Yes but Schneier isn't making any claims consistent with knowing that RSA, AES, etc is compromised at the algorithm level. One thing I haven't seen him, or any other mainstream news source really call attention to is that one of the released document hints that some (unnamed) encryption chip used for vpns and ssl has been compromised. If they have a backdoor that lets them pull private keys out of gear from one of the big players that could give them everything that has been hinted at.
The claim is VPNs and SSL... so either a break in RSA or AES, either way SSH would be covered. But there are so few details in the story its hard to know how technically competent the staff who reviewed the documents and therefore how serious the threat is.
The advantage of keeping client code closed is that you can make breaking API changes much more easily. If you have an open client and an open API you are stuck with them and you need to spend a lot more time making sure that they are correct and complete. With a client based on reverse engineering you have no right to be surprised when it suddenly breaks.
You pay more when you are self pay because there is a much higher risk that you won't pay at all... i know every time I've walked in to a doctor's office with cash or a debit card I've gotten prices at or below what insurance companies are paying.
A compact rail gun sounds not that useful as a space launch tool, mounting one on a ship on the other hand makes a lot more sense. Add that to the kickstarter campaign that will put them at the bottom of the weaponized range and the planed conference to figure out other uses of the technology, that seems to be exactly what they have in mind.
Its just not technically possible and not something that my company would ever do because it would destroy the integrity of audit logs.
If they really need to have access as a specific user we have an impersonation feature (for tech support) that allows one user to perform actions in the system with the rights of another, except that the logs still tell us who is actually doing stuff. Seems like a much better way to deal with this kind of request.
"Keeping a session open" consumes in the neighborhood of 20-40 bytes in a database... not significant by any stretch of the imagination. The way we do it is that the cookie maps to a session Id and "logout" removes the cookie and closes the session in the database.
We have reached the point in time where attorneys general have realized that companies need to encrypt customer data? Either that happened faster than I expected or I'm getting old faster than I realized.
Liberty Reserves MO was high on fees and low on questions. I suppose there could theoretically be a reason to use them, but the only people I know who carried a balance with them got said balance from HYIPs... so I can't feel too bad for them.
What would work, as far as rights are concerned, is for those people that police prosecute, or that make official complaints against the police, to get a copy of the footage in which they appear.
it already works that way, as long as you can afford a lawyer.
I run a dev team for a commercial, closed source, product. If one of my developers introduces stolen code into the product, one or both of us is getting fired. It doesn't matter if the environment is.net or not and it doesn't matter if its stolen from a FOSS project or a competitor's code base. I don't think that is unreasonable or hard to understand and I've never had to fire someone because of it.
log4net and Json.Net are two prime examples. We are also using a bunch of open source media libraries (e.g. ffmpeg and opencv) on my current project and have been for years. The only resistance is that we are shipping closed source software so anything that is GPLed is out, but if the business reality changed to where we could a GPLed product there wouldn't be a second thought about using code under the GPL.
Stupid answers attract down votes, so generally you are going to seen some sort of preface to the horrible answer. If not post a comment and you'll probably get an answer.
On a macro level, it wouldn't be long before chaos ensues, society collapses, and what actually takes form in the end is more akin to tribalism; one big, roaming group taking everything for itself and screw everyone else, too bad so sad. If you're a part of that group, it's great for you, but if you're not in that group, it's terrible.
No,no, no. What really happens is that Jim and his neighbors band together, creating a police (or military if there are enough bandits) force to protect their stuff and a set of rules what their collective police force can and can't do... lets call them laws. In other words, states emerge very quickly from anarchy and historically the states have pretty much always won out over the roving groups of bandits.
Slashdot Mirror
you should review the definition of NP
Yes but Schneier isn't making any claims consistent with knowing that RSA, AES, etc is compromised at the algorithm level. One thing I haven't seen him, or any other mainstream news source really call attention to is that one of the released document hints that some (unnamed) encryption chip used for vpns and ssl has been compromised. If they have a backdoor that lets them pull private keys out of gear from one of the big players that could give them everything that has been hinted at.
Way more useful that what is linked in the summary.
Even if the CA were in your back pocket how would you go about generating a rogue certificate with the same fingerprint as the real one?
The claim is VPNs and SSL... so either a break in RSA or AES, either way SSH would be covered. But there are so few details in the story its hard to know how technically competent the staff who reviewed the documents and therefore how serious the threat is.
The advantage of keeping client code closed is that you can make breaking API changes much more easily. If you have an open client and an open API you are stuck with them and you need to spend a lot more time making sure that they are correct and complete. With a client based on reverse engineering you have no right to be surprised when it suddenly breaks.
You pay more when you are self pay because there is a much higher risk that you won't pay at all... i know every time I've walked in to a doctor's office with cash or a debit card I've gotten prices at or below what insurance companies are paying.
because it is easier to manage when your "static" IPs are set up on a central server.
A compact rail gun sounds not that useful as a space launch tool, mounting one on a ship on the other hand makes a lot more sense. Add that to the kickstarter campaign that will put them at the bottom of the weaponized range and the planed conference to figure out other uses of the technology, that seems to be exactly what they have in mind.
Its just not technically possible and not something that my company would ever do because it would destroy the integrity of audit logs.
If they really need to have access as a specific user we have an impersonation feature (for tech support) that allows one user to perform actions in the system with the rights of another, except that the logs still tell us who is actually doing stuff. Seems like a much better way to deal with this kind of request.
"Keeping a session open" consumes in the neighborhood of 20-40 bytes in a database... not significant by any stretch of the imagination. The way we do it is that the cookie maps to a session Id and "logout" removes the cookie and closes the session in the database.
We have reached the point in time where attorneys general have realized that companies need to encrypt customer data? Either that happened faster than I expected or I'm getting old faster than I realized.
Its a privileged escalation vulnerability... your machine has to already be compromised for this to be abused in the wild.
Liberty Reserves MO was high on fees and low on questions. I suppose there could theoretically be a reason to use them, but the only people I know who carried a balance with them got said balance from HYIPs... so I can't feel too bad for them.
It's an Abe Lincoln quote...
What would work, as far as rights are concerned, is for those people that police prosecute, or that make official complaints against the police, to get a copy of the footage in which they appear.
it already works that way, as long as you can afford a lawyer.
In order to get NYC OTA feeds through Aero you need to have a NYC street/billing address.
Similar plan at Verizon... unlimited talk, text, and 500MB of data is $60. BYOD/no contract.
http://en.wikipedia.org/wiki/Elections_in_the_People's_Republic_of_China
-33 years
They are using HLS which most of the industry except Google supports.
I run a dev team for a commercial, closed source, product. If one of my developers introduces stolen code into the product, one or both of us is getting fired. It doesn't matter if the environment is .net or not and it doesn't matter if its stolen from a FOSS project or a competitor's code base. I don't think that is unreasonable or hard to understand and I've never had to fire someone because of it.
log4net and Json.Net are two prime examples. We are also using a bunch of open source media libraries (e.g. ffmpeg and opencv) on my current project and have been for years. The only resistance is that we are shipping closed source software so anything that is GPLed is out, but if the business reality changed to where we could a GPLed product there wouldn't be a second thought about using code under the GPL.
Stupid answers attract down votes, so generally you are going to seen some sort of preface to the horrible answer. If not post a comment and you'll probably get an answer.
On a macro level, it wouldn't be long before chaos ensues, society collapses, and what actually takes form in the end is more akin to tribalism; one big, roaming group taking everything for itself and screw everyone else, too bad so sad. If you're a part of that group, it's great for you, but if you're not in that group, it's terrible.
No,no, no. What really happens is that Jim and his neighbors band together, creating a police (or military if there are enough bandits) force to protect their stuff and a set of rules what their collective police force can and can't do... lets call them laws. In other words, states emerge very quickly from anarchy and historically the states have pretty much always won out over the roving groups of bandits.
http://musicbrainz.org/ is a good place to start, though Picard doesn't do all of the things you suggest.