This may be labeled as funny, but I saw this article just a few minutes before it popped up on Slashdot, and I thought the exact same thing.
The truth is we really don't know how long this problem has existed for, nobody knows if this was an accident or an "accident", and there's no telling who may have used this and to what depth. The NSA could have used this to scrape the SMS messages of every Verizon customer for weeks, months, or years.
Considering all the stuff about the NSA going around, I really don't consider it that unlikely to have been used by the NSA. They're so busy undermining all of our liberties(even people ourside our borders) that I'm just not surprised by it anymore.
I really wonder if this whole NSA thing is going to cause a small revolution in IT leading to more secure systems not to keep out would-be hackers but to keep out our own governments. People seem to be far more concerned about government access to their data than anonymous hackers that gained access.
I guess we'll see in 5 years if the atmosphere around computer security has changed...
And even if you go with Brand-X VPN service that is all over the world, what's to say that because they might have servers in the USA their key isn't already compromised? Or that someone at Brand-X wasn't paid off by the NSA for the key? Or that they obtained the key directly from the key right when it was signed?
Let's go all out on this. I'm really curious to see what others think of these conspiracy theories. Because lately they could just as easily be believed because of some of the stuff that has come to light from Snowden.
Is there even a design where the VPN service could be compelled to give up the keys, but still be secure? I'm thinking no, but hoping someone can validate that.
No, but he does make an interesting comparison. It is worth at least mentioning. Is it not? Last I read the contract was a no-bid(aka no competition) contract. Usually those are given to companies that are getting "special privledges" from those high in the political ranks.
I agree that no company bats 100%. But Intel has consistently had very reliable, reasonably performing, and reasonably priced SSD. Of all of the brands, if I had to pick a random brand and model, I'd take any Intel model over anything else. That's not to say Samsung doesn't make good products(they clearly do). But you never know what you're getting into when you buy something new, so there's always that risk you get a crappy model for any one of 100 reasons.
Intel seems to be pretty darn good at having a good quality product. I'd also wager Samsung can't be that bad considering the comments from friends on them and their failure rates from various websites.
But clearly OCZ has a very bad history, and I'd go with just about ANY brand before OCZ unless it was free.
I do remember a few years back OCZ was in the process of trying to get a contract with some manufacturer such as Apple, HP, Dell, etc. but the company decided not to sign the agreement after they saw the negative feedback being left for OCZ products. Someone had said that when OCZ had left all of their other products and went to SSD-only they were heavily relying on that contract.
If you could provide a source(even if your numbers aren't completely accurate) you would make me very happy. I have been unable to find anything that discusses reliability of different manufacturers like you just described.
I have always sworn by Intel while friends have bought OCZ(because they were cheaper per GB) and several have had nothing but problems but others have sworn their OCZ was rock solid. On the other hand, I bought only Intels since the day the G2 series hit the market. Every single one is still in use and none of them have had any problems. In fact, I haven't had to reinstall windows as often as I've had to in the past. Not sure if its because Win7 is better than WinXP, the SSDs are more reliable than platter based disks, or both.
But even then, I still swear by Intel every time a friend makes a recommendation, regardless of the benchmarks and the (often) slightly higher price per GB.
I always think the same thing. It's just so perfect. But that's the reality between taking a picture in a pollution filled atmosphere like ours versus the near perfect vacuum of space.
But its not like we didn't know where the lines were drawn. All of these problems are created by humans, managed by humans, and controlled by humans. If we don't like the situation we've put ourselves in, then we should change them. If we didn't we have nobody to blame but ourselves.
Actually, the cost of bringing them all home would be VERY expensive. It cost money to get them there, and it costs money to bring them home. But, if you bring them home for long enough then you might save money in the long term. But since the military is paid salary and not hourly, I'm betting the cost savings would take years to reap.
And if you think you'll bring them home "during the shutdown" I can guarantee that you'll definitely be spending more money in the long run. But I don't think this was your intention based on your comment.
But ignoring these fact, if you chose to stop paying the military you'd have serious problems on your hands. Do you know what happens when the people holding the guns defending you do when you stop paying them? Well, let's just say "you don't want to find out". And the reality of it is that my military brothers and sisters would have serious problems because they can't expect to go get a temporary job while the wait out the shutdown nor do they have large sums of money to sit at home and still pay their bills.
I remember when Sept 11th happened and all sorts of government buildings were closed there was a lot of rumors that the military members might not get paid on time. Lucky for us many banks like Navy Federal Credit Union agreed they'd deposit our normal paycheck size into our accounts even if we didn't get paid. Many apartment complex came out and said that if we didn't get paid they wouldn't charge late fees if we didn't have our rent checks on time. Fortunately we did get paid on time and didn't have to worry about such things.
The last thing us military people needed to worry about when we were suddenly forced to go to sea unexpected(I was in the Navy) was to worry about if our family was home starving with no money and I was in the middle of the ocean unable to contact them to find out if they were even alive. Remember, the safest place for a ship is at sea. So guess where all the ships went when Sept 11th happened? That's right, to sea. Unfortunately many of us had families that were in panic over the Sept 11th attacks, and all that any of us knew was that we were going to sea for an indeterminate period of time, might or might not get paid on time, and no clue if we were going to war immediately or not.
So please think about the people defending your right to comment on this website before you start talking about not paying them. Because it stinks of shit when people like you talk out of your mouth with such rubbish. They didn't want the shutdown. And the very people that should be telling our Congress and President to go to hell when they do stupid things like this and voting them out are the same people that should be responsible for whatever consequences(good or bad) that come from not acting. So I don't feel too bad when the Grand Canyon, the WWII memorial, and the Statue of LIberty close. We wanted this. We asked for it by voting in these idiots. And by "We" that just means the majority. For the rest of us that didn't vote in these clowns, we should have worked harder to keep the clowns out of office.
So everyone enjoy the spoils from voting in these incompetent losers. You wanted it and you got it. And the worse you want it, the worse you'll get it. I know next election I'll be trying to get some fresh air in there.
Regarding the need for specialized equipment on one end, I've always had the exact same thoughts. And since people had been beamed from places like the Borg cube directly to the bridge, why even have a "transporter room"? Why not just beam everyone to wherever they wanted to go next and compact the room down to nothing more than an equipment closet? I know.. Hollywood needs special effects.
There's a Star Trek documentary somewhere where the whole concept of the Transporter was explained. Basically when the first episode of Star Trek The Original Series was being filed the plan was to have a shuttle for going to/from ship and shore. The designers of the shuttle weren't going to complete the shuttle before the shuttle would be needed for filming though. So the "transporter room" was invented as an emergency backup if the shuttlecraft didn't work out. Sure enough, the shuttlecraft wasn't finished in time, so the transporter was used. But then the directors and writers like the transporter. It saved the directors/writers time by not having to include commentary while traveling to/from and it turned out to be cheaper than the shuttle to boot!
So does this also give an indication of how much energy an transporter(Star Trek like) would consume(assuming 100% efficiency of course)?
I've always wondered how much energy would be needed for transportation like that. Always wanted to see if its more/less efficient than driving your SUV to work.
Ever person that works at a nuclear power plant knows and understands the risk of thyroid cancer due to exposure to radioactive Iodine. If anything, the workers know that this is true, understand the technicals for why it is mitigated with potassium tablets, and are okay with the increased risk of a very treatable condition. I've worked in the industry for more than 10 years and I KNOW this is true.
Many emergency responders that work in the vicinity of a nuclear power plant know this too. I KNOW this is true as I dated someone that was an emergency responder.
So maybe we should publish other articles on Slashdot.
-Higher risk of being shot in Chicago than on a farm in Montana. -Higher risk of dying in a car accident when traveling faster. -You are more likely to suffocate if you inhale your pool versus inhaling at your neighborhood park.
Not to discredit how much having cancer sucks. But thyroid cancer is very treatable today. Especially when you have a known group of people that are more susceptible to it and therefore can be tested more thoroughly for early warning signs.
Naturally, "star trek" is the search if you are only provided that address. It also clearly shows that I am using firefox. Does SSL protect the actual web address from being sniffed without Google's SSL master cert?
If so, then its safe to assume that my cable internet provider could see that I'm using google(based on the IP address of the traffic) but can't tell that I might be a hardcore Trekkie or that I'm using Firefox(at least from the link.. surely they could sniff traffic from elsewhere and determine my user agent string). Is this correct?
So how do I determine what actually is protected by SSL and what isn't? Is there a cheat sheet somewhere? I've always been curious about this but I don't want a 4 year degree in network design...
I agree with your logic. And while I don't share this opinion, but aren't these large companies wanting to raise the H-1B visa limits because of allegedly poorly trained/inexperienced programmers? If this is truly the case then I could see why raising the visa limit AND screening applicants via hiring contests would still be a logical solution.
The entire trading market is a zero sum game. My gain is your loss. So naturally, having computers auto sell at low values and buy at high is a gain for those that choose to use it..and for the rest of us a loss.
But I read this article first on Slashdot today and I thought that this might actually be somewhat based on real theory, until I read the article.
Maybe I'm too much into Star Trek, but I have to think there's a way to cheat(or at least bend) the speed-of-light limitations. I was interested in how they would deal with potential clock issues.. but bah.. April 1 got me.:(
Come on! Provide company data.. I might be interested in applying. I've given up on finding a job locally and I'm not against moving. I did almost 9 years in the Navy, so I know what moving is all about.
I bet they said that 50 years ago when the first generation nuclear power plants were being built. Right now I'm not expecting that in the next 50 years we'll have thorium worked out either. So how long are we going to keep telling ourselves that thorium is "only 100 years away"?
Yes, I work in the nuclear industry and read up on this stuff because I find it exciting. But I don't find the rate at which mankind develops technology that could potentially change our civilization for the better too exciting:(
You are also failing to consider that if it hadn't been for the flood, would likely have continued the downward slope from where they where. Just because we are at pre-flood doesn't mean the market has recovered. 3TB drives would be about $90 each right now based on the trajectory of price if it hadn't been for the flood. I haven't seen $90 3TB drives anywhere except for "1 per household" and "only 100 at this price" sales.
I wonder how many of these vulnerabilities will be found and identified before the top brass at Oracle starts questioning the logic in buying Sun. Could Oracle realistically just come out and say "you know what.. we're done with Java"? Is Oracle really this inept at making stuff secure?
I mean, fixing security vulnerabilities is never good for business.. at all. You spend money fixing something that doesn't affect you directly but definitely affects your customers(which indirectly affects you). It's developer time that could have been spent on the next version's new shiny feature. Not to mention you aren't going to sell your product by saying 'We fixed XYZ vulnerabilities in the last 2 years". Anytime a company name is used in the same sentence with "new vulnerabilities discovered" is also not good for said company.
When the last topic about these vulnerabilites was posted I mentioned how I don't trust companies with my security any more than I have to and mentioned that my firewall is now pfsense since Linksys, Netgear, and Dlink don't seem to be interested in security without buying a new router every 2 years. Naturally I got modded down. Let's see how this goes this time...
And its BS like this that I do not trust other companies any more than I have to for security.
So my router was made by me with wifi and all for less than $200 and uses pfsense. If there's a security risk I'm sure there will be a patch unlike some dlink and linksys problems. What happened when my last dlink router had a 0day exploit? dlink's public answer was "I'm sorry, we don't support your 2.3 year old router anymore, but if you buy our new shiniest router ever it has the firmware update to fix that exploit". So you're telling me you expect me to buy your product again when you've proven to me that you expect me to buy a new router from you every two years like clockwork? Heck no.
Besides, now that my Atom is all setup I've noticed latency on gaming is 1/2 of what it used to be and download speeds actually went up! Can't beat that!
Unfortunately there isn't any good open source Windows antivirus that I know of.
Slashdot Mirror
This may be labeled as funny, but I saw this article just a few minutes before it popped up on Slashdot, and I thought the exact same thing.
The truth is we really don't know how long this problem has existed for, nobody knows if this was an accident or an "accident", and there's no telling who may have used this and to what depth. The NSA could have used this to scrape the SMS messages of every Verizon customer for weeks, months, or years.
Considering all the stuff about the NSA going around, I really don't consider it that unlikely to have been used by the NSA. They're so busy undermining all of our liberties(even people ourside our borders) that I'm just not surprised by it anymore.
I really wonder if this whole NSA thing is going to cause a small revolution in IT leading to more secure systems not to keep out would-be hackers but to keep out our own governments. People seem to be far more concerned about government access to their data than anonymous hackers that gained access.
I guess we'll see in 5 years if the atmosphere around computer security has changed...
And even if you go with Brand-X VPN service that is all over the world, what's to say that because they might have servers in the USA their key isn't already compromised? Or that someone at Brand-X wasn't paid off by the NSA for the key? Or that they obtained the key directly from the key right when it was signed?
Let's go all out on this. I'm really curious to see what others think of these conspiracy theories. Because lately they could just as easily be believed because of some of the stuff that has come to light from Snowden.
Is there even a design where the VPN service could be compelled to give up the keys, but still be secure? I'm thinking no, but hoping someone can validate that.
No, but he does make an interesting comparison. It is worth at least mentioning. Is it not? Last I read the contract was a no-bid(aka no competition) contract. Usually those are given to companies that are getting "special privledges" from those high in the political ranks.
It's bricking when it cannot be fixed. This can, hence the article summary is wrong. Wake up editors!
I agree that no company bats 100%. But Intel has consistently had very reliable, reasonably performing, and reasonably priced SSD. Of all of the brands, if I had to pick a random brand and model, I'd take any Intel model over anything else. That's not to say Samsung doesn't make good products(they clearly do). But you never know what you're getting into when you buy something new, so there's always that risk you get a crappy model for any one of 100 reasons.
Intel seems to be pretty darn good at having a good quality product. I'd also wager Samsung can't be that bad considering the comments from friends on them and their failure rates from various websites.
But clearly OCZ has a very bad history, and I'd go with just about ANY brand before OCZ unless it was free.
I do remember a few years back OCZ was in the process of trying to get a contract with some manufacturer such as Apple, HP, Dell, etc. but the company decided not to sign the agreement after they saw the negative feedback being left for OCZ products. Someone had said that when OCZ had left all of their other products and went to SSD-only they were heavily relying on that contract.
If you could provide a source(even if your numbers aren't completely accurate) you would make me very happy. I have been unable to find anything that discusses reliability of different manufacturers like you just described.
I have always sworn by Intel while friends have bought OCZ(because they were cheaper per GB) and several have had nothing but problems but others have sworn their OCZ was rock solid. On the other hand, I bought only Intels since the day the G2 series hit the market. Every single one is still in use and none of them have had any problems. In fact, I haven't had to reinstall windows as often as I've had to in the past. Not sure if its because Win7 is better than WinXP, the SSDs are more reliable than platter based disks, or both.
But even then, I still swear by Intel every time a friend makes a recommendation, regardless of the benchmarks and the (often) slightly higher price per GB.
I always think the same thing. It's just so perfect. But that's the reality between taking a picture in a pollution filled atmosphere like ours versus the near perfect vacuum of space.
ZOMG There's no stars. This must be a NASA staged event and didn't really happen... on the moon.
But its not like we didn't know where the lines were drawn. All of these problems are created by humans, managed by humans, and controlled by humans. If we don't like the situation we've put ourselves in, then we should change them. If we didn't we have nobody to blame but ourselves.
Actually, the cost of bringing them all home would be VERY expensive. It cost money to get them there, and it costs money to bring them home. But, if you bring them home for long enough then you might save money in the long term. But since the military is paid salary and not hourly, I'm betting the cost savings would take years to reap.
And if you think you'll bring them home "during the shutdown" I can guarantee that you'll definitely be spending more money in the long run. But I don't think this was your intention based on your comment.
But ignoring these fact, if you chose to stop paying the military you'd have serious problems on your hands. Do you know what happens when the people holding the guns defending you do when you stop paying them? Well, let's just say "you don't want to find out". And the reality of it is that my military brothers and sisters would have serious problems because they can't expect to go get a temporary job while the wait out the shutdown nor do they have large sums of money to sit at home and still pay their bills.
I remember when Sept 11th happened and all sorts of government buildings were closed there was a lot of rumors that the military members might not get paid on time. Lucky for us many banks like Navy Federal Credit Union agreed they'd deposit our normal paycheck size into our accounts even if we didn't get paid. Many apartment complex came out and said that if we didn't get paid they wouldn't charge late fees if we didn't have our rent checks on time. Fortunately we did get paid on time and didn't have to worry about such things.
The last thing us military people needed to worry about when we were suddenly forced to go to sea unexpected(I was in the Navy) was to worry about if our family was home starving with no money and I was in the middle of the ocean unable to contact them to find out if they were even alive. Remember, the safest place for a ship is at sea. So guess where all the ships went when Sept 11th happened? That's right, to sea. Unfortunately many of us had families that were in panic over the Sept 11th attacks, and all that any of us knew was that we were going to sea for an indeterminate period of time, might or might not get paid on time, and no clue if we were going to war immediately or not.
So please think about the people defending your right to comment on this website before you start talking about not paying them. Because it stinks of shit when people like you talk out of your mouth with such rubbish. They didn't want the shutdown. And the very people that should be telling our Congress and President to go to hell when they do stupid things like this and voting them out are the same people that should be responsible for whatever consequences(good or bad) that come from not acting. So I don't feel too bad when the Grand Canyon, the WWII memorial, and the Statue of LIberty close. We wanted this. We asked for it by voting in these idiots. And by "We" that just means the majority. For the rest of us that didn't vote in these clowns, we should have worked harder to keep the clowns out of office.
So everyone enjoy the spoils from voting in these incompetent losers. You wanted it and you got it. And the worse you want it, the worse you'll get it. I know next election I'll be trying to get some fresh air in there.
Regarding the need for specialized equipment on one end, I've always had the exact same thoughts. And since people had been beamed from places like the Borg cube directly to the bridge, why even have a "transporter room"? Why not just beam everyone to wherever they wanted to go next and compact the room down to nothing more than an equipment closet? I know.. Hollywood needs special effects.
There's a Star Trek documentary somewhere where the whole concept of the Transporter was explained. Basically when the first episode of Star Trek The Original Series was being filed the plan was to have a shuttle for going to/from ship and shore. The designers of the shuttle weren't going to complete the shuttle before the shuttle would be needed for filming though. So the "transporter room" was invented as an emergency backup if the shuttlecraft didn't work out. Sure enough, the shuttlecraft wasn't finished in time, so the transporter was used. But then the directors and writers like the transporter. It saved the directors/writers time by not having to include commentary while traveling to/from and it turned out to be cheaper than the shuttle to boot!
So does this also give an indication of how much energy an transporter(Star Trek like) would consume(assuming 100% efficiency of course)?
I've always wondered how much energy would be needed for transportation like that. Always wanted to see if its more/less efficient than driving your SUV to work.
Yeah. I meant potassium iodide. Didn't realize I missed a word when I typed it up. Thanks for the correction. :)
WoW. MOTO article.
Ever person that works at a nuclear power plant knows and understands the risk of thyroid cancer due to exposure to radioactive Iodine. If anything, the workers know that this is true, understand the technicals for why it is mitigated with potassium tablets, and are okay with the increased risk of a very treatable condition. I've worked in the industry for more than 10 years and I KNOW this is true.
Many emergency responders that work in the vicinity of a nuclear power plant know this too. I KNOW this is true as I dated someone that was an emergency responder.
So maybe we should publish other articles on Slashdot.
-Higher risk of being shot in Chicago than on a farm in Montana.
-Higher risk of dying in a car accident when traveling faster.
-You are more likely to suffocate if you inhale your pool versus inhaling at your neighborhood park.
Not to discredit how much having cancer sucks. But thyroid cancer is very treatable today. Especially when you have a known group of people that are more susceptible to it and therefore can be tested more thoroughly for early warning signs.
Oh slashdot.. I miss the old you...
Probably going to get modded down for asking such a simple(stupid?) question.. I've never been able to find this answer though.
From the article:
However, DuckDuckGo is using SSL encryption. Without DuckDuckGo's private SSL certificate, your search queries (but not your location) are invisible.
Can someone clarify this for me? I want to make sure I understand this. If I search for "Star Trek" in Google then I get redirected to
https://www.google.com/search?q=star%20trek&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-US:official&client=firefox-a&channel=np&source=hp.
Naturally, "star trek" is the search if you are only provided that address. It also clearly shows that I am using firefox. Does SSL protect the actual web address from being sniffed without Google's SSL master cert?
If so, then its safe to assume that my cable internet provider could see that I'm using google(based on the IP address of the traffic) but can't tell that I might be a hardcore Trekkie or that I'm using Firefox(at least from the link.. surely they could sniff traffic from elsewhere and determine my user agent string). Is this correct?
So how do I determine what actually is protected by SSL and what isn't? Is there a cheat sheet somewhere? I've always been curious about this but I don't want a 4 year degree in network design...
I agree with your logic. And while I don't share this opinion, but aren't these large companies wanting to raise the H-1B visa limits because of allegedly poorly trained/inexperienced programmers? If this is truly the case then I could see why raising the visa limit AND screening applicants via hiring contests would still be a logical solution.
The entire trading market is a zero sum game. My gain is your loss. So naturally, having computers auto sell at low values and buy at high is a gain for those that choose to use it..and for the rest of us a loss.
But I read this article first on Slashdot today and I thought that this might actually be somewhat based on real theory, until I read the article.
Maybe I'm too much into Star Trek, but I have to think there's a way to cheat(or at least bend) the speed-of-light limitations. I was interested in how they would deal with potential clock issues.. but bah.. April 1 got me. :(
Come on! Provide company data.. I might be interested in applying. I've given up on finding a job locally and I'm not against moving. I did almost 9 years in the Navy, so I know what moving is all about.
I bet they said that 50 years ago when the first generation nuclear power plants were being built. Right now I'm not expecting that in the next 50 years we'll have thorium worked out either. So how long are we going to keep telling ourselves that thorium is "only 100 years away"?
Yes, I work in the nuclear industry and read up on this stuff because I find it exciting. But I don't find the rate at which mankind develops technology that could potentially change our civilization for the better too exciting :(
So are we saying that if I go surfing the net everywhere claiming to be a 12 year old that I'll have a safer internet experience than being an adult?
You are also failing to consider that if it hadn't been for the flood, would likely have continued the downward slope from where they where. Just because we are at pre-flood doesn't mean the market has recovered. 3TB drives would be about $90 each right now based on the trajectory of price if it hadn't been for the flood. I haven't seen $90 3TB drives anywhere except for "1 per household" and "only 100 at this price" sales.
Whoops!
I wonder how many of these vulnerabilities will be found and identified before the top brass at Oracle starts questioning the logic in buying Sun. Could Oracle realistically just come out and say "you know what.. we're done with Java"? Is Oracle really this inept at making stuff secure?
I mean, fixing security vulnerabilities is never good for business.. at all. You spend money fixing something that doesn't affect you directly but definitely affects your customers(which indirectly affects you). It's developer time that could have been spent on the next version's new shiny feature. Not to mention you aren't going to sell your product by saying 'We fixed XYZ vulnerabilities in the last 2 years". Anytime a company name is used in the same sentence with "new vulnerabilities discovered" is also not good for said company.
When the last topic about these vulnerabilites was posted I mentioned how I don't trust companies with my security any more than I have to and mentioned that my firewall is now pfsense since Linksys, Netgear, and Dlink don't seem to be interested in security without buying a new router every 2 years. Naturally I got modded down. Let's see how this goes this time...
And its BS like this that I do not trust other companies any more than I have to for security.
So my router was made by me with wifi and all for less than $200 and uses pfsense. If there's a security risk I'm sure there will be a patch unlike some dlink and linksys problems. What happened when my last dlink router had a 0day exploit? dlink's public answer was "I'm sorry, we don't support your 2.3 year old router anymore, but if you buy our new shiniest router ever it has the firmware update to fix that exploit". So you're telling me you expect me to buy your product again when you've proven to me that you expect me to buy a new router from you every two years like clockwork? Heck no.
Besides, now that my Atom is all setup I've noticed latency on gaming is 1/2 of what it used to be and download speeds actually went up! Can't beat that!
Unfortunately there isn't any good open source Windows antivirus that I know of.