This guy is just in it for the fame and cash at this point. He wants more paid gigs giving his opinion out, it's easier to get paid having a polarized stance, regardless of accuracy or insight. Hayden is short-sighted, the system he says is meant to "protect America" is a threat to the very fibers of democracy. In a future where every digital fingerprint and trace of all potentially elected leaders is cataloged and kept in NSA databases, there's a very palatable and real end for "democracy" in the not-to-distance future. All elected leaders will be controlled by such an apparatus.
Snowden could have leaked far more damaging details, and to more than journalists. The fact of the matter is, the majority of Americans don't support what the NSA is doing in their name, but the NSA isn't interested in Democracy or American principles in general. They're interested in exploiting any and all information to their gain.
The NSA is the most dangerous Advanced Persistent Threat ever known to mankind.
To those at the NSA who are just awakening to the new reality that people are, now and forevermore, going to hate you whether you deserve it or not, I can only say "Welcome to my world. Learn to deal with it. It'll drive you nuts if you don't."
Morale should be low, "the public" doesn't want them to do what they're doing. They are a threat to democracy. The US has long been a threat to any Democratic Government that doesn't favor it, just read about the "Other 9/11".
The fact of the matter is, they are pawns to non-Democratic interests that do nothing to serve the American People as a whole. They serve big monied interest, mega corporations and conglomerates protecting their entrenched positions and bottom lines. Concepts like "freedom," and "liberty" are merely espoused to make the rank and file feel warm and fuzzy about their unconstitutional work, which is ironically the biggest threat to "freedom" and "liberty" that we face today. Higher ups get corrupted by the power. All the rank and file should know, the moment you expose any sort of inconvenient truth, the full weight and force of the apparatus you served will be turned on you and you yourself can be labelled a "domestic terrorist." Just look at the case of Julia Davis which has open court records that backup such facts.
When you job helps create and maintain a system where ordinary citizens can be assassinated and political discourse controlled in the most un-democratic of manners, you -should- feel bad. But hey, if you're working through a contracting firm, I bet that big tax-payer funded pay check will go a long way to making you feel better.
Anyway, it's hard to believe the NSA isn't adept at finding the sociopaths focused purely on career advancement and power gain that it needs. Maybe I'm wrong, maybe there is some big boogie man we need to be worried about, but if there is, they've done a really bad job of informing the public as to what actual danger, besides inconvenient truths and things that worry big MegaCorp, they are protecting against. Maybe if we didn't focus on fucking with the rest of the world so much people wouldn't want to strike at us.
Dunno about you, but I ain't gonna be excited by AMD's offerings anymore, after what they dished to us on their Bulldozer roll out
For more than a year before Bulldozer came into being they told us that the Bulldozer gonna be revolutionary - they hyped the Bulldozer so much that many forums were filled with people just couldn't wait to get their hands on it
Did you think the same thing about Intel after the Pentium4 too?
The level of abuses - both the spying itself, subsequent known abuses of the data, and countless likely unknown abuses - has already done enough damage to the fabric of the ideal of democracy, that an open and straightforward conversation is not enough. When there are very real threats that people will be tortured to preserve government secrecy about this...
The only straightforward and sensible conversation at this point can be about shutting it down, and how quickly we can shut it down. You cannot have a democracy in this environment where the public is left completely uninformed, the programs are shrouded in secrecy, and any attempt to unravel that secrecy is met with "National Security, go fuck yourself." Snowden was straight on point when he said we building a solution for "turnkey tyranny." Communism to the extreme, or Capitalism to the extreme all lead to totalitarianism with control and power centered in the hands of the very few. Look at Jeff Bezos--whose company is a HUGE government contractor--buying The Washington Post, one of the bigger critics and writing about the Spying State, I'm sure that was pure coincidence, probably a childhood dream to own a newspaper right?
Look at the skill with which the NSA protects their own secrets, do you think they are protecting yours? Surely not, and more to the point, they use those against you. I'm sure there are a lot of good people that would run for office to solve this mess, if only the State didn't record every little detail of a person's life to use against them when they run for political office. Calling America a democracy is a farce, we're given the illusion of choice, there is no real choice anymore. It's all about control, State control, for "make happy benefit of monied interests" as Borat would say.
The President can keep a secret kill list of US Citizens, and execute that kill list with no oversight or transparency, all in the name of Terrorism or National Security. "Nation Security" is a term perverted far what it's actual meaning, all you have to do is "know something" they think you shouldn't know and the President can "arrange for an accident" to happen to you. I'm not worried about "terrorists", I'm worried about my own government assassinating me.
Ask yourself, who gained the most from the events of 9/11? We need to roll all this back. And to the various Analysts parsing this post, do you really think you're doing a moral and ethical job? Do you think you're serving the good of the general citizenry or are you serving deep pockets? Do you really think The People would approve of what and how you're doing what you're doing if they knew all the details?
Not like there is any point in posting this "Anonymously."
I have zero concern putting my skills and capabilities up against any of those people. In fact, I'm hiring. Think you solve problems, on a less-than-government sized budget--I realize this cuts 90% of you guys out--apply within. What I'm hoping it does to my job is maybe give me some semi-reasonable candidates that I might be able to offload some work to, and cut my 80-hours/week down to like 60 with a few new hires.
"I'm not really in a mind to offer help or advice to the people running those scripts, but it might be possible to scan the internet from 255.255.255.255 downwards next time."
Yes, start with all the multicast addresses. That'll work for them!;)
With the ability to store all communication, all an attacker has to do is exploit one-side of the communication to acquire its private key, at which point they can decrypt the stored comms at their leisure. You should be more concerned about end-point security and vulnerabilities, than holes in the cipher itself.
Having said that, the largest employer of mathematicians in the world may have also figured out how to factor primes efficiently, or at least, pruned the problem space enough to where a couple billion dollars worth of hardware can solve it in a tractable amount of time.
Just for reference, if you look at the summary you'll see that what he's released is that trove... encrypted. The idea is that if he gets arrested, he yells out the passphrase, but until then this might as well be 1.7TiB of/dev/random
If you read the article, you'll see that it gets auto-decrypted if he fails to check in. So if he gets arrested and can't access the failsafe to reset it the timer, it gets released.
So the guy is lying? Perhaps. Or just exaggerating. But I doubt there isn't more than one data center for this very purpose. The question is what kind of hardware would be necessary to compress all the data live.
Ugh, you just store it compressed with LZO. The bigger challenge isn't storing it, it's storing it securely and secure from inside threats, that's the challenge. The cryptography involved, and technology to operate natively on cipher streams is where the actually interesting stuff is done. Storage alone is trivial.
So... Node.js, chalked full of easy ways to leak memory (ie don't change default debug console, or use a crappy gzip library) but the ability to write code that runs/renders either on the server or on the client with the same code and low-level libraries to make the decision of the best place to render--ie render same code on server or client--makes JS on the server-side rather attractive. I run, Operations side, over 1000+ websites on a Node.js farm (talking 200-300 mbit/sec of sustained daily web-traffic), and it scales a lot better than PHP from both a templating side (many similar but different sites with inheritance based properties) and from the performance scaling side.
From a PLT side, yea, JS ain't the best, but it's a defacto web-rendering technology and its use on the server can simplify a lot of things, not to mention that JS in V8 is pretty quick to boot, although it does have heap limitation based around the 32-bit code V8 generates.
I leave comment readers with a wonderful link: This PLT Life
Nobody keeps lots of mail there for longer than six months.
In fact, people do. However, corporate email accounts at Google auto-delete email after 180 days because of the 1986 act. There was much grumbling when this came about, and there are exceptions for people with an email "litigation hold", but for everyone else, it's part of normal operation that it's deleted.
That's bullshit. My corporate gmail account goes back years.
As an engineer, I know far more than the average person about chemistry, exothermic reactions and weaknesses in bridges. As a sysadmin and AV author, I know quite a lot more about network and computer exploits than the average slashdotter. Does that imply that I deserve my freedom of speech limited because I'm a bomb maker and computer black hat in potentia?
"Should we care?" is what I'm trying to figure out. Redhat has lost almost all relevance in the Cloud-arena. CloudStack is in Apache Incubation, and OpenStack Essex is already live in Ubuntu 12.04 LTS. Redhat's OpenStack is presumably all KVM-based as it's built on RHEL6. Does it support bare-metal Cloud instances? Granted, this feature is 'beta' on CloudStack, but it is still there to use.
It seems like a desperate play to stay relevant. With Redhat's "virtualization brain trust" posting erroneous and irrelevant FUD while moderating/rejecting all replies, it appears there's a severe lack of strategy outside of "stop all the Xen-based clones with dom0's based on our OSS distribution!" Redhat shot themselves in the foot pushing KVM down people's throats to thwart Oracle and Citrix clones.
As someone that's built Private Clouds, and runs significant amounts of infrastructure, I personally have a hard time caring. None-the-less, I'm checking it out to see if the Swift object storage part is in any way cleaner integrated. If it's just some pre-built, probably back-level RPMs, I'll be highly unimpressed.
Because Facebook's entire code base is compiled down to a single binary executable, the company's deployment process is quite different from what you'd normally expect in a PHP environment. Rossi told me that the binary, which represents the entire Facebook application, is approximately 1.5GB in size. When Facebook updates its code and generates a new build, the new binary has to be pushed to all of the company's servers.
So, yeah, FaceBook compiles to native code!:-)
That's just part of the front-end. They use a lot of Java too which is byte-code. Hadoop/Hive/HBase blah blah blah. IMO: Pig > Hive, node.js > PHP
$500K was only for a portion of the company, like the domain name. The patent portfolio was sold in the 8 figure range to someone else. Digg essentially got divvied up 3 different ways, and people only quote the smaller of the transactions... Anyway, it wasn't worth anywhere near 9 figures, but let's be honest: there's been an valuation bubble going on.
Slashdot Mirror
This guy is just in it for the fame and cash at this point. He wants more paid gigs giving his opinion out, it's easier to get paid having a polarized stance, regardless of accuracy or insight. Hayden is short-sighted, the system he says is meant to "protect America" is a threat to the very fibers of democracy. In a future where every digital fingerprint and trace of all potentially elected leaders is cataloged and kept in NSA databases, there's a very palatable and real end for "democracy" in the not-to-distance future. All elected leaders will be controlled by such an apparatus.
Snowden could have leaked far more damaging details, and to more than journalists. The fact of the matter is, the majority of Americans don't support what the NSA is doing in their name, but the NSA isn't interested in Democracy or American principles in general. They're interested in exploiting any and all information to their gain.
The NSA is the most dangerous Advanced Persistent Threat ever known to mankind.
MapD is a GIS-centric database.
To those at the NSA who are just awakening to the new reality that people are, now and forevermore, going to hate you whether you deserve it or not, I can only say "Welcome to my world. Learn to deal with it. It'll drive you nuts if you don't."
Or they could find honest work that betters society. It's hard to feel sorry for them when you read about how much more they make than the rest of the US.
Morale should be low, "the public" doesn't want them to do what they're doing. They are a threat to democracy. The US has long been a threat to any Democratic Government that doesn't favor it, just read about the "Other 9/11".
The fact of the matter is, they are pawns to non-Democratic interests that do nothing to serve the American People as a whole. They serve big monied interest, mega corporations and conglomerates protecting their entrenched positions and bottom lines. Concepts like "freedom," and "liberty" are merely espoused to make the rank and file feel warm and fuzzy about their unconstitutional work, which is ironically the biggest threat to "freedom" and "liberty" that we face today. Higher ups get corrupted by the power. All the rank and file should know, the moment you expose any sort of inconvenient truth, the full weight and force of the apparatus you served will be turned on you and you yourself can be labelled a "domestic terrorist." Just look at the case of Julia Davis which has open court records that backup such facts.
When you job helps create and maintain a system where ordinary citizens can be assassinated and political discourse controlled in the most un-democratic of manners, you -should- feel bad. But hey, if you're working through a contracting firm, I bet that big tax-payer funded pay check will go a long way to making you feel better.
Anyway, it's hard to believe the NSA isn't adept at finding the sociopaths focused purely on career advancement and power gain that it needs. Maybe I'm wrong, maybe there is some big boogie man we need to be worried about, but if there is, they've done a really bad job of informing the public as to what actual danger, besides inconvenient truths and things that worry big MegaCorp, they are protecting against. Maybe if we didn't focus on fucking with the rest of the world so much people wouldn't want to strike at us.
Dunno about you, but I ain't gonna be excited by AMD's offerings anymore, after what they dished to us on their Bulldozer roll out
For more than a year before Bulldozer came into being they told us that the Bulldozer gonna be revolutionary - they hyped the Bulldozer so much that many forums were filled with people just couldn't wait to get their hands on it
Did you think the same thing about Intel after the Pentium4 too?
For'reals...
Yup...
Donate to Lavabit legal fund
The legal briefs filed so far look like they are about to hand the government its own ass in respect to seizing SSL keys.
The level of abuses - both the spying itself, subsequent known abuses of the data, and countless likely unknown abuses - has already done enough damage to the fabric of the ideal of democracy, that an open and straightforward conversation is not enough. When there are very real threats that people will be tortured to preserve government secrecy about this...
The only straightforward and sensible conversation at this point can be about shutting it down, and how quickly we can shut it down. You cannot have a democracy in this environment where the public is left completely uninformed, the programs are shrouded in secrecy, and any attempt to unravel that secrecy is met with "National Security, go fuck yourself." Snowden was straight on point when he said we building a solution for "turnkey tyranny." Communism to the extreme, or Capitalism to the extreme all lead to totalitarianism with control and power centered in the hands of the very few. Look at Jeff Bezos--whose company is a HUGE government contractor--buying The Washington Post, one of the bigger critics and writing about the Spying State, I'm sure that was pure coincidence, probably a childhood dream to own a newspaper right?
Look at the skill with which the NSA protects their own secrets, do you think they are protecting yours? Surely not, and more to the point, they use those against you. I'm sure there are a lot of good people that would run for office to solve this mess, if only the State didn't record every little detail of a person's life to use against them when they run for political office. Calling America a democracy is a farce, we're given the illusion of choice, there is no real choice anymore. It's all about control, State control, for "make happy benefit of monied interests" as Borat would say.
The President can keep a secret kill list of US Citizens, and execute that kill list with no oversight or transparency, all in the name of Terrorism or National Security. "Nation Security" is a term perverted far what it's actual meaning, all you have to do is "know something" they think you shouldn't know and the President can "arrange for an accident" to happen to you. I'm not worried about "terrorists", I'm worried about my own government assassinating me.
Ask yourself, who gained the most from the events of 9/11? We need to roll all this back. And to the various Analysts parsing this post, do you really think you're doing a moral and ethical job? Do you think you're serving the good of the general citizenry or are you serving deep pockets? Do you really think The People would approve of what and how you're doing what you're doing if they knew all the details?
Not like there is any point in posting this "Anonymously."
I have zero concern putting my skills and capabilities up against any of those people. In fact, I'm hiring. Think you solve problems, on a less-than-government sized budget--I realize this cuts 90% of you guys out--apply within. What I'm hoping it does to my job is maybe give me some semi-reasonable candidates that I might be able to offload some work to, and cut my 80-hours/week down to like 60 with a few new hires.
"I'm not really in a mind to offer help or advice to the people running those scripts, but it might be possible to scan the internet from 255.255.255.255 downwards next time."
Yes, start with all the multicast addresses. That'll work for them! ;)
With the ability to store all communication, all an attacker has to do is exploit one-side of the communication to acquire its private key, at which point they can decrypt the stored comms at their leisure. You should be more concerned about end-point security and vulnerabilities, than holes in the cipher itself.
Having said that, the largest employer of mathematicians in the world may have also figured out how to factor primes efficiently, or at least, pruned the problem space enough to where a couple billion dollars worth of hardware can solve it in a tractable amount of time.
Just for reference, if you look at the summary you'll see that what he's released is that trove... encrypted. The idea is that if he gets arrested, he yells out the passphrase, but until then this might as well be 1.7TiB of /dev/random
If you read the article, you'll see that it gets auto-decrypted if he fails to check in. So if he gets arrested and can't access the failsafe to reset it the timer, it gets released.
Forgive my ignorance, but how did ASLR not stop this?
Because it was on Linux and not Windows?
Anyway, sounds like they weren't running TXT or selinux.
So the guy is lying? Perhaps. Or just exaggerating. But I doubt there isn't more than one data center for this very purpose. The question is what kind of hardware would be necessary to compress all the data live.
Ugh, you just store it compressed with LZO. The bigger challenge isn't storing it, it's storing it securely and secure from inside threats, that's the challenge. The cryptography involved, and technology to operate natively on cipher streams is where the actually interesting stuff is done. Storage alone is trivial.
I doubt they have the storage capacity.
Never heard of Hadoop?
So... Node.js, chalked full of easy ways to leak memory (ie don't change default debug console, or use a crappy gzip library) but the ability to write code that runs/renders either on the server or on the client with the same code and low-level libraries to make the decision of the best place to render--ie render same code on server or client--makes JS on the server-side rather attractive. I run, Operations side, over 1000+ websites on a Node.js farm (talking 200-300 mbit/sec of sustained daily web-traffic), and it scales a lot better than PHP from both a templating side (many similar but different sites with inheritance based properties) and from the performance scaling side.
From a PLT side, yea, JS ain't the best, but it's a defacto web-rendering technology and its use on the server can simplify a lot of things, not to mention that JS in V8 is pretty quick to boot, although it does have heap limitation based around the 32-bit code V8 generates.
I leave comment readers with a wonderful link: This PLT Life
They've been working on a GPS replacement for awhile, I would be surprised if it wasn't already fielded by the military.
Nobody keeps lots of mail there for longer than six months.
In fact, people do. However, corporate email accounts at Google auto-delete email after 180 days because of the 1986 act. There was much grumbling when this came about, and there are exceptions for people with an email "litigation hold", but for everyone else, it's part of normal operation that it's deleted.
That's bullshit. My corporate gmail account goes back years.
There's always Node.js, which scales better for distributed systems.
As an engineer, I know far more than the average person about chemistry, exothermic reactions and weaknesses in bridges. As a sysadmin and AV author, I know quite a lot more about network and computer exploits than the average slashdotter. Does that imply that I deserve my freedom of speech limited because I'm a bomb maker and computer black hat in potentia?
In short: Yes. Gratz on getting watch-listed.
"Should we care?" is what I'm trying to figure out. Redhat has lost almost all relevance in the Cloud-arena. CloudStack is in Apache Incubation, and OpenStack Essex is already live in Ubuntu 12.04 LTS. Redhat's OpenStack is presumably all KVM-based as it's built on RHEL6. Does it support bare-metal Cloud instances? Granted, this feature is 'beta' on CloudStack, but it is still there to use.
It seems like a desperate play to stay relevant. With Redhat's "virtualization brain trust" posting erroneous and irrelevant FUD while moderating/rejecting all replies, it appears there's a severe lack of strategy outside of "stop all the Xen-based clones with dom0's based on our OSS distribution!" Redhat shot themselves in the foot pushing KVM down people's throats to thwart Oracle and Citrix clones.
As someone that's built Private Clouds, and runs significant amounts of infrastructure, I personally have a hard time caring. None-the-less, I'm checking it out to see if the Swift object storage part is in any way cleaner integrated. If it's just some pre-built, probably back-level RPMs, I'll be highly unimpressed.
What about Elon Musk? Who was his "alter ego?"
Just curious, do you know many examples of other such companies, which we would have heard of?
Wal-mart and Google to name a couple.
Do we really care?
What's this FaceBook thing anyway?
Does it compile into native code or P-code?
Fun fact: FaceBook uses HipHop, a tool they developed themselves to convert PHP code to C++, and then compile it to native code.
And the craziest thing is that they compile everything into a single 1.5 GB binary:
So, yeah, FaceBook compiles to native code! :-)
That's just part of the front-end. They use a lot of Java too which is byte-code. Hadoop/Hive/HBase blah blah blah. IMO: Pig > Hive, node.js > PHP
$500K was only for a portion of the company, like the domain name. The patent portfolio was sold in the 8 figure range to someone else. Digg essentially got divvied up 3 different ways, and people only quote the smaller of the transactions... Anyway, it wasn't worth anywhere near 9 figures, but let's be honest: there's been an valuation bubble going on.