You're both right and irrelevant. Some attacks are more probable than others, but that doesn't mean that we should only defend against the probable ones (especially if others are far less likely, but still very possible, and very devastating).
Because we were attacked from the air, does this mean we don't need a navy? Should we abandon defenses against chemical weapons because we haven't ever been attacked with them? It's unrealistic to expect the bad guys to attack us in the ways we expect, hence all the people thinking up nightmare scenarios.
Now, it's fair to ask if missile defense will take away from far more important defenses, but right now, I don't think so. At 8 billion a year, it's peanuts (in the context of the federal budget), and shouldn't detract at all from efforts to beef up other defensive systems. There's also a question of cost-effectiveness, and how real the threat of a ballistic missile strike is, which I will leave to another day.
American law is designed to protect American citizens. There's nothing that says we have to treat foreign terrorists as citizens, or try them in the courts. We can and should make war upon those who make war against us.
I'm no expert, but is this necessarily any more bothersome than normal communications? I mean, it looks like they're just engaging in a standard communication.
To slow down a computer, they'd have to make many many communications at once, and I don't see how that's different from your vanilla DoS attack (except for the fringe computational benefits).
It's disturbing that the FBI tries to do this sort of thing, sure. But that's their *job*. Their job is to track down crooks, by any means the law deems acceptable. I'm no lawyer (or lawyer-wannabe), but that's a huge gray area, and if the difference in making a case (which is your job) lies in getting a piece of evidence, you're going to be willing to go quite far to get it.
This means, by the way, that it's our job to view the FBI's attempts to control surveillance technology with utmost distrust if we want to preserve our freedom.
Well, if you *really* wanted your computer to be secure, you should put a power source and your computer (along with your office), inside a Faraday cage, with no wires going in or out. Last I checked, this will ensure no meaningful leakage. Now, when those gravimetric sniffers come out, we're screwed, since no known method of blocking the propagation of gravity waves exists;-)
There were two taps: one in the Okhotsk Sea (in the Pacific), and one in the Barents Sea (north of Scandinavia). The traitor only gave away the Okhotsk Sea tap.
(source, for those who are interested, is Blind Man's Bluff by Sherry Sontag and Christopher Drew, a truly excellent book about undersea espionage during the Cold War).
You only violate US law if you break into a computer within the United States. Violating foreign law is okay, as long as you're reasonably safe from extradition.
Even better is that the protections for `civil liberties' only apply within the United States (or with respect to American citizens and permanent residents).
You're right. If the FBI had to get a warrant and attach an actual recorder for everybody whose computer they wanted to bug, they'd have to go to a lot of trouble, and that would keep them within reasonable limits. It's when they use computers to enable them to watch a few thousand people at a time from one terminal that we need to get really worried (and it seems like they're definitely trying).
I still think the FBI was wrong in this case, though (granted, I only know what was in the article). I think this is a good, old-fashioned case of police abuse here --- they had a warrant to *search* the computer, not to *tap* it. A search warrant doesn't enable a cop to sabotage somebody else's equipment, or to intercept communications (both apply).
Keeping logs in and of itself is not an invasion of privacy. BUT if you are a public institution, and you know that any John Doe can pop up and demand those logs, what you're doing is enabling massive infringement of user privacy, depending on how specific the logs are (if the logs give which computer accessed what at what time, it only takes some snooping to figure it out -- people fall into regular use patterns).
So to prevent yourself from enabling an invasion of privacy, the best solution would be to keep barebones, informational logs (such as network use statistics).
Hi:
I think it's a mistake to judge the Nixon of 1960 by the Nixon of 1972. Nixon was a fairly good-natured vice president, for all that he was a nasty politician. He didn't become personally bitter and vindictive until 1962, when he was defeated for governor of California (the famous "You won't have Nixon to kick around anymore" quote).
In fact, you can argue that being magnanimous with the White House is precisely the sort of thing that will make a person bitter and cynical in reflection (not to mention having thousands of stoned idiots calling you names on a regular basis).
Forgive me if I'm wrong, but doesn't the concept that the University can keep you from publishing your work go directly contrary to the concept of academic freedom? (indeed, one might argue that the entire reason people work at universities is so that they may publish their work, instead of going to work for some corporation with restrictive IP requirements).
If a university is going to try to profit off of and restrict my work, why the hell would I work at a university instead of a corporation?
Currently an undergrad, but contemplating the future:-)
A point here... freedom of press is not supposed to belong only to accredited journalists (whatever the hell that means). It's not even supposed to belong even to widely recognized journalists. It's supposed to apply to everybody who wants to disseminate information to their fellow citizens (that weird thing called the First Amendment). We tend to overlook that today, to our detriment. Nowhere does the First Amendment create a protected class of citizens. It's intended to empower all citizens, not just those who yak for a living.
I think we all agree that we need saner laws, but I wouldn't exactly hold up the US with its astronomical lawyer fees as an example... even here, the tendency in ANY lawsuit you can win is to settle -- because lawsuits easily drag on for years and years. I think guidelines should be amended for judges to more easily punish lawyers who act like morons.
"Rule number four: no cheating!" -- Merlin, Disney's Sword in the Stone
"The High Contracting Parties solemnly declare in the names of their respective peoples that they condemn recourse to war for the solution of international controversies, and renounce it as an instrument of national policy in their relations with one another." -- Article I, the Kellog-Briand Pact of 1928, outlawing War.
"Section 1. Be it enacted by the General Assembly of the State of Indiana: It has been found that a circular area is to the square on a line equal to the quadrant of the circumference, as the area of an equilateral rectangle is to the square on one side. " -- A bill introduced in Indiana c. 1897
"Your actions are illegal!" -- Anonymous British officer, c. 1776
It doesn't matter now -- what needed to be done here was done (and anybody who wants a copy of the code need only post somewhere and some civic-minded citizen will be happy to give them one, yes?). What does matter is that this case doesn't keep other people from finding the flaws in other software, which I don't think it will. It's a victory -- the flaws in CyberPatrol are obvious, Mattel has a bruising PR problem, and overall, the good guys win.
Well, I think it would be fair to say that the Intelligence community has a bias against American workers losing jobs to foreign companies. It's nice to call things "wrong," but what will happen at the end of the day if we stay away from all things "wrong?" Here's what will happen: American companies will keep on losing contracts, Americans will keep losing jobs, and American citizens will get hurt. Is that "right?" Are we to render ourselves defenseless in the face of aggression because the countermeasures are distasteful, Mr. Chamberlain?
We're not being myopic here, nor are we being xenophobic. Bad things happen to a country when companies from the outside own everything, even if the market is 'free and open.' When the people who own your country live outside of it, they don't care as much about it, somehow. This is bad for the people in your country. Somehow, I would rather the CIA spent its time protecting American jobs rather than trying to read my email.
From the economic standpoint, there's a problem with this; the problem is that when you intervene in the marketplace, you counter the factors which allow the most efficient to prevail. So the question becomes how far you go to balance out the marketplace's other unfair factors (like other nations' intelligence agencies) and how restrained you should be to keep your own companies from leaning on you like a crutch.
I find the idea of protecting our companies from bribes overseas to be a perfectly reasonable compromise between the two. Oh, and by the way, I think that this "usually no-espionage" policy is generally adhered to -- how likely is it that an intelligence official would risk their career to help out a corporation (as opposed to the perceived interests of the country)?
Looks interesting, don't it? It looks like they're individually picking and choosing sites to block (since they aren't blocking porn) or any US newspapers besides the NYT. I wonder how long it'll take our friends across the lake to subcontract to one of our censorware organizations (false positives wouldn't overly concern them, would they?). Maybe when THAT happens, people will finally realize the parallel between censorware and repressive governments.
Who wants to bet that applying "military" methods for data recovery is strictly against the law, so a reformatted hard drive will be considered off-limits? (unless that is, it's not the White House which is being investigated).;-)
I think that Echelon has become synonymous (for many of us) with the NSA's collection systems, and the NSA (as well as the UKUSA group of signalst intelligence agencies) was formed back in the 1940s. Cooperation between American and British codebreakers goes back a bit further -- I don't remember when exactly (for more info, read James Bamford's The Puzzle Palace). However, I think that Echelon as it's mentioned in government circles refers to the collection of signals intelligence by monitoring communications satellites, and that probably dates from the 1970s (when communications satellites went into use).
A nitpick. Nobody doubts that NSA monitors internet traffic, but The Puzzle Palace came out back in 1982, when the internet was not a big deal as far as communications, and so far as I can remember, it doesn't mention internet traffic.
Hey, if anything, this is a major boom for the NSA and us. Now instead of trying to monitor all network traffic in Russia, they just have to read the stuff going into FSB headquarters. Maybe reading all the stuff the Russians do will suck up enough of their resources to make them stop paying attention to America....
It seems like what you're saying is that any program to improve conditions is unacceptable unless it helps everybody at once... that's an anti-progress argument.
In particular, I am highly amused that Mr. Katz has determined that minorities are turned away from such an obviously Aryan, KKK-dominated culture here;-)
Slashdot Mirror
You're both right and irrelevant. Some attacks are more probable than others, but that doesn't mean that we should only defend against the probable ones (especially if others are far less likely, but still very possible, and very devastating).
Because we were attacked from the air, does this mean we don't need a navy? Should we abandon defenses against chemical weapons because we haven't ever been attacked with them? It's unrealistic to expect the bad guys to attack us in the ways we expect, hence all the people thinking up nightmare scenarios.
Now, it's fair to ask if missile defense will take away from far more important defenses, but right now, I don't think so. At 8 billion a year, it's peanuts (in the context of the federal budget), and shouldn't detract at all from efforts to beef up other defensive systems. There's also a question of cost-effectiveness, and how real the threat of a ballistic missile strike is, which I will leave to another day.
American law is designed to protect American citizens. There's nothing that says we have to treat foreign terrorists as citizens, or try them in the courts. We can and should make war upon those who make war against us.
I'm no expert, but is this necessarily any more bothersome than normal communications? I mean, it looks like they're just engaging in a standard communication.
To slow down a computer, they'd have to make many many communications at once, and I don't see how that's different from your vanilla DoS attack (except for the fringe computational benefits).
Ray
It's disturbing that the FBI tries to do this sort of thing, sure. But that's their *job*. Their job is to track down crooks, by any means the law deems acceptable. I'm no lawyer (or lawyer-wannabe), but that's a huge gray area, and if the difference in making a case (which is your job) lies in getting a piece of evidence, you're going to be willing to go quite far to get it.
This means, by the way, that it's our job to view the FBI's attempts to control surveillance technology with utmost distrust if we want to preserve our freedom.
Ray
Well, if you *really* wanted your computer to be secure, you should put a power source and your computer (along with your office), inside a Faraday cage, with no wires going in or out. Last I checked, this will ensure no meaningful leakage. Now, when those gravimetric sniffers come out, we're screwed, since no known method of blocking the propagation of gravity waves exists ;-)
Ray
There were two taps: one in the Okhotsk Sea (in the Pacific), and one in the Barents Sea (north of Scandinavia). The traitor only gave away the Okhotsk Sea tap.
(source, for those who are interested, is Blind Man's Bluff by Sherry Sontag and Christopher Drew, a truly excellent book about undersea espionage during the Cold War).
Ray
You only violate US law if you break into a computer within the United States. Violating foreign law is okay, as long as you're reasonably safe from extradition.
Even better is that the protections for `civil liberties' only apply within the United States (or with respect to American citizens and permanent residents).
Morale of the story: the FBI gets away with it.
You're right. If the FBI had to get a warrant and attach an actual recorder for everybody whose computer they wanted to bug, they'd have to go to a lot of trouble, and that would keep them within reasonable limits. It's when they use computers to enable them to watch a few thousand people at a time from one terminal that we need to get really worried (and it seems like they're definitely trying).
I still think the FBI was wrong in this case, though (granted, I only know what was in the article). I think this is a good, old-fashioned case of police abuse here --- they had a warrant to *search* the computer, not to *tap* it. A search warrant doesn't enable a cop to sabotage somebody else's equipment, or to intercept communications (both apply).
No, they were calling him "Mahdi," which means savior. That sort of thing was in the book. The other name doesn't come up til later, I believe.
Keeping logs in and of itself is not an invasion of privacy. BUT if you are a public institution, and you know that any John Doe can pop up and demand those logs, what you're doing is enabling massive infringement of user privacy, depending on how specific the logs are (if the logs give which computer accessed what at what time, it only takes some snooping to figure it out -- people fall into regular use patterns).
So to prevent yourself from enabling an invasion of privacy, the best solution would be to keep barebones, informational logs (such as network use statistics).
Hi:
I think it's a mistake to judge the Nixon of 1960 by the Nixon of 1972. Nixon was a fairly good-natured vice president, for all that he was a nasty politician. He didn't become personally bitter and vindictive until 1962, when he was defeated for governor of California (the famous "You won't have Nixon to kick around anymore" quote).
In fact, you can argue that being magnanimous with the White House is precisely the sort of thing that will make a person bitter and cynical in reflection (not to mention having thousands of stoned idiots calling you names on a regular basis).
Forgive me if I'm wrong, but doesn't the concept that the University can keep you from publishing your work go directly contrary to the concept of academic freedom? (indeed, one might argue that the entire reason people work at universities is so that they may publish their work, instead of going to work for some corporation with restrictive IP requirements).
:-)
If a university is going to try to profit off of and restrict my work, why the hell would I work at a university instead of a corporation?
Currently an undergrad, but contemplating the future
A point here ... freedom of press is not supposed to belong only to accredited journalists (whatever the hell that means). It's not even supposed to belong even to widely recognized journalists. It's supposed to apply to everybody who wants to disseminate information to their fellow citizens (that weird thing called the First Amendment). We tend to overlook that today, to our detriment. Nowhere does the First Amendment create a protected class of citizens. It's intended to empower all citizens, not just those who yak for a living.
I think we all agree that we need saner laws, but I wouldn't exactly hold up the US with its astronomical lawyer fees as an example ... even here, the tendency in ANY lawsuit you can win is to settle -- because lawsuits easily drag on for years and years. I think guidelines should be amended for judges to more easily punish lawyers who act like morons.
Ray
Some memorable similar sentiments in the past:
"Rule number four: no cheating!"
-- Merlin, Disney's Sword in the Stone
"The High Contracting Parties solemnly declare in the names of their respective peoples that they condemn recourse to war for the solution of international controversies, and renounce it as an instrument of national policy in their relations with one another."
-- Article I, the Kellog-Briand Pact of 1928, outlawing War.
"Section 1. Be it enacted by the General Assembly of the State of Indiana: It has been found that a circular area is to the square on a line equal to the quadrant of the circumference, as the area of an equilateral rectangle is to the square on one side. "
-- A bill introduced in Indiana c. 1897
"Your actions are illegal!"
-- Anonymous British officer, c. 1776
It doesn't matter now -- what needed to be done here was done (and anybody who wants a copy of the code need only post somewhere and some civic-minded citizen will be happy to give them one, yes?). What does matter is that this case doesn't keep other people from finding the flaws in other software, which I don't think it will. It's a victory -- the flaws in CyberPatrol are obvious, Mattel has a bruising PR problem, and overall, the good guys win.
Well, I think it would be fair to say that the Intelligence community has a bias against American workers losing jobs to foreign companies. It's nice to call things "wrong," but what will happen at the end of the day if we stay away from all things "wrong?" Here's what will happen: American companies will keep on losing contracts, Americans will keep losing jobs, and American citizens will get hurt. Is that "right?" Are we to render ourselves defenseless in the face of aggression because the countermeasures are distasteful, Mr. Chamberlain?
;-) Bye!
We're not being myopic here, nor are we being xenophobic. Bad things happen to a country when companies from the outside own everything, even if the market is 'free and open.' When the people who own your country live outside of it, they don't care as much about it, somehow. This is bad for the people in your country. Somehow, I would rather the CIA spent its time protecting American jobs rather than trying to read my email.
From the economic standpoint, there's a problem with this; the problem is that when you intervene in the marketplace, you counter the factors which allow the most efficient to prevail. So the question becomes how far you go to balance out the marketplace's other unfair factors (like other nations' intelligence agencies) and how restrained you should be to keep your own companies from leaning on you like a crutch.
I find the idea of protecting our companies from bribes overseas to be a perfectly reasonable compromise between the two. Oh, and by the way, I think that this "usually no-espionage" policy is generally adhered to -- how likely is it that an intelligence official would risk their career to help out a corporation (as opposed to the perceived interests of the country)?
I've gone on too long
Looks interesting, don't it? It looks like they're individually picking and choosing sites to block (since they aren't blocking porn) or any US newspapers besides the NYT. I wonder how long it'll take our friends across the lake to subcontract to one of our censorware organizations (false positives wouldn't overly concern them, would they?). Maybe when THAT happens, people will finally realize the parallel between censorware and repressive governments.
Who wants to bet that applying "military" methods for data recovery is strictly against the law, so a reformatted hard drive will be considered off-limits? (unless that is, it's not the White House which is being investigated). ;-)
Why was this moderated up? How is a protest against the International Monetary Fund even remotely related to excessive copyright laws?
I think that Echelon has become synonymous (for many of us) with the NSA's collection systems, and the NSA (as well as the UKUSA group of signalst intelligence agencies) was formed back in the 1940s. Cooperation between American and British codebreakers goes back a bit further -- I don't remember when exactly (for more info, read James Bamford's The Puzzle Palace). However, I think that Echelon as it's mentioned in government circles refers to the collection of signals intelligence by monitoring communications satellites, and that probably dates from the 1970s (when communications satellites went into use).
A nitpick. Nobody doubts that NSA monitors internet traffic, but The Puzzle Palace came out back in 1982, when the internet was not a big deal as far as communications, and so far as I can remember, it doesn't mention internet traffic.
Hey, if anything, this is a major boom for the NSA and us. Now instead of trying to monitor all network traffic in Russia, they just have to read the stuff going into FSB headquarters. Maybe reading all the stuff the Russians do will suck up enough of their resources to make them stop paying attention to America ....
It seems like what you're saying is that any program to improve conditions is unacceptable unless it helps everybody at once ... that's an anti-progress argument.
In particular, I am highly amused that Mr. Katz has determined that minorities are turned away from such an obviously Aryan, KKK-dominated culture here ;-)