How many of those points fit them?
I think the feds need to be reminded about intent, lets do it the hard way and report every federal agent and investigator as a suspected terrorist after all they fit the list?
You mean the ones that are no different in load to the one the phone makes regularly to the base station for the same purpose. Those are a single packet or 2 usually.
Not to mention Wifi term and logo can only be displayed on Wifi Alliance certified devices that support a specific set of protocols of the 802.11 protocols. A lot of devices are not certified even if they do support the agreed protocols and so will not even mention wifi on the packaging, the idea is that any wifi alliance logo'ed box will be compatible with any other wifi logoed device.
It's so slows to scan the whole spectrum, we are talking about how to get lower latencies and that's not going to happen via this method with even 100ms round trip times remember we got to wait on each frequency long enough to be sure we haven't missed the last broadcast sent. That even a the cheapest GPS receiver (we'll come back to this in a minute) does not just scan the spectrum, a contact of one satellite takes a long time, so one needs to know which ones are currently overhead. Finally, that is receive only, if we are actually transmitting and maintaining contact then we do not want to be spamming on the frequency we are contacting on as we want our replies to get through not have every single packet collide. This is one reason even cheap GPS knows which satellites are the ones it's in contact with and which ones are due up next (needs to know this for other reasons too, but that's not important there is stuff in GPS where you can use the brute force method you suggest, try setting the GPS clock wrong on your reciever and then wondering why it can't even get a single signal lock.).
No, you still need some tracking, if only enough to know which satellites are currently in your hemisphere (as GPS does). And if we are using that much power that we don't need a directional antenna at all then we can do ground to ground propagation and cut out the satellite all together.
we already do have streaming over satellite, the key is not to use a stateless TCP based protocol for it like HTTP. Instead a UDP based one. Basically you want more redundant information in your error correction (bandwidth isn't a problem) and less asking for retransmit of the packet.
Unfortunately the only fix is to use lower non geosynchronous orbits and then one has to be constantly tracking the satellites and needs motorized antennas.
If doing full mutal auth with client side certificate, as long as it was not compromised at client cert generation time then it's secure as the client cert gets crossed signed by the server cert, if either cert has been changed this will no longer match, CA is now irrelevant in this case.
Yes, as in this specific case one does a Diffie-Hellman key exchange before an attack. But when proofing anything against bruteforce style attacks on assumes that it's going to be an offline attack. We assume worse case in cryptography research, not best case and hope someone doesn't work out how to make it offline. but I'm just pointing out, generally speaking *any brute-force* 10^8 keys is not a lot, infact an 8 digit full alphanumeric + symbol password.passphrase is nolonger considered secure. And enforcing certain symbols, or not all lowercase etc actually makes things worse, as I can cut out that area of the key space.
Actually. it is achievable, it's not about speed it's about being extremely parallel, if I try a different key across each 200+ processor cores. A S2050 1U GPU Computing System from Nvidia has 4 GPU's each with 448 Thread processors in them giving a total of 1792 parallel processing cores. Even if each one can only try 1 key a millisecond (this is slow but algorithm dependent!) we are talking about ~55,804 milliseconds, which is just under a minute. So your only defense now is that I can't capture a packet and do an offline attack?
I can try 8 digit pin (0-9 only?) in mere seconds on modern hardware just a bruteforce. The problem is bad security options set as default, do we remember when they turned WPA on and then used a hashed router serial number + ESSID for the key so the autoconfig software could figure it out remotely?... Same badness there. Now if you are using default security on your routers, this is to be expected.
Or move to a country where what you just said is actually illegal, like most of the civilized world. It's not surprising that the US is still only a little better than slavery.
Slashdot Mirror
Yes its problematic in the real universe. But perpetual motion is a fundamental concept of Newtonian physics.
"The velocity of a body remains constant unless the body is acted upon by an external force." -- Newtons First Law of Motion.
So, we take a vacuum well away from any other bodies and set a body in motion.
Aren't they required to have separate provided cell/mobile phones for work use?
How many of those points fit them?
I think the feds need to be reminded about intent, lets do it the hard way and report every federal agent and investigator as a suspected terrorist after all they fit the list?
You mean the ones that are no different in load to the one the phone makes regularly to the base station for the same purpose. Those are a single packet or 2 usually.
Worse still is google analytics, that one happens 100% hidden from the ordinary users view, no picture or anything.
Accept the little picture was requested from facebooks' server?
You might want to add noscript too!
You mean like my modified /etc/hosts/ file on my rooted phone, and Avast Mobile Security firewall?
Not to mention Wifi term and logo can only be displayed on Wifi Alliance certified devices that support a specific set of protocols of the 802.11 protocols. A lot of devices are not certified even if they do support the agreed protocols and so will not even mention wifi on the packaging, the idea is that any wifi alliance logo'ed box will be compatible with any other wifi logoed device.
Okay, it's not government technically. And why can't he have citizenship?
Yes, it's a PITA, but not impossible as was suggested."can't" is not the same as "bloody nightmare".
Of course you can, it may require replacing a chip on the motherboard but of course it's possible with enough time and effort.
It's so slows to scan the whole spectrum, we are talking about how to get lower latencies and that's not going to happen via this method with even 100ms round trip times remember we got to wait on each frequency long enough to be sure we haven't missed the last broadcast sent. That even a the cheapest GPS receiver (we'll come back to this in a minute) does not just scan the spectrum, a contact of one satellite takes a long time, so one needs to know which ones are currently overhead. Finally, that is receive only, if we are actually transmitting and maintaining contact then we do not want to be spamming on the frequency we are contacting on as we want our replies to get through not have every single packet collide. This is one reason even cheap GPS knows which satellites are the ones it's in contact with and which ones are due up next (needs to know this for other reasons too, but that's not important there is stuff in GPS where you can use the brute force method you suggest, try setting the GPS clock wrong on your reciever and then wondering why it can't even get a single signal lock.).
No, you still need some tracking, if only enough to know which satellites are currently in your hemisphere (as GPS does). And if we are using that much power that we don't need a directional antenna at all then we can do ground to ground propagation and cut out the satellite all together.
doesn't matter whether it's external server or the same server, every separate file over HTTP is a problem from a latency perspective.
Okay, compare the UK, it's even worse.
we already do have streaming over satellite, the key is not to use a stateless TCP based protocol for it like HTTP. Instead a UDP based one. Basically you want more redundant information in your error correction (bandwidth isn't a problem) and less asking for retransmit of the packet.
Unfortunately the only fix is to use lower non geosynchronous orbits and then one has to be constantly tracking the satellites and needs motorized antennas.
If doing full mutal auth with client side certificate, as long as it was not compromised at client cert generation time then it's secure as the client cert gets crossed signed by the server cert, if either cert has been changed this will no longer match, CA is now irrelevant in this case.
Yes, as in this specific case one does a Diffie-Hellman key exchange before an attack. But when proofing anything against bruteforce style attacks on assumes that it's going to be an offline attack. We assume worse case in cryptography research, not best case and hope someone doesn't work out how to make it offline. but I'm just pointing out, generally speaking *any brute-force* 10^8 keys is not a lot, infact an 8 digit full alphanumeric + symbol password.passphrase is nolonger considered secure. And enforcing certain symbols, or not all lowercase etc actually makes things worse, as I can cut out that area of the key space.
Actually. it is achievable, it's not about speed it's about being extremely parallel, if I try a different key across each 200+ processor cores. A S2050 1U GPU Computing System from Nvidia has 4 GPU's each with 448 Thread processors in them giving a total of 1792 parallel processing cores. Even if each one can only try 1 key a millisecond (this is slow but algorithm dependent!) we are talking about ~55,804 milliseconds, which is just under a minute. So your only defense now is that I can't capture a packet and do an offline attack?
I can try 8 digit pin (0-9 only?) in mere seconds on modern hardware just a bruteforce. The problem is bad security options set as default, do we remember when they turned WPA on and then used a hashed router serial number + ESSID for the key so the autoconfig software could figure it out remotely?... Same badness there. Now if you are using default security on your routers, this is to be expected.
Or move to a country where what you just said is actually illegal, like most of the civilized world. It's not surprising that the US is still only a little better than slavery.
But if he doesn't do it in work time, there is no reason he shouldn't be compensated with overtime pay for it.