing it so you're wrong in the micro sense. In the macro sense, I totally agree and I've stayed out of the market specifically because of their power over U.S. citizens. I already know the parallel construction strategy they'd use against me. Good news is some people overseas have a chance of building something and I can at least teach people how to do it right in my various essays. More people learn from it every year although single digits lol.
Which is not NSA's area of expertise but CIA's. As a result, we are clearly talking about completely different capabilities.
Wouldn't there be some way to completely encrypt communications with a modified Bit coin code?
"everyone with boring lives are securing all their communication all the time"
Challenge accepted!
There's no time like the present. Well, the past used to be.
That used to be the case, but it also depends *where* in Asia.
From HK or Tokyo to Western Europe, sure, because of lit capacity and paths of least-resistance, but since about 2010 or 2011, there has been a lot more capacity installed and lit up between Mumbai and Europe (England/France/Italy via the Middle East, depending on the cable system) than there is between Chennai and the US via Singapore/HK/Tokyo.
Russia has fairly extensive fiber, but as I understand it, not much diversity. I would hypothesize that it's used mostly by domestic ISPs and AFAIK quite expensive to use because *I believe* they charge in bit-kilometres in a similar way to most sub-sea cables** AND because of the risks (perceived or real) of routing through Russia**. It's also possible that their domestic network might not be suitable for carrying traffic of International operators because the figures I've as far as operational speeds go seem to be a bit slow.**
**These are all theories on my part, don't take them as accurate unless, by chance, they are.
Founder & COO, Hayai India (hayai.in) / USA (hayaibroadband.com)
I suspect that China does. They just haven't had a Snowden happen to them.
The higher the technology, the sharper that two-edged sword.
You would have to be mathematically inept to even suspect such a thing.
They would want to have such a system yes. They would not be ABLE to have it, because mathematics of reality dictate the capability, not wishful thinking.
No. I live in a small country (less than 10 Mio pop.) and we have only a rudimentary espionage agency that only seems to exists as an excuse (they never did anything notable - ever).
And you know what? No false flag terror attacks, no privacy invasions, no nothing.
"An unarmed man can only flee from evil, and evil is not overcome by fleeing from it." Col. Jeff Cooper And to someone with a hammer every problem is a nail...
Col Jeff Cooper seems to be under the impression that evil is a tangible enemy that can be fought with physical weapons.
To my mind the only real evil is the fact that we're all so scared of our fellow human beings' different ways of life that we'd rather shoot them dead than have our own 'perfect' culture contaminated by their strange foreign outlook.
...4. Use snail mail.
Um... Use a government-sanctioned and funded organization that has PHYSICAL ACCESS to the communication you are trying to protect???
Just curious: brain fart?
But they still don't understand why kids love Cinnamon Toast Crunch.
A poster wondered if anyone else has the Intelligence gathering budget that the US does. I wonder if NSA is the new NASA, in that it provides jobs for geeks the way the space program did. And by geeks I mean those gifted individuals who would be bored trying to help K-Tar-Mart better ship and sell diapers and bottled water. Give them a mission (save the world from terror, get to the moon) and make them feel special. Keep them busy so they don't just hack apart your world.
"There is no god but allah" - well, they got it half right.
Actually, given the lag time, isn't it almost guaranteed that they *will* have the last laugh? Not in a good way, but technically, yeah, long after others have seen it and laughed.
--- Say something clever. Pretend it was me. Thanks.
And your response now to my calling you out for posting spam... is to spam a different topic with unrelated garbage? Are you even sentient? Or are you just so scared of being called out that you hope if you try to harass me, I'll go away?
It's always operating as a deficit
The new right fascists are bilingual. They speak English and Bullshit.
You didn't call me out for posting spam. You repeatedly told me to kill myself. There's a difference. Once again:
Needlessly? How else should I debunk his baseless claim that I was "rude and insulting" when Jane/Lonny Eachus was actually just projecting his own obscene insults onto me? And if you have a better approach in mind, why not just suggest that better approach rather than repeatedly suggest that I kill myself?
Once again, Rujiel accuses me of being a paid oil shill. But once again, why would the oil industry pay me to debunk the same baseless accusations they're helping to spread? I've been debunking misinformation about climate from Jane/Lonny Eachus and many others for 5 years now. Again, why would the oil industry pay me to do that?
Really? Among other things, I've contributed open source software to estimate mass changes on the surface of the Earth using GRACE satellite data. Here's my dissertation which explains the methods. Does that count for anything, or should I kill myself?
I really don't understand why people like Jane/Lonny Eachus and Rujiel are filled with so much hatred. However, sociology research suggests that people are less likely to hurl abuse at other people after seeing their faces. So here I am at JPL's open house explaining that our CO2 emissions are melting ice sheets. And here's a clip from the Weather Channel where I explained (at 19m36s
No Utah is south of Idaho as California is south of Oregon. At least it is on every map I've ever seen.