Emergency agencies where I live train and use ham radio volunteers to operate communications in their mobile command centers. A ham friend of mine trains with them occasionally. The expectation is the hams will still get through if and when the standard tech fails. They don't deploy hams for normal police actions, but if there's a natural disaster or other emergency, he'll be there.
Once the lawsuits were over and SCO was finally unplugged from the life support lawyers, Darl McBride was leaving the courthouse. Ironically, he slipped on a banana peel on the courthouse steps, and as he fell, he dropped the mantle of 'Litigious Bastards'. Larry was walking by, picked it up, and tried it on. It was still warm and comfy! So he brought it back home, had the tailors in the licensing department do some alterations, and now he's going to put it on as everyday wear, just like Zuckerberg and his hoodies.
"And that, my children, is how the Ghost of Larry Ellison came to haunt the valley. Now, off to bed with you all!"
Only a tiny portion of our readers give. If everyone reading this right now gave $3, we wouldn’t need to fundraise for years to come.
Odd, I seem to remember them promising the same thing last year, too. It seems the Washington Post remembers as well. I guess if the price hasn't changed, they either are woefully underfunded/overbudgeted (discussed in plenty of comments above but I'm assuming not), are drastically miscalculating for inflation, or it's just pure greed.
Given that their income was $82 million and their annual expenses were $66 million, I think don't think they're miscalculating by too much. That's a buffer of only a quarter-year's worth of expenses. And if they invest that excess money in endowments, they'll have a more stable budget and less need for fundraising.
Another way to look at it is that it's providing resources to grow. Now, I don't know what or how they might want to grow, but I do know that it's harder to grow when you've got no money for it.
Last time I heard, Wikipedia had about 200 employees (over 100 technical positions), and that figure may or may not have included people working for the wikimedia foundation. If not, that averages to about $160k each.
You're describing OpSec, which is an incredibly detailed process to perform, and it varies from location to location and tool to tool. It is a tricky thing to get perfectly right every single time, with grave consequences for making a single mistake. Cleaning your tracks takes time and intense concentration, two things often lacking in a hot zone. And as a journalist tasked with capturing event as they unfold, you may not have time to even pick up the right tools for the job before the stuff hits the fan.
Would you be willing to bet the freedom (or life) of your photographic subjects that you could do OpSec perfectly, in real time, every time you took a picture? Or would it be better to have a tool that simplifies and automates the process, allowing you to concentrate on your real job, which is taking pictures of things?
Of course, you can figure that special journalist-encrypted cameras will be viewed the same way police view crowbars as burglar tools. Repressive governments or police will simply consider possession of these cameras to be prima facie evidence that you're a spy, which carries heavy penalties in virtually every jurisdiction. If every camera made comes with default encryption, however, it might help a journalist claim that he's just using the latest and best camera (in reality, it will likely be an added excuse to jail rich tourists in an extortion racket, as well as troublesome journalists.)
The physical separation of the decryption device is important here. The trick is to find a safe haven where you can store the decryption key where it won't be seized. The US likes to play by the Constitutional rules about seizure, but they also like to cooperate with most governments. Does Switzerland still have strict privacy laws governing access to safe deposit boxes? Should you hide them someplace with fewer laws and less enforcement capabilities, (a shoebox in Belize)? Or do you store them someplace that is hostile to wherever you're going (e.g. Russia isn't likely to cooperate with Chinese prosecutors)?
Of course given enough beatings with the rubber hose and you'll do anything to have the keys shipped to anywhere the torturer wants. "I don't care if this is against the rules we set up, and if all the red flags are waving, you mail that key today or I am dead!"
Interference seems to be a big problem with Bluetooth. There are certain intersections in my city where the signal craps out while crossing the street; certain sections of the train and bus routes, and other places where music simply stutters or dies. I assume there's a local point source of interference to blame in each of those areas. I ended up fixing the problem by shelving my collection of Bluetooth headphones and going back to using wired headphones. The sound quality and reliability are far superior, and the wire just isn't a problem. I'm also not careless enough to ever have dropped my phone in water, so that's never been a real issue for me, either.
So while Apple said "everybody just use Bluetooth", it was obvious they never have. I'll be hanging on to my older iPhone for quite a while yet.
So they have an MD5 hash, but don't know what value hashes to it. They have no idea if it's a 10 character '1234567890' password or a 64 character string of random bytes. They also know that it's not a string that Google has already found and cached. The only clue they have to go on is the existing backdoor they found that turns telnet on, which uses 11 random ASCII characters as the secret. But 11 characters are almost out of reach for brute force password testing. If the person who put the backdoor in applied only the same amount of thought to the secret password, that would still be a monster to attack with brute force.
So I disagree that it's a matter of time. I think it's a matter of defeating it in another way, such as having Wireshark running when someone who actually knows the password types it in; or uncovering a wikileaked document that contains the secret backdoor password.
That "5 of 12 were ineffective" carries the flawed implication that the device is filled with magic pixie dust that should somehow be 100% effective. Cell phone signals vary all over the place, by technology, by topography, by carrier, and were never designed to be perfectly interceptable by a man-in-the-middle box. Detecting them properly also requires some skill on the part of the operator. The fact that the machine yielded some signals that were actually intercepted by these techno-rookies is fairly remarkable.
This "story" is batting 0 for 3. Automobile capital expenditures aren't amortized over a single year. Police investigation money isn't invested on a value-per-conviction basis (anyone remember the fiasco that was ticket quotas?). And not all investigative tools produce fruitful results 100% of the time. Given just the evidence in this story, I'd say the Virginia police were more effective with the DRTbox than the typical MuckRock journalist is with a keyboard.
May I recommend a thermostatic mixing valve? It lets you keep your water heater very hot, but delivers the hot water mixed with cold water at the set point of the valve. You can then run a separate pipe from the water heater to appliances that need the very hot water, such as the dishwasher or washing machine. It also delivers more water than a regular water heater set to a safer temperature like 120F, effectively extending the capacity of a water heater by 20% or more.
I wouldn't recommend you plumb the very hot water directly to the tub, as the risk of scalding would be too great.
When I set out to help her make it run faster, I didn't anticipate that it would be that difficult, or take that long. I thought I could just uninstall one or two things and she'd be fine; but the machine was running so badly that each thing I uninstalled was followed by an equally slow reboot in hopes that would fix the problem. The worst offender turned out to be the free McAfee "security" suite. Learning that I needed to download a McAfee Consumer Product Removal Tool, wading through their equally frustrating web site to find and download the damn thing, and actually running it took a surprising amount of time.
I actually thought finding all the the right device drivers for the brand new hardware would be so hard as to not be worth the hassle. I was very wrong.
Lesson learned, though. Next time I'm going to pull the "Geek Squad virus repair" trick and just reformat the drive.
Ever take a Lenovo Windows 8 machine out of the box? The shovelware that encumbers it boggles the mind. It took me three hours to scrape that crap from my sister's brand new machine. Given the performance of the machine before and after, I'd go to court today and testify it was legitimately infected with malware.
Ironically, for that much work at my rates, Office Depot would be undercharging.
I hate when they "type" code sequentially, top to bottom in a single stream. Sure, you might write a stupid simple shell script that way, but not C, C++, or Java.
Heinlein didn't picture a "Service guarantees citizenship" society just to have it whitewashed away by today's PC standards. Any reboot that ignores the societal aspects may as well be filmed by Michael Bay, and just go straight to CGI exploding aliens; it won't be true to the book in any way.
You're entirely missing the point. Sewage comes out of EVERY part of the country. Local micro-refinery stations (not entirely unlike local water treatment generally) could be turning that into a usable product with less effort than paying foreign despots to ship it to you from around the world, obviously.
Unfortunately, today's crude oil refineries are physically big, ugly plants that produce nasty smelling (and toxic) pollution. Boiling liquefied crude is already bad enough; imagine boiling sewage (hint: amplify the smell of a feedlot and picture it traveling about 10 miles along the ground.) Fractionating towers for petroleum are tall, ugly beasts because they need to be; they have to be on a large area, with lots of storage tanks, and they need round the clock lighting and security. Nothing about them is appealing, nobody would let you build one in their back yard. There's a reason nobody's built a new oil refinery in the last 30 years.
I can imagine that an existing refinery could retrofitted to handle the material; but I can't imagine that they could build micro-refineries near cities.
That doesn't make sense. If you can deny it access, what's the problem?
There are legitimate features that apps and devices might be able to offer by using your contact list. A printer could make use of fax numbers or email addresses, for example. If you deny it access to your contacts, it'll still print, but it won't automatically offer to fax documents to your recipients. That's no reason to avoid the printer.
Now, if it grabbed your contacts without asking, that would be a problem.
How are you going to issue a software patch to the pile of rubble on another planet? This is not a situation where you can ship the product without testing and fix it in firmware later!.
It's Agile. The product owner will raise this issue as a priority in the backlog, they'll fix it in this sprint, and it will ship in the next release.
Please don't lump me in with that particular lump.
In this case, they violated Indian laws, so the Indian police are able to arrest and prosecute them. The US just provided assistance in identifying the Indian criminals to the Indian authorities. There's likely zero chance any US victims will be able to sue and recover their funds, which is the only unfortunate part about letting them sit in India. But it's not like they'd get any money if the thieves were rotting in a US jail, anyway.
I'd rather have them rot in an Indian jail, thank you very much. As a taxpayer, I'd be paying to have them rot in an American jail. Let outsourcing save me some money for a change.
On the rare occasion when NoMoRobo* lets a spam call through to my house phone, I make it a point to say no more than the single word "Hello" when answering. Back before "slamming" was regulated, sleazy telemarketers would record the call and edit the right words in their recording:
Victim: Hello? McSleaze: Hi, is this Mister Victim? Victim: Yes. McSleaze: Hi, Mr. Victim, can we change your long distance provider to ScamCo, and charge you double your current rates? Victim: Hell no. [hangup]
They'd submit "your request" to change long distance providers anyway, and rearrange the recording so it sounded like you answered "Yes" to their question.
I don't know if there are any yes/no scams still out there, but if there are, I don't want to enable them. Besides, if it's a robot, I don't want the call anyway.
* NoMoRobo is a totally awesome service that diverts calls from known call center services. My home phone almost never rings from pesky salesmen, charities, or pollsters anymore.
Slashdot Mirror
Emergency agencies where I live train and use ham radio volunteers to operate communications in their mobile command centers. A ham friend of mine trains with them occasionally. The expectation is the hams will still get through if and when the standard tech fails. They don't deploy hams for normal police actions, but if there's a natural disaster or other emergency, he'll be there.
I wouldn't rely on the ignorance of others.
Once the lawsuits were over and SCO was finally unplugged from the life support lawyers, Darl McBride was leaving the courthouse. Ironically, he slipped on a banana peel on the courthouse steps, and as he fell, he dropped the mantle of 'Litigious Bastards'. Larry was walking by, picked it up, and tried it on. It was still warm and comfy! So he brought it back home, had the tailors in the licensing department do some alterations, and now he's going to put it on as everyday wear, just like Zuckerberg and his hoodies.
"And that, my children, is how the Ghost of Larry Ellison came to haunt the valley. Now, off to bed with you all!"
Only a tiny portion of our readers give. If everyone reading this right now gave $3, we wouldn’t need to fundraise for years to come.
Odd, I seem to remember them promising the same thing last year, too. It seems the Washington Post remembers as well. I guess if the price hasn't changed, they either are woefully underfunded/overbudgeted (discussed in plenty of comments above but I'm assuming not), are drastically miscalculating for inflation, or it's just pure greed.
Given that their income was $82 million and their annual expenses were $66 million, I think don't think they're miscalculating by too much. That's a buffer of only a quarter-year's worth of expenses. And if they invest that excess money in endowments, they'll have a more stable budget and less need for fundraising.
Another way to look at it is that it's providing resources to grow. Now, I don't know what or how they might want to grow, but I do know that it's harder to grow when you've got no money for it.
$32M in SALARIES? to who?
Last time I heard, Wikipedia had about 200 employees (over 100 technical positions), and that figure may or may not have included people working for the wikimedia foundation. If not, that averages to about $160k each.
You're describing OpSec, which is an incredibly detailed process to perform, and it varies from location to location and tool to tool. It is a tricky thing to get perfectly right every single time, with grave consequences for making a single mistake. Cleaning your tracks takes time and intense concentration, two things often lacking in a hot zone. And as a journalist tasked with capturing event as they unfold, you may not have time to even pick up the right tools for the job before the stuff hits the fan.
Would you be willing to bet the freedom (or life) of your photographic subjects that you could do OpSec perfectly, in real time, every time you took a picture? Or would it be better to have a tool that simplifies and automates the process, allowing you to concentrate on your real job, which is taking pictures of things?
Of course, you can figure that special journalist-encrypted cameras will be viewed the same way police view crowbars as burglar tools. Repressive governments or police will simply consider possession of these cameras to be prima facie evidence that you're a spy, which carries heavy penalties in virtually every jurisdiction. If every camera made comes with default encryption, however, it might help a journalist claim that he's just using the latest and best camera (in reality, it will likely be an added excuse to jail rich tourists in an extortion racket, as well as troublesome journalists.)
The physical separation of the decryption device is important here. The trick is to find a safe haven where you can store the decryption key where it won't be seized. The US likes to play by the Constitutional rules about seizure, but they also like to cooperate with most governments. Does Switzerland still have strict privacy laws governing access to safe deposit boxes? Should you hide them someplace with fewer laws and less enforcement capabilities, (a shoebox in Belize)? Or do you store them someplace that is hostile to wherever you're going (e.g. Russia isn't likely to cooperate with Chinese prosecutors)?
Of course given enough beatings with the rubber hose and you'll do anything to have the keys shipped to anywhere the torturer wants. "I don't care if this is against the rules we set up, and if all the red flags are waving, you mail that key today or I am dead!"
Put it on a microsd card and shove it up your arse.
I'm pretty sure I can swallow a MicroSD card.
He didn't say which cavities they would search...
Interference seems to be a big problem with Bluetooth. There are certain intersections in my city where the signal craps out while crossing the street; certain sections of the train and bus routes, and other places where music simply stutters or dies. I assume there's a local point source of interference to blame in each of those areas. I ended up fixing the problem by shelving my collection of Bluetooth headphones and going back to using wired headphones. The sound quality and reliability are far superior, and the wire just isn't a problem. I'm also not careless enough to ever have dropped my phone in water, so that's never been a real issue for me, either.
So while Apple said "everybody just use Bluetooth", it was obvious they never have. I'll be hanging on to my older iPhone for quite a while yet.
So they have an MD5 hash, but don't know what value hashes to it. They have no idea if it's a 10 character '1234567890' password or a 64 character string of random bytes. They also know that it's not a string that Google has already found and cached. The only clue they have to go on is the existing backdoor they found that turns telnet on, which uses 11 random ASCII characters as the secret. But 11 characters are almost out of reach for brute force password testing. If the person who put the backdoor in applied only the same amount of thought to the secret password, that would still be a monster to attack with brute force.
So I disagree that it's a matter of time. I think it's a matter of defeating it in another way, such as having Wireshark running when someone who actually knows the password types it in; or uncovering a wikileaked document that contains the secret backdoor password.
That "5 of 12 were ineffective" carries the flawed implication that the device is filled with magic pixie dust that should somehow be 100% effective. Cell phone signals vary all over the place, by technology, by topography, by carrier, and were never designed to be perfectly interceptable by a man-in-the-middle box. Detecting them properly also requires some skill on the part of the operator. The fact that the machine yielded some signals that were actually intercepted by these techno-rookies is fairly remarkable.
This "story" is batting 0 for 3. Automobile capital expenditures aren't amortized over a single year. Police investigation money isn't invested on a value-per-conviction basis (anyone remember the fiasco that was ticket quotas?). And not all investigative tools produce fruitful results 100% of the time. Given just the evidence in this story, I'd say the Virginia police were more effective with the DRTbox than the typical MuckRock journalist is with a keyboard.
May I recommend a thermostatic mixing valve? It lets you keep your water heater very hot, but delivers the hot water mixed with cold water at the set point of the valve. You can then run a separate pipe from the water heater to appliances that need the very hot water, such as the dishwasher or washing machine. It also delivers more water than a regular water heater set to a safer temperature like 120F, effectively extending the capacity of a water heater by 20% or more.
I wouldn't recommend you plumb the very hot water directly to the tub, as the risk of scalding would be too great.
It's also more dangerous in that it could placate the patient for a while, delaying them from actively seeking actual treatment.
When I set out to help her make it run faster, I didn't anticipate that it would be that difficult, or take that long. I thought I could just uninstall one or two things and she'd be fine; but the machine was running so badly that each thing I uninstalled was followed by an equally slow reboot in hopes that would fix the problem. The worst offender turned out to be the free McAfee "security" suite. Learning that I needed to download a McAfee Consumer Product Removal Tool, wading through their equally frustrating web site to find and download the damn thing, and actually running it took a surprising amount of time.
I actually thought finding all the the right device drivers for the brand new hardware would be so hard as to not be worth the hassle. I was very wrong.
Lesson learned, though. Next time I'm going to pull the "Geek Squad virus repair" trick and just reformat the drive.
Ever take a Lenovo Windows 8 machine out of the box? The shovelware that encumbers it boggles the mind. It took me three hours to scrape that crap from my sister's brand new machine. Given the performance of the machine before and after, I'd go to court today and testify it was legitimately infected with malware.
Ironically, for that much work at my rates, Office Depot would be undercharging.
I hate when they "type" code sequentially, top to bottom in a single stream. Sure, you might write a stupid simple shell script that way, but not C, C++, or Java.
Heinlein didn't picture a "Service guarantees citizenship" society just to have it whitewashed away by today's PC standards. Any reboot that ignores the societal aspects may as well be filmed by Michael Bay, and just go straight to CGI exploding aliens; it won't be true to the book in any way.
You're entirely missing the point. Sewage comes out of EVERY part of the country. Local micro-refinery stations (not entirely unlike local water treatment generally) could be turning that into a usable product with less effort than paying foreign despots to ship it to you from around the world, obviously.
Unfortunately, today's crude oil refineries are physically big, ugly plants that produce nasty smelling (and toxic) pollution. Boiling liquefied crude is already bad enough; imagine boiling sewage (hint: amplify the smell of a feedlot and picture it traveling about 10 miles along the ground.) Fractionating towers for petroleum are tall, ugly beasts because they need to be; they have to be on a large area, with lots of storage tanks, and they need round the clock lighting and security. Nothing about them is appealing, nobody would let you build one in their back yard. There's a reason nobody's built a new oil refinery in the last 30 years.
I can imagine that an existing refinery could retrofitted to handle the material; but I can't imagine that they could build micro-refineries near cities.
That doesn't make sense. If you can deny it access, what's the problem?
There are legitimate features that apps and devices might be able to offer by using your contact list. A printer could make use of fax numbers or email addresses, for example. If you deny it access to your contacts, it'll still print, but it won't automatically offer to fax documents to your recipients. That's no reason to avoid the printer.
Now, if it grabbed your contacts without asking, that would be a problem.
This wouldn't have happened if they'd used imperial not metric!
New age hippie liberal airheads.
Naahh, just Europeans.
How are you going to issue a software patch to the pile of rubble on another planet? This is not a situation where you can ship the product without testing and fix it in firmware later!.
It's Agile. The product owner will raise this issue as a priority in the backlog, they'll fix it in this sprint, and it will ship in the next release.
We have police departments contracting services to nearby cities, and even leasing themselves out to a neighboring state. No laws stop them.
Please don't lump me in with that particular lump.
In this case, they violated Indian laws, so the Indian police are able to arrest and prosecute them. The US just provided assistance in identifying the Indian criminals to the Indian authorities. There's likely zero chance any US victims will be able to sue and recover their funds, which is the only unfortunate part about letting them sit in India. But it's not like they'd get any money if the thieves were rotting in a US jail, anyway.
I'd rather have them rot in an Indian jail, thank you very much. As a taxpayer, I'd be paying to have them rot in an American jail. Let outsourcing save me some money for a change.
On the rare occasion when NoMoRobo* lets a spam call through to my house phone, I make it a point to say no more than the single word "Hello" when answering. Back before "slamming" was regulated, sleazy telemarketers would record the call and edit the right words in their recording:
Victim: Hello?
McSleaze: Hi, is this Mister Victim?
Victim: Yes.
McSleaze: Hi, Mr. Victim, can we change your long distance provider to ScamCo, and charge you double your current rates?
Victim: Hell no. [hangup]
They'd submit "your request" to change long distance providers anyway, and rearrange the recording so it sounded like you answered "Yes" to their question.
I don't know if there are any yes/no scams still out there, but if there are, I don't want to enable them. Besides, if it's a robot, I don't want the call anyway.
* NoMoRobo is a totally awesome service that diverts calls from known call center services. My home phone almost never rings from pesky salesmen, charities, or pollsters anymore.
What do you mean? Big Indian or Little Indian?
You, sir, made me laugh so hard I almost sprayed my drink across the table! You have won the internets today. Thank you for playing!