No one's holding a gun to your head, Poindexter. Go ahead and ruin your reputation if you feel its that important to show disrespect to people born into a different background or situation than you.
It has nothing to do with PC--which is just a way to extend "good old fashioned" respect beyond sectarian lines-- because no one is born with a Linux or BSD logo on their skin or written on their birth certificate.
Hopefully you have less of a problem judging people by their character as individuals than you do confusing flesh-and-blood human beings with software.
And the first step in doing that, is something like Tor where an IP address or e-mail address can't be matched to a realworld identity. mailinator and Tor are a powerful combination for normalizing those relationships to an equal footing.
That's precisely why the wealthy are trying so hard to destroy them: It allows democratic discourse, the ability for people to organize anonymously against them and their corrupted interests and greed.
There's more than one way of looking at this. I think its better to have networking that's pseudonymous from top to bottom, using something like onion routing, where addresses are actually cryptographic keys. A person can then associate their address key with other identification, if they choose, and to the extent they choose.
There are a number of reasons why Tor doesn't facilitate this kind of power over one's online identity. One is that Tor users typically look like 'browser session X from exit node Y' and this just inspires services and even P2P users to blacklist your only means of reaching them anonymously. Another is that the anonymity itself is somewhat lacking, between the weak encryption and the tendency toward centralized routing.
Taking architectural cues from AmigaOS and BeOS, its actually pretty attractive. Gobo Linux was another interesting one that should have gotten more attention.
Technically, Qubes is a desktop OS also. However, the hypervisor part of it is also a main UI feature and once a user acclimates to that they still have most of the Linux-isms to deal with.
Slashdot played-up the climate "controversey" in the late 2000s, and now the editors are actually leaning toward denier lunacy. Much as they like to posture about the state of science reporting,/. doesn't "get" science that affects critical issues... only novelties and the stuff that leads to "cool" new products.
This site is angling to be relegated to the unread portion of my RSS reader.
Slashdot played-up the climate "controversey" in the late 2000s, and now the editors are actually leaning toward denier lunacy. Much as they like to posture about the state of science reporting,/. doesn't "get" science that affects critical issues... only novelties and the stuff that leads to "cool" new products.
This site is angling to be relegated to the unread portion of my RSS reader.
Yup, exactly this. This report doesn't lead to any conclusion that we should "dial back the alarm" as the news title suggests. The approval of this submission by slashdot editors shows either bias towards climate change denial, or just a desire for more linkbait, button-pushing articles. Perhaps both.
Slashdot editors consider Rupert Murdoch / News Corp stories to be accpetable for their climate change postings. Also sites like The Register (yeah).
Remember when we used to think that U.S. LEOs still had some sense of ethics and would never actually send child porn to anyone to make a case? Now we know that, at least for a while, the FBI was running the servers. The FBI was responsible for serving up, by all accounts, half the *.onion-based child porn sites in the world.
Is this the first time they crossed this line? Or have they done so before?
Yes, and they also browbeat poor and indigent people (sometimes a hundred times or more) into acts of "terrorism". And they do it within the environs of leftist political movements. Making the population unnecessarily afraid of death/dismemberment from otherwise peaceful political groups is terrorist activism in a class of its own.
Nope, the NSA controlled the servers, it led to an NSA controlled IP address and they have the hackers needed.
Don't be ridiculous. The NSA hackers were probably laughing and pointing at the FBI and snickering about how they were amateurs. Remember the NSA has only gotten caught when they've been betrayed, not because their technical means were discovered.
Uh... why would the FBI care about being caught? They are a domestic, (supposedly) civil police organization, while the NSA are military and international.
Then the police broke down my door because I had set up my wireless router wrong and someone had done something illegal over my connection, and it took me three years to get the charges dropped, and I lost my job and had to file bankruptcy, and I never did get my computer back. And what happened to the government agents who had wrongly prosecuted me? Nothing whatsoever. And what compensation did I get? The court ruled that the government had not violated its rules and therefore I was not owed anything. Have a nice day.
Ah, yes....
Remember all those long-ago Slashdot discussions with one side shouting "Tin-foil hat!" every time possible chilling effects like this were postulated?
Dude, your ID shows that you signed up not much longer after I did (in an era when we told ourselves the old baddies--those twisted, ruthless peronality types--couldn't possibly exist in our groovy postmodern times.
--now--
--here we are!
You're probably on that list for being an opinionated online malcontent.
Then we can buy them from fabs that we trust, and they will have to more explicitly compete on the issue of trust.
There is also some possibility that buyers could inspect the manufacturing processes.
Anomalies in other computational functions are less of a concern, IMHO, because any environment with a mix of CPUs and chipsets should reveal tainted chips at least occassionally. Random number generation is an exception here.
Addressing the non-flesh-and-blood part of your question, two pieces of software could make a big difference if enough people adopt them: The I2P darknet (which uses stronger encryption than Tor, among other advantages), and Qubes OS which provides a large enhancement of security over what you would find in even the most hardened Linux system.
These two things stymie both the "legal" spying that was setup within ISPs and services like Google, and the ability of others to break into your systems and steal/infect stuff.
But what we do know from the Snowden documents is that the NSA can not be trusted to obey the law. Anyone working in cryptography, particularly developing interoperability standards, should categorically reject the participation of any government officials in the standards process.
-jcr
They'll have to be a lot more exclusive than banning actual officials. People will have to be scrutinized for unofficial ties to government as well as to large corporate interests-- let's not forget our "plutonomy" situation: The government today is the errand-boy and enforcer for corporate aristocrats.
So if your new system is different enough yet theoretically computationally equivalent to AES then it will be significantly slower on most chips.
"Most chips" are closed designs and cannot be audited except in a very superficial manner. Many of them are also designed in the US or US-toady countries.
Now, how fast are those open source CPUs?
It seems like the best bet in the near-term, besides switching to some of the more secure open source software, is to have plenty of heterogenaety in our systems including low-level network monitoring.
I was going to make a similar statement. However, the US may be the least trustworthy now because of the distinction of having been verified going nuts on surveillance, and also being the most powerful.
What we have to turn to are nonprofit organizations and open source.
Only encrypted onion routing such as this can provide end-to-end security that does not leave reams of metadata (all of the who / when / where details of our communications) on the NSA's front porch every morning. No carrier can tell you what your addressing or NAT scheme can be, nor interfere with packet delivery in any fashion other than all-on-or-all-off. You even get to decide the number-of-hops vs speed tradeoff for different applications, and your address doubles as the cryptographic key that affirms your identity (only to the others you communicate with).
DNSSEC is a rubric of centralized control that leaves security as much subject to the secret courts and NSA "workarounds" as does PKI over IPv4.
In the 2000s consumers became almost the exact opposite re: warranties as they were in the late 80s/ early 90s when a good warranty seemed to matter as much as any other criteria. I've been trying to buck that trend, but until the last couple years it was almost impossible. When I shop for electronics that have no moving parts and are *not* portable, the warranty has be be at least 3 years and this even includes some moving-parts items like hard drives. My two most recent HDD purchases (and some that I helped friends and clients with) had 5 year warranties.
The thing about insisting on a 'long' warranty is that the price then becomes an aid in finding equipment that is actually more reliable. Among stable brands, the cheaper models in the longer warranty class will tend to be more reliable; A higher confidence level from the manufacturer is often reflected in the lower price. Likewise, the junkier models will get higher price tags in order to be able to cover the higher failure rate. Nowhere is this more obvious than with computers that have options to purchase mfg extended warranties.
Of course, even if the prices are the same, getting equipment with a higher failure rate is still a raw deal because of the cost of downtime, possible data loss, shipping, etc.
No, you're asking us to ignore the actual stakeholders and how they've degraded their own reputations. The establishment has shown it will go after what it wants in an unprincipled and possibly unconstitutional fashion, picking the largest and most reputable vendors to carry out their abuse of trust. This is not paranoia; its precaution.
RdRand is of special concern because subtle tampering can't realistically be detected (nor can good output be verified) with that type of data. It rests entirely on reputation and trust. Virtually any other type of tampering would show up from accidental triggering in heterogenous environments and scientific applications where correct output can be verified.
Slashdot Mirror
No one's holding a gun to your head, Poindexter. Go ahead and ruin your reputation if you feel its that important to show disrespect to people born into a different background or situation than you.
It has nothing to do with PC--which is just a way to extend "good old fashioned" respect beyond sectarian lines-- because no one is born with a Linux or BSD logo on their skin or written on their birth certificate.
Hopefully you have less of a problem judging people by their character as individuals than you do confusing flesh-and-blood human beings with software.
And the first step in doing that, is something like Tor where an IP address or e-mail address can't be matched to a realworld identity. mailinator and Tor are a powerful combination for normalizing those relationships to an equal footing.
That's precisely why the wealthy are trying so hard to destroy them: It allows democratic discourse, the ability for people to organize anonymously against them and their corrupted interests and greed.
There's more than one way of looking at this. I think its better to have networking that's pseudonymous from top to bottom, using something like onion routing, where addresses are actually cryptographic keys. A person can then associate their address key with other identification, if they choose, and to the extent they choose.
There are a number of reasons why Tor doesn't facilitate this kind of power over one's online identity. One is that Tor users typically look like 'browser session X from exit node Y' and this just inspires services and even P2P users to blacklist your only means of reaching them anonymously. Another is that the anonymity itself is somewhat lacking, between the weak encryption and the tendency toward centralized routing.
Yes, it sucks to be virtually anyone other than you.
Taking architectural cues from AmigaOS and BeOS, its actually pretty attractive. Gobo Linux was another interesting one that should have gotten more attention.
Technically, Qubes is a desktop OS also. However, the hypervisor part of it is also a main UI feature and once a user acclimates to that they still have most of the Linux-isms to deal with.
Its great for techies though!
Wikipedia says 12.04 is supported until 2017.
Slashdot played-up the climate "controversey" in the late 2000s, and now the editors are actually leaning toward denier lunacy. Much as they like to posture about the state of science reporting, /. doesn't "get" science that affects critical issues... only novelties and the stuff that leads to "cool" new products.
This site is angling to be relegated to the unread portion of my RSS reader.
Karma, baby.
Slashdot played-up the climate "controversey" in the late 2000s, and now the editors are actually leaning toward denier lunacy. Much as they like to posture about the state of science reporting, /. doesn't "get" science that affects critical issues... only novelties and the stuff that leads to "cool" new products.
This site is angling to be relegated to the unread portion of my RSS reader.
Yup, exactly this. This report doesn't lead to any conclusion that we should "dial back the alarm" as the news title suggests. The approval of this submission by slashdot editors shows either bias towards climate change denial, or just a desire for more linkbait, button-pushing articles. Perhaps both.
Slashdot editors consider Rupert Murdoch / News Corp stories to be accpetable for their climate change postings. Also sites like The Register (yeah).
I'd say its "both".
Thx!
Remember when we used to think that U.S. LEOs still had some sense of ethics and would never actually send child porn to anyone to make a case? Now we know that, at least for a while, the FBI was running the servers. The FBI was responsible for serving up, by all accounts, half the *.onion-based child porn sites in the world.
Is this the first time they crossed this line? Or have they done so before?
Yes, and they also browbeat poor and indigent people (sometimes a hundred times or more) into acts of "terrorism". And they do it within the environs of leftist political movements. Making the population unnecessarily afraid of death/dismemberment from otherwise peaceful political groups is terrorist activism in a class of its own.
Don't be ridiculous. The NSA hackers were probably laughing and pointing at the FBI and snickering about how they were amateurs. Remember the NSA has only gotten caught when they've been betrayed, not because their technical means were discovered.
Uh... why would the FBI care about being caught? They are a domestic, (supposedly) civil police organization, while the NSA are military and international.
Then the police broke down my door because I had set up my wireless router wrong and someone had done something illegal over my connection, and it took me three years to get the charges dropped, and I lost my job and had to file bankruptcy, and I never did get my computer back. And what happened to the government agents who had wrongly prosecuted me? Nothing whatsoever. And what compensation did I get? The court ruled that the government had not violated its rules and therefore I was not owed anything. Have a nice day.
Ah, yes....
Remember all those long-ago Slashdot discussions with one side shouting "Tin-foil hat!" every time possible chilling effects like this were postulated?
Dude, your ID shows that you signed up not much longer after I did (in an era when we told ourselves the old baddies--those twisted, ruthless peronality types--couldn't possibly exist in our groovy postmodern times.
--now--
--here we are!
You're probably on that list for being an opinionated online malcontent.
Good luck to you (and me).
It lists what the FairPhone is about, including this bullet point:
"Open, future-ready design
Open, update, modify and make it yours – now and in the future."
Its an open source design, initially intended for the EU.
http://www.fairphone.com/
They met their minimum orders already and are getting close to selling-out their initial production run. Delivery date is December.
Then we can buy them from fabs that we trust, and they will have to more explicitly compete on the issue of trust.
There is also some possibility that buyers could inspect the manufacturing processes.
Anomalies in other computational functions are less of a concern, IMHO, because any environment with a mix of CPUs and chipsets should reveal tainted chips at least occassionally. Random number generation is an exception here.
Addressing the non-flesh-and-blood part of your question, two pieces of software could make a big difference if enough people adopt them: The I2P darknet (which uses stronger encryption than Tor, among other advantages), and Qubes OS which provides a large enhancement of security over what you would find in even the most hardened Linux system.
These two things stymie both the "legal" spying that was setup within ISPs and services like Google, and the ability of others to break into your systems and steal/infect stuff.
But what we do know from the Snowden documents is that the NSA can not be trusted to obey the law. Anyone working in cryptography, particularly developing interoperability standards, should categorically reject the participation of any government officials in the standards process.
-jcr
They'll have to be a lot more exclusive than banning actual officials. People will have to be scrutinized for unofficial ties to government as well as to large corporate interests-- let's not forget our "plutonomy" situation: The government today is the errand-boy and enforcer for corporate aristocrats.
A reasonable assessment except for one detail:
So if your new system is different enough yet theoretically computationally equivalent to AES then it will be significantly slower on most chips.
"Most chips" are closed designs and cannot be audited except in a very superficial manner. Many of them are also designed in the US or US-toady countries.
Now, how fast are those open source CPUs?
It seems like the best bet in the near-term, besides switching to some of the more secure open source software, is to have plenty of heterogenaety in our systems including low-level network monitoring.
I was going to make a similar statement. However, the US may be the least trustworthy now because of the distinction of having been verified going nuts on surveillance, and also being the most powerful.
What we have to turn to are nonprofit organizations and open source.
Um, no... he's right and its your teachers who neglected to teach you about logical operators and cryptology.
Only encrypted onion routing such as this can provide end-to-end security that does not leave reams of metadata (all of the who / when / where details of our communications) on the NSA's front porch every morning. No carrier can tell you what your addressing or NAT scheme can be, nor interfere with packet delivery in any fashion other than all-on-or-all-off. You even get to decide the number-of-hops vs speed tradeoff for different applications, and your address doubles as the cryptographic key that affirms your identity (only to the others you communicate with).
DNSSEC is a rubric of centralized control that leaves security as much subject to the secret courts and NSA "workarounds" as does PKI over IPv4.
In the 2000s consumers became almost the exact opposite re: warranties as they were in the late 80s/ early 90s when a good warranty seemed to matter as much as any other criteria. I've been trying to buck that trend, but until the last couple years it was almost impossible. When I shop for electronics that have no moving parts and are *not* portable, the warranty has be be at least 3 years and this even includes some moving-parts items like hard drives. My two most recent HDD purchases (and some that I helped friends and clients with) had 5 year warranties.
The thing about insisting on a 'long' warranty is that the price then becomes an aid in finding equipment that is actually more reliable. Among stable brands, the cheaper models in the longer warranty class will tend to be more reliable; A higher confidence level from the manufacturer is often reflected in the lower price. Likewise, the junkier models will get higher price tags in order to be able to cover the higher failure rate. Nowhere is this more obvious than with computers that have options to purchase mfg extended warranties.
Of course, even if the prices are the same, getting equipment with a higher failure rate is still a raw deal because of the cost of downtime, possible data loss, shipping, etc.
Yes, this was an ongoing concern with Qubes for a while, then Xen got a patch to address the problem.
No, you're asking us to ignore the actual stakeholders and how they've degraded their own reputations. The establishment has shown it will go after what it wants in an unprincipled and possibly unconstitutional fashion, picking the largest and most reputable vendors to carry out their abuse of trust. This is not paranoia; its precaution.
RdRand is of special concern because subtle tampering can't realistically be detected (nor can good output be verified) with that type of data. It rests entirely on reputation and trust. Virtually any other type of tampering would show up from accidental triggering in heterogenous environments and scientific applications where correct output can be verified.