file-sharing software could be to blame for government workers who expose sensitive data and jeopardize national security after downloading free music on the job
It sounds like the network administrators in said "governmental offices" should take the precautions neccessary to police the bandwidth. Furthermore, any environment in which said p2p applications are capable of leaking any private information need to be under closer scrutiny.
Don't blame the p2p networks for the actions and negligence of those in control of their own computer infrastructure.
A decade ago, the idea that copyright infringement could become a threat to national security would have seemed implausible. Now, it is a sad reality.
Since when is copyright infringement, and not massively-propagating worms and keyloggers, the problem for national security. The latter causes FAR more breeches of personal identity information and credentials.
Gentoo has a good kernel hardening guide
on
SELinux by Example
·
· Score: 1
Check out the Gentoo hardening overview. They refer to a couple of good kernel technologies useful to secure your system if you are that paranoid.
They're not, but if you would like to pay them for it, I'm sure they wouldn't mind...
In that case actually, I'm selling SELinux for half off what the government charges. Interested in a purchase of some ISO's? I have some mirrors I can point you to if you send me a paypal payment of $500. Technical support will be handled over IRC on freenode.
Then perhaps we can work on systems that only take over in cases in which the automobile determines there is undue danger or risk to others? Furthermore, could we set aside certain highways that are preferred for recreational driving that is not bound to automation?
Either way, it seems to me that tight urban areas should be off limits to traditional "manual" driving, and that free driving along interstates is more realistic than an automated system.
I see that this released draft seems to focus on speed increases, and not enough at all on security. Why is it that the industry is focused on such unimportant aspects of the technology.
With this speed increase, we will see even MORE packets per second on these networks, which only makes cracking of WEP, WPA, and LEAP that much faster now that the cryptographic sample set increases.
If you do elect to bring the laptop along, I would recommend considering encrypting the disk. That way, if it is stolen, there will not be any identity theft risks associated with people uncovering your account informations or credentials.
The only ultimate solution is cars that drive themselves. Technology is on the rise, and people will be finding more and more ways to distract themselves behind the wheel. Furthermore, days are getting more and more busy in this fast paced society of ours, and we all have plenty of crap to think about whilst in transit to work or school.
Automated highways are the solution for the future, and really the only solution IMHO. Until they are implemented, we will continue to lose 17,000 people to drunk driving deaths per year alone, and once we tack on all the "blackberry pileups" and other "accidental" accidents, where do we end up?
The botnet problem is a little worse than you may think....And it is these botnets that are allowing such rampant system compromise.
First of all, recognize that botnet malware evolves at a pace in which it is rather difficult for the antivirus vendors to keep up with. All it takes is a download of phatbot, a little code hacking to ensure it is just perfect for your uses, and then you run it through a packer. You won't preserve the same md5sum of course once your binary is customized, so the only other way that the sample can be detected is some more advanced techniques. (API hooking, entropy scanners, or looking for certain assembly sequence patterns). I'm not sure what the default scanning behavior of most AV scanners is, but they might not utilize such hardcore tests on every file in your system.
Secondly, most botnets run over port 6667, so even if you were running a firewall, you would need to have one that blocked the default IRC port by default. If this is unlikely for the majority of firewalls out there, also recognize that many newer IRC bots are relying more heavily on http command and control mechanisms. That is, they no longer communicate over IRC, and instead resort to making web posts to communicate with the hacker. Being port 80 based, suddenly its not so detectable amongst the stream of internet web traffic.
As for infection trajectories, also recognize that many infections today are indeed user error, whether it be an email attachment or downloading some videogame crack off of some site. The zero day exploits contribute to the problem as well.
I wrote some convenient bash shell scripts for my linux machine, and I run streamripper instances at bootup. On my fairly slow home connection, I accumulate around a few gigs of new music daily from the several electronica shoutcast streams I "listen" to.
What's great is that it is entirely legal, and the network gods only see a connection from a shoutcast client, so they don't care. Its only 128, but its a great deal for what has become 150 gigabytes of trance and ambient electronica. I have been listening to this stuff maybe 6 hours a day, and I have yet to assign names to all these songs. I rarely even encounter the same song very often, so it never gets old for me.
I'm not sure if other genres are represented as much in the shoutcast scene, but it may be worth a look.
I find it unique that this finding does not explain the geographical links to obesity. We in America are supposedly said to be the fattest on the planet. Certainly the whole idea of sports is not uncommon in other countries, and if anything we are far less active thanks to modern internet distractions such as slashdot. If this study is suggesting a genetic link to the obesity problem, what does this imply about our genetic diversity as compared with the rest of the planet?
The whole idea of DRM will NEVER work, and this is why...
In the physical process of some digital artwork manifesting itself in front of you, these "bits" of information find their ways into your brain! If it's music, post DRM the safety mechanisms say "it's alright, let the information flow to the speakers" and off the data goes. In the case of video, at some point photons are emitted and received by the rods and cones in your eyes.
So long as this information exchange is feasible, (which it always will be, otherwise there is no point in digital media), then there will be some clever warez distributer that will extract said information into some media that can be copied without protections. Even at the basic level, we know that telesync-type copies are terrible, however the technology exists such that if someone really wanted to, they could playback any DRM'd music file and "record" it, even entirely in memory space, to a non-DRMed file.
So long as, at some point, the corporations are sending this information to you, it can and will be duplicated. Any encryption or steganography they throw at us is just buying them minute amounts of time before it will eventually escape to the masses in free and untraceable format. Why do they even bother?
Does anyone besides me get the distinct impression that the advent of massive file trading could be the birth of a more socialist or perhaps even communist market of modern artwork? Music or not? It seems to me most of my friends listen to indie music and admire indie artwork on sites like deviantart.com.
Slashdot Mirror
It sounds like the network administrators in said "governmental offices" should take the precautions neccessary to police the bandwidth. Furthermore, any environment in which said p2p applications are capable of leaking any private information need to be under closer scrutiny.
Don't blame the p2p networks for the actions and negligence of those in control of their own computer infrastructure.
A decade ago, the idea that copyright infringement could become a threat to national security would have seemed implausible. Now, it is a sad reality.Since when is copyright infringement, and not massively-propagating worms and keyloggers, the problem for national security. The latter causes FAR more breeches of personal identity information and credentials.
Hardening
And keep in mind: Even if you are not paranoid, they still could be out to get you.
In that case actually, I'm selling SELinux for half off what the government charges. Interested in a purchase of some ISO's? I have some mirrors I can point you to if you send me a paypal payment of $500. Technical support will be handled over IRC on freenode.
Either way, it seems to me that tight urban areas should be off limits to traditional "manual" driving, and that free driving along interstates is more realistic than an automated system.
With this speed increase, we will see even MORE packets per second on these networks, which only makes cracking of WEP, WPA, and LEAP that much faster now that the cryptographic sample set increases.
Next they'll be telling us that we humans evolved from monkeys!
If you do elect to bring the laptop along, I would recommend considering encrypting the disk. That way, if it is stolen, there will not be any identity theft risks associated with people uncovering your account informations or credentials.
The only ultimate solution is cars that drive themselves. Technology is on the rise, and people will be finding more and more ways to distract themselves behind the wheel. Furthermore, days are getting more and more busy in this fast paced society of ours, and we all have plenty of crap to think about whilst in transit to work or school.
Automated highways are the solution for the future, and really the only solution IMHO. Until they are implemented, we will continue to lose 17,000 people to drunk driving deaths per year alone, and once we tack on all the "blackberry pileups" and other "accidental" accidents, where do we end up?
Is there a statistician in the house?
First of all, recognize that botnet malware evolves at a pace in which it is rather difficult for the antivirus vendors to keep up with. All it takes is a download of phatbot, a little code hacking to ensure it is just perfect for your uses, and then you run it through a packer. You won't preserve the same md5sum of course once your binary is customized, so the only other way that the sample can be detected is some more advanced techniques. (API hooking, entropy scanners, or looking for certain assembly sequence patterns). I'm not sure what the default scanning behavior of most AV scanners is, but they might not utilize such hardcore tests on every file in your system.
Secondly, most botnets run over port 6667, so even if you were running a firewall, you would need to have one that blocked the default IRC port by default. If this is unlikely for the majority of firewalls out there, also recognize that many newer IRC bots are relying more heavily on http command and control mechanisms. That is, they no longer communicate over IRC, and instead resort to making web posts to communicate with the hacker. Being port 80 based, suddenly its not so detectable amongst the stream of internet web traffic.
As for infection trajectories, also recognize that many infections today are indeed user error, whether it be an email attachment or downloading some videogame crack off of some site. The zero day exploits contribute to the problem as well.
I wrote some convenient bash shell scripts for my linux machine, and I run streamripper instances at bootup. On my fairly slow home connection, I accumulate around a few gigs of new music daily from the several electronica shoutcast streams I "listen" to.
What's great is that it is entirely legal, and the network gods only see a connection from a shoutcast client, so they don't care. Its only 128, but its a great deal for what has become 150 gigabytes of trance and ambient electronica. I have been listening to this stuff maybe 6 hours a day, and I have yet to assign names to all these songs. I rarely even encounter the same song very often, so it never gets old for me.
I'm not sure if other genres are represented as much in the shoutcast scene, but it may be worth a look.
Inbreeding?
In the physical process of some digital artwork manifesting itself in front of you, these "bits" of information find their ways into your brain! If it's music, post DRM the safety mechanisms say "it's alright, let the information flow to the speakers" and off the data goes. In the case of video, at some point photons are emitted and received by the rods and cones in your eyes.
So long as this information exchange is feasible, (which it always will be, otherwise there is no point in digital media), then there will be some clever warez distributer that will extract said information into some media that can be copied without protections. Even at the basic level, we know that telesync-type copies are terrible, however the technology exists such that if someone really wanted to, they could playback any DRM'd music file and "record" it, even entirely in memory space, to a non-DRMed file.
So long as, at some point, the corporations are sending this information to you, it can and will be duplicated. Any encryption or steganography they throw at us is just buying them minute amounts of time before it will eventually escape to the masses in free and untraceable format. Why do they even bother?
Does anyone besides me get the distinct impression that the advent of massive file trading could be the birth of a more socialist or perhaps even communist market of modern artwork? Music or not? It seems to me most of my friends listen to indie music and admire indie artwork on sites like deviantart.com.
Just my 52 cents