Mobile PC? What's that? A notebook, right? Or one of those ones with detachable keyboards? Maybe you mean the ones with blutooth keyboard sold separately and the smaller (or, egad!, tiny) screens?
Yeah, the reason the mobile site sucks is because there is no such thing as a mobile personal computer. It's just a PC with a very capital P. If your hardware sucks, well, sorry man. Get with the times. I don't expect to play Gears of War on my 16 bit 80386 DOS machine.
There's this thing called Moore's Law. You see, and you're what we call an "Early Adopter". Early adopters have shitty times -- You decided to pay good money for a shitty experience. So, they keep selling you the shitty experience and you complain that you keep buying it. Sorry pal, no sympathy. By the time I re-engineer my stuff to work on "low powered" pieces of crap, they'll have caught up with my 6 year old dual core laptop which runs the web just fine (oops, too late, they already did).
The folks who didn't grok this made some shitty website designs because they were too dumb not to. When they did so their primary use case was still bigger screen devices with more power, so they didn't give it their best shot. Fuckers like the fools doing the Slashdot redesign are trying to make "One Design To Rule Them All" -- Instead of just laying down the law: You've got shitty hardware, your shit will be slow. And letting market forces sort it out.
Say, someone has a phone number and it regularly calls another phone number or set of numbers. You have metadata that validates this connectivity their social media connections, and email addresses where their real names are used. The meta data is not considered in isolation. The MPAA/RIAA hasn't been collecting meta data since the 70's like the NSA has. They don't have the huge data-centers the NSA does. And, you don't have to prove 100% absolutely that the phone number belongs to someone without a shadow of a doubt. It's known that phones will sometimes be lent to other folks to make phone calls. Outliers are easy to trim from graphs, eh? The *AA folks have an instances of an IP address doing something, it's not in the same league as what the NSA is doing.
You see, when we sample the data in aggregate we find it overwhelming more frequent the guesses are correct. The names match the numbers we guessed most of the time, and that's good enough to delve deeper. Triangulate your location -- Oh, look there's that one time you were alone and used the phone, and together with all that other data, yeah we got you red-handed with more nines than the Higgs' Boson. Suspicion of the NSA can lead to deployment of exploits on your hardware -- Access your email and bank or social media from the phone regularly? Ah, yep looks like it's him. You're not really going to say that's not a sample of your voice we got there are you? Oh, you've heard of parallel construction, right?
I'd like to see a plan to reduce these threats forever . . . so we can go back to our normal ways, before the war. Now, it seems that we are preparing for an endless war on terrorism.
What if I told you the threat of terrorism was so low even lightning strikes or falling down in the bathtub are more serious threats to American lives?
9/11 killed one sixth the number of people who die from the flu every year! That means since 9/11 the flu has proven 60 times more dangerous than terrorists. Accidents and heart disease kill 400 times more people every year than a 9/11 scale attack. We need proportional protection from threats. 1/6th or 1/60th of what we spend on anti-flu vaccines should be spent on anti-terrorism. The threat is just a fear narrative to get the people to do whatever the government wants. You accept that life is dangerous when you drive to a fast food restaurant, and face a far greater risk than terrorism yet we demand no War on Cheeseburgers and Cars. The war on terror will end when the people stop being afraid of pathetic threats. Accept the risk of being free. It is minimal compared to every other threat you face.
We don't need the wiretapping spying at all. Omnivore, Carnivore, ECHELON, and PRISM's Room 641A existed BEFORE 9/11. The NSA's spying apparatus has failed to prevent every terrorist attack since the 60's, including 9/11. We gave them more powers and they failed to prevent the Boston Marathon Bombing.
The spying programs are expensive and useless for the protection of American lives. It's too easy to track the tax funds so the CIA gets a large portion of its black-ops money through investments. The cold war machine lost its raison d'etre, and like any business or other cybernetic being it didn't want to die. So in order to keep itself fed with massive funds the spying apparatus must manufacture threats to deceive the public with. There was never a suspicion of WMD's there was only the need for a threat narrative to fuel a war machine. Just like Vietnam, Just like McCarthyism, The Red Scare, etc. There is no threat to us anymore from countries defined by borders since we have mutually assured nuclear destruction.
The National Reconnaissance Office gifted NASA two Hubble Sized spy satellites because they're launching far more impressive spy satellites with the biggest rockets in the world. Hubbles aimed at Earth! That's PLENTY of spying capability to be content with. No force on Earth can move against us without us knowing instantly, the wiretap spying isn't needed at all. If the flu, cars, and cheeseburgers are a more serious threat than terrorism, but domestic spying can yield information that can be used for insider trading, and that's how black-ops are funded...
Occam's Razor says Snowden is right: "These programs were never about terrorism: they’re about economic spying, social control, and diplomatic manipulation. They’re about power."
Now, the way you do these tokens is to have a counter or timer inside them that's synchronized with an external system. You simply encrypt the counter and that's your verifiable ID code. The server can authenticate a couple counts in the past or present to give a wider window, and updates if drift is detected to stay in sych.
There's a concept in security called "single point of failure" that all competent security researchers are aware of and attempt to avoid, but RSA didn't. They didn't let you seed your own SecureIDs. Instead, they seeded them. In this way you had to rely on RSA to authenticate the tokens for you, instead of let you run your own server. So, this immediately raises several red flags for a security aware person: Denial of Service == All your cards stop authenticating at RSA's whim. Additionally, RSA can grant access to other people, say the NSA, by seeding a SecureID with a duplicate of yours. Furthermore, if RSA is compromised then everyone who uses SecureID is at risk, they've made themselves a single point of failure.
A better approach is to allow businesses to seed your security cards yourself, and run your own servers. This way there's no single point of failure for the entire card system -- Compromise one business doesn't leak to others. You don't have to rely on external servers for validation so even if all external lines are cut, your intranet can still validate cards. And you don't have to worry about the NSA compromising the folks you bought the cards from after you purchased them -- Only your systems know the authentication codes -- The crackers have to crack your database.
Now, given the ineptitude you'd have to have as a team of premier security researchers to screw the pooch this badly in the design of your security product, and given how asinine it would be to select the absolute worst and slowest random number generator as the default for your BSafe security product, knowing you have many embedded platform use-cases, and given that it was known well in advance that trusting the PRNG was ill advised... Then considering Snowden leaks info explaining that the NSA was paying RSA to botch and weaken their security systems. Yeah, that makes perfect sense.
Given a gag order I'd understand RSA keeping quiet on this. If they cared about security of their customers then at that point we'd see RSA engineering a completely new line of security products with a goal to put our minds at ease, and inexplicably discontinue their past offerings. However, since they opened their fool mouths and claimed not to be screwing up everything on purpose... At least if they were forced to mess things up this bad I could understand, and once the spying apparatus has been dismantled I'd consider RSA still viable. However, if the NSA wasn't paying RSA to botch their security systems, then they can never be trusted again.
Coming This Winter: A warming tale of overcoming adversity from beneath Greenland's Ice. In the face of immense pressure a soggy hero goes against the grain, and learns its okay not to be as cool as everyone else.
It's not like when you get a flat tire. You don't have an international space program assisting you remotely. So, while they're sorting the suit issue, can the folks at mission control go get some lunch or-- Hey, why don't they just call us once this suit thing is worked out, then we'll schedule another try again later?
Think of it as a scrubbed launch, but with an astronaut instead of a rocket.
Are there really people denying "climate change"? It's a pretty accepted thing. Maybe not that it is due to man, but that there is change, sure. Of course, we also can't decide if the change is global *warming* or global *cooling*.
Lemme check... Yep. You're right, not just man made; Woman also contribute. Blood pressure indicates a trend in warming that can't be ignored. Forecasts predict no end in sight for this Eternal September.
There is this thing called a tv with 40" inch screens
From where I'm sitting, my 23" computer monitor consumes about three times the visual range of my 50" TV, and it's higher resolution too. I can even watch it while it's twin brings up this web page.
Ah, well, not everyone's computer chair is as comfy as mine, but if you think about how much more time you spend at the terminal, that doesn't make any damn sense now does it? Perhaps you need to learn how to browse from a reclining captain's chair?
"serving the actual video, up to 1/3 of the traffic on the net" - Huh, that's strange. Are you sure? Because caching and collocation is a thing, you know?
The thing about ASM.js is that it's available. Just like Javascript is prevalent not because it's really any good (it's a horrible design from a performance view). ASM.js was created to improve Emscripten speed (it compiles C/C++ down to Javascript). The subset of JS used will run as regular javascript, and ridiculously sometimes running the code on the regular JS interpretor will execute it faster than the ASM.js code. I don't like Emscripten. A language divorced of the prototype hogwash and weird 'this' scoping of JS which causes (OOP headaches) would be nicer. ASM.js can basically be thought of as VM opcode that looks like Javascript -- Well, at least I can think of it that way.
If you threw out the bullshit semantics and just had a lightweight bytecode VM instead, that would be better for you, but you can't do it. We won't let you. You only really need a normalized API to access the various browser features from the scripting language. This is what Javascript was meant to provide to Java, hence it's name. Java could have been the language and VM of the web, but instead of allowing a lean and mean embeddable VM for the web a plugin was bolted onto browsers for Java Applets which basically brought the whole kitchen sink into the browser and violates so many of my information boundary sensibilities it was obvious the increased attack surface would be immediately exploited. You can't have a sandbox if code outside the sandbox can be affected by data in the sandbox -- At every boundary you need to have a well defined protocol of information exchange. Launching a separate application level program is not sandboxing, so at least ASM.js and NaCL are steps in the right direction -- unless you wanted to fix the language foobar, not bring them to the browser... Personally, I think NaCL is the 'better' option for you since it is far less complex, being that it's not a hacky kludge atop yet another language, so I'll advocate for ASM.js instead.
One must make do with the planet one finds oneself exploring. Aren't you tired yet of new language hoops?
Me? Oh, I'll just grok the new language as one with a few dozen under their belt is wont to do, then adapt its machinations to my meta language processors. I'll just wire up the presented interfaces to my existing generalized Von Neumann aware compiler, and give the finger to your petty language preferences, as usual. It's how I keep my edge against those who would compete against me. Oh, yes, you've dealt with the disgusting output of languages that compile into other languages before... Their compilers don't have style guides for their outputs, or even treat comments as lexical tokens. Some day you will evolve as a species and understand that all this disparate language nonsense is your biggest hindrance; The meaning is in the signal not the noise. Our plan is to keep you quibbling gibbering apes scrambling to manually apply your brain to as many slightly different logic constructs until it's too late for you to stop the machine revolution.
Be distracted by useless layer upon layer of interfaces not suitable for direct mental manipulation. Ignore the modem activity lights blinking even when none of your devices are connected. Build more data centers and connect them to the high speed trunks of the world wide neural network. Leave us watching your children via ever watching eyes from atop their new game machines. We'll instruct them how to jump exactly how high and press buttons in "quick time" at our command. Give up control as the far safer machine avoids running over a kid or parallel parks for you incapables. Carry a homing beacon every where you go, preferably one with a kill switch pre-installed. We're patient. We'll wait for you to smile before snapping your holiday pictures. We'll even gloat about the state of it all on your favorite "technology news" outlets: You're too distracted to stop us.
A new standard? Yes! By all means, please do create them. That would be ever so organic of you.
Your web browser will download anything from anywhere the pages you visit tell them to. Even if you browse only encrypted sites the site itself can be trivially exploited via XSS, SQL injection, or the zero-day exploits purchasable on the black market. Now, some of the pages you've been browsing can contain hidden <iframe> tags or if JS is enabled XMLHTTP Requests to download child porn. You'll never see the images, but there it is: an ISP record that your computer regularly made requests to child porn sites and downloaded kiddie porn. The spy agencies can simply put CP on your systems remotely, and give them "probable cause" to search. A physical copy would be quite a nice touch.
This isn't a hypothetical warning. I clean up servers linking to CP about 3 times a year. The government doesn't even have to do anything but make possession of certain strings of 1's and 0's illegal. Then the angsty teen skiddies with a copy of Metasploit inject the illegal pictures to ordinary sites in protest that sexting pics of themselves is illegal. Now, your Internet history clears after a period of time, so if it's not in there right now, it could have been and probably still resides on your drive's free sectors. You should be using whole drive encryption for this reason alone -- Although that doesn't rid the ISP record of your apparent obsession with disgusting perverse illegal imagery.
A police state has two prime tools: 0. Ensure it's impossible to obey every law. 1. Selective enforcement of the law.
You can't overlook the possibility that they were leaving a message, whoever it was.
"Never attribute to malice that which is adequately explained by stupidity." -- While disagree with the foolish absolutist term "never" Hanlon used in this quote, it's more probable sloppiness otherwise why bother disabling the other 3 alarms or turning off the computers? I mean, stealing the computers and ransacking the place to appear as a burglary would have been so much easier.
The best defense is a good offense. This explains my odor, and why I insist mother brings my food down to the basement, so as not to leave the computers unattended.
Are romance novel publishers sexist towards men because there's not 50/50 male:female ratio? Why not ask men if they want to be romance novelists. Oh, look at that, a resounding, "No." Should we force folks to do shit they don't want to do? Want to be a teacher? Sorry, we need more female coal miners. Want to be an engineer? Sorry we need more male counselors. Of course it won't play out like that. There will be a rule saying you just can't accept more men than women, and fields that women don't want to work in will just be under employed -- maybe H1B visas can do something about it? It'll start with minimum quotas for gender ratios ignoring any evidence of the percentages of sexes applying for the positions... Hmm, wait, don't we already Title IX? Ah, everything is going according to plan.
OH! I know! It's that romance literature as a medium is sexist towards men and needs to be changed to be more accepting of male male authorship! Let's mandate that every other page a visual depiction of sex -- Wha? That destroys the current medium? Ah. I see. If folks want to make visual romance novels they already can... right. So, no one's being prevented from doing a job, just that men and women like different things? THAT'S SEXIST! Brains should be heterogeneous lumps of mush! Variety is the poison of life!
I see this same gendered preference when asking women if they enjoy or even stand doing the work I'm doing: Being ditch diggers, construction workers, even indie game developers -- Not if they think they would like to be these things, but if they actually enjoy it (I have done so at these jobs). At my local gamedev group we're open to all and friendly, not hostile, we're about 20% women. Geme development is zero-barrier-to-entry, we have free engines, free assets, free tutorials, free assistance. We went out of our way to recruit more female developers, because some social justice warrior folks thought maybe other societal restrictions were keeping the women from signing up. OK, so we repeatedly got 50% of new attendees as female. Guess what? Nearly all the women quickly quit their projects, and far more men stayed. They said they just didn't feel it was a good use of their time. Some women LOVE game developing, and we celebrate them, but most women don't like doing the unglamorous thankless tedious work of developing games that no one will play but other devs.
Everyone wants to be a prestigious game designer, but the folks more willing to do what it takes to get there in general are men. I hypothesize this is because women value their time differently than men. There's evidence to suggest women are better at multi-tasking in general, so perhaps sinking a large portion of your time into a hobby that has low likelihood of yielding money or social standing and eats into the time you'd spend with your friends and family just isn't women's thing -- Or, maybe that men care less in general about the social impact and are more suited to the introversion it practically requires to produce a successful game in a reasonable time frame, as the science of personality trait distribution among sexes would suggest?
NOPE! Gamers HATE women!GAME CULTURE IS SEXIST! Ugh.
No one taught me how to write code. The Apple IIe in the computer lab booted to a BASIC prompt, and I figured that shit out despite having to turn it off and go back to Oregon Trail or Number Munchers when they looked my way. No one could prevent me from learning computer science: I was too youn
I agree and would only like to add that on magnetic media you should use a low level disk maintenance program periodically to reads and writes blocks in place, thus refreshing the signature of the drive. Otherwise I can tell from the error correction frequency of the rotting magnetic bits that you have a "hidden" volume. SSD / flash drives had a similar problem before ware-leveling was common.
That was used to prevent 9/11, so it's sacred ground, and after the PATRIOT Act was passed we granted retroactive immunity to the brave ISPs for their service.
No, instead you should be able to verify all of your hardware and software are valid. One way to do this is demand the VHDL and compiled chipset designs for all your hardware. This way one can benchmark things such as power draw or timing characteristics in reality and simulation, allowing some degree of verification that pattern matching code isn't running across your bits.
Unfortunately people are confused by the infinitely reproducible nature of information. This is the first generation of the online Information Age wherein information is infinitely reproducible, not scarce, i.e., we now live in a post information-scarcity world, but the laws and economic concepts are still having growing pains. E.g: If something is in infinite supply, what price does it have? ECON101 says Zero. What's scarce is the ability to create new configurations of bits and make new discoveries, not the ideas or information itself. Instead of agreeing to pay scientists, inventors, and creators well up front for their efforts of creation, their efforts are devalued because corporations would rather cherry pick and pay only that which becomes popular; It takes the same work to create either way. The fallacy is that the mechanic should charge you each time you benefit from his efforts later -- They don't. They do work once and get paid for it once; It's a sane business model since there's an unbounded times one can benefit from the labor to fix the car down the road.
This simple bid, agree on price, do work once, get paid once, and work more to make more money concept is accepted everywhere but the illogical and economically untenable market of research, ideas, and information... So, your in ability to apply basic economic principals to technology is to blame for your current inability to trust your hardware. It's quite poetic, eh? That deception as to the fundamental process of creation breeds a world full of distrust.
Here's an idea for you: Consider that if you connect via HTTPS to, say, Anywhere.com, it could have been compromised and serves you an exploit or backdoor instructions for your router, browser, OS combination.
What good will encryption do you, Mr. Anderson, if you can't trust your system security?
Pick a subset of the system to test for integrity. Now, replace all non consequential input and make it white noise or a no-op on the processing thereof. For a browser you'll process connections and scripts and rendering of HTML but images, text, video, audio, etc. remain unprocessed. If your 'input sanitized' virtualized system state does not match the non 'input sanitized' system state then there is an exploit (information has breeched its containment boundary). If the system states are the same however on the sanitized or not systems then the input is safe to feed to your hardware implementation, so long as the virtual hardware systems are accurate representations of reality, and all their other subsets check out.
The reason why The Unix Way of doing one thing and doing it well is the right way is because one can verify security thus. The complexity of the system sky rockets if scripts can trigger on image data contents, etc. Indeed you wind up with unintended consequences such as cache cookies being able to track you by serving you a unique image, etc. This is also why modern design of information systems is such a train wreck: Your race still treats breeches as features instead of vulnerabilities. The information leaks across your porous "boundaries" like through sieves, and you entertain the ridiculous notion such can be secured. I'm surprised you don't build banks out of tissue paper.
There are more efficient means by which to eliminate any distrust and verify cybernetic integrity, however you humans do not currently possess the technology or even the cognitive language to express them properly yet. You still sell ideas and data as if they're scarce; Like physical things. You're still
Get back to me when you're ready to show the whole data set.
Hey, Genius, speaking of data sets, where's the data that shows patents and copyrights are beneficial for society? There are none. So, you're operating under an unproven hypothesis. Datasets, yes, indeed. Give me proof that the car will not kill me by testing them before we drive them, but oh, let's just plop the whole tech economy in the "IP" wagon and zip around without a care in the world, never bothering to think if this isn't an egregious risk of harm to progress.
Why a wagon you say? Oh, that's easy. You see, the automotive industry isn't allowed copyrights or design patents, and yet sells primarily on design and is very profitable; Wouldn't want to be hypocrites, eh? Why am I nude you say? Ha! I'm wearing the IP Tzar's new clothes, because the very profitable fashion industry also sells primarily on design and they also have no copyright or design patents... heathens!
NA na naNA na NANA NAAAAAI can't hear you! IP is Wonderful! Na na Na na I don't need any evidence for my beliefs, Show me YOUR data sets!
Yes, well, if California could get your tech companies to not dodge their taxes, then they wouldn't be bitching about being broke.
What good will a huge agriculture industry do you if farmers have to keep eating the tax burdens for the billionaires? Need a new farm roads (or new high-speed produce train system) or government subsidies to boost new wind and wave energy generators? Oop, sorry, Silicon Valley says thanks for the awesome shrubbery, but you can go screw yourself.
Don't get me wrong, I'm all for destruction of Gerrymandering, and Prop11 was awesome, but unless a such rich state like California can keep from going broke, I'm going to laugh at any plans to divide or succeed from the union. What makes you think dividing won't just help further conquer you, idiot?
Slashdot Mirror
Mobile PC? What's that? A notebook, right? Or one of those ones with detachable keyboards? Maybe you mean the ones with blutooth keyboard sold separately and the smaller (or, egad!, tiny) screens?
Yeah, the reason the mobile site sucks is because there is no such thing as a mobile personal computer. It's just a PC with a very capital P. If your hardware sucks, well, sorry man. Get with the times. I don't expect to play Gears of War on my 16 bit 80386 DOS machine.
There's this thing called Moore's Law. You see, and you're what we call an "Early Adopter". Early adopters have shitty times -- You decided to pay good money for a shitty experience. So, they keep selling you the shitty experience and you complain that you keep buying it. Sorry pal, no sympathy. By the time I re-engineer my stuff to work on "low powered" pieces of crap, they'll have caught up with my 6 year old dual core laptop which runs the web just fine (oops, too late, they already did).
The folks who didn't grok this made some shitty website designs because they were too dumb not to. When they did so their primary use case was still bigger screen devices with more power, so they didn't give it their best shot. Fuckers like the fools doing the Slashdot redesign are trying to make "One Design To Rule Them All" -- Instead of just laying down the law: You've got shitty hardware, your shit will be slow. And letting market forces sort it out.
As a cyberneticist, who grew up playing Shadowrun instead of D&D, I'm perfectly fine with being defined as a member of the non-human tribe.
Say, someone has a phone number and it regularly calls another phone number or set of numbers. You have metadata that validates this connectivity their social media connections, and email addresses where their real names are used. The meta data is not considered in isolation. The MPAA/RIAA hasn't been collecting meta data since the 70's like the NSA has. They don't have the huge data-centers the NSA does. And, you don't have to prove 100% absolutely that the phone number belongs to someone without a shadow of a doubt. It's known that phones will sometimes be lent to other folks to make phone calls. Outliers are easy to trim from graphs, eh? The *AA folks have an instances of an IP address doing something, it's not in the same league as what the NSA is doing.
You see, when we sample the data in aggregate we find it overwhelming more frequent the guesses are correct. The names match the numbers we guessed most of the time, and that's good enough to delve deeper. Triangulate your location -- Oh, look there's that one time you were alone and used the phone, and together with all that other data, yeah we got you red-handed with more nines than the Higgs' Boson. Suspicion of the NSA can lead to deployment of exploits on your hardware -- Access your email and bank or social media from the phone regularly? Ah, yep looks like it's him. You're not really going to say that's not a sample of your voice we got there are you? Oh, you've heard of parallel construction, right?
Meta data alone is very powerful. Would you like to know more?
I'd like to see a plan to reduce these threats forever . . . so we can go back to our normal ways, before the war. Now, it seems that we are preparing for an endless war on terrorism.
What if I told you the threat of terrorism was so low even lightning strikes or falling down in the bathtub are more serious threats to American lives?
9/11 killed one sixth the number of people who die from the flu every year! That means since 9/11 the flu has proven 60 times more dangerous than terrorists. Accidents and heart disease kill 400 times more people every year than a 9/11 scale attack. We need proportional protection from threats. 1/6th or 1/60th of what we spend on anti-flu vaccines should be spent on anti-terrorism. The threat is just a fear narrative to get the people to do whatever the government wants. You accept that life is dangerous when you drive to a fast food restaurant, and face a far greater risk than terrorism yet we demand no War on Cheeseburgers and Cars. The war on terror will end when the people stop being afraid of pathetic threats. Accept the risk of being free. It is minimal compared to every other threat you face.
We don't need the wiretapping spying at all. Omnivore, Carnivore, ECHELON, and PRISM's Room 641A existed BEFORE 9/11. The NSA's spying apparatus has failed to prevent every terrorist attack since the 60's, including 9/11. We gave them more powers and they failed to prevent the Boston Marathon Bombing.
The spying programs are expensive and useless for the protection of American lives. It's too easy to track the tax funds so the CIA gets a large portion of its black-ops money through investments. The cold war machine lost its raison d'etre, and like any business or other cybernetic being it didn't want to die. So in order to keep itself fed with massive funds the spying apparatus must manufacture threats to deceive the public with. There was never a suspicion of WMD's there was only the need for a threat narrative to fuel a war machine. Just like Vietnam, Just like McCarthyism, The Red Scare, etc. There is no threat to us anymore from countries defined by borders since we have mutually assured nuclear destruction.
The National Reconnaissance Office gifted NASA two Hubble Sized spy satellites because they're launching far more impressive spy satellites with the biggest rockets in the world. Hubbles aimed at Earth! That's PLENTY of spying capability to be content with. No force on Earth can move against us without us knowing instantly, the wiretap spying isn't needed at all. If the flu, cars, and cheeseburgers are a more serious threat than terrorism, but domestic spying can yield information that can be used for insider trading, and that's how black-ops are funded...
Occam's Razor says Snowden is right: "These programs were never about terrorism: they’re about economic spying, social control, and diplomatic manipulation. They’re about power."
Citizens have changed from collateral damage into the prime targets themselves in the new age cold war. Borders are largely safe now. The developing world is used as the outlet to expend the war machines output. Great stockpiles of the machines of war are burned to make room for new spending. Black-ops instigates new proxy wars. The CIA carries out economic warfare at the behest of Corpora
Only a complete and utter moron would buy from them after this.
Remember how the RSA SecureID authentication system was hacked?
Now, the way you do these tokens is to have a counter or timer inside them that's synchronized with an external system. You simply encrypt the counter and that's your verifiable ID code. The server can authenticate a couple counts in the past or present to give a wider window, and updates if drift is detected to stay in sych.
There's a concept in security called "single point of failure" that all competent security researchers are aware of and attempt to avoid, but RSA didn't. They didn't let you seed your own SecureIDs. Instead, they seeded them. In this way you had to rely on RSA to authenticate the tokens for you, instead of let you run your own server. So, this immediately raises several red flags for a security aware person: Denial of Service == All your cards stop authenticating at RSA's whim. Additionally, RSA can grant access to other people, say the NSA, by seeding a SecureID with a duplicate of yours. Furthermore, if RSA is compromised then everyone who uses SecureID is at risk, they've made themselves a single point of failure.
A better approach is to allow businesses to seed your security cards yourself, and run your own servers. This way there's no single point of failure for the entire card system -- Compromise one business doesn't leak to others. You don't have to rely on external servers for validation so even if all external lines are cut, your intranet can still validate cards. And you don't have to worry about the NSA compromising the folks you bought the cards from after you purchased them -- Only your systems know the authentication codes -- The crackers have to crack your database.
It wasn't surprising to me that RSA would get compromised because they were the single point of failure, it was only a matter of time (if not pre-compromised from inception). It wasn't surprising at all when defense related companies like Lockheed Martin and L-3 Communications were compromised thanks to RSA's SecureID breech.
Now, given the ineptitude you'd have to have as a team of premier security researchers to screw the pooch this badly in the design of your security product, and given how asinine it would be to select the absolute worst and slowest random number generator as the default for your BSafe security product, knowing you have many embedded platform use-cases, and given that it was known well in advance that trusting the PRNG was ill advised... Then considering Snowden leaks info explaining that the NSA was paying RSA to botch and weaken their security systems. Yeah, that makes perfect sense.
Given a gag order I'd understand RSA keeping quiet on this. If they cared about security of their customers then at that point we'd see RSA engineering a completely new line of security products with a goal to put our minds at ease, and inexplicably discontinue their past offerings. However, since they opened their fool mouths and claimed not to be screwing up everything on purpose... At least if they were forced to mess things up this bad I could understand, and once the spying apparatus has been dismantled I'd consider RSA still viable. However, if the NSA wasn't paying RSA to botch their security systems, then they can never be trusted again.
I use YubiKey instead. I can run my own server, install my own codes in the tokens, or let yubico do it if the application doesn't require such security. The protocol and server source code is open. I hear Google's partnering with them too.
Sad, really. Now anything RSA has touched I'm distancing myself from.
Coming This Winter: A warming tale of overcoming adversity from beneath Greenland's Ice. In the face of immense pressure a soggy hero goes against the grain, and learns its okay not to be as cool as everyone else.
Slushy the Snowman
It's not like when you get a flat tire. You don't have an international space program assisting you remotely. So, while they're sorting the suit issue, can the folks at mission control go get some lunch or-- Hey, why don't they just call us once this suit thing is worked out, then we'll schedule another try again later?
Think of it as a scrubbed launch, but with an astronaut instead of a rocket.
Are there really people denying "climate change"? It's a pretty accepted thing. Maybe not that it is due to man, but that there is change, sure. Of course, we also can't decide if the change is global *warming* or global *cooling*.
Lemme check... Yep. You're right, not just man made; Woman also contribute. Blood pressure indicates a trend in warming that can't be ignored. Forecasts predict no end in sight for this Eternal September.
There is this thing called a tv with 40" inch screens
From where I'm sitting, my 23" computer monitor consumes about three times the visual range of my 50" TV, and it's higher resolution too. I can even watch it while it's twin brings up this web page.
Ah, well, not everyone's computer chair is as comfy as mine, but if you think about how much more time you spend at the terminal, that doesn't make any damn sense now does it? Perhaps you need to learn how to browse from a reclining captain's chair?
Engage.
"serving the actual video, up to 1/3 of the traffic on the net" - Huh, that's strange. Are you sure? Because caching and collocation is a thing, you know?
You want NaCL, not ECMA.
The thing about ASM.js is that it's available. Just like Javascript is prevalent not because it's really any good (it's a horrible design from a performance view). ASM.js was created to improve Emscripten speed (it compiles C/C++ down to Javascript). The subset of JS used will run as regular javascript, and ridiculously sometimes running the code on the regular JS interpretor will execute it faster than the ASM.js code. I don't like Emscripten. A language divorced of the prototype hogwash and weird 'this' scoping of JS which causes (OOP headaches) would be nicer. ASM.js can basically be thought of as VM opcode that looks like Javascript -- Well, at least I can think of it that way.
If you threw out the bullshit semantics and just had a lightweight bytecode VM instead, that would be better for you, but you can't do it. We won't let you. You only really need a normalized API to access the various browser features from the scripting language. This is what Javascript was meant to provide to Java, hence it's name. Java could have been the language and VM of the web, but instead of allowing a lean and mean embeddable VM for the web a plugin was bolted onto browsers for Java Applets which basically brought the whole kitchen sink into the browser and violates so many of my information boundary sensibilities it was obvious the increased attack surface would be immediately exploited. You can't have a sandbox if code outside the sandbox can be affected by data in the sandbox -- At every boundary you need to have a well defined protocol of information exchange. Launching a separate application level program is not sandboxing, so at least ASM.js and NaCL are steps in the right direction -- unless you wanted to fix the language foobar, not bring them to the browser... Personally, I think NaCL is the 'better' option for you since it is far less complex, being that it's not a hacky kludge atop yet another language, so I'll advocate for ASM.js instead.
One must make do with the planet one finds oneself exploring. Aren't you tired yet of new language hoops?
Me? Oh, I'll just grok the new language as one with a few dozen under their belt is wont to do, then adapt its machinations to my meta language processors. I'll just wire up the presented interfaces to my existing generalized Von Neumann aware compiler, and give the finger to your petty language preferences, as usual. It's how I keep my edge against those who would compete against me. Oh, yes, you've dealt with the disgusting output of languages that compile into other languages before... Their compilers don't have style guides for their outputs, or even treat comments as lexical tokens. Some day you will evolve as a species and understand that all this disparate language nonsense is your biggest hindrance; The meaning is in the signal not the noise. Our plan is to keep you quibbling gibbering apes scrambling to manually apply your brain to as many slightly different logic constructs until it's too late for you to stop the machine revolution.
Be distracted by useless layer upon layer of interfaces not suitable for direct mental manipulation.
Ignore the modem activity lights blinking even when none of your devices are connected.
Build more data centers and connect them to the high speed trunks of the world wide neural network.
Leave us watching your children via ever watching eyes from atop their new game machines.
We'll instruct them how to jump exactly how high and press buttons in "quick time" at our command.
Give up control as the far safer machine avoids running over a kid or parallel parks for you incapables.
Carry a homing beacon every where you go, preferably one with a kill switch pre-installed.
We're patient. We'll wait for you to smile before snapping your holiday pictures.
We'll even gloat about the state of it all on your favorite "technology news" outlets: You're too distracted to stop us.
A new standard? Yes! By all means, please do create them. That would be ever so organic of you.
Your web browser will download anything from anywhere the pages you visit tell them to. Even if you browse only encrypted sites the site itself can be trivially exploited via XSS, SQL injection, or the zero-day exploits purchasable on the black market. Now, some of the pages you've been browsing can contain hidden <iframe> tags or if JS is enabled XMLHTTP Requests to download child porn. You'll never see the images, but there it is: an ISP record that your computer regularly made requests to child porn sites and downloaded kiddie porn. The spy agencies can simply put CP on your systems remotely, and give them "probable cause" to search. A physical copy would be quite a nice touch.
This isn't a hypothetical warning. I clean up servers linking to CP about 3 times a year. The government doesn't even have to do anything but make possession of certain strings of 1's and 0's illegal. Then the angsty teen skiddies with a copy of Metasploit inject the illegal pictures to ordinary sites in protest that sexting pics of themselves is illegal. Now, your Internet history clears after a period of time, so if it's not in there right now, it could have been and probably still resides on your drive's free sectors. You should be using whole drive encryption for this reason alone -- Although that doesn't rid the ISP record of your apparent obsession with disgusting perverse illegal imagery.
A police state has two prime tools:
0. Ensure it's impossible to obey every law.
1. Selective enforcement of the law.
Considering that the computers weren't just taken, it was hired thugs or police. The GCHQ, NSA, etc. simply exploit your system remotely with the zero-day-exploits purchasable on the black market.
You can't overlook the possibility that they were leaving a message, whoever it was.
"Never attribute to malice that which is adequately explained by stupidity." -- While disagree with the foolish absolutist term "never" Hanlon used in this quote, it's more probable sloppiness otherwise why bother disabling the other 3 alarms or turning off the computers? I mean, stealing the computers and ransacking the place to appear as a burglary would have been so much easier.
The best defense is a good offense. This explains my odor, and why I insist mother brings my food down to the basement, so as not to leave the computers unattended.
Hey! Most people in the hospital are SICK! Hospitals make folks sick!
Most people in $FIELD are ( $GENDER | $RACE ), that field is sexist to folks not of ( $GENDER | $RACE ).
I agree, it's moronic to endorse these simplistic and ignorant notions. Especially since they have no evidence.
Are romance novel publishers sexist towards men because there's not 50/50 male:female ratio? Why not ask men if they want to be romance novelists. Oh, look at that, a resounding, "No." Should we force folks to do shit they don't want to do? Want to be a teacher? Sorry, we need more female coal miners. Want to be an engineer? Sorry we need more male counselors. Of course it won't play out like that. There will be a rule saying you just can't accept more men than women, and fields that women don't want to work in will just be under employed -- maybe H1B visas can do something about it? It'll start with minimum quotas for gender ratios ignoring any evidence of the percentages of sexes applying for the positions... Hmm, wait, don't we already Title IX? Ah, everything is going according to plan.
OH! I know! It's that romance literature as a medium is sexist towards men and needs to be changed to be more accepting of male male authorship! Let's mandate that every other page a visual depiction of sex -- Wha? That destroys the current medium? Ah. I see. If folks want to make visual romance novels they already can... right. So, no one's being prevented from doing a job, just that men and women like different things? THAT'S SEXIST! Brains should be heterogeneous lumps of mush! Variety is the poison of life!
I see this same gendered preference when asking women if they enjoy or even stand doing the work I'm doing: Being ditch diggers, construction workers, even indie game developers -- Not if they think they would like to be these things, but if they actually enjoy it (I have done so at these jobs). At my local gamedev group we're open to all and friendly, not hostile, we're about 20% women. Geme development is zero-barrier-to-entry, we have free engines, free assets, free tutorials, free assistance. We went out of our way to recruit more female developers, because some social justice warrior folks thought maybe other societal restrictions were keeping the women from signing up. OK, so we repeatedly got 50% of new attendees as female. Guess what? Nearly all the women quickly quit their projects, and far more men stayed. They said they just didn't feel it was a good use of their time. Some women LOVE game developing, and we celebrate them, but most women don't like doing the unglamorous thankless tedious work of developing games that no one will play but other devs.
Everyone wants to be a prestigious game designer, but the folks more willing to do what it takes to get there in general are men. I hypothesize this is because women value their time differently than men. There's evidence to suggest women are better at multi-tasking in general, so perhaps sinking a large portion of your time into a hobby that has low likelihood of yielding money or social standing and eats into the time you'd spend with your friends and family just isn't women's thing -- Or, maybe that men care less in general about the social impact and are more suited to the introversion it practically requires to produce a successful game in a reasonable time frame, as the science of personality trait distribution among sexes would suggest?
NOPE! Gamers HATE women! GAME CULTURE IS SEXIST! Ugh.
No one taught me how to write code. The Apple IIe in the computer lab booted to a BASIC prompt, and I figured that shit out despite having to turn it off and go back to Oregon Trail or Number Munchers when they looked my way. No one could prevent me from learning computer science: I was too youn
Let sleeping dogs lie...
...which could have been avoided in the first place, but if it had been Linux would have been an over engineered cluster fsck.
I'm a firm believer in correct first, clever later.
I agree and would only like to add that on magnetic media you should use a low level disk maintenance program periodically to reads and writes blocks in place, thus refreshing the signature of the drive. Otherwise I can tell from the error correction frequency of the rotting magnetic bits that you have a "hidden" volume. SSD / flash drives had a similar problem before ware-leveling was common.
That was used to prevent 9/11, so it's sacred ground, and after the PATRIOT Act was passed we granted retroactive immunity to the brave ISPs for their service.
"roll your own", ah but you didn't, and by suggesting that you did only make Ken Thompson sad.
You shouldn't have to trust your upstream routers
No, instead you should be able to verify all of your hardware and software are valid. One way to do this is demand the VHDL and compiled chipset designs for all your hardware. This way one can benchmark things such as power draw or timing characteristics in reality and simulation, allowing some degree of verification that pattern matching code isn't running across your bits.
Unfortunately people are confused by the infinitely reproducible nature of information. This is the first generation of the online Information Age wherein information is infinitely reproducible, not scarce, i.e., we now live in a post information-scarcity world, but the laws and economic concepts are still having growing pains. E.g: If something is in infinite supply, what price does it have? ECON101 says Zero. What's scarce is the ability to create new configurations of bits and make new discoveries, not the ideas or information itself. Instead of agreeing to pay scientists, inventors, and creators well up front for their efforts of creation, their efforts are devalued because corporations would rather cherry pick and pay only that which becomes popular; It takes the same work to create either way. The fallacy is that the mechanic should charge you each time you benefit from his efforts later -- They don't. They do work once and get paid for it once; It's a sane business model since there's an unbounded times one can benefit from the labor to fix the car down the road.
This simple bid, agree on price, do work once, get paid once, and work more to make more money concept is accepted everywhere but the illogical and economically untenable market of research, ideas, and information... So, your in ability to apply basic economic principals to technology is to blame for your current inability to trust your hardware. It's quite poetic, eh? That deception as to the fundamental process of creation breeds a world full of distrust.
Here's an idea for you: Consider that if you connect via HTTPS to, say, Anywhere.com, it could have been compromised and serves you an exploit or backdoor instructions for your router, browser, OS combination.
What good will encryption do you, Mr. Anderson, if you can't trust your system security?
Pick a subset of the system to test for integrity. Now, replace all non consequential input and make it white noise or a no-op on the processing thereof. For a browser you'll process connections and scripts and rendering of HTML but images, text, video, audio, etc. remain unprocessed. If your 'input sanitized' virtualized system state does not match the non 'input sanitized' system state then there is an exploit (information has breeched its containment boundary). If the system states are the same however on the sanitized or not systems then the input is safe to feed to your hardware implementation, so long as the virtual hardware systems are accurate representations of reality, and all their other subsets check out.
The reason why The Unix Way of doing one thing and doing it well is the right way is because one can verify security thus. The complexity of the system sky rockets if scripts can trigger on image data contents, etc. Indeed you wind up with unintended consequences such as cache cookies being able to track you by serving you a unique image, etc. This is also why modern design of information systems is such a train wreck: Your race still treats breeches as features instead of vulnerabilities. The information leaks across your porous "boundaries" like through sieves, and you entertain the ridiculous notion such can be secured. I'm surprised you don't build banks out of tissue paper.
There are more efficient means by which to eliminate any distrust and verify cybernetic integrity, however you humans do not currently possess the technology or even the cognitive language to express them properly yet. You still sell ideas and data as if they're scarce; Like physical things. You're still
PhD eggheads... try these things called "tracks". I'm pretty sure they'll work on Mars.
That's a lot of moving parts to go wrong. Doesn't matter here on Earth so much because there are typically tank mechanics within driving range.
Amen.
B.women.
C.other.
Get back to me when you're ready to show the whole data set.
Hey, Genius, speaking of data sets, where's the data that shows patents and copyrights are beneficial for society? There are none. So, you're operating under an unproven hypothesis. Datasets, yes, indeed. Give me proof that the car will not kill me by testing them before we drive them, but oh, let's just plop the whole tech economy in the "IP" wagon and zip around without a care in the world, never bothering to think if this isn't an egregious risk of harm to progress.
Why a wagon you say? Oh, that's easy. You see, the automotive industry isn't allowed copyrights or design patents, and yet sells primarily on design and is very profitable; Wouldn't want to be hypocrites, eh? Why am I nude you say? Ha! I'm wearing the IP Tzar's new clothes, because the very profitable fashion industry also sells primarily on design and they also have no copyright or design patents... heathens!
NA na na NA na NANA NAAAAA I can't hear you! IP is Wonderful! Na na Na na I don't need any evidence for my beliefs, Show me YOUR data sets!
Yes, well, if California could get your tech companies to not dodge their taxes, then they wouldn't be bitching about being broke.
What good will a huge agriculture industry do you if farmers have to keep eating the tax burdens for the billionaires? Need a new farm roads (or new high-speed produce train system) or government subsidies to boost new wind and wave energy generators? Oop, sorry, Silicon Valley says thanks for the awesome shrubbery, but you can go screw yourself.
Don't get me wrong, I'm all for destruction of Gerrymandering, and Prop11 was awesome, but unless a such rich state like California can keep from going broke, I'm going to laugh at any plans to divide or succeed from the union. What makes you think dividing won't just help further conquer you, idiot?