They are to explain the reasoning behind the code.
This is a huge purpose for comments. Also, maybe I can interpret the code perfectly well without comments. How well can I depend on everyone else who is modifying the code to be able to interpret it properly.
Well-documented code helps protect it from the introduction of bugs by later contributors.
Modify SSHD config to listen on non-standard port. It will greatly diminish the log traffic you'll see of failed attempts. This could be important if you're using fail2ban as well and don't want your iptables to bloat unreasonably.
Stay away from configuring port-knocking. It becomes a real pita when you want to scp a file at the spur of the moment.
You're talking about a profession that in many cases has either no training or dubious training.
This is a field that requires a masters degree and certification.
You're probably thinking of faith-based social organizations that attempt to provide counseling services. Those agencies do not provide effective treatment for the ailments you mentioned. At best they might be able to provide some marriage counseling assistance.
Maybe I wasn't clear about how these tools help ferret out networks of freedom-haters. This line could have been more prominently stated--
...to see who else might be a solid villain candidate. Even just monitoring internet traffic to known jihadist websites can likely get the filters applied to a person's communications to see if they might be a person-of-interest.
That type of work is more than forensics. It's proactively chasing up the networks to make their leadership accountable. Those are vague terms for drone strike.
I'm not cheerleading the NSA here, either. Just commenting on the data science.
In all likelihood, the false positives suggested by the OP and others in this discussion are unlikely to trigger any such NSA attention.
Coming from a data science background, I suspect they are transcribing and indexing all conversations as best as is possible with their elite voice recognition technology. Once it's in ASCII stored in a database, they can datamine the conversations of known radicals and jihadists. The algorithms that are generated don't so much emphasize specific keywords, but they generate a scoring system across a bunch of conversations by known haters-of-American-Freedom.
With filters in hand, they can look at who talked to the known villains and score them and run down the trails of phone calls, emails, text messages, and internet chats to see who else might be a solid villain candidate. Even just monitoring internet traffic to known jihadist websites can likely get the filters applied to a person's communications to see if they might be a person-of-interest.
Keywords will come into play AFTER an attack like the Garland Draw Mohammed contest. The NSA is right now filtering recent past conversations among suspected jihadists looking for relevant keywords such as 'Garland', 'American Freedom Defense Institute', 'Pamela Geller', and 'Elton Simpson'. Any conversation leading up to the attack including those keywords would absolutely put someone on a watchlist. And everyone who that person is talking to would be suspect as well.
Bottom line is, these tools are being used retroactively to bolster detective work. Talking about bombs and the President's name doesn't do anything because there are a thousand-million conversations using those words everyday.
Cruise missiles work great for blowing stuff up, but there are a great many operations that call for extraction of soldiers or intelligence. Submarine-based aircraft could do this very well.
Some security strategists have proposed the florida-man-piloted-gyrocopter was allowed to land safely on the capitol lawn in order to give the North Koreans a false sense of confidence in their secret submarine-based gyrocopter assault project currently under development near PoonYang.
Of course, I haven't read the article, but I think the summary has applied the word "troll" in a different way than this. I think the researchers are seeking to reduce the racist, homophobic, etc. trash comments frequently posted to YouTube video comments.
As you note here, a sophisticated troll is not easily detectable via AI.
Depending on the model, they can have RFID keycards or bracelet access to unlock the door. This can help create a secure spot in a region WROL (without rule of law). Tents don't do such a good job with security or rain.
These exo shelters are not meant to satisfy the requirements of the FEMA trailers used after the hurricanes, first of all. Those trailers were issued to people months after people had applied for them. It was a long distribution process with people living in group shelters waiting for the trailers to arrive.
These exo shelters are a more immediate shelter solution. Deployable within hours of an emergency event. Consider the people recovering in Haiti after their big earthquake or the people sleeping on the floor of the Superdome after Katrina. FEMA trailers were not available or provided to those people in the hours and days after the disaster. These exo shelters are a possibility, though.
The exo shelters massively dominate over FEMA trailers on the criteria you have proposed here.
These nest inside each other, so you can lay about ten or so on a flatbed trailer. I think you could get two FEMA trailers on top of a flatbed trailer.
Cost? Well, a FEMA trailer needs to be constructed to highway transportation standards. Do you think that's cheaper than building something to "more durable than a tent" standard (exo shelter)?
Terminator isn't the scenario Elon and Steve are talking about. But it's a model that still fits their concerns.
Automation applies economic coercion to the laboring humans to serve the interests of the automation. For instance, Watson is an AI technology that is being positioned to lay off a lot of people in phone call centers and taking orders for drive-up windows. Actually, Watson is being aimed at a lot of jobs. All those displaced workers cascade to flood the job market. Maybe they get some training to compete for trades such as electricians, plumbers, and taxi cab drivers. With so many available applicants, the wages for those jobs go down. The economy for the middle class tanks. With people desperate to feed their families, do you think they'll really scrutinize that ad looking for workers to build the drone factory? The drones that are intended to fire missiles at the 'terrorists'?
AI is a wealth concentrator. That's what Elon Musk and Steve Wozniak are talking about. It is increasingly developing the capacity to eliminate millions of blue collar jobs in order to enrich people with white collars. The Terminator series is a colorful depiction of this process.
Absolutely correct. Neither godaddy or network solutions are technology innovators. They are merchants of a commodity service. They are running a business model of attracting suckers as customers and providing minimal service (i.e. outsourced to India) while sneaking fees in at any given opportunity.
Both are all about marketing. That's why you see them sponsoring race cars in NASCAR.
I got the "Royal Kludge RC930-87" from Massdrop and love it. Not too loud for a mechanical keyboard and it is extremely responsive. It's also not taking up my whole desk with the numeric keypad, which I love. Very fine-grained control over LED backlighting as well. Since the OP is so detailed on these requirements, I'm sure she'll love the control over the LED backlighting.
In terms of the prediction of "$360/TB off a $30/TB investment", does that take into account redundancy to protect their liability for drive failure? I'm thinking they have at least two copies of everything a customer uploads. Maybe three. It's still great money, but I think the numbers are more like $360/TB off a $60/TB investment.
but he's living in a kind of prison right now, anyway. his freedom is highly restricted. plus, well, russia is a shit-hole.
I don't entirely disagree with you here. I do think he has untapped earning potential in Russia, though. If he can get a long-term work visa, there are any number of Russian (Kaspersky as an example) and overseas security consulting firms who would vanity hire him as a security auditor. He was making $200k per year as a contractor for the NSA and I expect he could fetch that or more from a company looking to raise their profile in the security industry. Heck, look at Kevin Mitnick.And that guy was a newb compared to Snowden. I expect $200k per year probably supports a more lavish lifestyle in Russia than it did when Snowden was living in Hawaii.
Since 2000, Mitnick has been a paid security consultant, public speaker and author. He does security consulting for Fortune 500 companies, performs penetration testing services for the worldâ(TM)s largest companies and teaches Social Engineering classes to dozens of companies and government agencies. He is the author of a dozen books that have been translated into many languages, including The Art of Deception, The Art of Intrusion, and Ghost in the Wires.
I'm thinking you set up your browser with the foxyproxy plugin so all normal http requests for HTML are forwarded via socks proxy. The heavy lifting stuff goes straight out and back in through the open fiber connection. I doubt AT&T wants to parse video files. They want to see and modify the clear-text HTTP stuff.
The weird thing is this type of traditional snooping will be defeated as more content providers are switching over to HTTPS. AT&T aren't technical dummies, so they know that. I'm wondering if their scheme doesn't require a special browser plugin that automates an MITM attack on https....
Section 512(a) protects service providers who are passive conduits from liability for copyright infringement, even if infringing traffic passes through their networks. In other words, provided the infringing material is being transmitted at the request of a third party to a designated recipient, is handled by an automated process without human intervention, is not modified in any way, and is only temporarily stored on the system, the service provider is not liable for the transmission.
The rationale behind that statue was that ISPs can't be held accountable for copyright-infringing material going over their wires because filtering it would be too onerous. If AT&T sets up such a monitoring system, it pretty well defeats the claim they don't know what their subscribers are transmitting / receiving.
TFA doesn't do a good job of suggesting the wide-open potential held by photonic communication. It is mostly staring at this topic with the same focus as your comment here-- how to stream data in a living room.
If you consider the requirements of wifi, you'll see some obstacles that limit its applications. For "internet of things" devices, wifi demands a bunch of electricity from a device that you might want to deploy in an electricity-poor environment. Think solar-powered device. Photonic communication might reduce energy consumption.
Wifi has a pretty considerable fixed cost. Similar to RFID. It might be possible to reduce that expense with a non-radio communication channel. Imagine if your toll tag shot an LED flashed unique signal to a road sensor... It might carry a cheaper unit cost than the typical RFID toll tag schemes.
The developers of this aren't thinking it will replace wifi where wifi is good. They're looking to fill the gap where wifi is bad.
This AC speaks the truth. The frys in Austin doesn't even have magazines anymore. When you walk in the front door, there are tables set up with knock-off fragrances like you would find at a flea market. Sad times.
Having worked at IBM Research and wondering if your contribution played a role in them developing Watson... You should check out this book. I'm reading it now and am enjoying reading about how the team(s) developed all the tech beneath Watson in preparation for the televised match.
Have you thought about hiring a programmer to do this stuff? It's probably going to save you a lot of time and hassle to go this route than actually doing it yourself.
Not trying to launch a debate here. I do like Java for a LOT of things. But a software router needs to be lightweight so it can run in very low-overhead environments. Tor runs nicely on settop boxes and many SOC hardware opportunities like RaspberryPI or low-end VPSs.
The memory footprint of a JVM is going to keep a java-based software router like i2p off those devices.
Consider that the initial compromise might have required immense logistical resources that tends to be beyond those available to a teenage script kid. Like the hole might have to be found and penetrated by an adult with a computer science degree working all day, every day, for months. Criminal organizations have those resources applied to money-making efforts, but not for the 'lulz' of posting embarassing corporate emails online. Script kids are able to work on their attacks a few hours a day outside of school hours, etc.
It's wildly believable to me that North Korea could have hired outside talent to work on this and once the locks were broken, the data gathering was performed by less-skilled in-house technicians who might have been sloppy.
I just bought a new $540k condo that has electric baseboard heat.
Sucker. You were smart enough to post this as AC, but too dumb to recognize that you got sold a crappy place to live for way too much money. Oh, and Seattle.
Slashdot Mirror
This is a huge purpose for comments. Also, maybe I can interpret the code perfectly well without comments. How well can I depend on everyone else who is modifying the code to be able to interpret it properly.
Well-documented code helps protect it from the introduction of bugs by later contributors.
Modify SSHD config to listen on non-standard port. It will greatly diminish the log traffic you'll see of failed attempts. This could be important if you're using fail2ban as well and don't want your iptables to bloat unreasonably.
Stay away from configuring port-knocking. It becomes a real pita when you want to scp a file at the spur of the moment.
This is a field that requires a masters degree and certification.
You're probably thinking of faith-based social organizations that attempt to provide counseling services. Those agencies do not provide effective treatment for the ailments you mentioned. At best they might be able to provide some marriage counseling assistance.
Apparently on top of that successful antivirus business, they have done a lot on top of that successful antivirus business.
That type of work is more than forensics. It's proactively chasing up the networks to make their leadership accountable. Those are vague terms for drone strike.
I'm not cheerleading the NSA here, either. Just commenting on the data science.
In all likelihood, the false positives suggested by the OP and others in this discussion are unlikely to trigger any such NSA attention.
Coming from a data science background, I suspect they are transcribing and indexing all conversations as best as is possible with their elite voice recognition technology. Once it's in ASCII stored in a database, they can datamine the conversations of known radicals and jihadists. The algorithms that are generated don't so much emphasize specific keywords, but they generate a scoring system across a bunch of conversations by known haters-of-American-Freedom.
With filters in hand, they can look at who talked to the known villains and score them and run down the trails of phone calls, emails, text messages, and internet chats to see who else might be a solid villain candidate. Even just monitoring internet traffic to known jihadist websites can likely get the filters applied to a person's communications to see if they might be a person-of-interest.
Keywords will come into play AFTER an attack like the Garland Draw Mohammed contest. The NSA is right now filtering recent past conversations among suspected jihadists looking for relevant keywords such as 'Garland', 'American Freedom Defense Institute', 'Pamela Geller', and 'Elton Simpson'. Any conversation leading up to the attack including those keywords would absolutely put someone on a watchlist. And everyone who that person is talking to would be suspect as well.
Bottom line is, these tools are being used retroactively to bolster detective work. Talking about bombs and the President's name doesn't do anything because there are a thousand-million conversations using those words everyday.
Please mod this up.
Cruise missiles work great for blowing stuff up, but there are a great many operations that call for extraction of soldiers or intelligence. Submarine-based aircraft could do this very well.
Some security strategists have proposed the florida-man-piloted-gyrocopter was allowed to land safely on the capitol lawn in order to give the North Koreans a false sense of confidence in their secret submarine-based gyrocopter assault project currently under development near PoonYang.
Of course, I haven't read the article, but I think the summary has applied the word "troll" in a different way than this. I think the researchers are seeking to reduce the racist, homophobic, etc. trash comments frequently posted to YouTube video comments.
As you note here, a sophisticated troll is not easily detectable via AI.
Depending on the model, they can have RFID keycards or bracelet access to unlock the door. This can help create a secure spot in a region WROL (without rule of law). Tents don't do such a good job with security or rain.
These exo shelters are not meant to satisfy the requirements of the FEMA trailers used after the hurricanes, first of all. Those trailers were issued to people months after people had applied for them. It was a long distribution process with people living in group shelters waiting for the trailers to arrive.
Per this article, they also cost $19,000 in 2005 dollars. Much more than the $4000 you're estimating.
These exo shelters are a more immediate shelter solution. Deployable within hours of an emergency event. Consider the people recovering in Haiti after their big earthquake or the people sleeping on the floor of the Superdome after Katrina. FEMA trailers were not available or provided to those people in the hours and days after the disaster. These exo shelters are a possibility, though.
The exo shelters massively dominate over FEMA trailers on the criteria you have proposed here.
These nest inside each other, so you can lay about ten or so on a flatbed trailer. I think you could get two FEMA trailers on top of a flatbed trailer.
Cost? Well, a FEMA trailer needs to be constructed to highway transportation standards. Do you think that's cheaper than building something to "more durable than a tent" standard (exo shelter)?
Terminator isn't the scenario Elon and Steve are talking about. But it's a model that still fits their concerns.
Automation applies economic coercion to the laboring humans to serve the interests of the automation. For instance, Watson is an AI technology that is being positioned to lay off a lot of people in phone call centers and taking orders for drive-up windows. Actually, Watson is being aimed at a lot of jobs. All those displaced workers cascade to flood the job market. Maybe they get some training to compete for trades such as electricians, plumbers, and taxi cab drivers. With so many available applicants, the wages for those jobs go down. The economy for the middle class tanks. With people desperate to feed their families, do you think they'll really scrutinize that ad looking for workers to build the drone factory? The drones that are intended to fire missiles at the 'terrorists'?
AI is a wealth concentrator. That's what Elon Musk and Steve Wozniak are talking about. It is increasingly developing the capacity to eliminate millions of blue collar jobs in order to enrich people with white collars. The Terminator series is a colorful depiction of this process.
Absolutely correct. Neither godaddy or network solutions are technology innovators. They are merchants of a commodity service. They are running a business model of attracting suckers as customers and providing minimal service (i.e. outsourced to India) while sneaking fees in at any given opportunity.
Both are all about marketing. That's why you see them sponsoring race cars in NASCAR.
I got the "Royal Kludge RC930-87" from Massdrop and love it. Not too loud for a mechanical keyboard and it is extremely responsive. It's also not taking up my whole desk with the numeric keypad, which I love. Very fine-grained control over LED backlighting as well. Since the OP is so detailed on these requirements, I'm sure she'll love the control over the LED backlighting.
Good analysis here, Shanghai.
In terms of the prediction of "$360/TB off a $30/TB investment", does that take into account redundancy to protect their liability for drive failure? I'm thinking they have at least two copies of everything a customer uploads. Maybe three. It's still great money, but I think the numbers are more like $360/TB off a $60/TB investment.
I don't entirely disagree with you here. I do think he has untapped earning potential in Russia, though. If he can get a long-term work visa, there are any number of Russian (Kaspersky as an example) and overseas security consulting firms who would vanity hire him as a security auditor. He was making $200k per year as a contractor for the NSA and I expect he could fetch that or more from a company looking to raise their profile in the security industry. Heck, look at Kevin Mitnick. And that guy was a newb compared to Snowden. I expect $200k per year probably supports a more lavish lifestyle in Russia than it did when Snowden was living in Hawaii.
The weird thing is this type of traditional snooping will be defeated as more content providers are switching over to HTTPS. AT&T aren't technical dummies, so they know that. I'm wondering if their scheme doesn't require a special browser plugin that automates an MITM attack on https....
What's weirdest of all is that until now, federal law has protected the ISPs from liability over the content they transmit:
The rationale behind that statue was that ISPs can't be held accountable for copyright-infringing material going over their wires because filtering it would be too onerous. If AT&T sets up such a monitoring system, it pretty well defeats the claim they don't know what their subscribers are transmitting / receiving.
TFA doesn't do a good job of suggesting the wide-open potential held by photonic communication. It is mostly staring at this topic with the same focus as your comment here-- how to stream data in a living room.
If you consider the requirements of wifi, you'll see some obstacles that limit its applications. For "internet of things" devices, wifi demands a bunch of electricity from a device that you might want to deploy in an electricity-poor environment. Think solar-powered device. Photonic communication might reduce energy consumption.
Wifi has a pretty considerable fixed cost. Similar to RFID. It might be possible to reduce that expense with a non-radio communication channel. Imagine if your toll tag shot an LED flashed unique signal to a road sensor... It might carry a cheaper unit cost than the typical RFID toll tag schemes.
The developers of this aren't thinking it will replace wifi where wifi is good. They're looking to fill the gap where wifi is bad.
This AC speaks the truth. The frys in Austin doesn't even have magazines anymore. When you walk in the front door, there are tables set up with knock-off fragrances like you would find at a flea market. Sad times.
Having worked at IBM Research and wondering if your contribution played a role in them developing Watson... You should check out this book. I'm reading it now and am enjoying reading about how the team(s) developed all the tech beneath Watson in preparation for the televised match.
Have you thought about hiring a programmer to do this stuff? It's probably going to save you a lot of time and hassle to go this route than actually doing it yourself.
Not trying to launch a debate here. I do like Java for a LOT of things. But a software router needs to be lightweight so it can run in very low-overhead environments. Tor runs nicely on settop boxes and many SOC hardware opportunities like RaspberryPI or low-end VPSs.
The memory footprint of a JVM is going to keep a java-based software router like i2p off those devices.
Consider that the initial compromise might have required immense logistical resources that tends to be beyond those available to a teenage script kid. Like the hole might have to be found and penetrated by an adult with a computer science degree working all day, every day, for months. Criminal organizations have those resources applied to money-making efforts, but not for the 'lulz' of posting embarassing corporate emails online. Script kids are able to work on their attacks a few hours a day outside of school hours, etc.
It's wildly believable to me that North Korea could have hired outside talent to work on this and once the locks were broken, the data gathering was performed by less-skilled in-house technicians who might have been sloppy.
Don't forget, the member of lulzsec who brought that group down screwed up just once by connecting to IRC directly instead of through TOR and revealing his IP address.
Sucker. You were smart enough to post this as AC, but too dumb to recognize that you got sold a crappy place to live for way too much money. Oh, and Seattle.