Well, the problem is that most security professionals are not really independent. Many of them rely on government contracts, some of them even work for weapons manufacturers and arms dealers. Even the supposedly fully independent ones usually work at the university, i.e. they are government employees. Yet others work for large corporations who traditionally bend over for any government authority.
Just take a look at various cell phone and Wifi encryption standards to see the results...
Not so sure about that. Parallel code tends to have plenty of overhead even after optimization, e.g. expecting approx. 2.5 times speed increase from single-core when running on 4 cores is more realistic than a 4 times increase. Data must be shuffled around, OS threads prepared, contexts are switched, etc.
I'm intrigued by your suggestion but would like to add that before attempting to replace paper (which won't work, in the short run at least) it would be nice to have displays that can be read in broad sunlight. Or, at least give us the mate/non-glare screens back. Or, at least make durable ebook readers whose display is large enough to actually read books (PDFs) as opposed to pretending to do so. Not the whole world consists of kiddies who love to watch themselves in their reflective mirror displays...
I'll give you an honest answer, although many people won't like it. It's better than Eclipse once you've mastered the learning curve. It's fast, responsive, totally programmable and cusomizable, and supports more programming languages and extensions than any other editor.
Just because there is free beer somewhere and folks want to have it, doesn't mean that they will or have to endorse the 'business model' of the people who give it away. It's kind of stupid to think otherwise.
There are good reasons to suspect that the claim that no content is stored is a lie / intentional disinformation. Perhaps only meta-data of confirmed US citizens is stored (unless under broadly defined 'exceptional circumstances'), but for anyone else in the world - unlikely. It wouldn't make sense, estimates show that the NSA has the storage capability to store a lot more, so why should they resort to meta-data only? There were rumors about a "Total Information Awareness" program a long time ago already, and these were quickly denied by every official. In reality, the NSA simply carried out that program, as most other people in charge would have done. The motive is pretty obvious: If something bad occurs, politicians will suddenly want information about person X within 20 minutes or so. If you cannot come up with something, some head will roll - such as, for instance, the head of the director of the NSA. The same reasoning goes for the politician himself, who wants to be re-elected after the incident. Thus, collecting as much data as you can "makes sense" in the eye of the responsible intelligence officials and their (barely present) political overseers.
People also tend to forget that legally obtainable public (and semi-public) information from social networks and web pages may be freely scraped and stored without any limitations. At least, it seems not unreasonable to assume that this is how the law is interpreted. Last but not least, it would be surprising if they wouldn't include all of your Google search queries under the label "meta-data" and these alone provide enough information for an almost complete, real-time personality and movement profile, should it be needed.
Well, they have been caught sniffing out WLAN metadata with their street view camera cars in the past, breaking numerous laws in various countries in the process, so the idea that they could attempt to "accidentally store" plaintext WLAN passwords is not that far-fetched.
No need for a tin-foil hat, though, when you can explain the behavior to a simple and straightforward "we don't give a fuck about the security of your data" attitude.
The problem is that if only a few percent, say 5% to 10%, of the population wear those things, surveillance of citizens will be constant and absolutely ubiquitous. And make no mistake, authorities will directly tap into these things one day, just as it is possible and routinely done with cell phones. Cameras in cities and shops are not even remotely in the same league, neither in numbers nor regarding possible abuse by governments, creeps, etc. (which doesn't mean you shouldn't be against them).
So even if you think these are cool gadgets now, please reconsider whether the long-term implications of being one of those creepswho wear them are really worth it.
It's the current DNS system that's flawed, no matter what TLD's there are or not. It is time to abolish the old system.
DNS management must be decentralized, everyone who connects to the Internet should be automatically in charge of it (by running a p2p DNS search node), domain names ought to be arbitrary, free and strictly distirbuted on a first come, first served basis. There are plenty of working models that would prevent abuse and contrary to what some people claim security is NOT an issue (any "security" that relies on the correctness of simple name->address translations instead of proper certificates/key distribution is bogus anyway).
While we're at it, it would also make sense to get rid of "certificate authorities". The right system for encrypted network traffic is that of ssh, the key is transmitted on the first connection and then used every subsequent access. Important entities like banks and payment providers need to roll out their own security tokens anyway, everything else is insecure, so authenticating them is no problem.
The revolution could start with a simple browser plugin. I really hope somebody works on that. Would be nice to put an end to DNS tampering and censoring.
Slashdot Mirror
Well, the problem is that most security professionals are not really independent. Many of them rely on government contracts, some of them even work for weapons manufacturers and arms dealers. Even the supposedly fully independent ones usually work at the university, i.e. they are government employees. Yet others work for large corporations who traditionally bend over for any government authority.
Just take a look at various cell phone and Wifi encryption standards to see the results...
... anything with "NSA" in its name that comes from the US government consists of half-truths, lies and deliberate disinformation.
I'm not sure I got it right the first time, so could you please just confirm this opinion of yours one more time, for the record.
Are you suggesting that it might be the case that Assange is not wanted by the US?
You just need to ensure that your key is "sufficiently random"
No, it needs to be completely random.
Technical solutions to social & political problems don't work.
Not so sure about that. Parallel code tends to have plenty of overhead even after optimization, e.g. expecting approx. 2.5 times speed increase from single-core when running on 4 cores is more realistic than a 4 times increase. Data must be shuffled around, OS threads prepared, contexts are switched, etc.
You can as well use Haskell, where you write quickly, code is succinct and program runs fast.
...if you're a brain damaged computer scientist. Real men don't need no stinkin' monads, they have no quirks with side effects.
I'm intrigued by your suggestion but would like to add that before attempting to replace paper (which won't work, in the short run at least) it would be nice to have displays that can be read in broad sunlight. Or, at least give us the mate/non-glare screens back. Or, at least make durable ebook readers whose display is large enough to actually read books (PDFs) as opposed to pretending to do so. Not the whole world consists of kiddies who love to watch themselves in their reflective mirror displays...
I'll give you an honest answer, although many people won't like it. It's better than Eclipse once you've mastered the learning curve. It's fast, responsive, totally programmable and cusomizable, and supports more programming languages and extensions than any other editor.
I told you that you wouldn't like the answer...
Seriously: No Readme, no installation instructions?
I've already installed another package manager, so how do I add this one? Is there any website other than the GIT repository?
Yes, but it's a long, slow path.
That's why I recommended pandoc and not LateX.
Personally, I use LaTeX but for docs without many formulas pandoc works fine.
You don't need a special editor at all.
0 days
and if not from the beginning sites like Wikileaks will probably be on the list very soon, too...
Huawei or another private company, or a government "ministry for cencorship"? And who controls the people who make the list?
Just curious...
Just because there is free beer somewhere and folks want to have it, doesn't mean that they will or have to endorse the 'business model' of the people who give it away. It's kind of stupid to think otherwise.
Hey, Ada has a decimal type! It's about as big, cumbersome and verbose as Java but at least it's safer and 3-5 times faster. Ah, nevermind...
Have canceled my FB account a long time ago, but still caon't opt out of the government.
but no content of mail or phone calls
There are good reasons to suspect that the claim that no content is stored is a lie / intentional disinformation. Perhaps only meta-data of confirmed US citizens is stored (unless under broadly defined 'exceptional circumstances'), but for anyone else in the world - unlikely. It wouldn't make sense, estimates show that the NSA has the storage capability to store a lot more, so why should they resort to meta-data only? There were rumors about a "Total Information Awareness" program a long time ago already, and these were quickly denied by every official. In reality, the NSA simply carried out that program, as most other people in charge would have done. The motive is pretty obvious: If something bad occurs, politicians will suddenly want information about person X within 20 minutes or so. If you cannot come up with something, some head will roll - such as, for instance, the head of the director of the NSA. The same reasoning goes for the politician himself, who wants to be re-elected after the incident. Thus, collecting as much data as you can "makes sense" in the eye of the responsible intelligence officials and their (barely present) political overseers.
People also tend to forget that legally obtainable public (and semi-public) information from social networks and web pages may be freely scraped and stored without any limitations. At least, it seems not unreasonable to assume that this is how the law is interpreted. Last but not least, it would be surprising if they wouldn't include all of your Google search queries under the label "meta-data" and these alone provide enough information for an almost complete, real-time personality and movement profile, should it be needed.
Reasons:
------------
1. too expensive for the specs
2. the keyboard looks like shit (and probably quite literally feels like shit, too)
3. doesn't run traditional Windows desktop apps
Another reason I wish I could add, but in reality is not a reason:
4. doesn't run Linux / vendor-locked
Well, they have been caught sniffing out WLAN metadata with their street view camera cars in the past, breaking numerous laws in various countries in the process, so the idea that they could attempt to "accidentally store" plaintext WLAN passwords is not that far-fetched.
No need for a tin-foil hat, though, when you can explain the behavior to a simple and straightforward "we don't give a fuck about the security of your data" attitude.
The problem is that if only a few percent, say 5% to 10%, of the population wear those things, surveillance of citizens will be constant and absolutely ubiquitous. And make no mistake, authorities will directly tap into these things one day, just as it is possible and routinely done with cell phones. Cameras in cities and shops are not even remotely in the same league, neither in numbers nor regarding possible abuse by governments, creeps, etc. (which doesn't mean you shouldn't be against them).
So even if you think these are cool gadgets now, please reconsider whether the long-term implications of being one of those creepswho wear them are really worth it.
Certainly not as practical as abortion and making a new baby, but, hey, we need to protect unborn life at all costs!
In my opinion, adding the TLD .assholes and reserving it strictly for business cannot do harm.
Count me in.
It's the current DNS system that's flawed, no matter what TLD's there are or not. It is time to abolish the old system.
DNS management must be decentralized, everyone who connects to the Internet should be automatically in charge of it (by running a p2p DNS search node), domain names ought to be arbitrary, free and strictly distirbuted on a first come, first served basis. There are plenty of working models that would prevent abuse and contrary to what some people claim security is NOT an issue (any "security" that relies on the correctness of simple name->address translations instead of proper certificates/key distribution is bogus anyway).
While we're at it, it would also make sense to get rid of "certificate authorities". The right system for encrypted network traffic is that of ssh, the key is transmitted on the first connection and then used every subsequent access. Important entities like banks and payment providers need to roll out their own security tokens anyway, everything else is insecure, so authenticating them is no problem.
The revolution could start with a simple browser plugin. I really hope somebody works on that. Would be nice to put an end to DNS tampering and censoring.