- loosing everything because your Cloud-Provider was hit by a ransomware attack
- loosing everything because your Cloud-Provider was overtaken by another company that gave you a two weeks notice and your were on your three week vacation.
- loosing everything because your Cloud-Provider didn't do backups and now the company is bankrupt and the damage is "Ltd."
- loosing everything because your Cloud-Provider did do backups - even encrypted ones - but forgot to check if the encrypted backup data was decryptable
- having your data mined and analysed by advertisers & three letter agencies
Why are they much better alternatives? The software written in (*) has no vulnerabilities?
Choosing a language does not really address security, because that choosing will affect how the programmer thinks about security and possibly the less experienced programmers will slack on "programming for safety" paradigm.. because the language does everything for the programmer.
For example: Please have a look at fefe's gatling[1], an incredible fast http-server, with only very few security problems in the past - written entierly in "C". Also the funny thing is that certain of these highlevel languages will use bindings to these older libraries written in C.
So you will be bitten again.
From all information I overlook I can say, yes in "C" it is incredible easy to make simple errors with hugh consequences - choosing types for example. However "C"-programming can be made more secure with a strict application of certain rules especially on "forbidden" & dangerous constructions. The missconception why "C" is deemed as an insecure language is that much of the code in use stems from the "ancient" times, when such code was mostly not exposed to the raw unforgiving "force" of the internet.
Also there was not such a "zoo" for other different programming languages, so much of the software was implemented using "C". This effect is similar to todays "I use java now, I don't need to take care of security".
The different incarnations of "C" standards also play their part, similar to the "Perl-Mageddon" if you do not have a concise standard about how a programming language will be "interpreted" or "translated" you are deemed to introduce errors. Imagemagik is bloated & ancient, two aspects that are problematic. Fefe adheres to his own standards, that bloat and complexity are the real threats for security. (dietlibc vs. libc). And he is often correct on this topic.
Transferring your tasks, duties and obligations to other entities and enjoy the bliss of being free from these enjoying a certain kind of freedom that really is none.
hubic: "We secure everything by ssl".. lol, which ssl? the buggy, the bad or the good one?
And you can read my files, I really like that!
but But I think its a nice offer, to use as an ultra cheap backup solution. I hope they don't mind that I upload files with their hashvalues as filenames and being encrypted.
I don't "favour" NK because its a fascist regime where human rights have no significance at all.
But, why should we pay attentition to the failures of the NK rocket program, when we should focus more on the successes of this program, and the nuclear program. Because the successes tend to be much more dangerous than the failures.
Citation: "It was a fiery, catastrophic attempt at a launch that was unsuccessful,"
Should we now call every exploded - and most importantly unmanned - U.S. military or commercial launch failiure also a fiery catastrophic attempt?
But no, because it would be propaganda. Yes, not only does NK propaganda, everybody does it.
It should be called what it was: 1.) a hefty and repeated violation of an U.N. resolution - that will mostly go unpunished because there is not really anything more to sanction, even China had put NK on a strict diet.
2.) an attempt to have good propaganda
3.) a failed missile launch
4.) death by firing squad for the person in charge
And nothing more, to try to taunt NK or Kim Jong Un is just that kind of slimy and stinking propaganda everybody knows from NK - it stinks and just replaying this propaganda is like getting down on the same level with the NK regime.
Civilised press should not relay propaganda of any kind especially not uncommented.
That you can fly an RC-Aircraft or a manned aircraft made out of fiber compound, aluminium is only possible because of putting mineral resources & energy to work.
All the things you wear all the things you use are made with energy because for example aluminium processing takes huge amounts of energy.
Making of all kinds of plastic takes huge processing plants - that are lit up 24/7 for safety.
That you can have fun with your RC-Aircraft is the very product of a very long and sophisticated stream of engineered processes.
Your RC-Aircraft is a by-product of these engineered processes.
And the time your vision comes true - in 50-70 yrs. - many people will be "unemployed".
And we don't have the warp drive to shoot all people into the sky.
But we have some spare nukes, that could solve the problem for once and for all.
If the iPhone holds a "Cyber Pathogen" then it must be destroyed, because the second that iPhone is unlocked by an Apple intervention the cyber pathogen could spread through the whole United States and infect everything from your pocket calculator to your android smartphone.
It is a threat that must be destroyed, incinerate that phone right now
(Because I'm just fed up with the whole order to encrypt and denying battle of Apple, that we should all know is a big charrade by Apple, because if it had been requested silently they'd done it.)
And isn't anybody else supprised about the fact that the USA - which detest - undemocratic and human rights voilating - countries like China, try to setup the same machinery as China.
Why isn't Apple a freedom fighter in China? Because the USA are not China!
Let'em take encryption only, out of your cold dead hand.
Why isn't Apple a freedom fighter in China? Because Apple has nothing to fight for in China - except money that flows back to the USA.
So you donate money and do not face the national gard when the third clone of Rosa Parks wants to attend MarsU and is facing protesters on Mars scanding "Go back to Earth you don't belong here!" ?
The atrocities that were carried out during the Nazi time by the Nazis, were carried out mostly by people that stepped forward and that had the opportunity to not take part in such actions.
For example, the personell at the concentration and killing camps were members of the "Waffen SS".
These people needed to step forward to join the Waffen SS, and swear the oath on their "Fuehrer Adolf Hitler", these people were convinced about what they were doing, and in the case of the concentration & killing camps they could request a transfer away, most didn't.
Those people were willing to commit atrocities.. the reduced awareness due to a command cannot be an excuse nor it can explain this, except that some people have a very weak barrier that keeps their behaviour under control.
There was also the "Wehrmacht" (german regular army til 1945) that has also commited atrocities and crimes against humanity.
Like shooting captured russian POWs in the head from a hideout in a neighbouring room behind a bar for height measurement, shooting done by volunteers.
It's just disgusting.
And every army that has gone into combat since and before then knows about the conventions to protect civilians and to treat POWs and every army that has gone into combat commits atrocities again.
Only a few commit these atrocites, but many stand by and just don't stop them.
Because even if you have 300 processes running, the 299 could be ignored because of their "cpu fingerprint".
They do not occupy one CPU to the max, most processes running on a computer do just a bit more than nothing.
I have the uncanny feeling that GnuPG is not parallalized at all.
A crypto application however runs - if it's not parallelized - on one CPU-Core 100% for a depending on the processing power of the machine certain amount of time.
(In crypto does not like timing sidechannel attacks)
I guess, without having read the article, this specific burst of activity is where a crypto "broadcast" can be identified by.
When I would attack a webservers private key using this tactic, I would just initiate a https connection and send certain data and than would see the what the spectrum says, I would then repeat it.. and I recognize patterns, and a again and again and again, till I have gathered enough data.
However I think your point hints at a possible counter measure, having similar fingerprints also similarly timed it would interfere with the "broadcast".
"Die Schadenfreude wird Dir im Hals stecken bleiben."
Schadenfreude will get back at you.
Is a term deeming the people that experience "Schadenfreude" to be susceptible for the upcomming or imminent threat to experience also a same of a kind situation from the opposite side.
Because people that experience "Schadenfreude" tend not to concentrate on their own problems.
(Example: A car driver laughs about the owner of a broken luxury car, and does not concentrate on the car driving in front of him, where the driver does same thing plus braking to get a better view. Result tail bump and the "Schadenfreude" got back at you.)
In this case it's climate scientists have worked out that the climate is anthropologically influenced on a large scale.
But that influence is what we experience just right now and not what could happen in the future, these predictions with their various scenarios are essential to at least have an idea for example where settling could be dangerous or economically unfeasable.
All prediction on the future also need to take into account a changing behaviour and energy production landscape.
And this is how Schadenfreude has the tendency to get stuck in your throat and choke on you if you enjoy it for too long.
You are missjudging, I don't judge morally or amorally in anyway.
I just recount the reality and accept this as a fact of normal human behaviour within the given rule of law and as I will argue that it is a common morally acceptable behaviour.
That behaviour most people show a divergence in the moral outside behaviour and their inner moral "clockwork".
Most of the time I see that many people that take a moral stance on ever cheaper things buy-in-your-own-country.
But they go for the cheapest, and shit on their moral.
Do you also "tick" that way price hunting sites and have that devilish good feeling when you made a best price hit, or do you choose your local supplier?
-> If so you are morally as lame as everybody else and you have no right to judge about the moral of people because where is moral there is bigottery.
Everything that is based on moral will be frail at a certain point, everything that is based on sense and ethics will work.
If you like Star Wars the best sum up is "Only a Sith deals in absolutes."
Slashdot Mirror
to put all your data at risk of:
- loosing everything because your Cloud-Provider was hit by a ransomware attack
- loosing everything because your Cloud-Provider was overtaken by another company that gave you a two weeks notice and your were on your three week vacation.
- loosing everything because your Cloud-Provider didn't do backups and now the company is bankrupt and the damage is "Ltd."
- loosing everything because your Cloud-Provider did do backups - even encrypted ones - but forgot to check if the encrypted backup data was decryptable
- having your data mined and analysed by advertisers & three letter agencies
Yes, but it contains everything one needs, "without" popping up here, popping down there, tracking your ass, analysing your mouse etc..
In contrast to the "spartan" source, gatling works great.
And you can even get that page with gprs without much delay!
Why are they much better alternatives?
The software written in (*) has no vulnerabilities?
Choosing a language does not really address security, because that choosing will affect how the programmer thinks about security and possibly the less experienced programmers will slack on "programming for safety" paradigm .. because the language does everything for the programmer.
For example:
Please have a look at fefe's gatling[1], an incredible fast http-server, with only very few security problems in the past - written entierly in "C". Also the funny thing is that certain of these highlevel languages will use bindings to these older libraries written in C.
So you will be bitten again.
From all information I overlook I can say, yes in "C" it is incredible easy to make simple errors with hugh consequences - choosing types for example. However "C"-programming can be made more secure with a strict application of certain rules especially on "forbidden" & dangerous constructions. The missconception why "C" is deemed as an insecure language is that much of the code in use stems from the "ancient" times, when such code was mostly not exposed to the raw unforgiving "force" of the internet.
Also there was not such a "zoo" for other different programming languages, so much of the software was implemented using "C". This effect is similar to todays "I use java now, I don't need to take care of security".
The different incarnations of "C" standards also play their part, similar to the "Perl-Mageddon" if you do not have a concise standard about how a programming language will be "interpreted" or "translated" you are deemed to introduce errors. Imagemagik is bloated & ancient, two aspects that are problematic. Fefe adheres to his own standards, that bloat and complexity are the real threats for security. (dietlibc vs. libc). And he is often correct on this topic.
[1] http://www.fefe.de/
Things like this will happen to you.
Transferring your tasks, duties and obligations to other entities and enjoy the bliss of being free from these enjoying a certain kind of freedom that really is none.
Good old Jean-Claude van Ramme.
hubic: "We secure everything by ssl" .. lol, which ssl? the buggy, the bad or the good one?
And you can read my files, I really like that!
but
But I think its a nice offer, to use as an ultra cheap backup solution. I hope they don't mind that I upload files with their hashvalues as filenames and being encrypted.
Yes, Hubic must be much better and cheaper, I hope,
but it's good to counter the slashvertisement with antitisement.
1.) radically change window 10
a.) make cloud/spy "features" optional and opt-in
b.) make the XP & 7 GUI availible (the GUI is not the fucking OS)
2.) offer WinXP & Vista Keys an Upgrade
3.) don't force users by circumventing the window update blocklist by changing the "update date" on the installer.
The children will come!
I don't "favour" NK because its a fascist regime where human rights have no significance at all.
But, why should we pay attentition to the failures of the NK rocket program, when we should focus more on the successes of this program, and the nuclear program. Because the successes tend to be much more dangerous than the failures.
Citation: "It was a fiery, catastrophic attempt at a launch that was unsuccessful,"
Should we now call every exploded - and most importantly unmanned - U.S. military or commercial launch failiure also a fiery catastrophic attempt?
But no, because it would be propaganda. Yes, not only does NK propaganda, everybody does it.
It should be called what it was:
1.) a hefty and repeated violation of an U.N. resolution - that will mostly go unpunished because there is not really anything more to sanction, even China had put NK on a strict diet.
2.) an attempt to have good propaganda
3.) a failed missile launch
4.) death by firing squad for the person in charge
And nothing more, to try to taunt NK or Kim Jong Un is just that kind of slimy and stinking propaganda everybody knows from NK - it stinks and just replaying this propaganda is like getting down on the same level with the NK regime.
Civilised press should not relay propaganda of any kind especially not uncommented.
the tor project should shy away from Firefox (ESR)?
https://it.slashdot.org/story/...
http://www.eweek.com/security/...
Putting a wind turbine offshore is a huge undertaking and maintaining it is also not effortless.
And being a N.E.R.D. means that the computer NERDS have a CRAY2 in their Backyard and that mech. NERDS have a wind turbine in their back yard! ;)
That you can fly an RC-Aircraft or a manned aircraft made out of fiber compound, aluminium is only possible because of putting mineral resources & energy to work.
All the things you wear all the things you use are made with energy because for example aluminium processing takes huge amounts of energy.
Making of all kinds of plastic takes huge processing plants - that are lit up 24/7 for safety.
That you can have fun with your RC-Aircraft is the very product of a very long and sophisticated stream of engineered processes.
Your RC-Aircraft is a by-product of these engineered processes.
And the time your vision comes true - in 50-70 yrs. - many people will be "unemployed".
And we don't have the warp drive to shoot all people into the sky.
But we have some spare nukes, that could solve the problem for once and for all.
If the iPhone holds a "Cyber Pathogen" then it must be destroyed, because the second that iPhone is unlocked by an Apple intervention the cyber pathogen could spread through the whole United States and infect everything from your pocket calculator to your android smartphone.
It is a threat that must be destroyed, incinerate that phone right now
(Because I'm just fed up with the whole order to encrypt and denying battle of Apple, that we should all know is a big charrade by Apple, because if it had been requested silently they'd done it.)
Just get it over with!
I would have let you pay for that favour.
I hope, but I also detest that Mozilla did exactly that.
.. in the USA your freedom is under heavy attack.
And isn't anybody else supprised about the fact that the USA - which detest - undemocratic and human rights voilating - countries like China, try to setup the same machinery as China.
Why isn't Apple a freedom fighter in China?
Because the USA are not China!
Let'em take encryption only, out of your cold dead hand.
Why isn't Apple a freedom fighter in China?
Because Apple has nothing to fight for in China - except money that flows back to the USA.
So you donate money and do not face the national gard when the third clone of Rosa Parks wants to attend MarsU and is facing protesters on Mars scanding "Go back to Earth you don't belong here!" ?
The atrocities that were carried out during the Nazi time by the Nazis, were carried out mostly by people that stepped forward and that had the opportunity to not take part in such actions.
For example, the personell at the concentration and killing camps were members of the "Waffen SS".
These people needed to step forward to join the Waffen SS, and swear the oath on their "Fuehrer Adolf Hitler", these people were convinced about what they were doing, and in the case of the concentration & killing camps they could request a transfer away, most didn't.
Those people were willing to commit atrocities .. the reduced awareness due to a command cannot be an excuse nor it can explain this, except that some people have a very weak barrier that keeps their behaviour under control.
There was also the "Wehrmacht" (german regular army til 1945) that has also commited atrocities and crimes against humanity.
Like shooting captured russian POWs in the head from a hideout in a neighbouring room behind a bar for height measurement, shooting done by volunteers.
It's just disgusting.
And every army that has gone into combat since and before then knows about the conventions to protect civilians and to treat POWs and every army that has gone into combat commits atrocities again.
Only a few commit these atrocites, but many stand by and just don't stop them.
Because even if you have 300 processes running, the 299 could be ignored because of their "cpu fingerprint".
They do not occupy one CPU to the max, most processes running on a computer do just a bit more than nothing.
I have the uncanny feeling that GnuPG is not parallalized at all.
A crypto application however runs - if it's not parallelized - on one CPU-Core 100% for a depending on the processing power of the machine certain amount of time.
(In crypto does not like timing sidechannel attacks)
I guess, without having read the article, this specific burst of activity is where a crypto "broadcast" can be identified by.
When I would attack a webservers private key using this tactic, I would just initiate a https connection and send certain data and than would see the what the spectrum says, I would then repeat it .. and I recognize patterns, and a again and again and again, till I have gathered enough data.
However I think your point hints at a possible counter measure, having similar fingerprints also similarly timed it would interfere with the "broadcast".
https://www.youtube.com/watch?...
Just saying.
"Die Schadenfreude wird Dir im Hals stecken bleiben."
Schadenfreude will get back at you.
Is a term deeming the people that experience "Schadenfreude" to be susceptible for the upcomming or imminent threat to experience also a same of a kind situation from the opposite side.
Because people that experience "Schadenfreude" tend not to concentrate on their own problems.
(Example: A car driver laughs about the owner of a broken luxury car, and does not concentrate on the car driving in front of him, where the driver does same thing plus braking to get a better view. Result tail bump and the "Schadenfreude" got back at you.)
In this case it's climate scientists have worked out that the climate is anthropologically influenced on a large scale.
But that influence is what we experience just right now and not what could happen in the future, these predictions with their various scenarios are essential to at least have an idea for example where settling could be dangerous or economically unfeasable.
All prediction on the future also need to take into account a changing behaviour and energy production landscape.
And this is how Schadenfreude has the tendency to get stuck in your throat and choke on you if you enjoy it for too long.
Lame for you, of great interest for many people.
Use common sense and watch how people behave on the small scale, don't theorize or repeat theories how people should behave.
And in this case we are dealing with the behaviour of people for a "for-fun-good"(a toy) and on this level certain oversimplified rules remain true.
Small scale peoples behaviour is very simple, this use case deals on this small scale.
You are missjudging, I don't judge morally or amorally in anyway.
I just recount the reality and accept this as a fact of normal human behaviour within the given rule of law and as I will argue that it is a common morally acceptable behaviour.
That behaviour most people show a divergence in the moral outside behaviour and their inner moral "clockwork".
Most of the time I see that many people that take a moral stance on ever cheaper things buy-in-your-own-country.
But they go for the cheapest, and shit on their moral.
Do you also "tick" that way price hunting sites and have that devilish good feeling when you made a best price hit, or do you choose your local supplier?
-> If so you are morally as lame as everybody else and you have no right to judge about the moral of people because where is moral there is bigottery.
Everything that is based on moral will be frail at a certain point, everything that is based on sense and ethics will work.
If you like Star Wars the best sum up is
"Only a Sith deals in absolutes."
but for this case it works, as for many other cases:
In this case it means: "Those who demand it are willing to pay a high price - and they pay."