"Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite...some of which may have been copied from publicly available phone cracking tools..."
Well, that's some creative irony labeling a hacker as the thief, since it would appear Cellebrite favors "borrowing" code to create a product to sell to the highest taxpayer-funded bidder...
"We have incurred operating losses in the past, expect to incur operating losses in the future, and may never achieve or maintain profitability."
I don't even know what we legally define as a scam anymore when companies that project running in the red forever file for IPOs.
A scam is when you try to hoodwink someone. This is more like the Pet Rock. It's very clear what you're buying if you decide to take that leap. It's actually a little refreshing to have someone say, "we have absolutely zero chance of ever turning a profit. Can we have some money, please?"
Watching anyone come forth with a pre-IPO valuation of 3 billion dollars for a company that labels perpetual losses as some kind of corporate motto is about as refreshing as the concept of Donald Trump starring in one of those slow-motion Pantene shampoo commercials.
Why even bother making a product anymore when we can just go back to the vaporware days of selling hype and bullshit.
It's starting to look as if electric cars and clean energy may actually be manage to kill off the fossil fuel industry in the foreseeable future. Will not be shedding any tears when that happens.
If they write TFS to sell it like this shit one, someone's gonna be crying. Likely the salesman.
"We have incurred operating losses in the past, expect to incur operating losses in the future, and may never achieve or maintain profitability."
Has the ENTIRE concept of profitability gone out the fucking window when it comes to running a company? I don't even know what we legally define as a scam anymore when companies that project running in the red forever file for IPOs.
Not even in the era of the dot-bomb were vaporware pimps arrogant enough to blatantly admit the proposed company would be a failure from a financial standpoint. In fact, stupidity has reached a level where investors have apparently forgotten why we refer to it as the dot bomb. It's as if the S-1 filing statement is some kind of troll test.
Or they only have offices in areas where American workers don't want to relocate to, whereas imported labor will agree to work anywhere in the country.
Given the field we're talking about here, and the ability for tech workers within that field to work remotely (as in wherever they want to call home), that whole office locale excuse is a rather weak one.
Hell, it's 2017. Companies don't have much of an excuse to not support remote work regardless of the field.
MD5's weakness lies in it's popularity and therefore susceptibility to rainbow table lookup. There's not a hashing algorithm around you should use without a salt and feel good about in the long term.
Your analogy is dumb.
Much like a 3-digit combination that is unknown to the attacker, MD5's ultimate weakness lies in the speed at which it can be cracked, which today's hardware has proven, irrelevant of the popularity or combinations known by rainbow tables.
And if programmers are going to remain as ignorant as they always have and refuse to add a little salt to their coding diet, then stronger algorithms (stronger locks) are a rather necessary minimum, because convincing them to use a decades-old security bolster sure as shit ain't working.
You are correct in that a hash alone does not provide a comfortable security buffer, but that hardly dismisses my analogy.
The problem lies in not using a salt, not in using MD5.
If a three-digit combination lock protecting a safe needs a bodyguard standing next to it to ensure no one steals anything, then using a shitty lock is in fact the problem, especially since few choose to spice up their recipe when cooking up a security model.
The number of times I have had to explain to customers how to do password storage right is staggering. Most still believe a single hash is enough (well, to be fair, for a high-entropy password it is). Some have at least heard of salting the hash...
Ah yes, salting. A concept I read about over two decades ago in my O'Reilly SysAdmin book. I agree with you, sure is frustrating when those writing software these days act like good security is some newfangled concept we're still waiting for cold fusion to provide.
On the other hand, PBKDF2 has been available since 2000, packing hashing, iteration and salting in a nice package. And Argon2 now adds large memory and other nice properties and essentially solves the problem. People just seem to be completely unaware of this.
Given the prevalence of humans using 123456 as a "password", it's not that people are unaware; they simply don't give a shit enough to care.
And some cases might get re-opened because of new evidence brought to light that might benefit the wrongly accused, which would be essentially impossible to further such an investigation because of evidence being destroyed.
Why would the police care about that either? Most prosecutors certainly do not and go to great lengths to prevent review.
If years of evidence is truly worthless to the organization holding it, then why the hell did they even save it.
"Apple claimed watch revenues second only to Rolex. How can it not be considered a hit at this point?"
How you ask?
When you have to game the revenue statistics so hard that you are forced to compare a single product from a tech company against an entire brand that pretty much manufactures one fucking thing that only 0.1% of humans can afford, it tends to bring into question any other claims related to "success".
In short, you're reaching here. A lot. Let's also see how well this fad pans out in the coming years, as I doubt even the iLemmings are going to be able to help Apple hold that revenue claim.
" If it's the poor who are now the most likely to smoke, it's hard to see how they will ever afford the AUD$40 (USD$30) pack of cigarettes."
That's sort of the point, making it too expensive for the poor and uneducated.
That this works, has been demonstrated time and time again in multiple countries.
Anyone with an IQ above a warthog understands that cigarettes are not good for you in ANY way, so one can hardly point to education as a factor here. Society holds no illusions regarding this, unlike half a century ago when you would find the family doctor pimping his favorite brand of cancer sticks to your kids.
And given the manufactured addiction embedded within cigarettes (that probably should be illegal), we should be careful with this make-it-expensive approach. When it is only the social elite who smoke due to the cost, that same group will be looking to use their influence to manipulate anti-smoking laws to reverse them in their favor. The last thing we need is Big Tobacco lobbyist reinforcements.
All you have to do is not adopt the same bullshit-fee and fuck-you-charge "sales" model that Verizon and AT&T have been using in recent times to essentially demonstrate their corporate arrogance and ability to fuck over their customers in the name of pure unadulterated greed.
TL; DR - Don't become a greedy prick, because competition still exists.
You're going to tell me that the active investigations along with the potential liability of not holding data for years worth of solved cases was somehow not worth $4000?
What legal liability? Some cases might get dismissed but why would that matter for the police department?
And some cases might get re-opened because of new evidence brought to light that might benefit the wrongly accused, which would be essentially impossible to further such an investigation because of evidence being destroyed.
Regardless, the chain of custody issue has to be validated with such an intrusion anyway, which even furthers my point regarding this being used as a scapegoat excuse for evidence being destroyed deliberately by those holding it.
re "Learning to use the tools that you will need to succeed in the workplace is not a concept that died 30 years ago."
People are not moving from a generation of typewriters or Wang https://en.wikipedia.org/wiki/... anymore.
They got exposed to Microsoft products at school, university and work with such products every day.
The need for a generation of workers to buy into a new series of expensive MS applications at home is gone.
As mentioned by others on slashdot that office GUI might even be global and very secure using some networked interface.
My point was more centered around the fact that familiarity with MS Office is still a critical component of corporate success, regardless of where you actually learn it. You could learn to drive using the corporate van, but if you're going to become good at driving, familiarity by driving a vehicle outside of work becomes rather key.
For students, Office 365 for Education is free, which of course is the ultimate price tag for the younger generation. As far as paying for it after you graduate, there are significant discounts for home use. No, I don't agree with this whole concept of a monthly fee, eradicating the concept of true ownership, but support for an Office suite usually dies after a few years with subsequent upgrades, so a standalone version of Office (which they also still offer) doesn't exactly last forever.
The headline got truncated. There should be " - and nothing else" at the end.
Wow.
I've heard of a lot of sexual fetishes, but you have to admit that Pasty White Virgins Playing Resident Evil Naked in Moms Basement is one of the more odd ones...
Typing letters, doing a spreadsheet, desktop publishing is not the unique, selling point, must have product that has to work between management and staff.
When one commands the corporate environment, you don't really have to be unique. A major selling point of MS Office is the dominance it has held in corporate business, and continues today. Programs like Outlook, Word, and Excel "work" between management and staff because it happens to be the one software package that is taught to pretty much anyone who needs to use a computer for more than gaming, Netflix, and Facebook.
Commercial/gov users have their software paid in full, home users now have fast hardware and other great software options.
I suppose you could consider them paid in full, if you don't count those infamous support/maintenance contracts that seem to never die.
Home users want to get as far away from boring and expensive work applications as possible.
Other apps, quality non rental software, free software, open source can offer text and spreadsheet support.
The GUI is simple, support works, the app is fun for what it offers.
Microsoft is great for games, GPU's. The complex, boring work like Office GUI is not needed at home for or users.
Yeah, I get the whole work/life balance, but not every interface is designed to create "fun". It's called MS Office, not MS "Partytime", and these complaints read like a Millennial whining because there's no Call of Duty plug-in for MS Word.
Better supported apps exist for the average user doing simple, average computing tasks.
The early 1980's and 1990's rush to use, understand and study Microsoft application at home to be a better worker is over.
Learning to use the tools that you will need to succeed in the workplace is not a concept that died 30 years ago. And if you think learning MS Office is irrelevant, go see how many employers are interested in potential hires who are completely unskilled with that particular software package. There's a reason high-school students are still being taught MS Office today.
As if any company would change their policies after a few days of downtime.
Many companies run their business on Outlook, Word, and Excel, which is why you see it installed on almost every end-user system. Put another way, shut off the internet and see what happens to the ISP contract after "a few days of downtime".
"Most of the data was from solved cases, but some of the evidence was from active investigations...the department did not pay the $4,000 ransom demand and decided to wipe all its systems."
I'm sorry, but one legal firm can rack up more than $4000 in legal fees in a single day.
You're going to tell me that the active investigations along with the potential liability of not holding data for years worth of solved cases was somehow not worth $4000?
The numbers just don't add up here. At all. Hate to go all conspiracy theory, but this sounds more like an intentional infection and a premature decision to wipe data that might have shown a bad light on a certain law enforcement actions.
It sounds like they only had one backup, and that promptly got overwritten. It should be standard procedure to have an offsite backup as well. I always did.
A backup implies exactly that regardless of medium or location, and if the backup runs after the infection, then you're doing nothing but backing up (ransomware) encrypted data.
Anything that moves or vibrates radiates some energy. Hence such crystals would provide "free" energy and that is very, very, very unlikely to be possible in this universe.
It's also very, very, very unlikely that you are not as smart as you think you are.
Well, there is a doomsday but nuclear war would not be it. Yes a lot of humans would die in an all-out nuclear war, maybe even the majority, but it would not wipe out the human species. Not even close.
Really? Last time I checked, the combined capability of just two countries on this planet held enough nuclear firepower to destroy the entire planet several times over. Not sure why you assume everyone would just pop off one round if shit ever did hit the fan.
Climate change is also not it. Primitive stone age tribesmen millions of years ago survived far worse climate conditions than what climate change believers are projecting.
Primitive tribesman did not have to survive nuclear fallout and try to thrive on a radioactive planet, which is the ultimate "climate" change.
Let's stop applying Hollywood science here, because the aftermath script is not Mad Max. Not even close.
Slashdot Mirror
"Now the hacker responsible has publicly released a cache of files allegedly stolen from Cellebrite...some of which may have been copied from publicly available phone cracking tools..."
Well, that's some creative irony labeling a hacker as the thief, since it would appear Cellebrite favors "borrowing" code to create a product to sell to the highest taxpayer-funded bidder...
When your losses exceed your revenue, you're already bankrupt. I'll do simple math below to understand.
100 Revenue
250 Expenses
------
billion-dollar company.
There you go, FTFY.
You seem to confused regarding the "new" math written by the infamous Millennial scholar, Hype N. Bullshyt.
"We have incurred operating losses in the past, expect to incur operating losses in the future, and may never achieve or maintain profitability."
I don't even know what we legally define as a scam anymore when companies that project running in the red forever file for IPOs.
A scam is when you try to hoodwink someone. This is more like the Pet Rock. It's very clear what you're buying if you decide to take that leap. It's actually a little refreshing to have someone say, "we have absolutely zero chance of ever turning a profit. Can we have some money, please?"
Watching anyone come forth with a pre-IPO valuation of 3 billion dollars for a company that labels perpetual losses as some kind of corporate motto is about as refreshing as the concept of Donald Trump starring in one of those slow-motion Pantene shampoo commercials.
Why even bother making a product anymore when we can just go back to the vaporware days of selling hype and bullshit.
It's starting to look as if electric cars and clean energy may actually be manage to kill off the fossil fuel industry in the foreseeable future. Will not be shedding any tears when that happens.
If they write TFS to sell it like this shit one, someone's gonna be crying. Likely the salesman.
"We have incurred operating losses in the past, expect to incur operating losses in the future, and may never achieve or maintain profitability."
Has the ENTIRE concept of profitability gone out the fucking window when it comes to running a company? I don't even know what we legally define as a scam anymore when companies that project running in the red forever file for IPOs.
Not even in the era of the dot-bomb were vaporware pimps arrogant enough to blatantly admit the proposed company would be a failure from a financial standpoint. In fact, stupidity has reached a level where investors have apparently forgotten why we refer to it as the dot bomb. It's as if the S-1 filing statement is some kind of troll test.
Or they only have offices in areas where American workers don't want to relocate to, whereas imported labor will agree to work anywhere in the country.
Given the field we're talking about here, and the ability for tech workers within that field to work remotely (as in wherever they want to call home), that whole office locale excuse is a rather weak one.
Hell, it's 2017. Companies don't have much of an excuse to not support remote work regardless of the field.
MD5's weakness lies in it's popularity and therefore susceptibility to rainbow table lookup. There's not a hashing algorithm around you should use without a salt and feel good about in the long term.
Your analogy is dumb.
Much like a 3-digit combination that is unknown to the attacker, MD5's ultimate weakness lies in the speed at which it can be cracked, which today's hardware has proven, irrelevant of the popularity or combinations known by rainbow tables.
And if programmers are going to remain as ignorant as they always have and refuse to add a little salt to their coding diet, then stronger algorithms (stronger locks) are a rather necessary minimum, because convincing them to use a decades-old security bolster sure as shit ain't working.
You are correct in that a hash alone does not provide a comfortable security buffer, but that hardly dismisses my analogy.
The problem lies in not using a salt, not in using MD5.
If a three-digit combination lock protecting a safe needs a bodyguard standing next to it to ensure no one steals anything, then using a shitty lock is in fact the problem, especially since few choose to spice up their recipe when cooking up a security model.
The number of times I have had to explain to customers how to do password storage right is staggering. Most still believe a single hash is enough (well, to be fair, for a high-entropy password it is). Some have at least heard of salting the hash...
Ah yes, salting. A concept I read about over two decades ago in my O'Reilly SysAdmin book. I agree with you, sure is frustrating when those writing software these days act like good security is some newfangled concept we're still waiting for cold fusion to provide.
On the other hand, PBKDF2 has been available since 2000, packing hashing, iteration and salting in a nice package. And Argon2 now adds large memory and other nice properties and essentially solves the problem. People just seem to be completely unaware of this.
Given the prevalence of humans using 123456 as a "password", it's not that people are unaware; they simply don't give a shit enough to care.
And some cases might get re-opened because of new evidence brought to light that might benefit the wrongly accused, which would be essentially impossible to further such an investigation because of evidence being destroyed.
Why would the police care about that either? Most prosecutors certainly do not and go to great lengths to prevent review.
If years of evidence is truly worthless to the organization holding it, then why the hell did they even save it.
Oh please, that's just marketing. Remember "Greenland"?
Yes. Tends to make you wonder if this is the true origin of all bullshit in marketing, given that "Iceland" exists...
"Apple claimed watch revenues second only to Rolex. How can it not be considered a hit at this point?"
How you ask?
When you have to game the revenue statistics so hard that you are forced to compare a single product from a tech company against an entire brand that pretty much manufactures one fucking thing that only 0.1% of humans can afford, it tends to bring into question any other claims related to "success".
In short, you're reaching here. A lot. Let's also see how well this fad pans out in the coming years, as I doubt even the iLemmings are going to be able to help Apple hold that revenue claim.
" If it's the poor who are now the most likely to smoke, it's hard to see how they will ever afford the AUD$40 (USD$30) pack of cigarettes."
That's sort of the point, making it too expensive for the poor and uneducated. That this works, has been demonstrated time and time again in multiple countries.
Anyone with an IQ above a warthog understands that cigarettes are not good for you in ANY way, so one can hardly point to education as a factor here. Society holds no illusions regarding this, unlike half a century ago when you would find the family doctor pimping his favorite brand of cancer sticks to your kids.
And given the manufactured addiction embedded within cigarettes (that probably should be illegal), we should be careful with this make-it-expensive approach. When it is only the social elite who smoke due to the cost, that same group will be looking to use their influence to manipulate anti-smoking laws to reverse them in their favor. The last thing we need is Big Tobacco lobbyist reinforcements.
All you have to do is not adopt the same bullshit-fee and fuck-you-charge "sales" model that Verizon and AT&T have been using in recent times to essentially demonstrate their corporate arrogance and ability to fuck over their customers in the name of pure unadulterated greed.
TL; DR - Don't become a greedy prick, because competition still exists.
You're going to tell me that the active investigations along with the potential liability of not holding data for years worth of solved cases was somehow not worth $4000?
What legal liability? Some cases might get dismissed but why would that matter for the police department?
And some cases might get re-opened because of new evidence brought to light that might benefit the wrongly accused, which would be essentially impossible to further such an investigation because of evidence being destroyed.
Regardless, the chain of custody issue has to be validated with such an intrusion anyway, which even furthers my point regarding this being used as a scapegoat excuse for evidence being destroyed deliberately by those holding it.
re "Learning to use the tools that you will need to succeed in the workplace is not a concept that died 30 years ago." People are not moving from a generation of typewriters or Wang https://en.wikipedia.org/wiki/... anymore. They got exposed to Microsoft products at school, university and work with such products every day. The need for a generation of workers to buy into a new series of expensive MS applications at home is gone. As mentioned by others on slashdot that office GUI might even be global and very secure using some networked interface.
My point was more centered around the fact that familiarity with MS Office is still a critical component of corporate success, regardless of where you actually learn it. You could learn to drive using the corporate van, but if you're going to become good at driving, familiarity by driving a vehicle outside of work becomes rather key.
For students, Office 365 for Education is free, which of course is the ultimate price tag for the younger generation. As far as paying for it after you graduate, there are significant discounts for home use. No, I don't agree with this whole concept of a monthly fee, eradicating the concept of true ownership, but support for an Office suite usually dies after a few years with subsequent upgrades, so a standalone version of Office (which they also still offer) doesn't exactly last forever.
As someone in Seattle that has suffered at least two-thousand days of downltime with our Internet access, you are wrong.
Unless you're employing some interesting metrics, 2,000 days of downtime equates to years of no service, and thus you are not "suffering".
You or your company have clearly learned to accept paying an ISP for their fantastic ability to deliver the worst service I've ever heard of.
The headline got truncated. There should be " - and nothing else" at the end.
Wow.
I've heard of a lot of sexual fetishes, but you have to admit that Pasty White Virgins Playing Resident Evil Naked in Moms Basement is one of the more odd ones...
Typing letters, doing a spreadsheet, desktop publishing is not the unique, selling point, must have product that has to work between management and staff.
When one commands the corporate environment, you don't really have to be unique. A major selling point of MS Office is the dominance it has held in corporate business, and continues today. Programs like Outlook, Word, and Excel "work" between management and staff because it happens to be the one software package that is taught to pretty much anyone who needs to use a computer for more than gaming, Netflix, and Facebook.
Commercial/gov users have their software paid in full, home users now have fast hardware and other great software options.
I suppose you could consider them paid in full, if you don't count those infamous support/maintenance contracts that seem to never die.
Home users want to get as far away from boring and expensive work applications as possible. Other apps, quality non rental software, free software, open source can offer text and spreadsheet support. The GUI is simple, support works, the app is fun for what it offers. Microsoft is great for games, GPU's. The complex, boring work like Office GUI is not needed at home for or users.
Yeah, I get the whole work/life balance, but not every interface is designed to create "fun". It's called MS Office, not MS "Partytime", and these complaints read like a Millennial whining because there's no Call of Duty plug-in for MS Word.
Better supported apps exist for the average user doing simple, average computing tasks. The early 1980's and 1990's rush to use, understand and study Microsoft application at home to be a better worker is over.
Learning to use the tools that you will need to succeed in the workplace is not a concept that died 30 years ago. And if you think learning MS Office is irrelevant, go see how many employers are interested in potential hires who are completely unskilled with that particular software package. There's a reason high-school students are still being taught MS Office today.
As if any company would change their policies after a few days of downtime.
Many companies run their business on Outlook, Word, and Excel, which is why you see it installed on almost every end-user system. Put another way, shut off the internet and see what happens to the ISP contract after "a few days of downtime".
"Most of the data was from solved cases, but some of the evidence was from active investigations...the department did not pay the $4,000 ransom demand and decided to wipe all its systems."
I'm sorry, but one legal firm can rack up more than $4000 in legal fees in a single day.
You're going to tell me that the active investigations along with the potential liability of not holding data for years worth of solved cases was somehow not worth $4000?
The numbers just don't add up here. At all. Hate to go all conspiracy theory, but this sounds more like an intentional infection and a premature decision to wipe data that might have shown a bad light on a certain law enforcement actions.
It sounds like they only had one backup, and that promptly got overwritten. It should be standard procedure to have an offsite backup as well. I always did.
A backup implies exactly that regardless of medium or location, and if the backup runs after the infection, then you're doing nothing but backing up (ransomware) encrypted data.
The end result is you're still fucked.
Anything that moves or vibrates radiates some energy. Hence such crystals would provide "free" energy and that is very, very, very unlikely to be possible in this universe.
It's also very, very, very unlikely that you are not as smart as you think you are.
In any universe.
...If your data was there and you upset Uncle Sam enough, would he try to invade - and would the UK let him!!
HavenCo has a rather interesting history of trying to host a data center there...
There is no such thing as doomsday
Well, there is a doomsday but nuclear war would not be it. Yes a lot of humans would die in an all-out nuclear war, maybe even the majority, but it would not wipe out the human species. Not even close.
Really? Last time I checked, the combined capability of just two countries on this planet held enough nuclear firepower to destroy the entire planet several times over. Not sure why you assume everyone would just pop off one round if shit ever did hit the fan.
Climate change is also not it. Primitive stone age tribesmen millions of years ago survived far worse climate conditions than what climate change believers are projecting.
Primitive tribesman did not have to survive nuclear fallout and try to thrive on a radioactive planet, which is the ultimate "climate" change.
Let's stop applying Hollywood science here, because the aftermath script is not Mad Max. Not even close.