Scary question: at what level of certainty do they let the guy piloting the UAV push hellfire missile button based on this platform's "identification" of an enemy?
You're missing the point. TFA is talking about public hotspots. Imagine walking into Starbucks and having to hand over your driver's license before you can connect your laptop to their AP.
but I am a security person. The way I understand it, these keys are different for each individual device. Also, the attack requires direct physical access to the device. As a customer, wouldn't all potential threats require a physical security breach? Forgive me if I'm mistaken I'm not entirely sure I understand how/where these things are implemented. It seems like they're mostly used in switches and routers and things. If someone is poking at the power supplies on your switches and routers, I'd imagine that this vulnerability doesn't rank very high on your list of problems.
If you know, then everyone knows. Then the shit that is being done to protect you doesn't work. That's why the government has secrets. Also, I think Stuxnet was pretty cool.
then I would consider writing a program that render it useless. It wouldn't even be hard.
1.) Well Encrypted drive.
2.) Anything that goes into it is Encrypted AGAIN, then hidden into an innocuous carrier using steganography (home-brew algorithm so there is no known signature; even if they do manage to steganalyze, they'll be looking at another wall of encryption).
3.) Once sure it works, I might hide the source code and scrubbing everything else (walling in any evidence).
4.) If they come after me for anything, I'll just let them into the drive. Nothing to see but home videos, home photos, backups of legally bought movies, $CARRIER. I could even be creative and use some sort of embarrassing genre of pornographic videos as the carrier. That would offer pretty convincing testimony when I insist there was nothing else there. "The drive was only encrypted because I'm a deviant. Are you happy now that you've uncovered all of my scat and midget porn, your honor?"
There would be design details to be worked out. This is just the first thing that came to mind.
Slashdot Mirror
I really wish I could mod you up higher. You're the only person I've seen get it right so far.
Somebody obviously hasn't been in an airport lately.
Scary question: at what level of certainty do they let the guy piloting the UAV push hellfire missile button based on this platform's "identification" of an enemy?
If I read that correctly, as my nick would suggest, this wasn't done using the LHC.
NASA could charge $.99 for the app... they'd be launching shit again in no time
It's already happened. http://yro.slashdot.org/story/11/04/27/1849233/Does-Chinas-Cyber-Offense-Obscure-Woeful-Defense
Nice try. Protip: if you want to troll people, don't contradict yourself so much.
You're missing the point. TFA is talking about public hotspots. Imagine walking into Starbucks and having to hand over your driver's license before you can connect your laptop to their AP.
but I am a security person. The way I understand it, these keys are different for each individual device. Also, the attack requires direct physical access to the device. As a customer, wouldn't all potential threats require a physical security breach? Forgive me if I'm mistaken I'm not entirely sure I understand how/where these things are implemented. It seems like they're mostly used in switches and routers and things. If someone is poking at the power supplies on your switches and routers, I'd imagine that this vulnerability doesn't rank very high on your list of problems.
My first thought was to use this as a way to gauge the effectiveness of educational texts.
If you know, then everyone knows. Then the shit that is being done to protect you doesn't work. That's why the government has secrets. Also, I think Stuxnet was pretty cool.
then I would consider writing a program that render it useless. It wouldn't even be hard. 1.) Well Encrypted drive. 2.) Anything that goes into it is Encrypted AGAIN, then hidden into an innocuous carrier using steganography (home-brew algorithm so there is no known signature; even if they do manage to steganalyze, they'll be looking at another wall of encryption). 3.) Once sure it works, I might hide the source code and scrubbing everything else (walling in any evidence). 4.) If they come after me for anything, I'll just let them into the drive. Nothing to see but home videos, home photos, backups of legally bought movies, $CARRIER. I could even be creative and use some sort of embarrassing genre of pornographic videos as the carrier. That would offer pretty convincing testimony when I insist there was nothing else there. "The drive was only encrypted because I'm a deviant. Are you happy now that you've uncovered all of my scat and midget porn, your honor?" There would be design details to be worked out. This is just the first thing that came to mind.