The language of number theory seemed to be an exercise in the technical until hundreds of years later we end up with encryption systems based on their very principles. How you can claim prior knowledge of what will be useful in future, I do not know.
But in far too many cases, specialization has led to areas of research so narrow that they are of interest only to other people working in the same fields, subfields or sub-subfields.
Fields eh? It seems our PhD system is following that of an abstract algebra study. I guess you could say some PhD programs, that some may call bulls***, are really just necessary inverse components in the property our field of PhD's...
Personally I do not run the extra baggage of Ubuntu on my mobile linux device. (netbook)
When did they start putting unconfirmed or untested bug reports on Slashdot? Sure TFA says much to warrant further investigation... but not to have people like me get curious. (Just my opinion)
The article was quite Slashdotted, bad link, or something... found it and reposted below. (Also, I found the bold sections funny.)
Weaponizing GPS Tracking Devices
Posted by Kelly Jackson Higgins on Friday Apr 22nd at 5:05am Those low-cost embedded tracking devices in your smartphone or those personal GPS devices that track the whereabouts of your children, car, pet, or shipment can easily be intercepted by hackers, who can then pinpoint their whereabouts, impersonate them, and spoof their physical location, a researcher has discovered.
Security researcher Don Bailey at SOURCE Boston today disclosed the newest phase of his research on the lack of security in embedded devices, demonstrating how he is able to hack vendor Zoombak's personal GPS locator devices in order to find, target, and impersonate the user or equipment rigged with these consumer-focused devices. Bailey, a security consultant with iSEC Partners, decided to call out the widely available products from Zoombak after the vendor and its parent company Securus Inc. didn't respond when he alerted them about the security weaknesses. Mitigating these attacks would only require a few simple changes to the product, he says. Meanwhile, the threat is real, he says. "Anyone with a little hardware knowledge could reverse-engineer this," he says. "Children are physically at [risk] because these devices can be turned into weapons."
Bailey also released tools today for each of the three attacks he demonstrated at SOURCE Boston.
"Embedded devices are low-cost, easy to use, and easy to debug. And the security landscape is very small," Bailey says. "There is very little capability for integrating secure communications on the devices and ensuring that it's your code executing on there."
The underlying issue is that the low-cost and rapid commoditization of these embedded systems precludes their being properly secured. "There's a low entry point for people to develop them, so you have a serious problem because new developers and new startups don't have an understanding of security. It's an insecure product by default," he says.
Embedded system security is tricky in that there are so many moving parts in the final products, including baseband, GPS firmware, application firmware, and SIM software, according to Bailey.
It's not just consumer GPS tracking devices that are vulnerable, either. Bailey says he was also able to hack server SCADA embedded systems. "I was able to remotely compromise the box in its entirety" via the microcontroller on it, he says.
With the Zoombak device, Bailey was able to discover the tracking devices, profile them, using what he calls "war texting," to intercept their location. Zoombak uses a Web 2.0 interface that provides a map showing the GPS-equipped person or payload's physical location. The devices receive commands via SMS text messages.
In the first attack, Bailey forced the device to send him its physical location using techniques to grab the GPS coordinates and local cell tower information. "I can force those devices to bypass the manufacturer's controls and give me their information and they have no idea that I've intercepted their location," he says.
Once he fingerprinted the device, he can determine just what it is. "I know if it's a semi, a mail van, or a teenager driving the family car just by watching the vehicle for a certain period of time. I can use traffic cameras on Google satellite," he says. That would leave the GPS-outfitted person or payload prone to physical attack, he says.
Bailey was also able to impersonate the Zoombak personal GPS tracking device. "I use it as a weapon to fake the location data. If it's a truck on I-70, I can take the device and force it to send false location to the server and meantime, could hijack the truck," he explains. Zoombak's command and control channel is in the clear, unencrypted.
These devices could be locked down with some type of PKI on the microcompu
People who are into "literature" as opposed to "reading books" tend to be elitist snobs.
I agree and here are a list of the judges names if we need know who's opinion doesn't matter:
Who Chose the Books?
The books to be given away on World Book Night were selected by a committee of people committed to books, based on recommendations from publishers, booksellers and others. The Committee
James Naughtie– Author and radio presenter (Chair)
Bidisha –Author, journalist and broadcaster
Nic Bottomley– Owner and Manager of Mr B’s Emporium of Delights
Margaret Busby– Founder of Alison and Busby, author and broadcaster
Jamie Byng– MD of Canongate
Liz Calder– Former Publishing Director of Bloomsbury
John Carey– Author and critic
Maria Dickenson– Easons, Dublin
Tony Durcan – Head Librarian at Newcastle Libraries
Stephen Fry – Author, actor and broadcaster
Seni Glaister– The Book People
Kirsty Gunn– Author and critic
Steve Jones– Geneticist and author
Julia Kingsford– Head of Marketing at Foyles
Sarfraz Manzoor– Author and journalist
John Mitchinson – Author, former MD of Harvill and Marketing Manager at Waterstone’s
Amanda Ross– MD of Cactus and founder of the Richard and Judy Book Club
Speaking of utter lack of links, because this was completely devoid in the description and the articles themselves, here are some I found relevant from comments below other articles and searching for a couple of minutes:
Upon reading the article I saw the mention of leaner fuels. Will this require an alternative fuel mixture to truly improve efficiency or did I interpret this wrong? Thoughts?
Yes but perhaps his sentence will be taken into consideration considering these new facts (if they are true). That is why these sentences have a range of penalties...
Clearly a paraphrase. I didn't even discuss encryption, session keys, etc. This was meant more as a musing and less as an insight to the inner workings. I am no expert, I would be stupid for saying so, but there is clearly more than what I put in parenthesis.
(I guess that is why you posted AC...) Whatever I do not reply to AC's more than one reply deep... if you would like to call me an idiot properly please sign-in next time.
Ah but a translation would work fine also... Although we may need someone that knows how to interpret this in order to properly create an efficient translation...
They use an SSL protocol I do believe (I do understand SSH uses SSL essentially internals, just no messy certificates).
Your point is still perfectly applicable.
This is why my online data is stored on a low pay-per-month server using SSH (and UNIX commands)... with sub-accounts I use for access. That way I can login as my own pseudo-root top level on a different key on a machine I consider more secure... but my netbook/etc. actively uses the sub account.
In addition having a paper trail (credit card) with my name I get the added advantage of putting my name behind the access to the account so I can be properly identified as the account holder. (I use rsync.net, they have a pretty good service over there...) Encryption of files that are important with a password is always a good idea too... plus archiving saves space and md5 files are a good way to ensure proper transfers.
Long story short a system is only as secure as the user wants it to be and as it is fundamentally designed... If I had a Dropbox acct I would be fine because I knew what I was getting.
I don't play WOW myself but I hate selective service blocking...found this digging around for a couple of minutes:
Thank you for your letters of February 23rd and 25th, 2011 regarding the impact of Rogers Internet traffic management practices (ITMP) on the interactive game called World of Warcraft.
Our tests have determined that there is a problem with our traffic management equipment that can interfere with World of Warcraft. We have been in contact with the game manufacturer and we have been working with our equipment supplier to overcome this problem.
We recently introduced a software modification to solve the problems our customers are experiencing with World of Warcraft. However, there have been recent changes to the game, which has created new problems. A second software modification to address these new issues will not be ready until June.
We have determined that the problem occurs only when our customers are simultaneously using peer-to-peer file sharing applications and running the game. Therefore we recommend turning off the peer-to-peer setting in the World of Warcraft game and ensuring that no peer-to-peer applications are running on any connected computer. Rogers will engage our customers to ensure they are aware of these recommendations, while continuing to work on a longer term solution.
We sincerely regret the inconvenience that some of our customers have experienced in playing World of Warcraft and will continue to work with the game supplier and our technology supplier to solve the remaining problems as soon as possible. source
Slashdot Mirror
True story.
The language of number theory seemed to be an exercise in the technical until hundreds of years later we end up with encryption systems based on their very principles. How you can claim prior knowledge of what will be useful in future, I do not know.
But in far too many cases, specialization has led to areas of research so narrow that they are of interest only to other people working in the same fields, subfields or sub-subfields.
Fields eh? It seems our PhD system is following that of an abstract algebra study. I guess you could say some PhD programs, that some may call bulls***, are really just necessary inverse components in the property our field of PhD's...
It actually is the right distro tyvm.
And yes I am inexperienced in these matters...and I do it for the ads in public terminals.
as no-one RTFA anyway
Haha, good point.
Nice. I obviously did not look over the links completely including the comments. Good looks...
I wouldn't have found his post had it been hidden... which I found informative. You were right.
I may be referring to the wrong distro, oops.
Power consumption raised significantly in natty
this is the actual confirmed (4-13) bug report on the Launchpad at least a particular instance.
Personally I do not run the extra baggage of Ubuntu on my mobile linux device. (netbook)
When did they start putting unconfirmed or untested bug reports on Slashdot? Sure TFA says much to warrant further investigation... but not to have people like me get curious. (Just my opinion)
The article was quite Slashdotted, bad link, or something... found it and reposted below.
(Also, I found the bold sections funny.)
Weaponizing GPS Tracking Devices
Posted by Kelly Jackson Higgins on Friday Apr 22nd at 5:05am
Those low-cost embedded tracking devices in your smartphone or those personal GPS devices that track the whereabouts of your children, car, pet, or shipment can easily be intercepted by hackers, who can then pinpoint their whereabouts, impersonate them, and spoof their physical location, a researcher has discovered.
Security researcher Don Bailey at SOURCE Boston today disclosed the newest phase of his research on the lack of security in embedded devices, demonstrating how he is able to hack vendor Zoombak's personal GPS locator devices in order to find, target, and impersonate the user or equipment rigged with these consumer-focused devices. Bailey, a security consultant with iSEC Partners, decided to call out the widely available products from Zoombak after the vendor and its parent company Securus Inc. didn't respond when he alerted them about the security weaknesses. Mitigating these attacks would only require a few simple changes to the product, he says. Meanwhile, the threat is real, he says. "Anyone with a little hardware knowledge could reverse-engineer this," he says. "Children are physically at [risk] because these devices can be turned into weapons."
Bailey also released tools today for each of the three attacks he demonstrated at SOURCE Boston.
"Embedded devices are low-cost, easy to use, and easy to debug. And the security landscape is very small," Bailey says. "There is very little capability for integrating secure communications on the devices and ensuring that it's your code executing on there."
The underlying issue is that the low-cost and rapid commoditization of these embedded systems precludes their being properly secured. "There's a low entry point for people to develop them, so you have a serious problem because new developers and new startups don't have an understanding of security. It's an insecure product by default," he says.
Embedded system security is tricky in that there are so many moving parts in the final products, including baseband, GPS firmware, application firmware, and SIM software, according to Bailey.
It's not just consumer GPS tracking devices that are vulnerable, either. Bailey says he was also able to hack server SCADA embedded systems. "I was able to remotely compromise the box in its entirety" via the microcontroller on it, he says.
With the Zoombak device, Bailey was able to discover the tracking devices, profile them, using what he calls "war texting," to intercept their location. Zoombak uses a Web 2.0 interface that provides a map showing the GPS-equipped person or payload's physical location. The devices receive commands via SMS text messages.
In the first attack, Bailey forced the device to send him its physical location using techniques to grab the GPS coordinates and local cell tower information. "I can force those devices to bypass the manufacturer's controls and give me their information and they have no idea that I've intercepted their location," he says.
Once he fingerprinted the device, he can determine just what it is. "I know if it's a semi, a mail van, or a teenager driving the family car just by watching the vehicle for a certain period of time. I can use traffic cameras on Google satellite," he says. That would leave the GPS-outfitted person or payload prone to physical attack, he says.
Bailey was also able to impersonate the Zoombak personal GPS tracking device. "I use it as a weapon to fake the location data. If it's a truck on I-70, I can take the device and force it to send false location to the server and meantime, could hijack the truck," he explains. Zoombak's command and control channel is in the clear, unencrypted.
These devices could be locked down with some type of PKI on the microcompu
You're telling me none of them are?
Whoa whoa whoa....
[Points finger in other direction]
_Toast_, or, how I learned to stop worrying and love the Maillard reaction
Nice.
People who are into "literature" as opposed to "reading books" tend to be elitist snobs.
I agree and here are a list of the judges names if we need know who's opinion doesn't matter:
Who Chose the Books?
The books to be given away on World Book Night were selected by a committee of people committed to books, based on recommendations from publishers, booksellers and others.
The Committee
James Naughtie– Author and radio presenter (Chair)
Bidisha –Author, journalist and broadcaster
Nic Bottomley– Owner and Manager of Mr B’s Emporium of Delights
Margaret Busby– Founder of Alison and Busby, author and broadcaster
Jamie Byng– MD of Canongate
Liz Calder– Former Publishing Director of Bloomsbury
John Carey– Author and critic
Maria Dickenson– Easons, Dublin
Tony Durcan – Head Librarian at Newcastle Libraries
Stephen Fry – Author, actor and broadcaster
Seni Glaister– The Book People
Kirsty Gunn– Author and critic
Steve Jones– Geneticist and author
Julia Kingsford– Head of Marketing at Foyles
Sarfraz Manzoor– Author and journalist
John Mitchinson – Author, former MD of Harvill and Marketing Manager at Waterstone’s
Amanda Ross– MD of Cactus and founder of the Richard and Judy Book Club
Rachel Russell– Head of Books at WHSmiths
Kamila Shamsie– Author
Hardeep Singh Kohli – Author and broadcaster
Lemn Sissay – Poet
Chris Sullivan– Journalist and author and deejay
Tim Watson– Waterstone’s
Amy Worth– Head Book Buyer at Amazon
Alan Yentob– Creative Director at the BBC
source
Also, link to my post below to avoid repeating, just more links to read
cheers
Speaking of utter lack of links, because this was completely devoid in the description and the articles themselves, here are some I found relevant from comments below other articles and searching for a couple of minutes:
http://www.sfx.co.uk/2011/04/16/85-authors-protest-at-the-bbc%E2%80%99s-treatment-of-genre-fiction/
http://www.guardian.co.uk/books/2011/apr/18/genre-authors-protest-bbc
http://www.bbc.co.uk/news/entertainment-arts-13128769 --- (this is the BBC defense / response)
http://www.bbc.co.uk/search/news/?q=World%20Book%20Night
And the answer to your question:
The Books Featured
(Hell someone had to get a few more links in here eventually)
cheers
up their also
Gah! Such a horrid spelling mistake. there was intended...
(I blame the hours of abstract algebra, I cannot even do fundamental arithmetic anymore today...)
Reading the comments from the +mod thread up their also... it seemed I was (and honestly still am when it comes to Physics) ignorant in this area.
Learn something new every day haha
Upon reading the article I saw the mention of leaner fuels. Will this require an alternative fuel mixture to truly improve efficiency or did I interpret this wrong? Thoughts?
cheers
Imagine if this happened to wow... man the chaos that would ensue...
Yes but perhaps his sentence will be taken into consideration considering these new facts (if they are true). That is why these sentences have a range of penalties...
Clearly a paraphrase. I didn't even discuss encryption, session keys, etc. This was meant more as a musing and less as an insight to the inner workings. I am no expert, I would be stupid for saying so, but there is clearly more than what I put in parenthesis.
(I guess that is why you posted AC...) Whatever I do not reply to AC's more than one reply deep... if you would like to call me an idiot properly please sign-in next time.
See, that's what you get with interpretive dance.
A compiled dance would be much more efficient.
Ah but a translation would work fine also... Although we may need someone that knows how to interpret this in order to properly create an efficient translation...
They use an SSL protocol I do believe (I do understand SSH uses SSL essentially internals, just no messy certificates).
Your point is still perfectly applicable.
This is why my online data is stored on a low pay-per-month server using SSH (and UNIX commands)... with sub-accounts I use for access. That way I can login as my own pseudo-root top level on a different key on a machine I consider more secure... but my netbook/etc. actively uses the sub account.
In addition having a paper trail (credit card) with my name I get the added advantage of putting my name behind the access to the account so I can be properly identified as the account holder. (I use rsync.net, they have a pretty good service over there...) Encryption of files that are important with a password is always a good idea too... plus archiving saves space and md5 files are a good way to ensure proper transfers.
Long story short a system is only as secure as the user wants it to be and as it is fundamentally designed... If I had a Dropbox acct I would be fine because I knew what I was getting.
A quick overview of Java features that are not unique to Java
Understanding what exists across the board. This is a very good point sir.
It is always good to have a judge educated on these types of manners... I mean ignorant decisions help no-one.
Being that the actual link was of no help I can only (Slashdot-style) speculate not much will happen.
I appreciate the update, honestly I do, and I do believe that I still hate Oracle. (I refrained from trolling)
(GO GOOGLE!)
I was going to have a long drawn out comment saying congratulatory agreeing statements, but I think it could best be summed up with...
Cheers, I agree.
I am just now going to bed after posting this at 2:15am with a test in mathematics at 9:30 tomorrow.
I need help and I say that in the most honest way unfortunately... as I also post on Slashdot to comment on my terrible sleep disorder.
To be honest I've considered putting my computer outside my room at night to force me to sleep.
I don't play WOW myself but I hate selective service blocking...found this digging around for a couple of minutes:
Thank you for your letters of February 23rd and 25th, 2011 regarding the impact of Rogers Internet traffic management practices (ITMP) on the interactive game called World of Warcraft.
Our tests have determined that there is a problem with our traffic management equipment that can interfere with World of Warcraft. We have been in contact with the game manufacturer and we have been working with our equipment supplier to overcome this problem.
We recently introduced a software modification to solve the problems our customers are experiencing with World of Warcraft. However, there have been recent changes to the game, which has created new problems. A second software modification to address these new issues will not be ready until June.
We have determined that the problem occurs only when our customers are simultaneously using peer-to-peer file sharing applications and running the game. Therefore we recommend turning off the peer-to-peer setting in the World of Warcraft game and ensuring that no peer-to-peer applications are running on any connected computer. Rogers will engage our customers to ensure they are aware of these recommendations, while continuing to work on a longer term solution.
We sincerely regret the inconvenience that some of our customers have experienced in playing World of Warcraft and will continue to work with the game supplier and our technology supplier to solve the remaining problems as soon as possible. source
(I have doubts about that portion above in bold.)