The rules for CTF at DC9 were, unfortunately, not well tested prior to the actual event. The intent of the rules were to provide more targets to attack, by shifting the burden of providing targets to the competitors. However, with the rules as written at the beginning of the contest, it turned out to be (pointwise) not worth attempting to hack. The net effect of the rules were that most groups were simply putting up a server, getting the points and pulling it down. While this is a valid strategy for that ruleset, it doesn't make for much of a hacking competition. This constant churning of servers also made hacking difficult, with targets disappearing by the time you could identify them through the standard CTF network instability.
We (the GhettoHackers, with the much appreciated help of Jennifer Grannick) managed to slowly, over the course of the competition, convince Miles to change the rules to a set more conductive to an actual hacking competition. When teams began merging due to the rule changes, we merged with Digital Revelation, to both group's benefit. We gained their server points, and they gained our capture points.
Besides winning CTF, the GhettoHackers / Digital Revelation team also had the highest average Blood Alcohol Level of any group (check out http://cow.pasture.com/~tcroc for more details). As announced at the awards ceremony, we, the GhettoHackers, have retired from CTF after DC9. To help foster more competiton, and for a different application of our expertise, the GhettoHackers will be helping to run CTF at DC10.
Actually, that was us (Ghettohackers). Under our interpretation of the previous year's rules, Physical penetration of the NOC was allowable. In fact, we managed a capture at DC8 by SE'ing a guard into letting one of our members in (CIR), who then rooted from the console. Unfortunately, with the rule change this past year, that went right out the window.
Vote? Why bother - after the last Presidential election, it is obvious that the powers that be care not one whit about the desires of the American public. Democracy is dead, Mao Zedong was right - "All power comes from the barrel of a gun."
Actually, XOR is very easy to implement, and when used correctly, extrememly secure. The security of XOR depends entirely on the key. The security of the key depends on two primary factors - the entropy, or "randomness" and the length of the key. Ideally, the key will be at least as long as, if not longer than, the plaintext to be encrypted. If you use a truly random key with a length greater than or equal to the plaintext, it is known as a one time pad.
Any attempt to perform cryptoanalysis upon the encoded message is (assuming a proper implementation of XOR) an attack on the key. If the key is random, and as long as the plaintext, the attacker will eventually be able to decrypt the encrypted text. The attacker will, however, also end up with every possible alphanumeric string of the same length as your plaintext. The attacker has no idea if the plaintext contained a discussion of an exchange of nuclear weapons material or your mother's cheesecake recipe.
While the fueling time problem may be non-trivial, detection of fueling is easily prevented. Most land-based ICBMs are stored in underground silos, that are typically part of a large launch complex. The fuel and oxidizer would be stored on site, so transfer of the fuel and oxidizer would most likely be difficult to observe.
When you apply to be a Microsoft playtester, you are put into a general pool. Based on the information that you give during signup, as well as information gleaned from previous playtesting sessions (which involve alot of paperwork), they build a profile of your gaming interests and experience. When they want to test any given product, they build a series of ideal profiles for the testers which are then matched against existing profiles, and contact the individuals with the closest matches, with preference given to previous testers (already familiar with the system, know how to give meaningful feedback, etc). What this boils down to is that you sign up for testing in general, what (if anything) you are offered tests for will vary depending on what the needs are for any particular set of tests, usually separate groups for lots of experience in relevant areas as well as no real experience in the given area.
First off, standard disclaimers apply: I am not (nor are any family members or dependants) or have ever been a Microsoft employee or contractor. Nor do I posess any knowledge resources unavaible to the general public. All of that aside, they have been contacting previous play / usability testers. As a past (and current) play / usability tester for Microsoft, I cannot say what I have actually tested. I can say, however, that I have been contacted to test the XBox (both from a hardware perspective as well as for software in development for the XBox), as have a great deal of their testing community. They simply perform an enormous amount of testing on most of their products (not that they necessarily follow any feedback given, but that is the nature of all usablity testing). Given that the XBox is a major foray into a new market segment for Microsoft, I have to imagine that they are going all out to test it. The XBox has undoubtedly not been inexpensive to develop, and is a high-visability product as well.
Actually, the largest private employers in the Greater Seattle Area are as follows:
1 Boeing 197,000
2 Costco Wholesale 70,000
3 Nordstrom's 47,000
4 Weyerhaeuser 44,800
5 Starbucks 37,000
6 Microsoft 31,396
I don't have statistics for public (government) employment, but some of the major Government employeers are as follows (not ranked):
Federal Government, Department of Defense (major facilities include Fort Lewis, McCord Air Force Base, Bangor Naval Base (Balistic Missile Submarine Base), Everett Naval Base (Carrier and Surface Warefare Base), Bremerton Shipyards (major ship construction and maintainance facility) and the Widbey Island Naval Air Station (home of the EA-6B Electron Warefare squadron)).
University of Washington
State of Washington
City of Seattle
Constitutional Conventions are called so rarely precisely because of their ability to make changes without further steps (such as ratification), as well as the inability to limit the scope of the Convention's changes once convened. A Constitutional Convention could eliminate the entire Constitution and make William Clinton dictator for life, and it would all be perfectly legal.
I have had some success with shipping goods to the former Soviet Union. Granted, this was in 1996 and I was shipping to Kiev, however this approach may still have some effect. Just remember three magic words - No Commercial Value. Of course, it also helped that I was doing this through a business, so I was able to use DHL.
Looking around my co-location provider, I see alot of other people's cabinets that aren't locked, so I bid (all of these would be SEP - Somebody Else's Problem):
More Cisco stuff than you can shake a router at So many F5 Big IPs, you'll be crying All of the Compaqs you can carry Enough Suns to create your own Galaxy
My really, really slow laptop. You know the one - you keep trying to break it, but it just keeps coming back like some bad horror movie.
I served in the United States Navy for 6 years. I did my part, but luckily was not called on to fight. As far as the people who allow my to continue my way of life - the NSA is not one of them. The greatest defenders of American's freedom is the men serving in SSBNs, who assure that if any party dares attack the USA, we will always posess the means to retaliate.
Why have Intellegence (there's a joke) and Law Enforcement Agencies of the United States of America decided that "National Security" is what is in the best interests of the Government instead of the Citizens? Remeber the phrase "By the people, of the people, for the people"? Millions of American citizens have NOT fought and died to secure the power of the Government of the United States of America, they have done so to secure the freedom of the Citizens of the United States of America. Just remember- the Government of the United States of America is the employee of the Citizens, and employees can be fired.
In addition, it has been my experience that typically (not always, however) females are concentrated towards concensus building and fairness, as opposed to results and structure. This makes the typical female far better at some pursuits than males. Unfortunately, most high level positions in the computer field require very little concensus - in fact, I would argue that those positions can require the opposite quite often. As the Senior Network Engineer for a large multi-national corporation, my job is to keep the networks running efficiently, not to keep people happy. Concensus? I don't even care if my boss likes what I am doing, as long as what I am doing is right. In many ways, however, I feel that females would typically fill CIO / CTO positions better than most men.
Actually, he should have taken the approach I did - I get New Year's off or don't bother trying to log in the next day. Remember - I am the malevalent god of your Universe, and I'm the only one who knows how it works. Don't like it? Fine, I'll quit, take a job with a pre-IPO company and not tell you a damned thing about the network first - how good is YOUR manager at guessing administrative passwords?
When the first ten amendments to the Constitution, collectively known as the Bill Of Rights, were being debated by the founders of this country, there was great controversy. The founding fathers were not debating the merits of the amendments as such, but were worried that the adoption of the amendments would give the impression that the government had the power to grant the citizens of the United States rights, and by extension could thereby revoke those same rights. The Constitutional Convention therefore, in addition to the other amendments making up the Bill of Rights, provided the following two amendments to clarify the issue and to prevent abuses and ursupations of power by the government against the citizens: The Ninth Amendment reads "The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people." The Tenth Amendment reads "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people." However, in spite of these two amendments, which I would posit as being the most important in the Consititution, the Government of the United States of America seems to believe that our rights can be modified or revoked at will without the due process outlined in the Consitution for amendments. The Government and the powers that be would be wise to remember and heed the following statements from the Declaration of Independence: "That to secure these rights, governments are instituted among men, deriving their just powers from the consent of the governed. That whenever any form of government becomes destructive to these ends, it is the right of the people to alter or to abolish it, and to institute new government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their safety and happiness." "But when a long train of abuses and usurpations, pursuing invariably the same object evinces a design to reduce them under absolute despotism, it is their right, it is their duty, to throw off such government, and to provide new guards for their future security." For more information, I suggest the following site: http://www.constitution.org
Given the nature of routing, particularly on the internet, how would it be determined who would have jurisdiction to perform said "wiretapping" of the VOIP call in question? The call between a guy in Paris and his buddy in Tokyo may very well pass through the US - would the US then be allowed to tap the call? If not, what would stop them? Given a back door into VOIP, I could easily sniff, and hence, listen to / decode other people's calls. The Governments of the world may argue that this power would only be used for legitimate means, and through legally established channels. Don't believe them. All powers given to a Government will eventually be abused. The harder it is to get caught, the more frequent abuse will be. Humans are by nature curious, and Governments are by nature distrustful.
Slashdot Mirror
The rules for CTF at DC9 were, unfortunately, not well tested prior to the actual event. The intent of the rules were to provide more targets to attack, by shifting the burden of providing targets to the competitors. However, with the rules as written at the beginning of the contest, it turned out to be (pointwise) not worth attempting to hack. The net effect of the rules were that most groups were simply putting up a server, getting the points and pulling it down. While this is a valid strategy for that ruleset, it doesn't make for much of a hacking competition. This constant churning of servers also made hacking difficult, with targets disappearing by the time you could identify them through the standard CTF network instability.
We (the GhettoHackers, with the much appreciated help of Jennifer Grannick) managed to slowly, over the course of the competition, convince Miles to change the rules to a set more conductive to an actual hacking competition. When teams began merging due to the rule changes, we merged with Digital Revelation, to both group's benefit. We gained their server points, and they gained our capture points.
Besides winning CTF, the GhettoHackers / Digital Revelation team also had the highest average Blood Alcohol Level of any group (check out http://cow.pasture.com/~tcroc for more details). As announced at the awards ceremony, we, the GhettoHackers, have retired from CTF after DC9. To help foster more competiton, and for a different application of our expertise, the GhettoHackers will be helping to run CTF at DC10.
Actually, that was us (Ghettohackers). Under our interpretation of the previous year's rules, Physical penetration of the NOC was allowable. In fact, we managed a capture at DC8 by SE'ing a guard into letting one of our members in (CIR), who then rooted from the console. Unfortunately, with the rule change this past year, that went right out the window.
Vote? Why bother - after the last Presidential election, it is obvious that the powers that be care not one whit about the desires of the American public. Democracy is dead, Mao Zedong was right - "All power comes from the barrel of a gun."
Actually, XOR is very easy to implement, and when used correctly, extrememly secure. The security of XOR depends entirely on the key. The security of the key depends on two primary factors - the entropy, or "randomness" and the length of the key. Ideally, the key will be at least as long as, if not longer than, the plaintext to be encrypted. If you use a truly random key with a length greater than or equal to the plaintext, it is known as a one time pad.
Any attempt to perform cryptoanalysis upon the encoded message is (assuming a proper implementation of XOR) an attack on the key. If the key is random, and as long as the plaintext, the attacker will eventually be able to decrypt the encrypted text. The attacker will, however, also end up with every possible alphanumeric string of the same length as your plaintext. The attacker has no idea if the plaintext contained a discussion of an exchange of nuclear weapons material or your mother's cheesecake recipe.
While the fueling time problem may be non-trivial, detection of fueling is easily prevented. Most land-based ICBMs are stored in underground silos, that are typically part of a large launch complex. The fuel and oxidizer would be stored on site, so transfer of the fuel and oxidizer would most likely be difficult to observe.
When you apply to be a Microsoft playtester, you are put into a general pool. Based on the information that you give during signup, as well as information gleaned from previous playtesting sessions (which involve alot of paperwork), they build a profile of your gaming interests and experience. When they want to test any given product, they build a series of ideal profiles for the testers which are then matched against existing profiles, and contact the individuals with the closest matches, with preference given to previous testers (already familiar with the system, know how to give meaningful feedback, etc). What this boils down to is that you sign up for testing in general, what (if anything) you are offered tests for will vary depending on what the needs are for any particular set of tests, usually separate groups for lots of experience in relevant areas as well as no real experience in the given area.
First off, standard disclaimers apply: I am not (nor are any family members or dependants) or have ever been a Microsoft employee or contractor. Nor do I posess any knowledge resources unavaible to the general public. All of that aside, they have been contacting previous play / usability testers. As a past (and current) play / usability tester for Microsoft, I cannot say what I have actually tested. I can say, however, that I have been contacted to test the XBox (both from a hardware perspective as well as for software in development for the XBox), as have a great deal of their testing community. They simply perform an enormous amount of testing on most of their products (not that they necessarily follow any feedback given, but that is the nature of all usablity testing). Given that the XBox is a major foray into a new market segment for Microsoft, I have to imagine that they are going all out to test it. The XBox has undoubtedly not been inexpensive to develop, and is a high-visability product as well.
Actually, the largest private employers in the Greater Seattle Area are as follows:
1 Boeing 197,000
2 Costco Wholesale 70,000
3 Nordstrom's 47,000
4 Weyerhaeuser 44,800
5 Starbucks 37,000
6 Microsoft 31,396
I don't have statistics for public (government) employment, but some of the major Government employeers are as follows (not ranked):
Federal Government, Department of Defense (major facilities include Fort Lewis, McCord Air Force Base, Bangor Naval Base (Balistic Missile Submarine Base), Everett Naval Base (Carrier and Surface Warefare Base), Bremerton Shipyards (major ship construction and maintainance facility) and the Widbey Island Naval Air Station (home of the EA-6B Electron Warefare squadron)).
University of Washington
State of Washington
City of Seattle
Constitutional Conventions are called so rarely precisely because of their ability to make changes without further steps (such as ratification), as well as the inability to limit the scope of the Convention's changes once convened. A Constitutional Convention could eliminate the entire Constitution and make William Clinton dictator for life, and it would all be perfectly legal.
I still am fond of ROT26.
I have had some success with shipping goods to the former Soviet Union. Granted, this was in 1996 and I was shipping to Kiev, however this approach may still have some effect. Just remember three magic words - No Commercial Value. Of course, it also helped that I was doing this through a business, so I was able to use DHL.
Just disguise it as a crack house or abandonded warehouse - it'll fit right in.
My bid:
Looking around my co-location provider, I see alot of other people's cabinets that aren't locked, so I bid (all of these would be SEP - Somebody Else's Problem):
More Cisco stuff than you can shake a router at
So many F5 Big IPs, you'll be crying
All of the Compaqs you can carry
Enough Suns to create your own Galaxy
My really, really slow laptop. You know the one - you keep trying to break it, but it just keeps coming back like some bad horror movie.
I served in the United States Navy for 6 years. I did my part, but luckily was not called on to fight. As far as the people who allow my to continue my way of life - the NSA is not one of them. The greatest defenders of American's freedom is the men serving in SSBNs, who assure that if any party dares attack the USA, we will always posess the means to retaliate.
Why have Intellegence (there's a joke) and Law Enforcement Agencies of the United States of America decided that "National Security" is what is in the best interests of the Government instead of the Citizens? Remeber the phrase "By the people, of the people, for the people"? Millions of American citizens have NOT fought and died to secure the power of the Government of the United States of America, they have done so to secure the freedom of the Citizens of the United States of America. Just remember- the Government of the United States of America is the employee of the Citizens, and employees can be fired.
In addition, it has been my experience that typically (not always, however) females are concentrated towards concensus building and fairness, as opposed to results and structure. This makes the typical female far better at some pursuits than males. Unfortunately, most high level positions in the computer field require very little concensus - in fact, I would argue that those positions can require the opposite quite often. As the Senior Network Engineer for a large multi-national corporation, my job is to keep the networks running efficiently, not to keep people happy. Concensus? I don't even care if my boss likes what I am doing, as long as what I am doing is right. In many ways, however, I feel that females would typically fill CIO / CTO positions better than most men.
Yes, but it was almost worth it to ask our pain the ass consultant if he had found a new scam yet.
Actually, he should have taken the approach I did - I get New Year's off or don't bother trying to log in the next day. Remember - I am the malevalent god of your Universe, and I'm the only one who knows how it works. Don't like it? Fine, I'll quit, take a job with a pre-IPO company and not tell you a damned thing about the network first - how good is YOUR manager at guessing administrative passwords?
When the first ten amendments to the Constitution, collectively known as the Bill Of Rights, were being debated by the founders of this country, there was great controversy. The founding fathers were not debating the merits of the amendments as such, but were worried that the adoption of the amendments would give the impression that the government had the power to grant the citizens of the United States rights, and by extension could thereby revoke those same rights. The Constitutional Convention therefore, in addition to the other amendments making up the Bill of Rights, provided the following two amendments to clarify the issue and to prevent abuses and ursupations of power by the government against the citizens: The Ninth Amendment reads "The enumeration in the Constitution, of certain rights, shall not be construed to deny or disparage others retained by the people." The Tenth Amendment reads "The powers not delegated to the United States by the Constitution, nor prohibited by it to the States, are reserved to the States respectively, or to the people." However, in spite of these two amendments, which I would posit as being the most important in the Consititution, the Government of the United States of America seems to believe that our rights can be modified or revoked at will without the due process outlined in the Consitution for amendments. The Government and the powers that be would be wise to remember and heed the following statements from the Declaration of Independence: "That to secure these rights, governments are instituted among men, deriving their just powers from the consent of the governed. That whenever any form of government becomes destructive to these ends, it is the right of the people to alter or to abolish it, and to institute new government, laying its foundation on such principles and organizing its powers in such form, as to them shall seem most likely to effect their safety and happiness." "But when a long train of abuses and usurpations, pursuing invariably the same object evinces a design to reduce them under absolute despotism, it is their right, it is their duty, to throw off such government, and to provide new guards for their future security." For more information, I suggest the following site: http://www.constitution.org
Given the nature of routing, particularly on the internet, how would it be determined who would have jurisdiction to perform said "wiretapping" of the VOIP call in question? The call between a guy in Paris and his buddy in Tokyo may very well pass through the US - would the US then be allowed to tap the call? If not, what would stop them? Given a back door into VOIP, I could easily sniff, and hence, listen to / decode other people's calls. The Governments of the world may argue that this power would only be used for legitimate means, and through legally established channels. Don't believe them. All powers given to a Government will eventually be abused. The harder it is to get caught, the more frequent abuse will be. Humans are by nature curious, and Governments are by nature distrustful.