"You're unclear about whether talking about the 9/11 hijackers or the GPS spoofers. I first thought that you were talking about 9/11 where the evidence is pretty clear that someone flew some planes into some buildings."
Considering that I quoted the part I was replying to, it hardly seems unclear to me.
But the second thing is: yes, definitely, somebody flew some airplanes into some buildings. Just about anybody would have to be a fool to claim otherwise. But what does that have to do with my comment?
Gimme a break. "I'm not about to claim otherwise, but the evidence is actually pretty thin..." gets modded as "flamebait"???
I just love how there are still people who mod people down for telling the truth, just because it's not politically correct. I thought the "politically correct" fad died out more than 5 years ago.
"Actually no, fuck the terrorists, they're third world noobs living in mud huts and the best they could do in 12 years of trying realyl hard is to hijack a few planes with knives. You have more to fear from your own government than any terrorist."
And that's assuming, of course, that they really did it to begin with. I'm not about to claim otherwise, but the evidence is actually pretty thin and there is a lot of counter-evidence. That's just the truth.
But anyway... I think really the bigger question is: who ever really doubted this could be done? All it takes to spoof a radio signal is a stronger signal... and GPS is a pretty damned low-power signal.
Of course, you do have to do the actual spoofing... that's where the $3000 comes in. But I mean, it has always been technically feasible. I guess they're just saying it's cheaper now.
"The article speaks to hidden services within Tor so exit nodes don't even come into play. "
YES, BUT...
I was replying to GP, and GP's comment was NOT about the hidden services within Tor. It was about tracking traffic within Tor.
My point was that it is not at this time possible to track traffic within Tor. (Unless of course you are monitoring each individual hop and that is impractical at best.) If you want to track Tor traffic, you have to do it at the exit nodes.
"Tough choice. Go with cisco and get spied on by the NSA or go with huawei and get spied on by the Chinese. Hmm at least the Chinese only want your money!"
Not much of a choice. Don't you keep up with the news? Go with Cisco and get spied on by both the NSA and the Chinese (cheap chips with potential back doors) and Cisco!
"Being from the US you probably don't see the xenophobia for what it is. I moved to the US in the late 70's and the common response to anything not American was that's communist."
What part of the U.S.?
I've met may people who immigrated to New York City and certain other large metropolitan areas, and their common reaction is "All of the U.S. is like this."
"The use of Adblock and similar to help reduce (not remove) blanket tracking combined with this means that it becomes opt in and as a "product", the user is still valuable and thus still "fed" free stuff."
Precisely. This returns control to the user as it's completely opt-in.
"Even worse, the politicians in the UK are giving decisions of UK political sovereignty to a foreign entity."
This.
What a bonehead thing to do. This is a stupid as it would be for the U.S. to contract out essential steps of its figher jet manufacturing to other countries.
"Game consoles are designed to a significantly higher standard of network security than embedded systems in the auto industry. Throwing the folks behind the X360's DRM system into there would be a serious improvement; at least they were trying."
You may have a point there, and I retract my earlier statement.
It's like they put recent Windows UI designers in charge of systems security.
"Incidentally, that apparently was used for a time as example of the "correct" decision in Business Ethics classes, since it maximized shareholder value."
True. But later, it was used in college classes as a classic example of what NOT to do. I know, because that's where I learned about it.
In subsequent years it has also made up whole chapters in books about why things fail.
Because: once word of that board decision got out (and it always does), people simply stopped buying Pintos. It's that simple. Their effort to save a buck cost them many many millions of dollars, and if it weren't for Ford pickups, it is arguable that it could even have brought the company down. It rallied, as we know, but there was a time when things were pretty iffy.
This was my argument as well. See my reply elsewhere on this page.
The designs are simply boneheaded. No systems engineer worth their salt would design something like this. It's like they let game console designers loose in the auto industry or something.
"We're not talking about releasing a vulnerability that will compromise someone's e-mail. We're talking about a high risk vulnerability that could cost some random person their life."
And? You suggest instead leaving it up to the auto industry? Which has obviously been incompetent at making things safe?
I've said it before, and I'll say it again: they have designed these systems while sitting at their consoles with their heads firmly up their asses. YOU DON'T PUT AN ENTERTAINMENT SYSTEM IN THE SAME CONTROL SYSTEM THAT RUNS THE CAR!!! Yet they have continued to insist on doing that. It's just plain shitty design.
The vehicle control systems need to be completely SEPARATE from any other systems in the car that operate digitally: the physical "security" system (locks, alarms, etc.) need to be on one control subsystem, entertainment / mapping / gps etc. in another subsystem, actual vehicle and engine control in another subsystem, with only very limited communication between them. Anything else is STUPID!!!
" handle trademark and some copyright stuff for a small non-profit. I've never had to threaten anyone and I've never pretended to be a lawyer, I just ask nice, explain and get good results."
As TFA mentions, as long as there is no confusion between the EQII character and whatever product or service "Malshandir" produces, his trademark claim is invalid.
Second, according to international law, it isn't where somebody ACCESSES the internet that is of relevance to the law; it is where the information is sourced. Any other scheme is simply unworkable.
So, if I have an online store in Tennessee, and you purchase something from your home in London, the transaction takes place under Tennessee (and U.S.) law.
Similarly, if I have a brand or trademark or copyright in the United States, and publish on the Web from there, it is subject to U.S. law, not whatever country you happen to be in when you visit the site.
As I say: any other scheme is unworkable. There is no way every individual in the world can be held responsible for every 3rd-world country or tyrannical law everywhere on Earth. That would be the end of the internet.
The phrase is based on Buddhism if that's really relevant.
Not really.
But this is one of those cases in which I can hardly be embarrassed by a "whoosh" moment. It doesn't bother me in the slightest that I was not a "Lost" fanatic.
Example of what I mean: if you are screwing around doing cartwheels near a cliff, and accidentally stumble and fall off, killing yourself, it's your own fault. That doesn't mean you "deserved" it. It simply means... it's your own fault.
I don't get it. You feel they screwed up in the past, so now you think that an equally stupid solution (funding retirement for unborn postie's--75 years worth in 10 years) i a good idea "because they deserve it".
I didn't say "they deserve it". I said it was their own fault. Those are not the same things.
"Perhaps I was mocking the futility of your position, rather than disagreeing with it."
Saying that position is "futile" is a pretty huge assumption. You appear to be rationalizing your own pessimistic view.
"Except you're being optimistic about someone coming to rescue you..."
Another huge assumption. What makes you think I either want or need someone to rescue me? That is not just a simple logical conclusion from my statements.
"Its pretty easy to take away the anonymity of tor if you could hypothetically record all traffic to and from each computer in the network. "
Tor was specifically designed to prevent exactly that.
The vulnerability of Tor is in its exit nodes (where Tor routing ends, and regular internet routing resumes). A third party can snarf all the traffic through an exit router, and (if that traffic is from one person), they might as well have a tap at that person's ISP.
The difficulty, of course, is that there is no way to tell in advance via which exit router your traffic will exit. So the government's scheme is to monitor as many exit nodes as possible.
There are two ways to make this more difficult for them: hiding and switching.
Hiding means increasing the number of Tor exit nodes (preferably vastly increasing it), as well as turning them on and off at random times (I don't mean every few minutes, but more like in blocks of 4-8 hours or so). This makes it more difficult to track traffic through any given exit node. Note, however, that in order for Tor to work effectively while turning nodes on and off like that, it would definitely need many more exit nodes. Hell, it needs lots more anyway.
By "switching", I mean sending all your HTTP requests via multiple connections through different Tor routes. Because of the wait times to re-align packets, this is not necessarily significantly faster over Tor (as it is when using multiple connections for downloads, as some browsers do), but that is possible. It would mean that only some of your packets are exiting via any given Tor exit node, making tracing your activities much harder.
The Post Office retirement funding debacle is just another example -- a classic example, really -- of earlier generations trying to live high on the hog and charge it all to THIS generation, and future generations. It was a giant Ponzi scheme, and their own children (and yours) were the suckers.
"What's killing them is the legal requirement to pre-fund retirement benefits for 75 years."
The pre-funding mandate is entirely their own fault.
Prior to that, they had been offering VERY generous retirement benefits... but shoving the future cost off on the government. They didn't have to pay for it. And even if you ignore that argument, and say they DID have to pay for it, they were still digging themselves a gigantic black money hole because they had no way to fund all the retirements they had obligated themselves to provide. They simply did not have anywhere near the money to cover the promises they made. No business can operate like that for long.
Congress finally got fed up and told them to balance the books. It's that simple. If they didn't want to be in this situation, they shouldn't have made obligations for themselves they could not cover.
Now they're in a position in which they have to make good on their past promises. And it's beating them to death. Well... they have nobody to blame. Nobody. It sure as hell isn't Congress' fault they managed their operations the way they did.
And I'll repeat something I wrote earlier: ALL other government-mandated monopolies have managed to not just get the job done, but make a huge profit in the process. Ma Bell (when it was a government-mandated monopoly) is a prime example. Of course they were ripping people off, too, which is why it was broken up. But in exchange we did get a phone system that was the envy of the world, it wasn't too outrageously expensive, and they did make a gigantic profit.
"You're unclear about whether talking about the 9/11 hijackers or the GPS spoofers. I first thought that you were talking about 9/11 where the evidence is pretty clear that someone flew some planes into some buildings."
Considering that I quoted the part I was replying to, it hardly seems unclear to me.
But the second thing is: yes, definitely, somebody flew some airplanes into some buildings. Just about anybody would have to be a fool to claim otherwise. But what does that have to do with my comment?
Gimme a break. "I'm not about to claim otherwise, but the evidence is actually pretty thin..." gets modded as "flamebait"???
I just love how there are still people who mod people down for telling the truth, just because it's not politically correct. I thought the "politically correct" fad died out more than 5 years ago.
... Oracle continues to make more friends in the business world!
Wait... what? Never mind.
"Actually no, fuck the terrorists, they're third world noobs living in mud huts and the best they could do in 12 years of trying realyl hard is to hijack a few planes with knives. You have more to fear from your own government than any terrorist."
And that's assuming, of course, that they really did it to begin with. I'm not about to claim otherwise, but the evidence is actually pretty thin and there is a lot of counter-evidence. That's just the truth.
But anyway... I think really the bigger question is: who ever really doubted this could be done? All it takes to spoof a radio signal is a stronger signal... and GPS is a pretty damned low-power signal.
Of course, you do have to do the actual spoofing... that's where the $3000 comes in. But I mean, it has always been technically feasible. I guess they're just saying it's cheaper now.
"The article speaks to hidden services within Tor so exit nodes don't even come into play. "
YES, BUT...
I was replying to GP, and GP's comment was NOT about the hidden services within Tor. It was about tracking traffic within Tor.
My point was that it is not at this time possible to track traffic within Tor. (Unless of course you are monitoring each individual hop and that is impractical at best.) If you want to track Tor traffic, you have to do it at the exit nodes.
"Tough choice. Go with cisco and get spied on by the NSA or go with huawei and get spied on by the Chinese. Hmm at least the Chinese only want your money!"
Not much of a choice. Don't you keep up with the news? Go with Cisco and get spied on by both the NSA and the Chinese (cheap chips with potential back doors) and Cisco!
Best to just stay away from them altogether.
"Being from the US you probably don't see the xenophobia for what it is. I moved to the US in the late 70's and the common response to anything not American was that's communist."
What part of the U.S.?
I've met may people who immigrated to New York City and certain other large metropolitan areas, and their common reaction is "All of the U.S. is like this."
Methinks thou does protest too much.
"The use of Adblock and similar to help reduce (not remove) blanket tracking combined with this means that it becomes opt in and as a "product", the user is still valuable and thus still "fed" free stuff."
Precisely. This returns control to the user as it's completely opt-in.
"Even worse, the politicians in the UK are giving decisions of UK political sovereignty to a foreign entity."
This.
What a bonehead thing to do. This is a stupid as it would be for the U.S. to contract out essential steps of its figher jet manufacturing to other countries.
Oh... wait...
So THAT'S who moved my cheese!
"Game consoles are designed to a significantly higher standard of network security than embedded systems in the auto industry. Throwing the folks behind the X360's DRM system into there would be a serious improvement; at least they were trying."
You may have a point there, and I retract my earlier statement.
It's like they put recent Windows UI designers in charge of systems security.
There. Is that better?
"Incidentally, that apparently was used for a time as example of the "correct" decision in Business Ethics classes, since it maximized shareholder value."
True. But later, it was used in college classes as a classic example of what NOT to do. I know, because that's where I learned about it.
In subsequent years it has also made up whole chapters in books about why things fail.
Because: once word of that board decision got out (and it always does), people simply stopped buying Pintos. It's that simple. Their effort to save a buck cost them many many millions of dollars, and if it weren't for Ford pickups, it is arguable that it could even have brought the company down. It rallied, as we know, but there was a time when things were pretty iffy.
This was my argument as well. See my reply elsewhere on this page.
The designs are simply boneheaded. No systems engineer worth their salt would design something like this. It's like they let game console designers loose in the auto industry or something.
"We're not talking about releasing a vulnerability that will compromise someone's e-mail. We're talking about a high risk vulnerability that could cost some random person their life."
And? You suggest instead leaving it up to the auto industry? Which has obviously been incompetent at making things safe?
I've said it before, and I'll say it again: they have designed these systems while sitting at their consoles with their heads firmly up their asses. YOU DON'T PUT AN ENTERTAINMENT SYSTEM IN THE SAME CONTROL SYSTEM THAT RUNS THE CAR!!! Yet they have continued to insist on doing that. It's just plain shitty design.
The vehicle control systems need to be completely SEPARATE from any other systems in the car that operate digitally: the physical "security" system (locks, alarms, etc.) need to be on one control subsystem, entertainment / mapping / gps etc. in another subsystem, actual vehicle and engine control in another subsystem, with only very limited communication between them. Anything else is STUPID!!!
" handle trademark and some copyright stuff for a small non-profit. I've never had to threaten anyone and I've never pretended to be a lawyer, I just ask nice, explain and get good results."
As TFA mentions, as long as there is no confusion between the EQII character and whatever product or service "Malshandir" produces, his trademark claim is invalid.
Second, according to international law, it isn't where somebody ACCESSES the internet that is of relevance to the law; it is where the information is sourced. Any other scheme is simply unworkable.
So, if I have an online store in Tennessee, and you purchase something from your home in London, the transaction takes place under Tennessee (and U.S.) law.
Similarly, if I have a brand or trademark or copyright in the United States, and publish on the Web from there, it is subject to U.S. law, not whatever country you happen to be in when you visit the site.
As I say: any other scheme is unworkable. There is no way every individual in the world can be held responsible for every 3rd-world country or tyrannical law everywhere on Earth. That would be the end of the internet.
"Googles native client seems secure enough... https://developers.google.com/native-client/"
But again... Native Client is nothing more than pre-compiled HTML, JavaScript, and CSS. It doesn't do anything new, it just pre-compiles it.
It is very, very far from a complete OS running in a sandbox.
The phrase is based on Buddhism if that's really relevant.
Not really.
But this is one of those cases in which I can hardly be embarrassed by a "whoosh" moment. It doesn't bother me in the slightest that I was not a "Lost" fanatic.
Example of what I mean: if you are screwing around doing cartwheels near a cliff, and accidentally stumble and fall off, killing yourself, it's your own fault. That doesn't mean you "deserved" it. It simply means... it's your own fault.
I don't get it. You feel they screwed up in the past, so now you think that an equally stupid solution (funding retirement for unborn postie's--75 years worth in 10 years) i a good idea "because they deserve it".
I didn't say "they deserve it". I said it was their own fault. Those are not the same things.
"Perhaps I was mocking the futility of your position, rather than disagreeing with it."
Saying that position is "futile" is a pretty huge assumption. You appear to be rationalizing your own pessimistic view.
"Except you're being optimistic about someone coming to rescue you..."
Another huge assumption. What makes you think I either want or need someone to rescue me? That is not just a simple logical conclusion from my statements.
"Its pretty easy to take away the anonymity of tor if you could hypothetically record all traffic to and from each computer in the network. "
Tor was specifically designed to prevent exactly that.
The vulnerability of Tor is in its exit nodes (where Tor routing ends, and regular internet routing resumes). A third party can snarf all the traffic through an exit router, and (if that traffic is from one person), they might as well have a tap at that person's ISP.
The difficulty, of course, is that there is no way to tell in advance via which exit router your traffic will exit. So the government's scheme is to monitor as many exit nodes as possible.
There are two ways to make this more difficult for them: hiding and switching.
Hiding means increasing the number of Tor exit nodes (preferably vastly increasing it), as well as turning them on and off at random times (I don't mean every few minutes, but more like in blocks of 4-8 hours or so). This makes it more difficult to track traffic through any given exit node. Note, however, that in order for Tor to work effectively while turning nodes on and off like that, it would definitely need many more exit nodes. Hell, it needs lots more anyway.
By "switching", I mean sending all your HTTP requests via multiple connections through different Tor routes. Because of the wait times to re-align packets, this is not necessarily significantly faster over Tor (as it is when using multiple connections for downloads, as some browsers do), but that is possible. It would mean that only some of your packets are exiting via any given Tor exit node, making tracing your activities much harder.
"We are the causes of our own suffering..."
I don't know about that, really. I am pretty sure I can trace most of my suffering directly back to the action of others.
With all due respect: you should have called him 3 days ago.
I will add this:
The Post Office retirement funding debacle is just another example -- a classic example, really -- of earlier generations trying to live high on the hog and charge it all to THIS generation, and future generations. It was a giant Ponzi scheme, and their own children (and yours) were the suckers.
"What's killing them is the legal requirement to pre-fund retirement benefits for 75 years."
The pre-funding mandate is entirely their own fault.
Prior to that, they had been offering VERY generous retirement benefits... but shoving the future cost off on the government. They didn't have to pay for it. And even if you ignore that argument, and say they DID have to pay for it, they were still digging themselves a gigantic black money hole because they had no way to fund all the retirements they had obligated themselves to provide. They simply did not have anywhere near the money to cover the promises they made. No business can operate like that for long.
Congress finally got fed up and told them to balance the books. It's that simple. If they didn't want to be in this situation, they shouldn't have made obligations for themselves they could not cover.
Now they're in a position in which they have to make good on their past promises. And it's beating them to death. Well... they have nobody to blame. Nobody. It sure as hell isn't Congress' fault they managed their operations the way they did.
And I'll repeat something I wrote earlier: ALL other government-mandated monopolies have managed to not just get the job done, but make a huge profit in the process. Ma Bell (when it was a government-mandated monopoly) is a prime example. Of course they were ripping people off, too, which is why it was broken up. But in exchange we did get a phone system that was the envy of the world, it wasn't too outrageously expensive, and they did make a gigantic profit.