Nobody is assumed to have knowledge about "every bit of web bullshit". However, everyone in the audience is assumed to know how to look up and comprehend basic information about anything computer or IT related, should they wish. What are you so agitated about?
How do you support yourself and manage to have enough money over for stuff like medical bills (I'm assuming you live in the USA)? And why would someone knowingly choose to live like that? There's a vocal homeless community here in Sweden, and from what little I know it seriously doesn't seem like a fun life at all in most cases.
You only need to make it "prohibitively expensive" to detect? On the other hand, you still need to invent and distribute the steganography software. If the listener knows the stenographic channels then the game is up, yes? On the third hand, maybe you could make a stenographic system that would require analysing so much data that it'd be too expensive to try to detect even if the adversary knew about the stenographic channels? Like hiding it in a protocol that has grotesque traffic volumes (eg., bittorrent)?
Leakage between the exit node and destination host doesn't matter at all if you don't reveal any identifying information over the TOR connection. Which you obviously shouldn't, since it defeats the purpouse.
But how can you move to another country if you live in a place where your family would kill you for it? Don't let your desperation turn to moral nihilism.
Yeah, they're probably just male twenty-thirtysomethings who're in it for excitement, like it seems most every member of a hacking group throughout history. I've studied this a bit, and it's fascinating how similar their behaviour seems to be.
And if they're "internet-based" (eg, accepting members from online) you could infiltrate them. Warrants probably woudn't be as effective, though, since you need the jurisdiction involved to cooperate. And you're basically still relying on the attacker to make a mistake, in practice.
I think it's this that's my basic point, that the entire "game" seems to be played with the attacker's advantage. It seems too easy to "commit the perfect crime", over and over again.
Interesting point, but if we're talking about a small and competent hacker group, they technically wouldn't need "traction" to operate. They'd need motivation, though. Then the question is, what motivates them?
If they're normal human beings they'd stop when the damage of their actions wasn't outweighed by their perception of "greater good"/"the target had it coming".
Attendum: I agree that it's not a good thing that you can get away with evil/bothersome things like carding and vandalism over the net. I'm just saying that it's pretty much impossible to track someone who doesn't wish to be tracked when the only information you have is the IP address of the last proxy in a chain stretching across the globe. That's just the reality of the situation.
The only way to remove that would either be to remove all technical possibility of exploitation and attack from the net, or removing all technical possibility of anonymity.
Okay. If you're so concerned, go track them down then.
Or what do you propose? Warrantless raids/espionage on proxy servers/bots/Tor nodes all over the world? Because that's what it would realistically take to catch "them".
Anonymous has no agenda, because people or groups who are operating under the Anonymous banner do not communicate or coordinate with one another. Sure, the case might prove to be that in reality there's only one small active group that are actually competent and driven enough to pull off "advanced persistent threat" status - but it might as well be any number of people and groups involved. And even then, that group would probably shift, or new groups and people could take up the banner.
Someone could start hacking charities tomorrow and claim to be "Anonymous".
Also, password phrases. Most online stuff allows you to type in whole sentences. This + some substitution with special characters according to some personal mnemonic means pretty much unbreakable passwords. And even if it's overkill in a technical sense, I seem to be able to remember passphrases easier than passwords.
How can something that's just ink, colour and imagination "go way too far"? It's not like anyone's forcing people to see it. Not that I watch a lot of anime, but still.
How would you know? A sufficiently full-featured 0day exploit/rootkit payload could have compromised the system without you ever noticing, exchanging information with the outside world using data steganographically encoded into banner ad traffic at the network driver level. Better break out the kernel debugger.:D
Place the blame where it should be, in the lap of Beatrice Ask. Just read this interview. She's evidently in favor of thoughtcrime; literally, she says that "children and childhood mustn't be offended" when she's asked about why drawn "child pornography" should be illegal. She's also the one who came up with the crazy suggestion that people who visit prostitutes should have mails with brightly-colored envelopes sent home to them, so that they couldn't keep it a secret from their family (or anyone who saw the letter being delivered). Fortunately, this suggestion wasn't well received by anyone else AFAIK.
The stop condition is "when a fucker that fucks someone that ain't fucked over anyone, in a particularly upsetting manner, in recent memory, gets fucked, the fucker fucking this fucker doesn't deserve to be fucked."
I am not a skilled reverser, but I have read about a solution to this problem: waiting out the antivirus sandbox by either doing seemingly harmless things for long enough or burying the malware code inside another executable (code cave, pushing code forwards and recalculating the references, etc.) referencing it from a place in the executable that is guaranteed to execute but after the sandbox timeout. AFAIK no antivirus scans process memory at intervals or otherwise "actively monitors" the memory of processes for malware signatures outside the sandbox virtual machine.
I've read about solutions that monitor the behaviour (API calls, etc.) of processes while they run, working a bit like SELinux in that regard, though.
Because then you couldn't drag/drop several things at a time, or use multi-touch gestures to manipulate the "widget icons". It wouldn't really involve more movement than moving your right hand to the mouse and back.
I'm one of those people who mistype a lot. But still, I think having to type "names of things" is the part that itches for me. If i want to execute a desktop program I click on it's icon in my panel/dock. This is much faster and more convenient than opening a terminal and typing "programname & exit". But if I want to do a task like running a program and then open an instance of a program for every output file I have to open a terminal and type "program1 && for file in *.output123; do program2 $file; done". And one mistype means I have to break execution and fix the typo, sometimes far down the chain, which is annoying.
I suppose you could make a shell that syntax colored what you typed live, but still.
Oh, and obviously one of those widgets would open a terminal on my "main screen" and display output data in text form. If there was some possibility of rapidly constructing regular expressions visually for filtering that'd be nice, but it feels like that would be a task better done from the keyboard (and it's not like you could pre-construct regexps for every possible situation either.)
I was thinking a multitouch screen. I have five fingers one one hand, so assuming a "palette" of "things to do"/basic operations (piping, flow control) on a panel at the edge of the screen I could put five things together at a time. Making simple array/list-like objects would also be intuitive using drag-and-drop. You could perhaps also pipe output to different widget-like objects (meters, graphs) for visualization.
You'd need/want to write shellscripts/wrappers for personalization though, but since that's something that I'd imagine most *nix users already do it wouldn't be that much of an inconvenience.
Slashdot Mirror
Nobody is assumed to have knowledge about "every bit of web bullshit". However, everyone in the audience is assumed to know how to look up and comprehend basic information about anything computer or IT related, should they wish. What are you so agitated about?
How do you support yourself and manage to have enough money over for stuff like medical bills (I'm assuming you live in the USA)? And why would someone knowingly choose to live like that? There's a vocal homeless community here in Sweden, and from what little I know it seriously doesn't seem like a fun life at all in most cases.
You only need to make it "prohibitively expensive" to detect? On the other hand, you still need to invent and distribute the steganography software. If the listener knows the stenographic channels then the game is up, yes?
On the third hand, maybe you could make a stenographic system that would require analysing so much data that it'd be too expensive to try to detect even if the adversary knew about the stenographic channels? Like hiding it in a protocol that has grotesque traffic volumes (eg., bittorrent)?
Leakage between the exit node and destination host doesn't matter at all if you don't reveal any identifying information over the TOR connection. Which you obviously shouldn't, since it defeats the purpouse.
But how can you move to another country if you live in a place where your family would kill you for it? Don't let your desperation turn to moral nihilism.
Yeah, they're probably just male twenty-thirtysomethings who're in it for excitement, like it seems most every member of a hacking group throughout history. I've studied this a bit, and it's fascinating how similar their behaviour seems to be.
And if they're "internet-based" (eg, accepting members from online) you could infiltrate them. Warrants probably woudn't be as effective, though, since you need the jurisdiction involved to cooperate. And you're basically still relying on the attacker to make a mistake, in practice.
I think it's this that's my basic point, that the entire "game" seems to be played with the attacker's advantage. It seems too easy to "commit the perfect crime", over and over again.
Interesting point, but if we're talking about a small and competent hacker group, they technically wouldn't need "traction" to operate. They'd need motivation, though. Then the question is, what motivates them?
If they're normal human beings they'd stop when the damage of their actions wasn't outweighed by their perception of "greater good"/"the target had it coming".
Attendum: I agree that it's not a good thing that you can get away with evil/bothersome things like carding and vandalism over the net. I'm just saying that it's pretty much impossible to track someone who doesn't wish to be tracked when the only information you have is the IP address of the last proxy in a chain stretching across the globe. That's just the reality of the situation.
The only way to remove that would either be to remove all technical possibility of exploitation and attack from the net, or removing all technical possibility of anonymity.
Okay. If you're so concerned, go track them down then.
Or what do you propose? Warrantless raids/espionage on proxy servers/bots/Tor nodes all over the world? Because that's what it would realistically take to catch "them".
Creationist retard?
Anonymous has no agenda, because people or groups who are operating under the Anonymous banner do not communicate or coordinate with one another. Sure, the case might prove to be that in reality there's only one small active group that are actually competent and driven enough to pull off "advanced persistent threat" status - but it might as well be any number of people and groups involved. And even then, that group would probably shift, or new groups and people could take up the banner.
Someone could start hacking charities tomorrow and claim to be "Anonymous".
Also, password phrases. Most online stuff allows you to type in whole sentences. This + some substitution with special characters according to some personal mnemonic means pretty much unbreakable passwords. And even if it's overkill in a technical sense, I seem to be able to remember passphrases easier than passwords.
This is about offline hash cracking, not bruteforcing passwords over a network connection.
How can something that's just ink, colour and imagination "go way too far"? It's not like anyone's forcing people to see it. Not that I watch a lot of anime, but still.
How would you know? A sufficiently full-featured 0day exploit/rootkit payload could have compromised the system without you ever noticing, exchanging information with the outside world using data steganographically encoded into banner ad traffic at the network driver level. Better break out the kernel debugger. :D
Place the blame where it should be, in the lap of Beatrice Ask. Just read this interview. She's evidently in favor of thoughtcrime; literally, she says that "children and childhood mustn't be offended" when she's asked about why drawn "child pornography" should be illegal. She's also the one who came up with the crazy suggestion that people who visit prostitutes should have mails with brightly-colored envelopes sent home to them, so that they couldn't keep it a secret from their family (or anyone who saw the letter being delivered). Fortunately, this suggestion wasn't well received by anyone else AFAIK.
The stop condition is "when a fucker that fucks someone that ain't fucked over anyone, in a particularly upsetting manner, in recent memory, gets fucked, the fucker fucking this fucker doesn't deserve to be fucked."
It's simple. A child could understand it.
I am not a skilled reverser, but I have read about a solution to this problem: waiting out the antivirus sandbox by either doing seemingly harmless things for long enough or burying the malware code inside another executable (code cave, pushing code forwards and recalculating the references, etc.) referencing it from a place in the executable that is guaranteed to execute but after the sandbox timeout. AFAIK no antivirus scans process memory at intervals or otherwise "actively monitors" the memory of processes for malware signatures outside the sandbox virtual machine.
I've read about solutions that monitor the behaviour (API calls, etc.) of processes while they run, working a bit like SELinux in that regard, though.
Google the term "packer".
Because then you couldn't drag/drop several things at a time, or use multi-touch gestures to manipulate the "widget icons". It wouldn't really involve more movement than moving your right hand to the mouse and back.
I'm one of those people who mistype a lot. But still, I think having to type "names of things" is the part that itches for me. If i want to execute a desktop program I click on it's icon in my panel/dock. This is much faster and more convenient than opening a terminal and typing "programname & exit". But if I want to do a task like running a program and then open an instance of a program for every output file I have to open a terminal and type "program1 && for file in *.output123; do program2 $file; done". And one mistype means I have to break execution and fix the typo, sometimes far down the chain, which is annoying.
I suppose you could make a shell that syntax colored what you typed live, but still.
Oh, and obviously one of those widgets would open a terminal on my "main screen" and display output data in text form. If there was some possibility of rapidly constructing regular expressions visually for filtering that'd be nice, but it feels like that would be a task better done from the keyboard (and it's not like you could pre-construct regexps for every possible situation either.)
I was thinking a multitouch screen. I have five fingers one one hand, so assuming a "palette" of "things to do"/basic operations (piping, flow control) on a panel at the edge of the screen I could put five things together at a time. Making simple array/list-like objects would also be intuitive using drag-and-drop. You could perhaps also pipe output to different widget-like objects (meters, graphs) for visualization.
You'd need/want to write shellscripts/wrappers for personalization though, but since that's something that I'd imagine most *nix users already do it wouldn't be that much of an inconvenience.
can't wait for my CPU to get waterbearded
I believe they usually use a towel.
It might make an awesome shellscripting interface combined with a touchscreen, though.