Either the guest editorialist didn't RTFA, or else is just using the occasion to inject their personal views into public sight.
Or else just trolling.
I don't think that is exactly fair--the title and the summary seem perfectly accurate to me (especially given that it's basically a copy and paste from the actual article). The NIMH is indeed distancing itself because if you had read the RTFA, they will not be funding research that targets DSM categories alone any more, which has the potential for a _huge_ impact on thousands of researchers working right now.
I'm guessing any practising attorney probably wouldn't have taken the first Google result and copy pasted it... That being said the consequences of falsification are non-trivial.
The secrecy of the surveillance orders is what actually creates the uncertainty and doubt, and EVERYONE should be fearful of people in power starting to hide behind secrecy, because all the ages of history of mankind have shown that power corrupts.
I don't disagree but enough FUD is coming off the surveillance orders without a bunch of hyper sensitive politically motivated individuals running around adding to it; a well thought out and moderated approach is the only viable answer.
Unfortunately we aren't capable of that in modern history.
While this is horrifying, it's at least a little comfort that there is any rule of law or due process left at all.
Rule of law? It looks like the judges just rubber stamp it.
Yep, from all your exposure and understanding of the topic it definitely looks like they just rubber stamp it.
Yep. You've seen and documented these secret proceedings and came here to tell us all.
You know what is equally destructive to liberties, freedoms and fighting to regain civil rights? Fear, uncertainty, doubt. Conspiracy theorists. Extremist of any wing or any standpoint. America has long since lost it's level headed moderated advocates and instead all we're left is secret surveillance and conspiracies.
That's not how these things work... the video stream is likely analogue and even if it were digital the exact receiving communications equipment has no support for 'malicious code', it likely simply receives and decodes video signals. This isn't CSI or The Matrix--you don't just take a video stream and jam some malicious code in there and have it executed on the workstation viewing the video.
If you believe otherwise please provide me with a reference where this is possible.
I was being facetious--if you knew the origins of the concept of a one time pad I thought that would have been immediately obvious. The main problem with what you are suggesting, aside from lack of message authenticity, is that it would tie one terminal to one drone. You could obviously address this by having a central system responsible for forwarding interactions between operators and the drones but this reduces the effectiveness of the suggested crypto and introduces the point of failure that this article is actually talking about; the drone control terminal.
You have yet to solve this particular problem but don't let practicality get in the way of a good hardware engineers response. Lets not even talk about the cost and difficulty involved of expanding/replacing the key list over time (because eventually key reuse would pose a problem as many of these drones are years old). Realistically a modern key negotiation protocol and cryptosystem would be more than sufficient for this... but again, this is not the actual problem or the situation posed in the article. Someone plugged an infected thumb drive in to the operator terminal; the encrypted control channel used by the drones remains protected.
2. If the control system is run on read-only media, and the part that handles uploads of data to external drives is a separate computer system without a 2 way communication link to the control system, then uploading a virus is by definition impossible as there is no path for such an upload to take.
This is yet another suggestion that throws cost and practicality to the wayside. How do you suggest that mapping data gets to the drone or the operator terminal (since I suspect you didn't actually bother reading the article, uploading of mapping data is the suspected attack vector)? I suppose the operator terminal could run a read only operating system and be replaced with newer versions of the ROM when the mapping data needs updating and even if we ignore the cost of replacing a ROM on potentially hundreds of operator terminals in tens of locations worldwide then we still have a central location to insert a virus: the mapping data server.
3. A hardware filter is a microcontroller or small embedded computer running a separate OS from the main computer that inspects each data packet coming and and leaving and ensures that it meets certain criteria. (such as no strings longer than the allowed buffer size, etc valid checksums, etc)
Yes, I understand the concept, but this is purely an engineers pipe dream and not something you will realistically see in practise in large scale systems like this. The criteria would need to be immensely relaxed to allow for the possibility of software and capability upgrades without physically replacing a device on all several thousand drones they may have in operation.
I'm not saying that your ideas aren't technically feasible but they are very much disconnected from the reality. You may as well have posted and told them to keep them on the ground in a safe suspended above a volcano--they would have about the same use and capability as with the 'upgrades' you have suggested (and still have not addresses the problem of a keylogger on an operator terminal that reveals: W W W A A S D W A S D W)
Uh-huh, so you are claiming these drones broadcast an ANALOG signal, now?
Perhaps you should spend some more time in kindergarden before talking with the grown ups?
Uhhhhh.... No... They have multiple communications channel; one is very low frequency and transmit video signals. One is a higher frequency (higher freq => more data, extremely basic) which is encrypted and has the actual control link. You obviously have absolutely no idea of radio-frequency communication and while not impossible sharing both video and control data on a single communication channel at a frequency that low is highly unlikely.
I don't really know why I picked this one instead of any of the other stupid ones, but this one had a lot of hilarity.
1. A completely secure system for authenticating commands sent from the control system. The only form of encryption that is completely secure is one time pad.
Okay... so they use a one time pad with a human at one end and a mechanical arm on the drone pulling out the pad and lining up the numbers? If only cryptography was this easy we would never have any problems of security anywhere. Everywhere. For the record a one time pad provides no message authentication, which is security failure 101 (the interns you hired could probably tell you, by the way).
2. NO POSSIBLE WAY for someone to load viruses or gain access to the control system!!! That means NO network access to anything but the systems that send and receive signals from the drone!
Uh, okay. Can you implement the method the interns come up for this on every bank in the world? Oh, wait, every computer in the world. Lets just put a stop to these silly little viruses and security problems. Let me know what you come up with; I'm sure the US Military would love to hear the actual method you come up for this.
And one heck of a hardware filter on those information packets!
What on earth is a hardware filter? If this situation even involved something being transmitted over the communications channel then this might even be relevant. Except it's not. Even if it were... what the hell would it do?
While you're solving all these problems can you put some time against world hunger and finance as well please? We really some genius like you over there. I was thinking that to fix America we should:
1. Make sure everyone has enough money to buy anything they want 2. Stop all crime so we dont have to waste money on courts
Err. you really haven't had a look at a map recently. The continent of Australia is geographically located where?
Australia is technically not in Asia... Wikipedia although not the best source agrees. Australasia is the region you're looking at that includes PNG, NZ and Australia.
You can obviously see the confusion, though. I don't know how long the separation between Asia and Australasia has existed but it has been for at least as long as I can remember (but I'm young).
Look at the job breakdowns. The vast majority are not developers--when running an infrastructure as large as theirs, you have a lot of need for auxiliary support staff (i.e. engineers, not software engineers).
They really should try flash heavy sites like YouTube.
I can have my battery life cut in half when using Chrome 10 on YouTube; so much so that I actually have to switch back to Firefox for extended browsing when I'm on the road. It's pretty poor because even if the video has stopped and it becomes an idle page it can still sit at 10-15+% while doing absolutely nothing (so I don't see how they can claim rendering speed is the cause).
The point of this isn't to be more open. The point is to make people think about what the CIA can do with today's technology if they could do that with the technology of yesteryear. Making the enemy overestimate your power is an important principle in deterrence.
Oh shi. I'm sure Mossad saw the revamped CIA website and were like "OH DAMN, IMAGINE WHAT THEY CAN DO NOW. THEIR WEBSITE IS TOTALLY AWESOME. RUN. HIDE YOUR CHILDREN.".
Because foreign intelligence services don't have more reliable ways of determining technology in the field at present time then some guestimation based on 50 year old photos in a flickr album.
No -- Apple are taking it a vote and strongly encouraging their shareholders to vote against it.
If the shareholders vote for it I am sure they will make efforts (slowly most likely) to appease the shareholders. That being said Apple management will know what is best for their company--likely more so then the few hundred thousand shareholders, bar a few key holders--and the reason is as GP suggested.
Succession plans reveal weaknesses in your line-up and create dissent between your top execs and this is a recipe for a falling stock price, which is bad for everyone.
If the screaming child REALLY REALLY wants to pour the detergent in to his mouth do you let him, despite knowing better?
I think he is referring to some easy to find links to screenshots which is obviously of little concern no matter the resolution of those using it. The definition of "full size" he is referring to is more like "doesn't feel like I forgot my telescope in my other pants".
There are a couple here but they look nothing like the marketing material on the main page (and are almost 2 years old).
I agree but we are talking about whistle blowing and the security of government intelligence in general (ala the helicopter video and any thing Assange says he has on his black book if he gets taken down) not just these cables.
It is not a perfect world and the reality is that "don't participate in corrupt activities" is extremely naive. The issue I have is that everyone has a different definition of corrupt activities and leaving it up to the individual to leak classified material on a whim is impracticable.
I don't know how you think that works. One very cautious person considers a highly classified mission to be immoral, and thus leaks details, which the majority considers acceptable. Vigilante justice rarely works.
Slashdot Mirror
In other words, no, it wasn't profiling, it was just plain old political nastiness. "Absolutely incorrect" is the right phrase here.
I've always applauded this logic; quote a comment an official makes that aligns with your views, dismiss the comments they make that don't.
Lerner said the practice was initiated by low-level workers in Cincinnati and was not motivated by political bias
(emphasis mine)
Either the guest editorialist didn't RTFA, or else is just using the occasion to inject their personal views into public sight.
Or else just trolling.
I don't think that is exactly fair--the title and the summary seem perfectly accurate to me (especially given that it's basically a copy and paste from the actual article). The NIMH is indeed distancing itself because if you had read the RTFA, they will not be funding research that targets DSM categories alone any more, which has the potential for a _huge_ impact on thousands of researchers working right now.
A quick Google reveals that this is (verbatim) a standard Internet template for takedowns.
http://www.preservearticles.com/copyright-infringement-takedown-notification-template-preservearticlescom.html
I'm guessing any practising attorney probably wouldn't have taken the first Google result and copy pasted it... That being said the consequences of falsification are non-trivial.
Browsers without AJAX issues are pretty regular...
Since it includes a link to an alternate product that IS informative...
Also, neckbeards is very 4chan; summer is over, go back to school. ;)
The secrecy of the surveillance orders is what actually creates the uncertainty and doubt, and EVERYONE should be fearful of people in power starting to hide behind secrecy, because all the ages of history of mankind have shown that power corrupts.
I don't disagree but enough FUD is coming off the surveillance orders without a bunch of hyper sensitive politically motivated individuals running around adding to it; a well thought out and moderated approach is the only viable answer.
Unfortunately we aren't capable of that in modern history.
While this is horrifying, it's at least a little comfort that there is any rule of law or due process left at all.
Rule of law? It looks like the judges just rubber stamp it.
Yep, from all your exposure and understanding of the topic it definitely looks like they just rubber stamp it.
Yep. You've seen and documented these secret proceedings and came here to tell us all.
You know what is equally destructive to liberties, freedoms and fighting to regain civil rights? Fear, uncertainty, doubt. Conspiracy theorists. Extremist of any wing or any standpoint. America has long since lost it's level headed moderated advocates and instead all we're left is secret surveillance and conspiracies.
I love how your example of 'doing it right' is a one man shop who churns out a couple of lines of code versus a consulting powerhouse like IBM.
Do you really think that the two are comparable? Yes, your way is preferred and providing source is fantastic but the reality is not the same.
Suggested alternative?
That's not how these things work... the video stream is likely analogue and even if it were digital the exact receiving communications equipment has no support for 'malicious code', it likely simply receives and decodes video signals. This isn't CSI or The Matrix--you don't just take a video stream and jam some malicious code in there and have it executed on the workstation viewing the video.
If you believe otherwise please provide me with a reference where this is possible.
A one time pad is a a data file ...
I was being facetious--if you knew the origins of the concept of a one time pad I thought that would have been immediately obvious. The main problem with what you are suggesting, aside from lack of message authenticity, is that it would tie one terminal to one drone. You could obviously address this by having a central system responsible for forwarding interactions between operators and the drones but this reduces the effectiveness of the suggested crypto and introduces the point of failure that this article is actually talking about; the drone control terminal.
You have yet to solve this particular problem but don't let practicality get in the way of a good hardware engineers response. Lets not even talk about the cost and difficulty involved of expanding/replacing the key list over time (because eventually key reuse would pose a problem as many of these drones are years old). Realistically a modern key negotiation protocol and cryptosystem would be more than sufficient for this... but again, this is not the actual problem or the situation posed in the article. Someone plugged an infected thumb drive in to the operator terminal; the encrypted control channel used by the drones remains protected.
2. If the control system is run on read-only media, and the part that handles uploads of data to external drives is a separate computer system without a 2 way communication link to the control system, then uploading a virus is by definition impossible as there is no path for such an upload to take.
This is yet another suggestion that throws cost and practicality to the wayside. How do you suggest that mapping data gets to the drone or the operator terminal (since I suspect you didn't actually bother reading the article, uploading of mapping data is the suspected attack vector)? I suppose the operator terminal could run a read only operating system and be replaced with newer versions of the ROM when the mapping data needs updating and even if we ignore the cost of replacing a ROM on potentially hundreds of operator terminals in tens of locations worldwide then we still have a central location to insert a virus: the mapping data server.
3. A hardware filter is a microcontroller or small embedded computer running a separate OS from the main computer that inspects each data packet coming and and leaving and ensures that it meets certain criteria. (such as no strings longer than the allowed buffer size, etc valid checksums, etc)
Yes, I understand the concept, but this is purely an engineers pipe dream and not something you will realistically see in practise in large scale systems like this. The criteria would need to be immensely relaxed to allow for the possibility of software and capability upgrades without physically replacing a device on all several thousand drones they may have in operation.
I'm not saying that your ideas aren't technically feasible but they are very much disconnected from the reality. You may as well have posted and told them to keep them on the ground in a safe suspended above a volcano--they would have about the same use and capability as with the 'upgrades' you have suggested (and still have not addresses the problem of a keylogger on an operator terminal that reveals: W W W A A S D W A S D W)
Uh-huh, so you are claiming these drones broadcast an ANALOG signal, now?
Perhaps you should spend some more time in kindergarden before talking with the grown ups?
Uhhhhh.... No... They have multiple communications channel; one is very low frequency and transmit video signals. One is a higher frequency (higher freq => more data, extremely basic) which is encrypted and has the actual control link. You obviously have absolutely no idea of radio-frequency communication and while not impossible sharing both video and control data on a single communication channel at a frequency that low is highly unlikely.
I don't really know why I picked this one instead of any of the other stupid ones, but this one had a lot of hilarity.
1. A completely secure system for authenticating commands sent from the control system. The only form of encryption that is completely secure is one time pad.
Okay... so they use a one time pad with a human at one end and a mechanical arm on the drone pulling out the pad and lining up the numbers? If only cryptography was this easy we would never have any problems of security anywhere. Everywhere. For the record a one time pad provides no message authentication, which is security failure 101 (the interns you hired could probably tell you, by the way).
2. NO POSSIBLE WAY for someone to load viruses or gain access to the control system!!! That means NO network access to anything but the systems that send and receive signals from the drone!
Uh, okay. Can you implement the method the interns come up for this on every bank in the world? Oh, wait, every computer in the world. Lets just put a stop to these silly little viruses and security problems. Let me know what you come up with; I'm sure the US Military would love to hear the actual method you come up for this.
And one heck of a hardware filter on those information packets!
What on earth is a hardware filter? If this situation even involved something being transmitted over the communications channel then this might even be relevant. Except it's not. Even if it were... what the hell would it do?
While you're solving all these problems can you put some time against world hunger and finance as well please? We really some genius like you over there. I was thinking that to fix America we should:
1. Make sure everyone has enough money to buy anything they want
2. Stop all crime so we dont have to waste money on courts
What do you think?
Err. you really haven't had a look at a map recently. The continent of Australia is geographically located where?
Australia is technically not in Asia... Wikipedia although not the best source agrees. Australasia is the region you're looking at that includes PNG, NZ and Australia.
You can obviously see the confusion, though. I don't know how long the separation between Asia and Australasia has existed but it has been for at least as long as I can remember (but I'm young).
Is it really an entry if this is their third attempt or did everyone just forget Wave? How about Buzz?
Paranoid tinfoil hat wearers can't come up with conspiracies fast enough to catch up with reality.
True.
They come up with them much faster. Conspiracies are almost always far ahead of their time.
Look at the job breakdowns. The vast majority are not developers--when running an infrastructure as large as theirs, you have a lot of need for auxiliary support staff (i.e. engineers, not software engineers).
until your website can handle the load. And it's not even a busy period.
They really should try flash heavy sites like YouTube.
I can have my battery life cut in half when using Chrome 10 on YouTube; so much so that I actually have to switch back to Firefox for extended browsing when I'm on the road. It's pretty poor because even if the video has stopped and it becomes an idle page it can still sit at 10-15+% while doing absolutely nothing (so I don't see how they can claim rendering speed is the cause).
There's a saying--there's no such thing as a friendly intelligence service.
The point of this isn't to be more open. The point is to make people think about what the CIA can do with today's technology if they could do that with the technology of yesteryear. Making the enemy overestimate your power is an important principle in deterrence.
Oh shi. I'm sure Mossad saw the revamped CIA website and were like "OH DAMN, IMAGINE WHAT THEY CAN DO NOW. THEIR WEBSITE IS TOTALLY AWESOME. RUN. HIDE YOUR CHILDREN.".
Because foreign intelligence services don't have more reliable ways of determining technology in the field at present time then some guestimation based on 50 year old photos in a flickr album.
No -- Apple are taking it a vote and strongly encouraging their shareholders to vote against it.
If the shareholders vote for it I am sure they will make efforts (slowly most likely) to appease the shareholders. That being said Apple management will know what is best for their company--likely more so then the few hundred thousand shareholders, bar a few key holders--and the reason is as GP suggested.
Succession plans reveal weaknesses in your line-up and create dissent between your top execs and this is a recipe for a falling stock price, which is bad for everyone.
If the screaming child REALLY REALLY wants to pour the detergent in to his mouth do you let him, despite knowing better?
Uh?
I think he is referring to some easy to find links to screenshots which is obviously of little concern no matter the resolution of those using it. The definition of "full size" he is referring to is more like "doesn't feel like I forgot my telescope in my other pants".
There are a couple here but they look nothing like the marketing material on the main page (and are almost 2 years old).
I agree but we are talking about whistle blowing and the security of government intelligence in general (ala the helicopter video and any thing Assange says he has on his black book if he gets taken down) not just these cables.
It is not a perfect world and the reality is that "don't participate in corrupt activities" is extremely naive. The issue I have is that everyone has a different definition of corrupt activities and leaving it up to the individual to leak classified material on a whim is impracticable.
I don't know how you think that works. One very cautious person considers a highly classified mission to be immoral, and thus leaks details, which the majority considers acceptable. Vigilante justice rarely works.