How do you get 1200 people being arrested for crimes being a failure? I can see how it could be considered irrelevant to the success or failure of the program, but I don't see how you could possibly say that 1200 arrests contributes to it being a failure.
I shouldn't venture out in the morning without a parachute, on the off chance that gravity will malfunction and fling me skyward?
OMGZ, look what I made you say by quoting part of your post!! LULLZZ
Read my entire post. Don't post two lines out of context ignoring anything that doesn't support your trolling and then try to claim I implied something. The subject of my original post was "I don't know if that's good or bad...", I suppose you'll quote that back to me as "I [...] know [...] that's [...] good" to prove my implications, right?
What TripMaster Monkey and pla were trying to point out was that "How many terrorist attacks have there been on planes since this system was put in place?" is the wrong question to ask.
Yeah I'm not suggesting that the absence of attacks has any bearing on the success of the program. I only said that to point out that TripMaster's assertion (that the lack of terrorist arrests is proof of the program's failure) was wrong.
I don't doubt that there's a significant element of security theatre behind the entire program and I'm sure the TSA will skew any figures it can to its advantage. However, as much as I hate security theatre, I hate outrage theatre just as much. The tabloid-style context-free reporting in the article is just as bad as if TSA posts the 1,266 arrests as some kind of evidence of success. Just because I might agree with one side or the other doesn't make the use of bad statistics as propaganda any more acceptable IMO. Unfortunately that kind of stuff gets eaten up whole by too many people on Slashdot - they'll accept any bad article as long as they like its conclusions.
Really, You're really going to try to claim you weren't trying to insinuate anything with this line?
I'm not claiming anything. I'm stating it. If I didn't write it then it isn't what I'm saying. If you inferred something from my words then that is entirely your own doing, not mine. I don't know how else I can phrase that to make it clearer. There's no dishonesty here, only your lack of comprehension of the subject and inability to read an entire post correctly.
They prove that the program (as far as its stated goals go) is either a failure or pointless. Take your pick.
No it doesn't prove either of those things. If something doesn't happen over an arbitrary amount of time that doesn't mean it cannot happen at any point in the future. Do you really not get that?
I suggest you read the rest of my post before responding next time. I made it abundantly clear that the lack of terrorist wasn't proof of success, merely that it meant the absence of terrorist arrests was not proof of failure.
And you spoke too soon again because my next line clarified that that wasn't what I was saying. That was very trollish of you to respond to this line having obviously read the following one and knowing precisely that this wasn't what I was saying.
No, but you're certainly insinuating it rather loudly...
No I'm not. I'm not insinuating anything. I'm stating things quite clearly: The numbers given in this article prove nothing whasoever without context.
As I made clear above, the complete lack of any terrorism related arrests clearly spell out the failure of this program. Either the terrorists are there, and are not being caught, or they aren't there at all, in which case the program is pointless...assuming, of course, that "capture of terrorists" was its actual goal...
As I made clear above, the lack of arrests for terrorism do not prove anything about the success or failure of the program.
"Harassed"? Harassed how exactly? They were searched. Everyone gets searched every time they get on a plane. My hand luggage goes through a scanner, I walk through a metal detector, have I been harassed? Several times I've been taken aside and patted down too, was that harassment?
I'm wondering where valid searches stop and this "harassment" you speak of starts. Is it being taken into a room? A finger down my throat? A finger up my arse? I might agree with you when we get to those last couple, but are those things even happening in these searches we're talking about? I see nothing to suggest that, so I'd like to know just what you think is going on that is harassment and what reason you have for believing it.
If some villagers are mauled by a tiger, and I promise to catch the tigers, and I implement a system of nets and snares around the village, and I don't catch any tigers, then I have failed to keep my promise, regardless of how many snakes and wild boars I do catch.
If there haven't been any tiger attacks in the whole time the net has been up then there's no basis to say that it has been a success or a failure. You might even claim that the absence of attacks is a result of the nets being put up and therefore they have been a success.
Now, I ask you: How many terrorist attacks have there been on planes since this system was put in place?
Note that I'm not saying it actually has been a success, I'm saying I see no example of it having failed and I don't see how some random arrest figure with no context whatsoever proves anything one way or they other.
How does that figure compare to random searches? Without that figure for comparison it's completely pointless saying "OMGZ TSA FAIL" because nobody ever claimed that everyone stopped would be arrested. If it gets higher arrests than random searches what's the problem?
Just curious, but why do you use PHP over Python for those tasks? I'm not trying to start a language war here but since you clearly know and use Python I find it surprising you would choose PHP over it. Python also has good hashtable and list support and, unlike PHP, doesn't confound the two.
Perhaps the strongest advantage I've found Python has over PHP in this particular niche however is it's interactive mode - PHP's is still totally hamfisted (despite recent improvement) and drops you out at the slightest error.
Like I said, I don't want to turn this into a holy war. It just struck me as an unusual conclusion to reach from someone who uses both langauges.
Supercomputer brute force attack? The strength of 128-bit keys or even 1024 bit keys aren't that powerful...
Truecrypt uses 256-bit symmetric encryption algorithms. These are far beyond what anyone on Earth is capable of breaking within the lifespan of the Universe using current technology. Estimates put 96-bit encryption more-or-less within the reach of the greatest global powers with massive budgets to put into customised hardware - even then we're still talking about months or years to break a single message. As far as your comment about 1024 bit keys, I assume you're talking about asymmetric encryption which is a different kettle of fish and not relevant to Truecrypt.
all you have to do is miskey the code a few times until it gives you a key that you have to give the manufacturer, the manufacturer validates your access by verifying you are the customer
What the hell are you talking about? Truecrypt doesn't give you any key to give to the manufacturer if you fail to provide the correct one. If you fail to provide the correct key it can't even validate that the target is a Truecrypt volume rather than random bits. The "manufacturer" (developer) wouldn't be able to verify anything anyway, nor do they have any knowledge of their "customers" (someone who downloads a binary installer or source code for free). I don't know if you're thinking of something completely different or if you've been fed some incredible FUD about Truecrypt but what you're describing isn't even remotely accurate.
And that helps when they confiscate your laptop and "lose" it... how?
Well using the plausible deniability option they shouldn't have any reason to seize your laptop at all. It's highly unlikely the guy checking your laptop at the airport has the level of technical competency to be aware of the concept. It's certainly a lot less likely than him not knowing that an iPod can contains something other than music or not knowing what a USB drive is.
But then the question was never about "how do I prevent my data being lost by overzealous fascists?", if that's the question then the answer should be to get it into the country using at least one other method, ie. send it on a CD via post and post them online somewhere (both encrypted aswell of course).
Pictures: Store them on a high-capacity USB drive, SD card, or other small device. Hide it. That way, if they get your computer, they still won't get your pictures.
That's a novel idea. Wow, nobody ever thought to hide something from officials. It's a good job terrorists always attempt to get onto planes swinging their explosives over their head because I bet if they ever hid the bombs there's no way airport security would ever think to check for hidden devices. You sir, are a genius.
Well with Truecrypt at least it's open source so that should provide a good degree of protection against a backdoor in the software itself. There's still the possibility of a backdoor in the underlying encryption schemes of course which would be far beyond most people's ability to detect no matter how many people see it or how long they look. Truecrypt does however allow you to chain multiple encryption and hash algorithms which, given the diversity of their origins, should provide a reasonable degree of protection from backdoors.
Truecrypt would not help: If they really wanted to see your content they could ask you to show it to them or alternatively confiscate your laptop and decrypt it themselves.
Truecrypt provides plausible deniability - the capability to create a hidden encrypted volume within another encrypted volume, thereby allowing you to grant access to unimportant/dummy data when a password is asked for without the attacker knowing additional information even exists.
As for the US government just decrypting the colume themselves, as far as I know they simply don't have that capability. If your boss knows otherwise or has knowledge of ways to defeat Truecrypt's plausible deniability then (s)he should provide some kind of evidence to back that up, otherwise this just sounds like uninformed guesswork or pure tinfoil-hattery.
Audio data doesn't necessarily mean MP3s. Storing your audio in a lossless format like FLAC means about 50% compression, so we're looking at ~250MB/album - 400 albums isn't especially unreasonable.
But who says the data has to be written all at once? I assume BD-R supports multi-session writing like other optical media do - ie. you can incrementally add sets of archive data to the disc so long as you don't "close" it.
They want to recreate the project by getting rid of all the original developers who understood the old code and are familiar with all of the design challenges and tradeoffs, replace them with the cheapest warm bodies they can find, and rewrite the whole thing using (what I'm assuming) is Java+Swing.
Judging by the description of the original dev's software as "somewhat buggy and slow" it sounds like they're not so familiar with the design challenges and tradeoffs anyway. Sometimes a fresh start really is the best solution.
I rarely respond to people who can't figure out how to put their response outside of the quote tags, but here goes...
Yeah, because you've never made a typo in your life. And besides, they never happen in closing tags do they? Nice example of how some people never pass up the opportunity to be a dick evn on the most trivial shit. I'm so honoured you stopped your chronic masturbation to criticise my ability to close tags. You sure showed me.
Corelation. Is. Not. Causation. So, what, you're suggesting people who live lifestyles that cause heart disease are more likely to also use plastic containers for their food and drink? Or people with heart disease are more likely to use plastic containers? What other correllation are you proposing?
Anyone with worldly knowledge knows that Bristol was the standard unit of measurement for area within the British Empire for over 200 years. It seems I'll have to break it down for you ignorant Americans:
Bristol has an area of 1,184,832,000 square feet (source) The Library of Congress has an area of 2,100,000 square feet (source)
Therefore 1 Bristol (and TFA's fossilised forest) == 564.2 Libraries of Congress
Slashdot Mirror
How do you get 1200 people being arrested for crimes being a failure? I can see how it could be considered irrelevant to the success or failure of the program, but I don't see how you could possibly say that 1200 arrests contributes to it being a failure.
As for people being harassed, how were they harassed?
I shouldn't venture out in the morning without a parachute, on the off chance that gravity will malfunction and fling me skyward?
OMGZ, look what I made you say by quoting part of your post!! LULLZZ
Read my entire post. Don't post two lines out of context ignoring anything that doesn't support your trolling and then try to claim I implied something. The subject of my original post was "I don't know if that's good or bad...", I suppose you'll quote that back to me as "I [...] know [...] that's [...] good" to prove my implications, right?
You sir are an idiot. I think we're done here.
What TripMaster Monkey and pla were trying to point out was that "How many terrorist attacks have there been on planes since this system was put in place?" is the wrong question to ask.
Yeah I'm not suggesting that the absence of attacks has any bearing on the success of the program. I only said that to point out that TripMaster's assertion (that the lack of terrorist arrests is proof of the program's failure) was wrong.
I don't doubt that there's a significant element of security theatre behind the entire program and I'm sure the TSA will skew any figures it can to its advantage. However, as much as I hate security theatre, I hate outrage theatre just as much. The tabloid-style context-free reporting in the article is just as bad as if TSA posts the 1,266 arrests as some kind of evidence of success. Just because I might agree with one side or the other doesn't make the use of bad statistics as propaganda any more acceptable IMO. Unfortunately that kind of stuff gets eaten up whole by too many people on Slashdot - they'll accept any bad article as long as they like its conclusions.
Really, You're really going to try to claim you weren't trying to insinuate anything with this line?
I'm not claiming anything. I'm stating it. If I didn't write it then it isn't what I'm saying. If you inferred something from my words then that is entirely your own doing, not mine. I don't know how else I can phrase that to make it clearer. There's no dishonesty here, only your lack of comprehension of the subject and inability to read an entire post correctly.
They prove that the program (as far as its stated goals go) is either a failure or pointless. Take your pick.
No it doesn't prove either of those things. If something doesn't happen over an arbitrary amount of time that doesn't mean it cannot happen at any point in the future. Do you really not get that?
I suggest you read the rest of my post before responding next time. I made it abundantly clear that the lack of terrorist wasn't proof of success, merely that it meant the absence of terrorist arrests was not proof of failure.
Oh my...looks like I spoke too soon.
And you spoke too soon again because my next line clarified that that wasn't what I was saying. That was very trollish of you to respond to this line having obviously read the following one and knowing precisely that this wasn't what I was saying.
No, but you're certainly insinuating it rather loudly...
No I'm not. I'm not insinuating anything. I'm stating things quite clearly: The numbers given in this article prove nothing whasoever without context.
As I made clear above, the complete lack of any terrorism related arrests clearly spell out the failure of this program. Either the terrorists are there, and are not being caught, or they aren't there at all, in which case the program is pointless...assuming, of course, that "capture of terrorists" was its actual goal...
As I made clear above, the lack of arrests for terrorism do not prove anything about the success or failure of the program.
"Harassed"? Harassed how exactly? They were searched. Everyone gets searched every time they get on a plane. My hand luggage goes through a scanner, I walk through a metal detector, have I been harassed? Several times I've been taken aside and patted down too, was that harassment?
I'm wondering where valid searches stop and this "harassment" you speak of starts. Is it being taken into a room? A finger down my throat? A finger up my arse? I might agree with you when we get to those last couple, but are those things even happening in these searches we're talking about? I see nothing to suggest that, so I'd like to know just what you think is going on that is harassment and what reason you have for believing it.
If some villagers are mauled by a tiger, and I promise to catch the tigers, and I implement a system of nets and snares around the village, and I don't catch any tigers, then I have failed to keep my promise, regardless of how many snakes and wild boars I do catch.
If there haven't been any tiger attacks in the whole time the net has been up then there's no basis to say that it has been a success or a failure. You might even claim that the absence of attacks is a result of the nets being put up and therefore they have been a success.
Now, I ask you: How many terrorist attacks have there been on planes since this system was put in place?
Note that I'm not saying it actually has been a success, I'm saying I see no example of it having failed and I don't see how some random arrest figure with no context whatsoever proves anything one way or they other.
How does that figure compare to random searches? Without that figure for comparison it's completely pointless saying "OMGZ TSA FAIL" because nobody ever claimed that everyone stopped would be arrested. If it gets higher arrests than random searches what's the problem?
Just curious, but why do you use PHP over Python for those tasks? I'm not trying to start a language war here but since you clearly know and use Python I find it surprising you would choose PHP over it. Python also has good hashtable and list support and, unlike PHP, doesn't confound the two.
Perhaps the strongest advantage I've found Python has over PHP in this particular niche however is it's interactive mode - PHP's is still totally hamfisted (despite recent improvement) and drops you out at the slightest error.
Like I said, I don't want to turn this into a holy war. It just struck me as an unusual conclusion to reach from someone who uses both langauges.
Supercomputer brute force attack? The strength of 128-bit keys or even 1024 bit keys aren't that powerful...
Truecrypt uses 256-bit symmetric encryption algorithms. These are far beyond what anyone on Earth is capable of breaking within the lifespan of the Universe using current technology. Estimates put 96-bit encryption more-or-less within the reach of the greatest global powers with massive budgets to put into customised hardware - even then we're still talking about months or years to break a single message. As far as your comment about 1024 bit keys, I assume you're talking about asymmetric encryption which is a different kettle of fish and not relevant to Truecrypt.
all you have to do is miskey the code a few times until it gives you a key that you have to give the manufacturer, the manufacturer validates your access by verifying you are the customer
What the hell are you talking about? Truecrypt doesn't give you any key to give to the manufacturer if you fail to provide the correct one. If you fail to provide the correct key it can't even validate that the target is a Truecrypt volume rather than random bits. The "manufacturer" (developer) wouldn't be able to verify anything anyway, nor do they have any knowledge of their "customers" (someone who downloads a binary installer or source code for free). I don't know if you're thinking of something completely different or if you've been fed some incredible FUD about Truecrypt but what you're describing isn't even remotely accurate.
And that helps when they confiscate your laptop and "lose" it... how?
Well using the plausible deniability option they shouldn't have any reason to seize your laptop at all. It's highly unlikely the guy checking your laptop at the airport has the level of technical competency to be aware of the concept. It's certainly a lot less likely than him not knowing that an iPod can contains something other than music or not knowing what a USB drive is.
But then the question was never about "how do I prevent my data being lost by overzealous fascists?", if that's the question then the answer should be to get it into the country using at least one other method, ie. send it on a CD via post and post them online somewhere (both encrypted aswell of course).
Pictures: Store them on a high-capacity USB drive, SD card, or other small device. Hide it. That way, if they get your computer, they still won't get your pictures.
That's a novel idea. Wow, nobody ever thought to hide something from officials. It's a good job terrorists always attempt to get onto planes swinging their explosives over their head because I bet if they ever hid the bombs there's no way airport security would ever think to check for hidden devices. You sir, are a genius.
Well with Truecrypt at least it's open source so that should provide a good degree of protection against a backdoor in the software itself. There's still the possibility of a backdoor in the underlying encryption schemes of course which would be far beyond most people's ability to detect no matter how many people see it or how long they look. Truecrypt does however allow you to chain multiple encryption and hash algorithms which, given the diversity of their origins, should provide a reasonable degree of protection from backdoors.
Truecrypt would not help: If they really wanted to see your content they could ask you to show it to them or alternatively confiscate your laptop and decrypt it themselves.
Truecrypt provides plausible deniability - the capability to create a hidden encrypted volume within another encrypted volume, thereby allowing you to grant access to unimportant/dummy data when a password is asked for without the attacker knowing additional information even exists.
As for the US government just decrypting the colume themselves, as far as I know they simply don't have that capability. If your boss knows otherwise or has knowledge of ways to defeat Truecrypt's plausible deniability then (s)he should provide some kind of evidence to back that up, otherwise this just sounds like uninformed guesswork or pure tinfoil-hattery.
Audio data doesn't necessarily mean MP3s. Storing your audio in a lossless format like FLAC means about 50% compression, so we're looking at ~250MB/album - 400 albums isn't especially unreasonable.
But who says the data has to be written all at once? I assume BD-R supports multi-session writing like other optical media do - ie. you can incrementally add sets of archive data to the disc so long as you don't "close" it.
They want to recreate the project by getting rid of all the original developers who understood the old code and are familiar with all of the design challenges and tradeoffs, replace them with the cheapest warm bodies they can find, and rewrite the whole thing using (what I'm assuming) is Java+Swing.
Judging by the description of the original dev's software as "somewhat buggy and slow" it sounds like they're not so familiar with the design challenges and tradeoffs anyway. Sometimes a fresh start really is the best solution.
No idle. Meta-moderation that worked. 10 years ago was better.
I rarely respond to people who can't figure out how to put their response outside of the quote tags, but here goes...
Yeah, because you've never made a typo in your life. And besides, they never happen in closing tags do they? Nice example of how some people never pass up the opportunity to be a dick evn on the most trivial shit. I'm so honoured you stopped your chronic masturbation to criticise my ability to close tags. You sure showed me.
Corelation. Is. Not. Causation.
So, what, you're suggesting people who live lifestyles that cause heart disease are more likely to also use plastic containers for their food and drink? Or people with heart disease are more likely to use plastic containers? What other correllation are you proposing?
I'm pretty sure that's a pony.
Oh, and also, welcome to the Internets circa 1997.
The way that was worded made me think of incontinence rather than moist lady parts. Whoever wrote it, I think they need to work on their dirty talk.
Oh great, and now my comment is a dupe too. Curse you, ShadowRangerRIT!
This is a dupe from August 10th. Sorry guys.
Anyone with worldly knowledge knows that Bristol was the standard unit of measurement for area within the British Empire for over 200 years. It seems I'll have to break it down for you ignorant Americans:
Bristol has an area of 1,184,832,000 square feet (source)
The Library of Congress has an area of 2,100,000 square feet (source)
Therefore 1 Bristol (and TFA's fossilised forest) == 564.2 Libraries of Congress