And 20 years later when the patent expires and no one wants a functioning, researched, unencumbered technology? How does your conspiracy handle that scenario?
Some do want encumbered tech -- it allows profit.
Consider Tesla's home storage battery. It is small dense and profitable for Tesla. It allows of peak slurping and off peak time delivery to the auto, home or grid.
However there are some quite old and well tested iron chemistry batteries. They are environmentally safer and can be disposed of in common land fills. They are heavy as all heck but once installed need never be moved. They can be installed in man hole covered cylindrical or other vaults in driveways or under front lawns. Yes, below the frost line in the north if need be. They endure deep charge-discharge cycles for decades and have a life beyond 20 years.
On the modern side technology allows power control for grid control, charge and use and even easy conversion to AC if needed.
CO is usable and can be 'burned' which results in CO2 (oxidation.)
Yes and in fact it (CO) is explosive and poisonous. Converting to a more portable and safer fuel would be a good idea.
Carbon monoxide is the key reactant in reducing iron and other metallic ore to metal. This could move some smelting and refining to a locations in the sunny south west and sub saharan Africa. Specialty smelting and recycling comes to mind as an early adopter.
Rather than wait until someone notices a large margin of error, why not install immobile beacons in key locations that constantly monitor their locations and report back any differences?
With regional to local corrections accuracy to 10cm is almost easy. A number of auto GPS devices have an additional receiver for exactly this.
Surveyors can gather high quality data with the assistance of a recording stationary receiver (one or more) and post process measurements made by the moving instrument.
Australia is moving about 2 nanometers per second. Fingernails grow at a rate of about 1 nanometer per second. So Australia is moving pretty fast.
Yes but the truth is that Australia is not moving. All the other land masses are moving! And if I recall one of the sea level references that "proves" sea level is rising is in Australia. It is possible assuming this observation is true that the sea level is constant and Australia is sinking. But since sea level is rising along with the number political solutions to extract carbon taxes I want to know more.
More data please. It is obvious that India and Asia are colliding and crashing into each other but some of the oldest land masses known are in Australia and it makes sense to me that the 0,0,0 datum reference should be in Australia.
"If a shooter is holed up and alone, can they be qualified as an imminent threat to life?"
In this case, definitely yes. Obviously a blanket judgement cannot be made for all cases. Each situation is entirely different.
We need to more clear about why "definitely" yes applies. One report was that he had hidden IEDs in public and near public places that he could control via cell phone or otherwise remotely. That assertion seems to have no truth behind it and waiting and watching for days if need be might have been possible.
RF jammers and cell phone jammers are easy to build.
A drone with a bomb is an escalation. I do not want to see this type of judge, jury, executioner type of murder repeated.
I fear we have imported training, tactics and weapons from foreign war zones and are deploying them via policy that is external to and absent in the law. Extralegal vengeance is an evil we do not want to allow.
I fail to see how any 'ecryption' matters when Facebook is spying on everything you do, both on an off Facebook.
If it is Facebook (singular) you are in a better perhaps more secure space. Unencrypted anyone near or far that can tap into the stream could read it.
Even if FB archived messages and kept them behind a "legal" wall there should be an audit trail to show abuse when abuse happened.
I fear the naive structures put in place today by honest well intentioned individuals. Should that individual retire, change companies or be promoted there is no mechanism to guarantee another honest replacement.
To pick on one chain of authority. Google reminded me and would let you find my source: "While it's true that no one is perfect, the seven corrupt popes below were exceptionally unholy: "Pope Clement VII (Pope from 1523 to 1534)... "Pope Leo X (1513 to 1521)... "Pope Julius II (1503 to 1513)... "Pope Alexander VI (1492 to 1503) "Pope Benedict IX (1032 and 1048)... "Pope John XII (955 to 964)... "Pope Stephen VI (896 to 897)"
There is no such thing as keys that would decrypt "all data on the internet", which hopefully everyone here already knows. Empty, dead, pointless parody of law. The war on encryption is doomed to fail
You know, a major property of the security of a password is the fact that it's something you know. If you write it down, it's something you have.
Except for the fact that with the various rules for passwords that differ from site to site, I have over 100 passwords that often need to be changed every quarter. Am I supposed to memorize all of those? This is a key failure of the current paradigm.
Why yes.. you are supposed to recall them all. Any individual with over 100 passwords is in an interesting position. The 100 passwords are likely enabling access to a long list of data and your employers need to have a policy to sustain this data. One policy is "keys" need to be shared with management. But if sharing is tacitly illegal management has a problem. N.B. Rightly so there are managers with no permission to access data that their employees have access to. So these managers need to manage differently. They also need to verify that the alternate access works.
Like backup procedures. Failure to test (backup procedures) is folly.
There are some solutions that when expressed as policy might work but the law and technology can entangle things in ways that F. Kafka and Joseph Heller could not have imagined.
Even as a US Citizen it is fucking absurd. I had one flight into Boston that took longer to get through immigration that flight itself - AS A US CITIZEN!
My wife never wants to come back. I don't blame her. It's a straight up humiliating process.
I think I have dozens of active online accounts. Some are vendor product forums. Some like/. are whimsy. Some are to read the news. Some for music. Some are.......
The wrinkle in all of this is that an on-line ID takes 30 seconds to generate and no connection to a new connection would be used by a serious criminal, murderer or activist.
Given the power of metadata this seems silly, foolish and ill conceived as presented. A contact ID sure but online presence is a blind and foolish reach and electronic contacts are the norm for interacting with airlines, hotels and more.
I smell layers of beureaucracy hunting for more data for bigger and larger data farms. i.e. project and department feather bedding.
The officials made a policy decision. Case and investigation seems closed if this is true.
"State Department officials by e-mail because spam filters were blocking their messages. To fix the problem, State Department IT turned the filters off "
We can quibble about document classification but classification is a result of policy and the use or non use of a department mail server is also policy.
If those that make policy change it one way or another one place or another and even if that policy was modified by HC herself the investigation is going to find a dead end at Kafka's tombstone.
My Senator is Feinstein, one of the two authors. She is the enemy of security and privacy and has been for a long time. On top of that, she doesn't give a damn what her constituents think so trying to convince her something is a bad idea is futile. Her reply to people, such as myself, who spoke to her about SOPA was downright condescending and rude. I keep trying to vote the *ahem* out but, I keep getting outvoted.
She is suffering from PTSD. Too close to the murder of Harvey Milk.
This discussion note (it is not a bill) ignores the reality that congress mandates encryption in all manner of activities. The top two are banking and healthcare.
Her note would mandate that the maker of the device be able to decypher... this would outlaw most modern disk drives that commerce lives on. This would outlaw encryption in media players that protects content. This would outlaw WPA on all routers. This would outlaw the hardware that is currently used to secure NATO communications.
Consider that it also outlaws paper. Paper can be used to encrypt messages (see Playfair) thus all makers of paper products must submit and decrypt messages sent via paper. And we may not be teaching cursive writing... that may count as encryption too.
She (Feinstein) has no clue.... A kind person would call it PTSD and allow her to retire to a federal funded mental health facility and eat green jello.
Don't see any serial numbers on the coins in my pocket. Even the bills just go into a pile of other bills usually when I buy something and I think the stores would be very resistant to scanning everything.
Have you ever seen a cash counting machine? Fast and bank models have counterfeit detection tricks built in. The hardware in Nevada Casinos for counting cash is serious stuff. The room that counts the 'uncounted' is astoundingly well secured and audited. Once counted insurance kicks in and normal locks are fine enough.
Serial number tracking inside a casino is not beyond modern tech. Link cash windows cameras with cash readers and Bob's your real Whale or is he a card counter.
Why would the travelers in question be unable or unwilling to show ID?
If it was the traveler buying the phone. Companies do it for their employees. Famous people worry about foolishness at hotels and public venues where a lost personal phone is a hassle. Trade show groups sometimes buy a bucket of phones. Consider a multi billion buyout negotiation where the front men exchange prepaid phones for the 'famous' members of the board. Consider all the FBI agents involved in the litigation with Apple. Do you think they are willing to have their metadata tied to their personal ID for fear that an agent call the judge off the court record.
If you use a debit/credit card, the transaction can always be linked to you... no need for an ID.
All cash has serial numbers don't ya know. First bank readers to discover counterfeit quicker. Then ATM readers to track dispensing. Then point of sale readers even on vending machines.
The bill is going to be useless unless the used phone market is eliminated.
Not just used phones but battered women shelters.
Also travelers... If I was traveling to various parts of the world I would take a prepaid phone and not risk getting hacked. Companies do this for some of their employees.
Let's get real though: How are you going to stop an ignorant person like an orderly or doctor from doing really stupid things 0.1% of the time?
...
Getting real is spot on. An orderly or doctor will from time to time will do stupid stuff. It takes much less than you're 0.1% stupidity rate for this to be an issue.
System need to be patched. Systems need strong capability models such that no orderly, doctor, nurse or patient has sufficient capability to cause harm.
Consider the national security issue of an unpatched flaw known to one or more TLA but kept secret because it is seen as a bit of power. The reality it is first hand knowledge of a domestic vulnerability that needs prompt attention. Those with blinders only looking out (like management) fail to have the intellect to see the risk from the outside in without getting smacked alongside the head with a thick phone book. Once educated, selfishness, malice and malfeasance come to play.
The Maginot Line intended to protect France failed for much the same cognitive reason that a chicken will fail to walk around a short fence when there is food immediately on the opposite side. See: "Cognitive Psychology and Implications" By John R. Anderson
The reality is a chicken is so focused on the food directly in front of it that they will not be able see that walking around the short fence is an option.
Managers often rise to power by will of force and single mindedness in the attainment of goals. The efficiency of such single minded goal oriented cognition gets rewarded with a promotion. Ultimately inventiveness and thinking around the fence and out of the box is required and the department, company or nation fails.
See also: "Kohler's first experiments (1925), he presented the following detour problems to a young child, a dog and a chicken (Figure 2-19). A fence... fence, and something they wanted was placed at position G on the other side — within sight but out of reach."
I like to leave my phone plugged in, next to me on my desk,....
OK this is almost silly. An old phone connected via WiFi only will let you see Weather, messages from Mom and listen to cached cloud music. Buildings have such terrible cell reception that WiFi is nearly required.
At no time should a company allow portable devices to connect to a network with company data or resources. Employees want to be connected so establish a non production network hobble the bandwidth as needed to something like 10/100 max. Sure, require a password that is changed sort of often post it in the breakroom.
Block a lot of sites or white list a short set.
Now your old LED phone has value and your new OLED phone will not burn so quickly.
I have ZERO sympathy for insecure IT systems. I also have ZERO sympathy for "victims" of scams. If you're stupid enough to leave your shit wide open, or Western Union money to Albania, that's on you. It should be perfectly legal to take advantage of stupid people. Consider it a learning experience.
No bring in the FBI and have the FBI compel a solution.
While I have little sympathy for bad management there is a lesson here that cyber crimes are a reality and each device that touches a network will be attacked.
A hack on a hospital could cause numerous fatalities from the NICU, to the ICU to surgery centers to failure of autoclaves, refrigeration, AC, loss or corruption of data needed to track blood and other medications and people.
Some worry about the IoT where folk worry about the NEST thermostat invasion of privacy. Hospitals are more integrated and automated than the average person knows. Robots deliver drugs upstairs and down. Drug metering systems are networked and administer pain medications within narrow limits.
In one context this is a crime and law enforcement thinks they have a say in this. The reality is law enforcement has little reach to deal with the international criminals and international borders for things like this.
The FBI in San Bernardino is feathering their own nest and ignoring the international risk of their writ at the same time that they wish to react to the international terror risks.
Back to stupid hospital folk. We need to train management at all levels so they make good decisions. Cost is a factor but a lot spent badly is less secure than a little spent well. Ignorance is not an option.
There are some absolutely necessary and needed components: audit, router and firewall tech. To some degree this is a different class of tech than most consider as needed for a server farm.
In a capability based deployment design some of the risks and attacks can be compartmentalized and squashed. A single level breach would be limited and with good design manageable and near worthless.
I wondered why Facebook went public on their rack level router project. https://code.facebook.com/post... Such projects do not exist in a vacuum. Cost or risks drive a software company to build hardware (or too much money).
It is no longer sufficient to have a hard candy outside and a soft gooey center security model. It is the novice system engineer that does not understand the risks of monoculture and the lessons learned by the virus attack on the American chestnut trees. In house systems are often monoculture box canyons.
Any and all the layers need attention in today's hostile networking context. N.B.
The FBI added two Syrian hackers to its most-wanted list for cybercriminals, charging them with attacking
dozens of U.S. companies, media organizations, and even the White House. and
I might note that the FBI wants to diminish security on a very common device. Hmmm....
DCMA... Not as interesting solution as patching the vulnerability shortly after this phone gets hacked.
It appears to me that as an Israeli company they are far enough from US law that they could be a vent for a secret NSA/CIA method and secret. They are also far enough to make it hard for a US court to compel them to act.
The $15,000 price tag seems low for anything involving software. Might be OK for a hardware hack that begins with a slurp of the data from the RAM. As a qualified forensic service, data retention seems to be a necessary first step.
For the US DOJ an Israeli company is close to a friendly safe harbor as there might be out there. It may also be a safe outlet for Apple and the business of other legally compelled services. They could deny further requests on older hardware because a service company has surfaced. i.e. We charge $150,000.00 per device and did you know that another $15,000.00 service exists.
How many digits to use depends on the application. For a satellite trajectory the 15th decimal is OK, but if you want to make a sharp mirror the precision in the calculation have to be higher.
Because of floating point format limits mostly NASA would use PI thus
#include math.h Something like...
It is rare that more digits are used. The troubles are in transcendental functions computed as series (Taylor) in math.a/math.so and friends. There is a lot of work on this but has little to do with PI in the details.
Slashdot Mirror
And 20 years later when the patent expires and no one wants a functioning, researched, unencumbered technology? How does your conspiracy handle that scenario?
Some do want encumbered tech -- it allows profit.
Consider Tesla's home storage battery.
It is small dense and profitable for Tesla. It allows of peak slurping
and off peak time delivery to the auto, home or grid.
However there are some quite old and well tested iron chemistry batteries.
They are environmentally safer and can be disposed of in common land fills.
They are heavy as all heck but once installed need never be moved.
They can be installed in man hole covered cylindrical or other vaults in driveways
or under front lawns. Yes, below the frost line in the north if need be.
They endure deep charge-discharge cycles for decades and have a life beyond 20 years.
On the modern side technology allows power control for grid control, charge and use and even
easy conversion to AC if needed.
CO is usable and can be 'burned' which results in CO2 (oxidation.)
Yes and in fact it (CO) is explosive and poisonous.
Converting to a more portable and safer fuel would be a good idea.
Carbon monoxide is the key reactant in reducing iron and other metallic ore to metal.
This could move some smelting and refining to a locations in the sunny south west
and sub saharan Africa.
Specialty smelting and recycling comes to mind as an early adopter.
Rather than wait until someone notices a large margin of error, why not install immobile beacons in key locations that constantly monitor their locations and report back any differences?
They do.
http://www.navipedia.net/index...
https://en.wikipedia.org/wiki/...
http://www.trimble.com/gps_tut...
https://www.ngs.noaa.gov/CORS/
With regional to local corrections accuracy to 10cm is almost easy.
A number of auto GPS devices have an additional receiver for exactly this.
Surveyors can gather high quality data with the assistance of a recording
stationary receiver (one or more) and post process measurements made
by the moving instrument.
Follow the links to Augmentation https://en.wikipedia.org/wiki/...
Of interest three linked devices on the distal wings of aircraft allow some cool data...
Australia is moving about 2 nanometers per second. Fingernails grow at a rate of about 1 nanometer per second. So Australia is moving pretty fast.
Yes but the truth is that Australia is not moving. All the other land masses are moving!
And if I recall one of the sea level references that "proves" sea level is rising is in Australia.
It is possible assuming this observation is true that the sea level is constant and Australia is sinking.
But since sea level is rising along with the number political solutions to extract carbon taxes I want to know
more.
More data please. It is obvious that India and Asia are colliding and crashing into each other but
some of the oldest land masses known are in Australia and it makes sense to me that the 0,0,0 datum
reference should be in Australia.
"If a shooter is holed up and alone, can they be qualified as an imminent threat to life?"
In this case, definitely yes. Obviously a blanket judgement cannot be made for all cases. Each situation is entirely different.
We need to more clear about why "definitely" yes applies.
One report was that he had hidden IEDs in public and near public places
that he could control via cell phone or otherwise remotely. That assertion
seems to have no truth behind it and waiting and watching for days if need be
might have been possible.
RF jammers and cell phone jammers are easy to build.
A drone with a bomb is an escalation. I do not want to see this
type of judge, jury, executioner type of murder repeated.
I fear we have imported training, tactics and weapons from foreign
war zones and are deploying them via policy that is external to
and absent in the law. Extralegal vengeance is an evil we do not
want to allow.
I fail to see how any 'ecryption' matters when Facebook is spying on everything you do, both on an off Facebook.
If it is Facebook (singular) you are in a better perhaps more secure space.
Unencrypted anyone near or far that can tap into the stream could read it.
Even if FB archived messages and kept them behind a "legal" wall there
should be an audit trail to show abuse when abuse happened.
I fear the naive structures put in place today by honest well intentioned
individuals. Should that individual retire, change companies or be promoted
there is no mechanism to guarantee another honest replacement.
To pick on one chain of authority. ... ... ... ... ...
Google reminded me and would let you find my source:
"While it's true that no one is perfect, the seven corrupt popes below were exceptionally unholy:
"Pope Clement VII (Pope from 1523 to 1534)
"Pope Leo X (1513 to 1521)
"Pope Julius II (1503 to 1513)
"Pope Alexander VI (1492 to 1503)
"Pope Benedict IX (1032 and 1048)
"Pope John XII (955 to 964)
"Pope Stephen VI (896 to 897)"
There is no such thing as keys that would decrypt "all data on the internet", which hopefully everyone here already knows. Empty, dead, pointless parody of law. The war on encryption is doomed to fail
Are you sure?:
0000000 90e4 781a 3c0a f245 1c28 4910 6394 1c84
0000020 8ce8 da59 fffe 5993 4499 19c6 5e3e 405f
0000040 c2d8 83bf f249 e9be 3b4a 68d3 2355 b2ce
0000060 4a6e 17a4 b1d7 92a7 0503 0e1e 1c22 6215
0000100 7709 e0ea 5b76 382a e59f 4a00 d9fd 0e85
0000120 41e1 9080 7f36 01c4 449f b7c4 b31e 2f38
0000140 953a a04f f4df 3f7b b47f 4097 5a88 7339
0000160 d83a a41f 9d5b 9007 01f4 bff0 a1ed 22e6
0000200 85a3 d75f 35a5 cfdb 37ed 9c51 1d48 b6d7
0000220 bfd5 f9e4 b931 d71f 728c 0b9f b71c 84d9
0000240 d798 0397 3793 4faf b727 b0a7 3b2d e9d3
0000260 ff88 21ec ba57 072d 3e10 37f1 fbc2 43d4
0000300 6c31 122e b22f 403c 247e eb7f 9a4e 1c2b
0000320 0b77 1b31 dcb4 354d f363 d573 205a 2d1f
0000340 e09c 0977 4578 0037 79ee ead1 9ec6 65ef
0000360 4912 8127 fff8 2cf7 6d96 76db 5c7c e582
0000400 4ee4 7be0 521f e9a4 d6de d146 7440 7c2f
0000420 1466 d267 658e a8d0 d1c0 d5dd 34ec 56b7
0000440 3039 8d5a e1f1 9f0e a456 6e32 ef2c 043e
0000460 4bde 36f5 b78c fbc8 e42d e4e1 2bda 5a1d
0000500 751c e017 2573 7371 b2c3 4d5a d724 7254
0000520 e4c7 e22b 21ce 071f efe5 d644 cab0 4a5f
0000540 8e3f 150a 54e0 fa6c d7ce f430 a733 9390
0000560 a999 4e80 aabd 746c ad75 1e4c 76c0 05cf
0000600 6559 9dcb 233c b5a7 9e8e 1e43 8dbf 818f
0000620 bf97 934d 097e 2942 261f 4440 41ee 0057
0000640 018d c2bc f50a 8b7a 5575 7e8a ff6b 9bec
0000660 a23d e045 a3c5 0606 80d3 e93c 8046 554c
0000700 5c5d d729 1245 4a3e 8dda e8b6 422b a5cf
0000720 4b05 31b0 63aa ff3c 54f9 2025 b1e7 d05a
0000740 0f8b 913f 7d7a f9a1 0f2a 1ff1 466b ce0f
0000760 9b8f b86c bd15 3157 a406 e096 72ff 157c
You know, a major property of the security of a password is the fact that it's something you know. If you write it down, it's something you have.
Except for the fact that with the various rules for passwords that differ from site to site, I have over 100 passwords that often need to be changed every quarter. Am I supposed to memorize all of those? This is a key failure of the current paradigm.
Why yes.. you are supposed to recall them all.
Any individual with over 100 passwords is in an interesting position.
The 100 passwords are likely enabling access to a long list of data and your employers need to have
a policy to sustain this data. One policy is "keys" need to be shared with management. But if sharing
is tacitly illegal management has a problem. N.B. Rightly so there are managers with no permission to access
data that their employees have access to. So these managers need to manage differently. They also need
to verify that the alternate access works.
Like backup procedures. Failure to test (backup procedures) is folly.
There are some solutions that when expressed as policy might work but the law and technology can
entangle things in ways that F. Kafka and Joseph Heller could not have imagined.
If you have 100 customers it gets interesting.
Modern Day Shakedown.
Even as a US Citizen it is fucking absurd. I had one flight into Boston that took longer to get through immigration that flight itself - AS A US CITIZEN!
My wife never wants to come back. I don't blame her. It's a straight up humiliating process.
I think I have dozens of active online accounts. /. are whimsy.
Some are vendor product forums.
Some like
Some are to read the news.
Some for music.
Some are.......
The wrinkle in all of this is that an on-line ID takes 30 seconds to generate
and no connection to a new connection would be used by a serious criminal,
murderer or activist.
Given the power of metadata this seems silly, foolish and ill conceived as presented.
A contact ID sure but online presence is a blind and foolish reach and electronic
contacts are the norm for interacting with airlines, hotels and more.
I smell layers of beureaucracy hunting for more data for bigger and larger data farms.
i.e. project and department feather bedding.
I have seen such cameras (hair thin fibre optic connected) before; in use by security services of various nations.
What is most interesting is the construction via 3D printing, making it available to anyone.
Me, I want to see some images.
It is also true that a collection of terrible images of the same scene can be assembled into
improved images.
The optical fiber can allow data to flow through faraday cages at high rates.
The officials made a policy decision.
Case and investigation seems closed if this is true.
"State Department officials by e-mail because spam filters were blocking their messages. To fix the problem, State Department IT turned the filters off "
We can quibble about document classification but classification is a result of policy
and the use or non use of a department mail server is also policy.
If those that make policy change it one way or another one place or another and even if that
policy was modified by HC herself the investigation is going to find a dead end at Kafka's
tombstone.
I received a $64 credit on Amazon today.
I got and spent my credit today. ;-)
When laws enforce arrogance... we have a problem.
https://en.wikipedia.org/wiki/...
Write polite letters.
My Senator is Feinstein, one of the two authors. She is the enemy of security and privacy and has been for a long time. On top of that, she doesn't give a damn what her constituents think so trying to convince her something is a bad idea is futile. Her reply to people, such as myself, who spoke to her about SOPA was downright condescending and rude. I keep trying to vote the *ahem* out but, I keep getting outvoted.
She is suffering from PTSD.
Too close to the murder of Harvey Milk.
This discussion note (it is not a bill) ignores the reality that congress mandates
encryption in all manner of activities. The top two are banking
and healthcare.
Her note would mandate that the maker of the device be able to ... this would outlaw most modern disk drives that commerce
decypher
lives on. This would outlaw encryption in media players that protects
content. This would outlaw WPA on all routers. This would outlaw the
hardware that is currently used to secure NATO communications.
Consider that it also outlaws paper. Paper can be used to encrypt messages ... that may count as encryption too.
(see Playfair) thus all makers of paper products must submit and
decrypt messages sent via paper. And we may not be teaching cursive
writing
She (Feinstein) has no clue....
A kind person would call it PTSD and allow her to retire to a federal funded
mental health facility and eat green jello.
So what... but what was in the famous phone #1.
I'm looking for some honest value equation that invasion of
data privacy is a universal good thing.
Citizens in other countries are incarcerated and locked up
for things we take for granted.
These products are international.
Nothing protects us from one time pads and text messages.
s;akls fsf lasfasf jljljl = __________ ?
Don't see any serial numbers on the coins in my pocket. Even the bills just go into a pile of other bills usually when I buy something and I think the stores would be very resistant to scanning everything.
Have you ever seen a cash counting machine?
Fast and bank models have counterfeit detection tricks built in.
The hardware in Nevada Casinos for counting cash is serious stuff.
The room that counts the 'uncounted' is astoundingly well secured and
audited. Once counted insurance kicks in and normal locks are fine
enough.
Serial number tracking inside a casino is not beyond modern tech.
Link cash windows cameras with cash readers and Bob's your real Whale
or is he a card counter.
Why would the travelers in question be unable or unwilling to show ID?
If it was the traveler buying the phone.
Companies do it for their employees.
Famous people worry about foolishness at hotels and public venues
where a lost personal phone is a hassle.
Trade show groups sometimes buy a bucket of phones.
Consider a multi billion buyout negotiation where the front men exchange
prepaid phones for the 'famous' members of the board.
Consider all the FBI agents involved in the litigation with Apple.
Do you think they are willing to have their metadata tied to
their personal ID for fear that an agent call the judge off the
court record.
How about... no cash allowed for anything ever?
If you use a debit/credit card, the transaction can always be linked to you... no need for an ID.
All cash has serial numbers don't ya know.
First bank readers to discover counterfeit quicker.
Then ATM readers to track dispensing.
Then point of sale readers even on vending machines.
The bill is going to be useless unless the used phone market is eliminated.
Not just used phones but battered women shelters.
Also travelers... If I was traveling to various parts of the world
I would take a prepaid phone and not risk getting hacked.
Companies do this for some of their employees.
N.B. You must have ID to get an ID.
Let's get real though: How are you going to stop an ignorant person like an orderly or doctor from doing really stupid things 0.1% of the time?
...
Getting real is spot on.
An orderly or doctor will from time to time will do stupid stuff.
It takes much less than you're 0.1% stupidity rate for this to be an issue.
System need to be patched.
Systems need strong capability models such that no orderly, doctor, nurse or
patient has sufficient capability to cause harm.
Consider the national security issue of an unpatched flaw known to
one or more TLA but kept secret because it is seen as a bit of power.
The reality it is first hand knowledge of a domestic vulnerability
that needs prompt attention. Those with blinders only looking out
(like management) fail to have the intellect to see the risk from the
outside in without getting smacked alongside the head with a thick
phone book. Once educated, selfishness, malice and malfeasance
come to play.
The Maginot Line intended to protect France failed for much the same cognitive
reason that a chicken will fail to walk around a short fence when there is food
immediately on the opposite side.
See: "Cognitive Psychology and Implications"
By John R. Anderson
The reality is a chicken is so focused on the food directly in front of it
that they will not be able see that walking around the short fence
is an option.
Managers often rise to power by will of force and single mindedness
in the attainment of goals. The efficiency of such single minded goal oriented
cognition gets rewarded with a promotion. Ultimately inventiveness
and thinking around the fence and out of the box is required and the department,
company or nation fails.
See also: ... fence, and something they wanted was placed
"Kohler's first experiments (1925), he presented the following detour problems to a young child,
a dog and a chicken (Figure 2-19). A fence
at position G on the other side — within sight but out of reach."
I like to leave my phone plugged in, next to me on my desk, ....
OK this is almost silly.
An old phone connected via WiFi only will let you see Weather,
messages from Mom and listen to cached cloud music. Buildings
have such terrible cell reception that WiFi is nearly required.
At no time should a company allow portable devices to connect
to a network with company data or resources. Employees
want to be connected so establish a non production network
hobble the bandwidth as needed to something like 10/100 max.
Sure, require a password that is changed sort of often post it in the
breakroom.
Block a lot of sites or white list a short set.
Now your old LED phone has value and your
new OLED phone will not burn so quickly.
As well they should pay it.
I have ZERO sympathy for insecure IT systems. I also have ZERO sympathy for "victims" of scams. If you're stupid enough to leave your shit wide open, or Western Union money to Albania, that's on you. It should be perfectly legal to take advantage of stupid people. Consider it a learning experience.
No bring in the FBI and have the FBI compel a solution.
While I have little sympathy for bad management there is a lesson here
that cyber crimes are a reality and each device that touches a network
will be attacked.
A hack on a hospital could cause numerous fatalities from the NICU, to
the ICU to surgery centers to failure of autoclaves, refrigeration, AC, loss or
corruption of data needed to track blood and other medications and people.
Some worry about the IoT where folk worry about the NEST thermostat
invasion of privacy. Hospitals are more integrated and automated than
the average person knows. Robots deliver drugs upstairs and down.
Drug metering systems are networked and administer pain medications
within narrow limits.
In one context this is a crime and law enforcement thinks they have
a say in this. The reality is law enforcement has little reach to deal
with the international criminals and international borders for things
like this.
The FBI in San Bernardino is feathering their own nest and ignoring the
international risk of their writ at the same time that they wish to react
to the international terror risks.
Back to stupid hospital folk.
We need to train management at all levels so they make good decisions.
Cost is a factor but a lot spent badly is less secure than a little spent well.
Ignorance is not an option.
There are some absolutely necessary and needed components: audit, router and firewall tech.
To some degree this is a different class of tech than most consider as needed for a server farm.
In a capability based deployment design some of the risks and attacks can
be compartmentalized and squashed. A single level breach would be limited
and with good design manageable and near worthless.
I wondered why Facebook went public on their rack level router project.
https://code.facebook.com/post...
Such projects do not exist in a vacuum. Cost or risks drive a software company to build hardware (or too much money).
It is no longer sufficient to have a hard candy outside and a soft gooey center security model.
It is the novice system engineer that does not understand the risks of monoculture and the
lessons learned by the virus attack on the American chestnut trees. In house systems are
often monoculture box canyons.
Any and all the layers need attention in today's hostile networking context.
N.B.
The FBI added two Syrian hackers to its most-wanted list for cybercriminals, charging them with attacking
dozens of U.S. companies, media organizations, and even the White House.
and
I might note that the FBI wants to diminish security on a very common device. Hmmm....
DCMA...
Not as interesting solution as patching the vulnerability shortly
after this phone gets hacked.
It appears to me that as an Israeli company they are far enough from US law
that they could be a vent for a secret NSA/CIA method and secret. They are
also far enough to make it hard for a US court to compel them to act.
The $15,000 price tag seems low for anything involving software.
Might be OK for a hardware hack that begins with a slurp of the
data from the RAM. As a qualified forensic service, data retention seems to
be a necessary first step.
For the US DOJ an Israeli company is close to a friendly safe harbor as
there might be out there. It may also be a safe outlet for Apple and
the business of other legally compelled services. They could deny further
requests on older hardware because a service company has surfaced.
i.e. We charge $150,000.00 per device and did you know that another $15,000.00
service exists.
Win Win.... for now.
How many digits to use depends on the application. For a satellite trajectory the 15th decimal is OK, but if you want to make a sharp mirror the precision in the calculation have to be higher.
Because of floating point format limits mostly NASA would use PI thus
#include math.h
Something like...
$ grep PI ....../usr/include/math.h ...... /* pi */ ....
#define M_PI 3.14159265358979323846264338327950288
#define M_PI_2 1.57079632679489661923132169163975144
It is rare that more digits are used. The troubles are in transcendental functions computed
as series (Taylor) in math.a/math.so and friends. There is a lot of work on this but has
little to do with PI in the details.