This seems somewhat "old news" certain applications still have fingerprints on packets that can be detected even if you can't read the data being exchanged.
Our Sophos XG firewall does this with many different torrent applications, and it ends up blocking non-VPNed, but still encrypted connections.
I'm a little sketchy about the "upload your traffic to us" part, but I guess that allows for more analysis across more hsots
There is nothing in his statement that is technically incorrect. "The inability of law enforcement authorities to access data from electronic devices due to powerful encryption is an “urgent public safety issue,”" This is very much true. Metadata analysis can only take you so far. "while saying that a solution is “not so clear cut.”" Hell yeah, there really is no solution
Some people use the [flawed] analogy of a safe. the FBI can either crack a safe, or burn through the door to get at the contents if you refuse to open it under judicial order. While this is still technically possible using strong encryption, the heat-death of the universe will probably come first, thus rendering it moot.
I'm going to simplify his statement: "The inability to access data due to powerful encryption is an urgent public safety issue" the "From electronic devices" muddies the water, and gets people all up-in-arms about "think of the children", or "OMG Terrorists"
Encryption is a wrapper around data. Much like an envelope, or a diplomatic bag (legally immune from search and seizure by international agreement) Can you imagine the uproar if the US suddenly announced that it reserved the right to open every diplomatic pouch sent to or from the US? or to listen in on every conversation between embassies?
I'm sure that the NSA, CIA, FBI, FSB, and every other national security agency world-wide is trying to break modern strong encryption. They'd be stupid not to! but what doesn't seem to be understood is that modern encryption is math. Math works for everybody the same way. If a hole is discovered in an encryption system, anybody that uses that system is then vulnerable to having their data read by a third part (authorized or unauthorized - from the legal, warrant has been issued state) This might be someone emailing pictures to their grandmother, it could be a terrorist cell communicating with a handler, or it could be instructions to one of our nuclear missile submarines. The Math doesn't care!
I'm sure that Mr. Wray would agree if I said that "the inability of the US government to access data from Russian sources due to powerful encryption is an urgent public safety and national security issue" I wonder how much he would agree if I said that "the inability of the Russian government to access data from US sources due to powerful encryption is and urgent safety and national security issue"?
I would have to petition the state department to get a copy of my birth certificate (Certification of birth abroad really) If I lost it. My son would have to get his birth certificate from the town he was born in, which is a two hour drive from where we live now.
I've moved since then, but I used to live in Northern Maine. for most of the month, the nearest DMV office was about 1.5 hours drive south, north or east (mind you, there's another 3 hours north of where I lived).
Yeah there was a mobile unit that visited for 5 hours a month in town... another 5 hours a month an hour drive away, or another 2 hours a month every other month an hour in the other direction.
and I had to prove that I was a) A Maine Resident b) a U.S. Citizen, or that I am in the country lawfully and I would have to provide two forms of proof of identity, one of which must have my signature, and the other must indicate my date of birth
It sounds like your story is very similar to mine. I'm 31, and have just recently been put on Straterra (Atomoxetine) I also was diagnosed with dyslexia while growing up, but after looking at my records again, I have been told that it falls more under dysgraphia rather than dyslexia (writing rather than reading)
I was diagnosed as a... side-effect... of going through the diagnosis process with my son. As some posters have mentioned, it did start with a checklist (or actually a book of checklists, and Likert scale questions) and then a trip to the psychologist (during which time I was also being seen for depression) Part of the analysis for both myself and my son was reviewing academic records, and comments from teachers. (Parents, those report cards from 1st grade can make a difference as kids grow up) and then working on getting the right dose of the right meds. We resisted medications for quite a while, and are still working on getting it "right" to avoid turning our son into a zombie, but to get the benefits of the meds (for the record, we are keeping the doses as low as possible).
Are there side-effects, yes, are they worth the benefits, I believe, when used correctly, yes.
My coworkers can tell when I miss a dose of my meds. it makes it very difficult for them to follow my thought process. I have been lucky to find both a primary, and a secondary job that fit the way I function. I find I can go from hyper-focus to full-on attention-bounce. The meds have given me the ability to better control this, and have brought me to a much better place.
I failed out of my first university, and was only moderately successful in Grade School.
I don't know what discussions (if any) were had about me and my condition as a child, but I'm glad that we have been working on this for my son
H0 : There is no CP on the servers HA: There is reasonable suspicion that there is CP on the servers
The burden of proof resides on the DoJ to "prove" that there is a reasonable suspicion that there does in fact exist CP on the servers, and that we must therefore reject the Null Hypothesis. until such time as the DoJ makes such a verifiable claim to this effect, we cannot reject the Null Hypothesis.
One other thing to note about peanut allergies is that, from a diagnosis/prevention standpoint, they are all treated as "Severe"
My son has a contact allergy to peanuts that causes a rash. it is not an anaphylaxis reaction, so, very much non-life-threatening. This being said, the allergist, and his pediatrician still prescribed epi-pens, and had the school treat it, for the purposes of preventing contact, as if it were a life-threatening anaphylaxis reaction. my understanding of the reasons for this is 2-fold: 1) Peanut allergies, as a whole, are more likely to be life-threatening than many other food allergies. 2) Peanut allergies tend to increase over time, thus increasing the likelihood that his reaction could evolve into an anaphylaxis reaction after further exposures. Now, we told the school that his treatment plan is "Diphenhydramine HCL (AKA Benedryl) & Observe, contact us" The schools tend to treat all peanut allergies as life-threatening so that they can have uniform rules while dealing with hundreds of "Little smiling faces" rather than having to know "Johnny gets X, Bobby gets Y, Jane get Z... ad. nausium.)
I have no sources for either of the above, but those are my understandings
The Pope is catholic, Water is wet, and stock in Hard Drive manufacturers is climbing
Really, I'm surprised they're not going for 24 or even 48 months. Of course law enforcement wants logs. (much easier to request than active taps/trace/wiretaps) and they can go back in time effectively.
my concern isn't primarily with law enforcement having access to logs that far back, but with 2 things 1) selling them for profit (see recent Supreme court case about dr.'s prescribing habits) 2) use in civil cases.
perfect example: on my current BT "session" I've uploaded over 60 Gig, every bit of which is completely legal.
I'm seeding Ubuntu and Knoppix ISOs. I seriously hope that they don't "kill" bittorrent, as it is one of the most efficient ways of moving large files around.
My Bad, I misread the table... for airlines, the number is 0.072 fatalities per 100,000,000 miles flown this changes the final result to roughly 16 times more likely to die when in a car over flying.
if we adjust the airline numbers to reflect 100 million miles, we get 0.03 fatalities.
you are 190 times more likely to die when in a car, than if you were flying, but yet we are so worried about air accidents. They make better news because you will typically have higher fatalities *at once*, rather than a handful across the country every day.
Send me your contact information, and I'll work up a plan for you. I charge around $200.00 per hour, plus travel, meals, and housing if on-site work is required.
Your summary doesn't give us anywhere near enough information to plan. Some additional information that would help 1) what is the estimated budget? 2) what sort of 'net connection do you have? 3) how much travel do your folks do? 4) what sort of tech-savvy do your folks have? 5) what is the building like? 6) any planned expansion? 7) what skillets do the it people have?...
You're looking at a complete overhaul, expect to pay a lot to do it right.
If I were doing this, for a company of 20 people, i would expect to spend at least a week in place interviewing everybody to get a feel for what needs are before I even started to create a plan.
Seriously, send me your info, and all the info, I'll write up a proposal and price it out
I swear I've heard this before...
oh yeah, phone lines... I think it went something like this: Exec 1: We already have lines run, why should we bother with a second set of lines for control signals say from pay phones? Exec 2: I can't see of a reason, let's do it Exec 1: we all get bonus for saving ourselves $BIGNUM bucks. Exec 2: Sweet!... Time Passes... Captain Crunch: *2600Hz whistle* now can I get free long distance calls? Execs 1..N: FUUUUUUUUUUUUUUUUU.....
hence the development of SS7.
Now if we can get this, which network is going to be "phoning home" to report electrical usage? even if the traffic is sufficiently encypted, and authenticated, what happens when someone decides to start DOSing their electrical meter? that and, eventually, and i stress eventually, any encryption can be defeated. it's only a matter of time before someone figures out how to fake electrical readings from the new smart meters, or better yet, hacks and publishes the hack, for certain brands of meters.
See, I use LaTeX and BibTex for this. that way I don't need to worry about anything, I put all the information into the Bib file, make the appropriate citations, and it takes care of the rest... as an added bonus, with BibTeX on my mac, I can import the whole document into the DB, and never worry about "where did I file that" again.
This is where virtual machines shine! you have your "standard" image production machine, and then the virtual "development" machine. Devs have local admin rights over the virtual machine, and snapshot functionality makes reverting a snap (no pun intended) if anything goes wrong.
Slashdot Mirror
This seems somewhat "old news" certain applications still have fingerprints on packets that can be detected even if you can't read the data being exchanged.
Our Sophos XG firewall does this with many different torrent applications, and it ends up blocking non-VPNed, but still encrypted connections.
I'm a little sketchy about the "upload your traffic to us" part, but I guess that allows for more analysis across more hsots
SV
There is nothing in his statement that is technically incorrect.
"The inability of law enforcement authorities to access data from electronic devices due to powerful encryption is an “urgent public safety issue,”" This is very much true. Metadata analysis can only take you so far.
"while saying that a solution is “not so clear cut.”" Hell yeah, there really is no solution
Some people use the [flawed] analogy of a safe. the FBI can either crack a safe, or burn through the door to get at the contents if you refuse to open it under judicial order. While this is still technically possible using strong encryption, the heat-death of the universe will probably come first, thus rendering it moot.
I'm going to simplify his statement: "The inability to access data due to powerful encryption is an urgent public safety issue" the "From electronic devices" muddies the water, and gets people all up-in-arms about "think of the children", or "OMG Terrorists"
Encryption is a wrapper around data. Much like an envelope, or a diplomatic bag (legally immune from search and seizure by international agreement) Can you imagine the uproar if the US suddenly announced that it reserved the right to open every diplomatic pouch sent to or from the US? or to listen in on every conversation between embassies?
I'm sure that the NSA, CIA, FBI, FSB, and every other national security agency world-wide is trying to break modern strong encryption. They'd be stupid not to! but what doesn't seem to be understood is that modern encryption is math. Math works for everybody the same way. If a hole is discovered in an encryption system, anybody that uses that system is then vulnerable to having their data read by a third part (authorized or unauthorized - from the legal, warrant has been issued state) This might be someone emailing pictures to their grandmother, it could be a terrorist cell communicating with a handler, or it could be instructions to one of our nuclear missile submarines. The Math doesn't care!
I'm sure that Mr. Wray would agree if I said that "the inability of the US government to access data from Russian sources due to powerful encryption is an urgent public safety and national security issue" I wonder how much he would agree if I said that "the inability of the Russian government to access data from US sources due to powerful encryption is and urgent safety and national security issue"?
I would have to petition the state department to get a copy of my birth certificate (Certification of birth abroad really) If I lost it. My son would have to get his birth certificate from the town he was born in, which is a two hour drive from where we live now.
I've moved since then, but I used to live in Northern Maine. for most of the month, the nearest DMV office was about 1.5 hours drive south, north or east (mind you, there's another 3 hours north of where I lived).
Yeah there was a mobile unit that visited for 5 hours a month in town... another 5 hours a month an hour drive away, or another 2 hours a month every other month an hour in the other direction.
and I had to prove that I was
a) A Maine Resident
b) a U.S. Citizen, or that I am in the country lawfully
and I would have to provide two forms of proof of identity, one of which must have my signature, and the other must indicate my date of birth
My father actually took that call, except that in his case, the disk was being attach to the metal walls of the offices by a magnet
Don't forget my favorite... the ETLA (Extended TLA)
It sounds like your story is very similar to mine. I'm 31, and have just recently been put on Straterra (Atomoxetine) I also was diagnosed with dyslexia while growing up, but after looking at my records again, I have been told that it falls more under dysgraphia rather than dyslexia (writing rather than reading)
I was diagnosed as a... side-effect... of going through the diagnosis process with my son. As some posters have mentioned, it did start with a checklist (or actually a book of checklists, and Likert scale questions) and then a trip to the psychologist (during which time I was also being seen for depression) Part of the analysis for both myself and my son was reviewing academic records, and comments from teachers. (Parents, those report cards from 1st grade can make a difference as kids grow up) and then working on getting the right dose of the right meds. We resisted medications for quite a while, and are still working on getting it "right" to avoid turning our son into a zombie, but to get the benefits of the meds (for the record, we are keeping the doses as low as possible).
Are there side-effects, yes, are they worth the benefits, I believe, when used correctly, yes.
My coworkers can tell when I miss a dose of my meds. it makes it very difficult for them to follow my thought process. I have been lucky to find both a primary, and a secondary job that fit the way I function. I find I can go from hyper-focus to full-on attention-bounce. The meds have given me the ability to better control this, and have brought me to a much better place.
I failed out of my first university, and was only moderately successful in Grade School.
I don't know what discussions (if any) were had about me and my condition as a child, but I'm glad that we have been working on this for my son
As the saying goes:
- There are Old Electricians
- There are Bold Electricians
- There are no Old Bold Electricians
H0 : There is no CP on the servers
HA: There is reasonable suspicion that there is CP on the servers
The burden of proof resides on the DoJ to "prove" that there is a reasonable suspicion that there does in fact exist CP on the servers, and that we must therefore reject the Null Hypothesis. until such time as the DoJ makes such a verifiable claim to this effect, we cannot reject the Null Hypothesis.
Short Version: "I Call"
Well, just remember that fertility is hereditary...
If your parents didn't have any kids, you probably won't either
One other thing to note about peanut allergies is that, from a diagnosis/prevention standpoint, they are all treated as "Severe"
My son has a contact allergy to peanuts that causes a rash. it is not an anaphylaxis reaction, so, very much non-life-threatening. This being said, the allergist, and his pediatrician still prescribed epi-pens, and had the school treat it, for the purposes of preventing contact, as if it were a life-threatening anaphylaxis reaction.
my understanding of the reasons for this is 2-fold:
1) Peanut allergies, as a whole, are more likely to be life-threatening than many other food allergies.
2) Peanut allergies tend to increase over time, thus increasing the likelihood that his reaction could evolve into an anaphylaxis reaction after further exposures.
Now, we told the school that his treatment plan is "Diphenhydramine HCL (AKA Benedryl) & Observe, contact us"
The schools tend to treat all peanut allergies as life-threatening so that they can have uniform rules while dealing with hundreds of "Little smiling faces" rather than having to know "Johnny gets X, Bobby gets Y, Jane get Z... ad. nausium.)
I have no sources for either of the above, but those are my understandings
The Pope is catholic, Water is wet, and stock in Hard Drive manufacturers is climbing
Really, I'm surprised they're not going for 24 or even 48 months. Of course law enforcement wants logs. (much easier to request than active taps/trace/wiretaps) and they can go back in time effectively.
my concern isn't primarily with law enforcement having access to logs that far back, but with 2 things
1) selling them for profit (see recent Supreme court case about dr.'s prescribing habits)
2) use in civil cases.
perfect example: on my current BT "session" I've uploaded over 60 Gig, every bit of which is completely legal.
I'm seeding Ubuntu and Knoppix ISOs. I seriously hope that they don't "kill" bittorrent, as it is one of the most efficient ways of moving large files around.
My Bad, I misread the table... for airlines, the number is 0.072 fatalities per 100,000,000 miles flown
this changes the final result to roughly 16 times more likely to die when in a car over flying.
Same thing with Automobile vs. Air-travel fatalities
in 2009 :
automotive fatalities per 100,000,000 miles traveled: 1.13 http://www-fars.nhtsa.dot.gov/Main/index.aspx
Airline Fatalities per 1,000,000 miles traveled: 0.0003 http://www3.ntsb.gov/aviation/table5.htm
if we adjust the airline numbers to reflect 100 million miles, we get 0.03 fatalities.
you are 190 times more likely to die when in a car, than if you were flying, but yet we are so worried about air accidents. They make better news because you will typically have higher fatalities *at once*, rather than a handful across the country every day.
people just don't understand statistics.
I'm with you on the nuclear thing.
The average person is dumb and 50% of the people are even dumber
The median person is dumb and 50% of the people are even dumber
Both statements are correct. The latter is simply more accurate
(Median is one accepted form of "average")
Okay, now that that's off my chest, go ahead and mod me off-topic
Apathy Party! Just remember, No Vote is a Vote for us!
and don't forget the inability to pronounce the word "nuclear" correctly (Hint: It only has 2 syllables)
Send me your contact information, and I'll work up a plan for you. I charge around $200.00 per hour, plus travel, meals, and housing if on-site work is required.
Your summary doesn't give us anywhere near enough information to plan. ...
Some additional information that would help
1) what is the estimated budget?
2) what sort of 'net connection do you have?
3) how much travel do your folks do?
4) what sort of tech-savvy do your folks have?
5) what is the building like?
6) any planned expansion?
7) what skillets do the it people have?
You're looking at a complete overhaul, expect to pay a lot to do it right.
If I were doing this, for a company of 20 people, i would expect to spend at least a week in place interviewing everybody to get a feel for what needs are before I even started to create a plan.
Seriously, send me your info, and all the info, I'll write up a proposal and price it out
I swear I've heard this before... ... Time Passes...
oh yeah, phone lines... I think it went something like this:
Exec 1: We already have lines run, why should we bother with a second set of lines for control signals say from pay phones?
Exec 2: I can't see of a reason, let's do it
Exec 1: we all get bonus for saving ourselves $BIGNUM bucks.
Exec 2: Sweet!
Captain Crunch: *2600Hz whistle* now can I get free long distance calls?
Execs 1..N: FUUUUUUUUUUUUUUUUU.....
hence the development of SS7.
Now if we can get this, which network is going to be "phoning home" to report electrical usage? even if the traffic is sufficiently encypted, and authenticated, what happens when someone decides to start DOSing their electrical meter? that and, eventually, and i stress eventually, any encryption can be defeated. it's only a matter of time before someone figures out how to fake electrical readings from the new smart meters, or better yet, hacks and publishes the hack, for certain brands of meters.
IFF (If and Only If) You are running exchange 2007 or later, If you're using Exchange 2003, it sucks...
See, I use LaTeX and BibTex for this. that way I don't need to worry about anything, I put all the information into the Bib file, make the appropriate citations, and it takes care of the rest... as an added bonus, with BibTeX on my mac, I can import the whole document into the DB, and never worry about "where did I file that" again.
I have taken physics, and f=ma^2 doesn't rung any bells
f=Ma does (force is the product of Mass and acceleration)
As does
p=Mv (momentum is the product of Mass and velocity)
Notice, neither of those has a square in it.
This is where virtual machines shine! you have your "standard" image production machine, and then the virtual "development" machine. Devs have local admin rights over the virtual machine, and snapshot functionality makes reverting a snap (no pun intended) if anything goes wrong.
But what about pointed sticks?