Watch out, according to TFS you (and apparently me as well since I'm a C dev) will be having the same hard time finding jobs as Cobol programmers are having today. I wonder if that is why even the old retired folks with Cobol experience are coming back to the workplaces...
No the Egyptian point makes it very clear that this was not a secret operation. Note how they did everything covert in the Egyptian case since the whole matter was illegal. The whole thing blew up politically as well here so doing something similar but also in the open is way far fetched.
Its unreasonable because when the case was dropped the first time he was told that he could travel to another country. I.e that prosecutor completely dropped the case. So yes of course some agency here (CIA) could be stupid enough to believe that he would be detained for months as you muse but this is far to uncertain and "loose" to be a though out honey pot operation. If it would have been a real honey pot I will still argue that he would have been arrested at the night of the rape (since the rape was planned as part of the honey pot they would of course know both the time and location of the event) and shipped to the US that very night.
Yes we apparently have a form of extradition treaty with the US, but #1 the crime have to be a crime in Sweden as well and #2 the punishment cannot involve a death sentence. Since 2001 also the whole EU have a "oh my the terrorists" extradition treaty with US so him being in Sweden or UK would not matter for that law either.
That this whole things would be a conspiracy honey pot in order to extradite Assange to USA is beyond stupid. First of all there are no extradition agreement between USA and Sweden which i.e is why we harbour quite a few American draft resisters from the Vietnam war (they knew that they could live here in peace and not be extradited to USA for their crimes).
If this would have been a honey pot operation then Assange would have been woke by armed police with the woman in bed screaming "rape, rape!" and not like how it was now that a few days later the women goes to the police, the police questions Assange, lets him go, lets him travel to the UK and then a new prosecutor decides to open the investigation again. Makes no sense what so ever to go this route if this was a honey pot. Also going though all this mess when Assange is in the UK which is a country with extradition agreements with the USA is also a very strange move.
People always bring up the Egyptian extradition as proof that Sweden extradites when the USA wants to but then they forget that this was done completely in secret with no involvement of either parliament or the judicial system and that we only know about it due to digging journalism. At the same time the Assange case was handled completely in public, so he could not have been extradited without extreme political turmoil with the party in charge most likely to loose the next election.
And to be honest, if the USA wanted him that bad they would have grabbed him of the streets in the middle of the night like they did with all the other people that they grabbed in Germany and Italy which they sent to gitmo.
Which proves my point, they have to negotiate deals with said companies in order to do so while millions of lines of source code was available to those projects when they where developing their methods. Without the vast amounts of source code it's even likely that projects such as Coverty wouldn't even exist.
And the open source nature of Linux the various components means that we have things like OSS-Fuzz from Google (https://threatpost.com/googles-oss-fuzz-finds-1000-open-source-bugs/125545/) or i.e Coverty (https://scan.coverity.com/o/oss_success_stories). I.e companies developing source code checkers and other such tools can use the vast amount of available open source as input to their project and pays back by posting the found problems upstream. The same does not happen for closed source software.
Well the thing is that there are very few remote exploits for even a 2.4 or 2.6 kernel, and the ones that does exist often require you to first enable various network protocols that most people don't use anyway. Local root escalation exploits are unfortunately common but if you have no listening daemons on those machines with an exploit then you cannot use the root escalation exploits either.
The main problem with Windows on embedded devices such as this is often not the NT kernel but that a typical Windows installation have tons of open network ports while the Linux/BSD equivalent would none unless you explicitly install some server daemon.
I.e looking at my own machine the only open network port for external connections are Mediatomb which I have explicitly installed and told to do so:
f.ultra@ubuntu:~$ sudo netstat -ltnp
[sudo] password for f.ultra:
Aktiva internetanslutningar (endast servrar)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:50500 0.0.0.0:* LISTEN 1634/mediatomb
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN 1314/dnsmasq
dnsmasq which is installed by Ubuntu by default listens only on 127.0.0.1 so it cannot accept external connections. Compare that with the output from a default Windows install and you will have lots of open ports accepting external connections.
Yes and no. On Gentoo for example they have a SELinux policy in place for Firefox and Chrome so ransomware utilizing holes in a browser there still have to fight with SELinux. On Ubuntu there are Apparmor policies for both but they are disable by default for some reason.
I'm not aware of a single case of "I thought that he gave me permission since I have the PIN" where the defendant have been judges as innocent. By the very law (at least in my country) it's actually fraud if you use another persons card+pin even if they gave it to you.
I would say that most servers most definitely use more than 4-core CPUs, it's only a small subsection of the Xeon line that have "as low" as 4-cores. 12-22 cores per CPU is the norm on the servers that I administrate which of course say nothing about all the millions of servers in the world, but anyway.
Exactly how is something that you broadcast out loud around you (biometrics) as strong as something that you keep secret (PIN) ? Signatures are irrelevant here since card+pin (and not chip+pin) have been the standard here for decades.
Or you simple stop using page fault semantics used for processors without this ability and instead give the MMU/OS both addresses and their respective lengths in the page fault so it can bring in both pages at once. However even if this would turn out to be unsolvable, this particular functionality is not what made the 68k family so nice for assembly programming, the most prominent features where sane mnemonics, arguments in the correct order (i.e source, destination and not the strange Intel reverse way), being big endian and having a workable number of registers.
To me it sounds like quite a few use biometrics as a combined username+password which makes things even worse. Here in Sweden we have a publicly traded company, Fingerprint Cards (https://www.fingerprints.com/), who pushes the idea of fingerprints as the secret key to payments and what not. Do watch their site, it's a good horror show! (you won't sleep well though).
And would it not also be great if that executable flag where automatically stripped when downloading a file so all things downloaded by a browser/mail-program had to be manually enabled in order to run?
What you should ask instead is why no one seams to leak such information to Wikileaks. It's not Wikileaks that hunts down and finds this information, it's sent to them. If you leak Russian secrets to them I'm quite sure that they would distribute them because it's not like the Internet is full of "I leaked Russian data to Wikileaks but they never released them" either.
And the complex ecosystem is mostly Microsoft's fault as well so this is their old behaviour biting them in the ass finally. I.e look at how completely insane some of the ACPI tables are on many systems that break the specs but they still "work" in Windows due to Microsoft implementing workarounds instead of enforcing vendors to adhere to a defined standard.
I'm quite sure that they have covered their asses with contracts. That is not my concern however. My concern is that they decide to build embedded devices running on Windows XP and then leave them connected to a network fully aware that Windows XP will be EOLd in the future (yes you can still shell out enormous amounts of cash to get some small support from Microsoft but that still leave it as practically EOL for most of us anyway).
Slashdot Mirror
Watch out, according to TFS you (and apparently me as well since I'm a C dev) will be having the same hard time finding jobs as Cobol programmers are having today. I wonder if that is why even the old retired folks with Cobol experience are coming back to the workplaces...
No the Egyptian point makes it very clear that this was not a secret operation. Note how they did everything covert in the Egyptian case since the whole matter was illegal. The whole thing blew up politically as well here so doing something similar but also in the open is way far fetched.
Its unreasonable because when the case was dropped the first time he was told that he could travel to another country. I.e that prosecutor completely dropped the case. So yes of course some agency here (CIA) could be stupid enough to believe that he would be detained for months as you muse but this is far to uncertain and "loose" to be a though out honey pot operation. If it would have been a real honey pot I will still argue that he would have been arrested at the night of the rape (since the rape was planned as part of the honey pot they would of course know both the time and location of the event) and shipped to the US that very night.
Yes we apparently have a form of extradition treaty with the US, but #1 the crime have to be a crime in Sweden as well and #2 the punishment cannot involve a death sentence. Since 2001 also the whole EU have a "oh my the terrorists" extradition treaty with US so him being in Sweden or UK would not matter for that law either.
That this whole things would be a conspiracy honey pot in order to extradite Assange to USA is beyond stupid. First of all there are no extradition agreement between USA and Sweden which i.e is why we harbour quite a few American draft resisters from the Vietnam war (they knew that they could live here in peace and not be extradited to USA for their crimes).
If this would have been a honey pot operation then Assange would have been woke by armed police with the woman in bed screaming "rape, rape!" and not like how it was now that a few days later the women goes to the police, the police questions Assange, lets him go, lets him travel to the UK and then a new prosecutor decides to open the investigation again. Makes no sense what so ever to go this route if this was a honey pot. Also going though all this mess when Assange is in the UK which is a country with extradition agreements with the USA is also a very strange move.
People always bring up the Egyptian extradition as proof that Sweden extradites when the USA wants to but then they forget that this was done completely in secret with no involvement of either parliament or the judicial system and that we only know about it due to digging journalism. At the same time the Assange case was handled completely in public, so he could not have been extradited without extreme political turmoil with the party in charge most likely to loose the next election.
And to be honest, if the USA wanted him that bad they would have grabbed him of the streets in the middle of the night like they did with all the other people that they grabbed in Germany and Italy which they sent to gitmo.
Which proves my point, they have to negotiate deals with said companies in order to do so while millions of lines of source code was available to those projects when they where developing their methods. Without the vast amounts of source code it's even likely that projects such as Coverty wouldn't even exist.
And after paying the ransom they are now also broke.
Well I guess they have to pay a hefty Bitcoin license now then.
No for fuck sake, if you do that you will break the Internet!!! https://www.youtube.com/watch?...
You cannot really be that stupid.
And the open source nature of Linux the various components means that we have things like OSS-Fuzz from Google (https://threatpost.com/googles-oss-fuzz-finds-1000-open-source-bugs/125545/) or i.e Coverty (https://scan.coverity.com/o/oss_success_stories). I.e companies developing source code checkers and other such tools can use the vast amount of available open source as input to their project and pays back by posting the found problems upstream. The same does not happen for closed source software.
Well the thing is that there are very few remote exploits for even a 2.4 or 2.6 kernel, and the ones that does exist often require you to first enable various network protocols that most people don't use anyway. Local root escalation exploits are unfortunately common but if you have no listening daemons on those machines with an exploit then you cannot use the root escalation exploits either.
The main problem with Windows on embedded devices such as this is often not the NT kernel but that a typical Windows installation have tons of open network ports while the Linux/BSD equivalent would none unless you explicitly install some server daemon.
I.e looking at my own machine the only open network port for external connections are Mediatomb which I have explicitly installed and told to do so:
f.ultra@ubuntu:~$ sudo netstat -ltnp
[sudo] password for f.ultra:
Aktiva internetanslutningar (endast servrar)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:50500 0.0.0.0:* LISTEN 1634/mediatomb
tcp 0 0 127.0.1.1:53 0.0.0.0:* LISTEN 1314/dnsmasq
dnsmasq which is installed by Ubuntu by default listens only on 127.0.0.1 so it cannot accept external connections. Compare that with the output from a default Windows install and you will have lots of open ports accepting external connections.
Yes and no. On Gentoo for example they have a SELinux policy in place for Firefox and Chrome so ransomware utilizing holes in a browser there still have to fight with SELinux. On Ubuntu there are Apparmor policies for both but they are disable by default for some reason.
A credit card with high credit rating?
I'm not aware of a single case of "I thought that he gave me permission since I have the PIN" where the defendant have been judges as innocent. By the very law (at least in my country) it's actually fraud if you use another persons card+pin even if they gave it to you.
I would say that most servers most definitely use more than 4-core CPUs, it's only a small subsection of the Xeon line that have "as low" as 4-cores. 12-22 cores per CPU is the norm on the servers that I administrate which of course say nothing about all the millions of servers in the world, but anyway.
Should be no considering the GPU would be lacking.
Exactly how is something that you broadcast out loud around you (biometrics) as strong as something that you keep secret (PIN) ? Signatures are irrelevant here since card+pin (and not chip+pin) have been the standard here for decades.
Or you simple stop using page fault semantics used for processors without this ability and instead give the MMU/OS both addresses and their respective lengths in the page fault so it can bring in both pages at once. However even if this would turn out to be unsolvable, this particular functionality is not what made the 68k family so nice for assembly programming, the most prominent features where sane mnemonics, arguments in the correct order (i.e source, destination and not the strange Intel reverse way), being big endian and having a workable number of registers.
To me it sounds like quite a few use biometrics as a combined username+password which makes things even worse. Here in Sweden we have a publicly traded company, Fingerprint Cards (https://www.fingerprints.com/), who pushes the idea of fingerprints as the secret key to payments and what not. Do watch their site, it's a good horror show! (you won't sleep well though).
And would it not also be great if that executable flag where automatically stripped when downloading a file so all things downloaded by a browser/mail-program had to be manually enabled in order to run?
What you should ask instead is why no one seams to leak such information to Wikileaks. It's not Wikileaks that hunts down and finds this information, it's sent to them. If you leak Russian secrets to them I'm quite sure that they would distribute them because it's not like the Internet is full of "I leaked Russian data to Wikileaks but they never released them" either.
And the complex ecosystem is mostly Microsoft's fault as well so this is their old behaviour biting them in the ass finally. I.e look at how completely insane some of the ACPI tables are on many systems that break the specs but they still "work" in Windows due to Microsoft implementing workarounds instead of enforcing vendors to adhere to a defined standard.
I take it you didn't read TFA?
I'm quite sure that they have covered their asses with contracts. That is not my concern however. My concern is that they decide to build embedded devices running on Windows XP and then leave them connected to a network fully aware that Windows XP will be EOLd in the future (yes you can still shell out enormous amounts of cash to get some small support from Microsoft but that still leave it as practically EOL for most of us anyway).
I agree. Unfortunately it's not "irrelevant" however since people/companies are trying to push biometrics in this direction.