Since the data sent between Windows and Microsoft HQ is encrypted no researched can know if what it sends are hashed files or any other data. And since Windows both phones home for updates as well as telemetry this could just as easily be handled there.
So now WikiLeaks is "state help"? The reason that he went by Russia was that this was the only route from Hong Kong to Ecuador that avoided countries witch would extradite him to the US _AND_ US controlled airlines. And since even Cuba(!) caved in to the US and stated that they would not allow any plane from Russia to land in Cuba if Snowden was aboard I can hardly blame him from avoiding US controlled airlines etc.
And the Windows Kernel does the very same every time you ask an application to load or save a file so there is no need to implement this in Defender and risk missing an opportunity (i.e that some people don't install it).
So easy to come by that CIA didn't have any while there where dozens for Windows, macOS, IOS, Android, IoT devices and SmartTVs? Now you are just painting yourself into a smaller and smaller corner.
Which of course is not what happened. He was in Russia only to transit further when the US revoced his passport which effectively stranded him in Russia.
So he is only in Russia due to the US government.
Yes sorry about that, don't know what I was thinking about. Sometimes I forget that people keep using short passwords (since I use a password manager I always make sure that my passwords have 256-bit entropy).
I don't think so, when Microsoft where forced to not install IE by default here in Europe there where no talk about them being forced to uninstall IE from already made installs and I have not heard anything this time that EU should have forced MS to uninstall WMP either.
If they simple unbundled it then that would mean that it would not be installed on a fresh install, what they however have done is to actively uninstall it from already installed machines.
Yeah you are 100% correct which is why we saw how CIA/NSA used all those hidden back doors in Linux in i.e the Value 7 and NSA dumps. Oh wait there where no such thing!
So sure you are... Besides, they may as well be increasing security by planting things with certain backdoors. The actual readable code may just be arcane and hard to read — but innocent. Innocent, until a specially-crafted USB-stick is plugged-in. Or a specially crafted ICMP-packet arrives — its content containing a proper key to open things up for the NSA (but not to anyone actually hostile)... Or until a binary driver for some cool gadget is loaded into kernel...
I'm sure because in contrast with you I am an actual developer and have looked at the very code that I am talking about (would be a hypocrite otherwise). So first it was SELinux that was the problem and now there are hidden backdoors everywhere that you can unlock with ICMP packages, I do think that you should stop looking at shows like The Blacklist.
it's not like they supplied a binary blob
How do you know, when you download the latest nVidia-driver, for example, that it contains no NSA-provided code?
That one is easy because I don't download the latest nVidia driver since I'm using the open AMD drivers at home and the open Intel drivers at work.
If so then you have to somehow connect Robin Seggelmann with some state since he was one of the authors of the RFC and the one that introduced the bug in OpenSSL (the bug is however only in this particular implementation and not in the RFC itself).
Yes but #1 that is code from the part of NSA whose job it is to increase security and #2 that code has been verified and vetted from top to bottom, it's not like they supplied a binary blob. Not to mention that the code itself have been heavily altered by the community over the years.
The difference in bruteforce speed between MD5 and SHA2 is way more than 10-fold, it's 2^128-fold (for the standard SHA2-256) and that is ignoring the known collision attacks in MD5.
With MD5 you can have all the salt of the great oceans and the password would still be easily deducted in an offline attack (which hash you use does not matter in an online attack which is what you describef, heck you could even go with plaintext).
Slashdot Mirror
Since the data sent between Windows and Microsoft HQ is encrypted no researched can know if what it sends are hashed files or any other data. And since Windows both phones home for updates as well as telemetry this could just as easily be handled there.
So now WikiLeaks is "state help"? The reason that he went by Russia was that this was the only route from Hong Kong to Ecuador that avoided countries witch would extradite him to the US _AND_ US controlled airlines. And since even Cuba(!) caved in to the US and stated that they would not allow any plane from Russia to land in Cuba if Snowden was aboard I can hardly blame him from avoiding US controlled airlines etc.
And the Windows Kernel does the very same every time you ask an application to load or save a file so there is no need to implement this in Defender and risk missing an opportunity (i.e that some people don't install it).
So easy to come by that CIA didn't have any while there where dozens for Windows, macOS, IOS, Android, IoT devices and SmartTVs? Now you are just painting yourself into a smaller and smaller corner.
Why would Microsoft bother with Defender to do this when they already own your whole computer with Windows?
And you just missed the fact that all of the Vault7 tools for Linux and BSD required exploits to work and that they where not exploits themselves?
Are you seriously asking if any of the spies are not a spy?
Which of course is not what happened. He was in Russia only to transit further when the US revoced his passport which effectively stranded him in Russia. So he is only in Russia due to the US government.
So by that logic we should pay even less attention to you.
Yes sorry about that, don't know what I was thinking about. Sometimes I forget that people keep using short passwords (since I use a password manager I always make sure that my passwords have 256-bit entropy).
I don't think so, when Microsoft where forced to not install IE by default here in Europe there where no talk about them being forced to uninstall IE from already made installs and I have not heard anything this time that EU should have forced MS to uninstall WMP either.
If they simple unbundled it then that would mean that it would not be installed on a fresh install, what they however have done is to actively uninstall it from already installed machines.
Yeah you are 100% correct which is why we saw how CIA/NSA used all those hidden back doors in Linux in i.e the Value 7 and NSA dumps. Oh wait there where no such thing!
So sure you are... Besides, they may as well be increasing security by planting things with certain backdoors. The actual readable code may just be arcane and hard to read — but innocent. Innocent, until a specially-crafted USB-stick is plugged-in. Or a specially crafted ICMP-packet arrives — its content containing a proper key to open things up for the NSA (but not to anyone actually hostile)... Or until a binary driver for some cool gadget is loaded into kernel...
I'm sure because in contrast with you I am an actual developer and have looked at the very code that I am talking about (would be a hypocrite otherwise). So first it was SELinux that was the problem and now there are hidden backdoors everywhere that you can unlock with ICMP packages, I do think that you should stop looking at shows like The Blacklist.
How do you know, when you download the latest nVidia-driver, for example, that it contains no NSA-provided code?
That one is easy because I don't download the latest nVidia driver since I'm using the open AMD drivers at home and the open Intel drivers at work.
It's one thing to include it by default (i.e bundling) and a whole other to uninstall it in an update.
If so then you have to somehow connect Robin Seggelmann with some state since he was one of the authors of the RFC and the one that introduced the bug in OpenSSL (the bug is however only in this particular implementation and not in the RFC itself).
Yes but #1 that is code from the part of NSA whose job it is to increase security and #2 that code has been verified and vetted from top to bottom, it's not like they supplied a binary blob. Not to mention that the code itself have been heavily altered by the community over the years.
So now we have to invent some form of gloves that external parties cannot take off you when you are sleeping (or being sedated).
Why are you implying that we would be talking about a plain hash of a password without any type of salt or constructs (like bcrypt/scrypt)?
of course we are talking about properly implemented hashed passwords databases with salts etc and not just a hash of the password!
The difference in bruteforce speed between MD5 and SHA2 is way more than 10-fold, it's 2^128-fold (for the standard SHA2-256) and that is ignoring the known collision attacks in MD5.
With MD5 you can have all the salt of the great oceans and the password would still be easily deducted in an offline attack (which hash you use does not matter in an online attack which is what you describef, heck you could even go with plaintext).
But that is not Linux that you are describing, that's simply software and computers in general.
So use VI (Virtual Intelligence) for these lesser systems? Worked fine in Mass Effect.
You mean they ignored to set the evil bit?!