There are perfectly cromulent tools for that without rar: you can just split a file with split and compute "checksums" with md5 and sha1.
It's of course completely unnecessary for BitTorrent, which has an excellent system for breaking files into pieces and hashing those pieces. In fact, you might as well make a system for piecing and hashing based on torrent metainfo files.
Actually, it's thought that methane is safe to drink (plus, it boils out of the water pretty well). The problem is it building up in houses and suffocating people or starting fires. Running your drinking water through a filter won't fix that.
A documentary is a collection of anecdotes. A study is a presentation of systematically-gathered empirical data.
Also, a study can be new while not introducing a new idea. In fact, many or most aren't, but are instead done to test a suspicion or hypothesis based on anecdotal evidence.
Canadians and Mexicans driving in the US pay no tax and Americans pay tax by odometer reading, even if they drive outside the US. Trucking companies and such can register for more specific measurement (which they probably have to do anyway).
t (basically ALL experience is subjective to the observer - even scientific ones...)
That's not part of quantum mechanics at all. That's a gross generalization made philosophical that arose out of an actual quantum mechanical principle.
Measurement-related QM principles, like wavefunction collapse and Heisenburg, are only meaningful when what you're observing is the size and scale of a quantum state, which is very, very small. Gravitational effects are for the most part (and in this case) for large objects, where QM principles are unimportant.
I've seen this in the news already. We suspected where he might be. There's potentially quite a few places that meet that criterion. Despite what some people say, in general we like to have a good idea of whether or not he's actually there before we send soldiers into Pakistan and start shooting. Sure, in retrospect it's obvious that this particular piece of information was referring to the place that he actually was, but at the time, there's no way of immediately differentiating that from all the other leads that turn out to be wrong.
If you're referring to Manning, they didn't charge him as a traitor. It's a harder case to make, and it carries a much higher penalty than what he was charged with.
Well, those could be different people, you realize.
Encryption of course makes sense even if you think the NSA has some backdoor or knows its weaknesses. It's a matter of threat reduction. If you don't encrypt, your neighbor, jealous roommate, ex-girlfriend, a random thief, or the police can trivially access your data. If you make your own encryption, it's more likely that your system has a serious weakness than TrueCrypt has a backdoor. If you use a closed-source product, it would be easier for mistakes and backdoors to be present. It's still possible with TrueCrypt, but it's the lowest-risk alternative. Even if the NSA can access your encrypted data, for a wide variety of relatively minor (or even fairly major crimes), they're unlikely to share that capability with local law enforcement so that people don't find out and fix the problem.
I personally think that the idea of TrueCrypt, or any open-source product, having an NSA-injected flaw is laughably unlikely. I also realize my data is banal enough that minor encryption hurdles are more than sufficient (to foil snoopers and thieves).
I guess I mostly object to the use of "secret" as a synonym for "covert". But people seem to have the impression that it's trivially easy for the NSA to get someone to volunteer on TrueCrypt, have them modify the cryptography, and subtlety insert a weakness that goes unnoticed by everyone else. You can't just show up and make a few commits -- what sort of managers of a crypto product would allow that?
But yes, you could *covertly* make changes to TrueCrypt that result in a security flaw, but you can't really do it *secretly*, since all your changes have to be made public for them to be included in the open-source project.
These days, thought, that'd be an odd thing for the NSA to do. Strong encryption is easy to come by these days. To have a reasonable shot at accessing encrypted data, you'd need to affect a lot of projects or have put a weakness into AES itself. But adding weaknesses to products that the US Government intends to use (like AES) is dangerous, because the NSA isn't the only crypto game in town any more. It's so much more common for people to make security practice mistakes (like writing down the password and storing it near the encrypted data, or even using an encrypted container inside a non-encrypted system disk) that you're in a much better position if you keep the encryption products strong and attack their non-encryption security practices.
Title: "Reports: Computers seized at bin Laden compound" Subtitle: "U.S. authorities removed hard drives, CDs, DVDs, USB sticks in what is described as a 'motherlode' of data"
I'm guessing that maybe the bin Laden compound had computers, hard drives, CDs, DVDs, and USB sticks, which U. S. authorities seized. But that's just my uninformed guess.
If the drive is actually encrypted, you need only overwrite the header that contains the (also encrypted) key. Although a single pass of zeroing the drive is more effective than any of those other components, mostly because thermite is inconvenient and blatantly obvious.
That's a big difference. Spoofing usually refers to using a specific IP or MAC address. (Not necessarily because you want to frame that person, but it is necessary if you wanted to frame someone.) Spoofing an IP address is difficult under these circumstances (although not so if, for example, you can connect to the person's WiFi network). Hiding, on the other hand, is pretty straightforward. It doesn't necessarily work well with P2P networks unless you're careful (otherwise the P2P application will give out your non-anonymized IP address), though some P2P applications have been modified to use Tor properly. Among CP traders, at least, anonymizing really isn't as popular as you might think.
That only works if the person you're trying to imitate is running a Tor exit node and you've come up with a way of reliably getting a stable exit node. It's also terrible for P2P applications, where you generally announce to the world what your IP address is an expect to be able to receive incoming connections.
Now, hiding your IP address, for some applications, is pretty easy (though still uncommon) through Tor, but investigators are already fully aware of Tor and what it does.
I think for the sake of sanity it should always return the same location (e.g., Central Park), but otherwise, yes, that would be great to apply to untrusted apps. You'd still want trusted apps to get real location data so that your phone remains useful (otherwise, don't buy a smartphone), but feeding fake data to people who are just using for "advertising" is a great idea.
The reverse DNS lookup is unnecessary; you can identify the ISP just by IP address.
Also, this isn't nearly as efficient as the preferred method. Fire up a modified copy of LimeWire, search for CP, find people that have CP files, download and verify that it's illicit, log IP addresses, call up the ISPs, get some warrants, make some arrests. The whole first couple of steps can be almost entirely automated so that your system churns out a list of IPs that are sharing CP every day.
Software paid for by the government is supposed to be free in the public domain.
Not really. "Paid for" is a very inspecific term. Software that is developed as the result of a government-funded grant at a non-government institution is not "supposed" to be public domain. (Individual grant agencies may make such stipulations, though.)
On the other hand, software that is the work product of government employees is supposed to be public domain. Some agencies aren't particularly helpful about distributing the source (although if only one person who cares is able to obtain it, since it's public domain, they can simply distribute it themselves to interested parties). Some agencies, though, like NIST, are very good about properly distributing code that is the result of their work.
One of the reasons research code often isn't distributed well is that it's not production-ready software and is largely useless to people who aren't specialists in the field.
Slashdot Mirror
There are perfectly cromulent tools for that without rar: you can just split a file with split and compute "checksums" with md5 and sha1.
It's of course completely unnecessary for BitTorrent, which has an excellent system for breaking files into pieces and hashing those pieces. In fact, you might as well make a system for piecing and hashing based on torrent metainfo files.
Actually, it's thought that methane is safe to drink (plus, it boils out of the water pretty well). The problem is it building up in houses and suffocating people or starting fires. Running your drinking water through a filter won't fix that.
A documentary is a collection of anecdotes. A study is a presentation of systematically-gathered empirical data.
Also, a study can be new while not introducing a new idea. In fact, many or most aren't, but are instead done to test a suspicion or hypothesis based on anecdotal evidence.
Canadians and Mexicans driving in the US pay no tax and Americans pay tax by odometer reading, even if they drive outside the US. Trucking companies and such can register for more specific measurement (which they probably have to do anyway).
Manhattan roads get a hell of a lot more use out of their construction and maintainance costs than rural roads do.
Electric cars don't burn fuel at all
Not directly, but in most places in the U.S., they still ultimately burn fuel.
Probably not a big concern for a federal tax.
I'm not sure you appreciate the meaning of the word "random". That's not random at all.
Only observers in inertial reference frames agree on the laws of physics, no?
t (basically ALL experience is subjective to the observer - even scientific ones...)
That's not part of quantum mechanics at all. That's a gross generalization made philosophical that arose out of an actual quantum mechanical principle.
Measurement-related QM principles, like wavefunction collapse and Heisenburg, are only meaningful when what you're observing is the size and scale of a quantum state, which is very, very small. Gravitational effects are for the most part (and in this case) for large objects, where QM principles are unimportant.
I've seen this in the news already. We suspected where he might be. There's potentially quite a few places that meet that criterion. Despite what some people say, in general we like to have a good idea of whether or not he's actually there before we send soldiers into Pakistan and start shooting. Sure, in retrospect it's obvious that this particular piece of information was referring to the place that he actually was, but at the time, there's no way of immediately differentiating that from all the other leads that turn out to be wrong.
The people who originally had the document and the people who made the kill are both the US Military, right? Wikileaks didn't help at all, then.
If I'm wrong and a leak from Wikileaks actually led to finding bin Laden, I'm willing to change my position and say they should be hailed.
If you're referring to Manning, they didn't charge him as a traitor. It's a harder case to make, and it carries a much higher penalty than what he was charged with.
Well, those could be different people, you realize.
Encryption of course makes sense even if you think the NSA has some backdoor or knows its weaknesses. It's a matter of threat reduction. If you don't encrypt, your neighbor, jealous roommate, ex-girlfriend, a random thief, or the police can trivially access your data. If you make your own encryption, it's more likely that your system has a serious weakness than TrueCrypt has a backdoor. If you use a closed-source product, it would be easier for mistakes and backdoors to be present. It's still possible with TrueCrypt, but it's the lowest-risk alternative. Even if the NSA can access your encrypted data, for a wide variety of relatively minor (or even fairly major crimes), they're unlikely to share that capability with local law enforcement so that people don't find out and fix the problem.
I personally think that the idea of TrueCrypt, or any open-source product, having an NSA-injected flaw is laughably unlikely. I also realize my data is banal enough that minor encryption hurdles are more than sufficient (to foil snoopers and thieves).
I guess I mostly object to the use of "secret" as a synonym for "covert". But people seem to have the impression that it's trivially easy for the NSA to get someone to volunteer on TrueCrypt, have them modify the cryptography, and subtlety insert a weakness that goes unnoticed by everyone else. You can't just show up and make a few commits -- what sort of managers of a crypto product would allow that?
But yes, you could *covertly* make changes to TrueCrypt that result in a security flaw, but you can't really do it *secretly*, since all your changes have to be made public for them to be included in the open-source project.
These days, thought, that'd be an odd thing for the NSA to do. Strong encryption is easy to come by these days. To have a reasonable shot at accessing encrypted data, you'd need to affect a lot of projects or have put a weakness into AES itself. But adding weaknesses to products that the US Government intends to use (like AES) is dangerous, because the NSA isn't the only crypto game in town any more. It's so much more common for people to make security practice mistakes (like writing down the password and storing it near the encrypted data, or even using an encrypted container inside a non-encrypted system disk) that you're in a much better position if you keep the encryption products strong and attack their non-encryption security practices.
Probably from TFA.
Title: "Reports: Computers seized at bin Laden compound"
Subtitle: "U.S. authorities removed hard drives, CDs, DVDs, USB sticks in what is described as a 'motherlode' of data"
I'm guessing that maybe the bin Laden compound had computers, hard drives, CDs, DVDs, and USB sticks, which U. S. authorities seized. But that's just my uninformed guess.
If the drive is actually encrypted, you need only overwrite the header that contains the (also encrypted) key. Although a single pass of zeroing the drive is more effective than any of those other components, mostly because thermite is inconvenient and blatantly obvious.
Modifying the code of an open-source project hardly qualifies as "in secret".
That's a big difference. Spoofing usually refers to using a specific IP or MAC address. (Not necessarily because you want to frame that person, but it is necessary if you wanted to frame someone.) Spoofing an IP address is difficult under these circumstances (although not so if, for example, you can connect to the person's WiFi network). Hiding, on the other hand, is pretty straightforward. It doesn't necessarily work well with P2P networks unless you're careful (otherwise the P2P application will give out your non-anonymized IP address), though some P2P applications have been modified to use Tor properly. Among CP traders, at least, anonymizing really isn't as popular as you might think.
That only works if the person you're trying to imitate is running a Tor exit node and you've come up with a way of reliably getting a stable exit node. It's also terrible for P2P applications, where you generally announce to the world what your IP address is an expect to be able to receive incoming connections.
Now, hiding your IP address, for some applications, is pretty easy (though still uncommon) through Tor, but investigators are already fully aware of Tor and what it does.
I think for the sake of sanity it should always return the same location (e.g., Central Park), but otherwise, yes, that would be great to apply to untrusted apps. You'd still want trusted apps to get real location data so that your phone remains useful (otherwise, don't buy a smartphone), but feeding fake data to people who are just using for "advertising" is a great idea.
The reverse DNS lookup is unnecessary; you can identify the ISP just by IP address.
Also, this isn't nearly as efficient as the preferred method. Fire up a modified copy of LimeWire, search for CP, find people that have CP files, download and verify that it's illicit, log IP addresses, call up the ISPs, get some warrants, make some arrests. The whole first couple of steps can be almost entirely automated so that your system churns out a list of IPs that are sharing CP every day.
You think that's bad, you should see the software written by engineers that's used to perform many important engineering tasks!
It's even a non-zero amount of time for subatomic particles to form.
Software paid for by the government is supposed to be free in the public domain.
Not really. "Paid for" is a very inspecific term. Software that is developed as the result of a government-funded grant at a non-government institution is not "supposed" to be public domain. (Individual grant agencies may make such stipulations, though.)
On the other hand, software that is the work product of government employees is supposed to be public domain. Some agencies aren't particularly helpful about distributing the source (although if only one person who cares is able to obtain it, since it's public domain, they can simply distribute it themselves to interested parties). Some agencies, though, like NIST, are very good about properly distributing code that is the result of their work.
One of the reasons research code often isn't distributed well is that it's not production-ready software and is largely useless to people who aren't specialists in the field.