When a cop pulls you over in California and in San Francisco to be specific, it's even more.
The MDT (Mobile Data Terminals) are hooked into a number of databases including the NCIC. Those databases hold much more than arrests, they also hold commentary.
It's not uncommon to see messages like:
********** DANGEROUS DO NOT APPREHEND **********
So imagine when it now says:
********** REFUSES TO GIVE DNA SAMPLES *********
********** SUBVERSIVE PERSON ARREST AT ALL COSTS *****
Welcome to a nice little mix of 1984 and Brave New World before it all locks down.
Perhaps I am reading your statement wrong, it's a bit unclear how you phrased it.
anyway...
First of all, you don't as the USA, you ask an arm of it.
Let's assume you asked the F.B.I. and if they found bugs, I bet they wouldn't tell you.
I know that it's in their best interest to find the bugs and use them to exploit criminals in the wild, not secure bob and jane.
An agency is a player in the game, they might act as a proxy in your best interest sometimes, but they are also a player with their own agenda.
You cannot trust an arm that does thing in secrecy.
Also you assume that they would look at the code and also that they have clue.
Re:A few months ago I did this over San Francisco
on
Wi-Fi in the Sky
·
· Score: 1
You are correct.
I love in the inner Richmond area (near 19th ave on Geary) and when I go to my roof, I get 100s of networks with Kismet.
Where are you from?
A few months ago I did this over San Francisco
on
Wi-Fi in the Sky
·
· Score: 4, Interesting
It was a single plane flying over the San Francisco bay area. I used Kismet as well... I think I wasn't the first but I did beat these guys by a long shot.
We had an ibook scanning as well, it picked up about 1/10th of the networks. All in all without very good equipment (knoppix, old kismet, nothing special) we got about 190 networks.
It's possible with a good antenna to circle and get online, it's also possible to make cell phone calls if you should feel like it (not that we did that). We were flying at about 2000 feet for most of the time.
It wasn't the last time we did it either. War flying can be fun with a GPS that records the altitude as well as the lat+long.
Re:Upcoming Open Source Alternative to Google...
on
Google Files for IPO
·
· Score: 1
Things change, people abuse it, it gets better.
People already make interlinking sites like mad and it does affect google.
They slant it and fix it.
If it was open, many people might abuse it faster, but many people will fix it, sooner.
While I agree with the sentiment of this remark, I have to disagree with some implementations.
Yes, it's not going to be difficult to attack the users passphrase if it's stupid. However you make an assumption that most people who encrypt their harddrive keep their keys on the laptop.
I don't.
With loop-aes, you have pretty good abstraction.
So you can have a set of gpg keys, a file encrypted to a given public key, and the data to be decrypted, all in different places.
In theory, it can be done over a network, a usb keychain, a serial cable, whatever you want.
In the end, if they have all three, yes, the password is the last link obviously.
The key is to make sure that those three aren't in the same place at the same time, once the system is on, the keys are loaded into memory and aren't needed. Remove the usb key with your gpg secret key. Remove the usb key or detach from the server that has the actual encrypted gpg file that holds the actual disk encryption keys.
You need all three to attack the users password at that point. Assuming that you decide it's not worth cracking the gpg encrypted file (4096bit), that it's not worth cracking the passphrase (war and peace in leet speak), you can attack the disk file itself.
Each encrypted partition has 64 different keys that are all 61 different characters long. Example: kd11Zki1oKre4iSwXaMX+C/wH+t7RXBtG 3Q0rog5pYAHHVm0tb CWDYp0MgII
So yea, it's possible to crack that, but I highly doubt that you will.
So stealing my laptop takes away my hardware, and my encrypted disks. It doesn't mean you have an easy way into my data.
Check out the loop-aes project for practical examples of this in Gnu/Linux.
It's not perfect, but it's better than the stupid cryptoloop crap where you can't ever change your password because that requires writing all the data to the disk again (with the new key).
On the one hand, I agree with you, approach things in a positive open manner.
On the other hand, I don't agree that it logically hangs together perfectly. It's far from perfectly. It's fully of contradictions. Take a look on google.
I can't find any better anti-christian propaganda than the "holy bible" itself. It's a brutal, disgusting, fear inducing, indoctrination manual. The god in the bible is awful, cruel, wrathful, hateful and it's terrible. The son of that god goes forth to set up the world for a few thousand (at last count) years of confusion. For example, churches such as the catholic chuch? The inqusition? Homosexuals? Interracial couples? Consumerism?
Don't try to rebuke me by saying those were not issues of the time. This is an all seeing, all knowing god, right?
As such it's not only very illogical in terms of contradictions, I actually disagree with many of the morals that are set forth in the bible.
I don't think there is anything wrong with homosexuals marrying, or a black and an asian couple marrying.
Once I actually tried to talk with people openly about my understanding of the christian bible, but I found that christians weren't interested in my point of view. They weren't open at all, I have yet to find one to this day.
Conversely, I find that most atheists or agnostic people are of the same mindset with a different track, they don't believe in god or the christian god. They aren't very open either.
And then there is the new age crowd. Open to everything and as a result never wants to step on anyones toes, thus fact checking comes a distant second.
The more the citizens of the USA are cracked down on for being evil criminals, the more they will become them. The laws that make everyone a criminal are the problem, reclassifying people as terrorists when they should just be computer cracking is a good example.
Raising the bar of security makes sense when it can actually be effective.
I know people that are in school here from outside the USA and they are very unhappy that they can't be like the other students who can take off two days for a parents birthday, or from being sick without a doctors note. They aren't terrorists anymore, they are legal second class citizens.
I don't want that, it doesn't make me safer.
Try to find someone who has disapeared from school anyway, it's pointless, you won't find them. They haven't entirely broken a law, they have just made themselves flagged to be thrown out of school and perhaps deported shortly after. That doesn't stop that person from commiting a violent act, it doesn't stop them from being a terrorist.
It seems to me that we are perhaps one short group of steps away from a police state that lacks a head.
Everyone seems to be content yelling 1984, and then the nay sayers throw back "not true!"
The question I have to ask is, does it really even matter if it's really entirely or nearly 1984? Doesn't it more matter that this is an entirely different but equally as frightening nightmare?
We don't need 1984, we don't need brave new world, we need people to understand that this type of tyranny comes in different books, with different covers.
Today that cover is nationalism and patriotism in many, but not all forms.
Be very afraid of what happens next, because chances are you won't be consulted on it when it happens.
Re:To curb the anti-Red Hat gibberish
on
Red Hat Recap
·
· Score: 1
That bug in your sig is a perfect example of why I can't stand most OSS projects.
It's pretty clear you were being stupid and it's pretty clear that RPM responded by failing in an even stupider way.
If you want to do this right I suggest you use kismet, a GPS receiver hooked up to the laptop, and use the most common configuration of wifi card. Don't use anything to boost the signal, assume that if someone can use an antena, they don't need you maps. Or make two sets of maps. Then set out with the data kismet collected and make a map. It's really easy to do this. GPS drive can help you with parts of it but it's not going to be entirely effective.
At the very least, he's going to spam again, and if that doesn't justify cramming some lithium down his throat, strapping his ass to a gurney and running a couple hundred volts through his cerebral cortex and maybe another hundred through his testicles for good measure, I don't know what does.
Wait just a moment.
Do you really believe that?
I mean that, stop and think for just a moment at what kind of a world we would have to live in for that to happen. Physically torturing someone for sending spam?
You sir, are a fucking idiot with no idea of what it is like to watch someone get shock therapy.
This is why American protestors really have no idea how good they have it.
That is such a red herring.
What does that have to do with anything related to american protests?
You shouldn't judge our state (The USA) based on the evils of another but on the principles it is straying from.
There are many thing we can do to change China, suspending aid, trade and other things for one.
War isn't the only solution to a disagreement and protesters aren't really stupid just because they have it "better" than people in other places. If anything, they know that it's time change things.
When the next terrorist act happens (and it's just a matter of time right?) we will lose everything we have worked for. Terrorists and our leaders have wanted to change america forever, they have.
Just look for a house without an american flag.
Don't forget that the most dangerous burka is the one you don't know you wear.
I want to offer my condolences for your friends, I am sorry that such terrible things happen to people that are not deserving.
But with that said: That happened outside the bar? How would registering help?
What is to stop someone from using a fake ID to register in the first place?
It's not logical to use this story of an outsider who is clearly bent on breaking the law (carrying concealed weapons, attacking someone) to promote the networked photo system.
It's only going to show me that it's both unsafe inside and OUTSIDE of the bars.
I would rather not frequent either place and thus will attend a bar that is not part of the network.
The outside will never be perfect but the inside has more of a responsibility to do so.
If you live in Vancouver, you should protest this. If you can, you should hack it. If you know enough people, you should boycott this.
If nothing can stop this: Swap IDs with friends.
What's to stop you from having a Bar ID Swap party?
Is it illegial to have the ID you swipe be false if the person you are presenting it to isn't a law enforcement personal?
Let's say that I root sshd, even with LIDS, I can still log usernames and passwords, yes?
Then lets take that a step further, I can now login as that user, have it run key stroke recording for when the admin uses LIDS admin tools and then... What?
I own the box.
LIDS is cool but I hardly think I qualify to work for the NSA with the ability to make that type of response.
Slashdot Mirror
When a cop pulls you over in California and in San Francisco to be specific, it's even more.
The MDT (Mobile Data Terminals) are hooked into a number of databases including the NCIC. Those databases hold much more than arrests, they also hold commentary.
It's not uncommon to see messages like:
********** DANGEROUS DO NOT APPREHEND **********
So imagine when it now says:
********** REFUSES TO GIVE DNA SAMPLES *********
********** SUBVERSIVE PERSON ARREST AT ALL COSTS *****
Welcome to a nice little mix of 1984 and Brave New World before it all locks down.
Depending on the data set, you can be pretty sure you won't have a collision.
If you can produce a unique set of dna markers, you would be able to run it through a given hash function without fear of a collision.
How about Brave New World.
This is more of a self imposed lack of freedom. It's begged for!
For Safetys Sake! Take some Soma!
If that's not a group of Republican values, then obviously Bush isn't a Republican anymore!
Locate takes a while to build it's database, but after that locate is very quick.
Perhaps I am reading your statement wrong, it's a bit unclear how you phrased it.
anyway...
First of all, you don't as the USA, you ask an arm of it.
Let's assume you asked the F.B.I. and if they found bugs, I bet they wouldn't tell you.
I know that it's in their best interest to find the bugs and use them to exploit criminals in the wild, not secure bob and jane.
An agency is a player in the game, they might act as a proxy in your best interest sometimes, but they are also a player with their own agenda.
You cannot trust an arm that does thing in secrecy.
Also you assume that they would look at the code and also that they have clue.
You are correct.
I love in the inner Richmond area (near 19th ave on Geary) and when I go to my roof, I get 100s of networks with Kismet.
Where are you from?
It was a single plane flying over the San Francisco bay area. I used Kismet as well... I think I wasn't the first but I did beat these guys by a long shot.
Two photos here:
kismet photo, San Francisco.
We had an ibook scanning as well, it picked up about 1/10th of the networks. All in all without very good equipment (knoppix, old kismet, nothing special) we got about 190 networks.
It's possible with a good antenna to circle and get online, it's also possible to make cell phone calls if you should feel like it (not that we did that). We were flying at about 2000 feet for most of the time.
It wasn't the last time we did it either. War flying can be fun with a GPS that records the altitude as well as the lat+long.
Things change, people abuse it, it gets better.
People already make interlinking sites like mad and it does affect google.
They slant it and fix it.
If it was open, many people might abuse it faster, but many people will fix it, sooner.
While I agree with the sentiment of this remark, I have to disagree with some implementations.
G 3Q0rog5pYAHHVm0tb CWDYp0MgII
Yes, it's not going to be difficult to attack the users passphrase if it's stupid. However you make an assumption that most people who encrypt their harddrive keep their keys on the laptop.
I don't.
With loop-aes, you have pretty good abstraction.
So you can have a set of gpg keys, a file encrypted to a given public key, and the data to be decrypted, all in different places.
In theory, it can be done over a network, a usb keychain, a serial cable, whatever you want.
In the end, if they have all three, yes, the password is the last link obviously.
The key is to make sure that those three aren't in the same place at the same time, once the system is on, the keys are loaded into memory and aren't needed. Remove the usb key with your gpg secret key. Remove the usb key or detach from the server that has the actual encrypted gpg file that holds the actual disk encryption keys.
You need all three to attack the users password at that point. Assuming that you decide it's not worth cracking the gpg encrypted file (4096bit), that it's not worth cracking the passphrase (war and peace in leet speak), you can attack the disk file itself.
Each encrypted partition has 64 different keys that are all
61 different characters long.
Example:
kd11Zki1oKre4iSwXaMX+C/wH+t7RXBt
So yea, it's possible to crack that, but I highly doubt that you will.
So stealing my laptop takes away my hardware, and my encrypted disks. It doesn't mean you have an easy way into my data.
Check out the loop-aes project for practical examples of this in Gnu/Linux.
It's not perfect, but it's better than the stupid cryptoloop crap where you can't ever change your password because that requires writing all the data to the disk again (with the new key).
I don't quite understand what you are saying.
On the one hand, I agree with you, approach things in a positive open manner.
On the other hand, I don't agree that it logically hangs together perfectly. It's far from perfectly. It's fully of contradictions. Take a look on google.
I can't find any better anti-christian propaganda than the "holy bible" itself. It's a brutal, disgusting, fear inducing, indoctrination manual. The god in the bible is awful, cruel, wrathful, hateful and it's terrible. The son of that god goes forth to set up the world for a few thousand (at last count) years of confusion. For example, churches such as the catholic chuch? The inqusition? Homosexuals? Interracial couples? Consumerism?
Don't try to rebuke me by saying those were not issues of the time. This is an all seeing, all knowing god, right?
As such it's not only very illogical in terms of contradictions, I actually disagree with many of the morals that are set forth in the bible.
I don't think there is anything wrong with homosexuals marrying, or a black and an asian couple marrying.
Once I actually tried to talk with people openly about my understanding of the christian bible, but I found that christians weren't interested in my point of view. They weren't open at all, I have yet to find one to this day.
Conversely, I find that most atheists or agnostic people are of the same mindset with a different track, they don't believe in god or the christian god. They aren't very open either.
And then there is the new age crowd. Open to everything and as a result never wants to step on anyones toes, thus fact checking comes a distant second.
Come on, you have a lower UID than me.
You should be teaching me things.
Ok, ok. Kidding. Sorry.
Check out corkscrew and read this article on the subject.
That should be enough to get you started.
It's possible to setup a full ssh tunnel over port 443 even over a strick webproxy.
I have no problem with you posting that, perhaps she will or the police will depending on how you got it?
The more the citizens of the USA are cracked down on for being evil criminals, the more they will become them. The laws that make everyone a criminal are the problem, reclassifying people as terrorists when they should just be computer cracking is a good example.
You entirely fail to make your point valid.
Raising the bar of security makes sense when it can actually be effective.
I know people that are in school here from outside the USA and they are very unhappy that they can't be like the other students who can take off two days for a parents birthday, or from being sick without a doctors note. They aren't terrorists anymore, they are legal second class citizens.
I don't want that, it doesn't make me safer.
Try to find someone who has disapeared from school anyway, it's pointless, you won't find them. They haven't entirely broken a law, they have just made themselves flagged to be thrown out of school and perhaps deported shortly after. That doesn't stop that person from commiting a violent act, it doesn't stop them from being a terrorist.
It seems to me that we are perhaps one short group of steps away from a police state that lacks a head.
Everyone seems to be content yelling 1984, and then the nay sayers throw back "not true!"
The question I have to ask is, does it really even matter if it's really entirely or nearly 1984? Doesn't it more matter that this is an entirely different but equally as frightening nightmare?
We don't need 1984, we don't need brave new world, we need people to understand that this type of tyranny comes in different books, with different covers.
Today that cover is nationalism and patriotism in many, but not all forms.
Be very afraid of what happens next, because chances are you won't be consulted on it when it happens.
That bug in your sig is a perfect example of why I can't stand most OSS projects.
It's pretty clear you were being stupid and it's pretty clear that RPM responded by failing in an even stupider way.
sad.
That wifi hotspot detector is a pile of crap.
If you want to do this right I suggest you use kismet, a GPS receiver hooked up to the laptop, and use the most common configuration of wifi card. Don't use anything to boost the signal, assume that if someone can use an antena, they don't need you maps. Or make two sets of maps. Then set out with the data kismet collected and make a map. It's really easy to do this. GPS drive can help you with parts of it but it's not going to be entirely effective.
Pretty interesting stuff.
At the very least, he's going to spam again, and if that doesn't justify cramming some lithium down his throat, strapping his ass to a gurney and running a couple hundred volts through his cerebral cortex and maybe another hundred through his testicles for good measure, I don't know what does.
Wait just a moment.
Do you really believe that?
I mean that, stop and think for just a moment at what kind of a world we would have to live in for that to happen. Physically torturing someone for sending spam?
You sir, are a fucking idiot with no idea of what it is like to watch someone get shock therapy.
What do you mean Communist?
This is why American protestors really have no idea how good they have it.
That is such a red herring.
What does that have to do with anything related to american protests?
You shouldn't judge our state (The USA) based on the evils of another but on the principles it is straying from.
There are many thing we can do to change China, suspending aid, trade and other things for one.
War isn't the only solution to a disagreement and protesters aren't really stupid just because they have it "better" than people in other places. If anything, they know that it's time change things.
When the next terrorist act happens (and it's just a matter of time right?) we will lose everything we have worked for. Terrorists and our leaders have wanted to change america forever, they have.
Just look for a house without an american flag.
Don't forget that the most dangerous burka is the one you don't know you wear.
With such unique retorts like that, you clearly aren't ;-p
A few points:
I want to offer my condolences for your friends, I am sorry that such terrible things happen to people that are not deserving.
But with that said:
That happened outside the bar?
How would registering help?
What is to stop someone from using a fake ID to register in the first place?
It's not logical to use this story of an outsider who is clearly bent on breaking the law (carrying concealed weapons, attacking someone) to promote the networked photo system.
It's only going to show me that it's both unsafe inside and OUTSIDE of the bars.
I would rather not frequent either place and thus will attend a bar that is not part of the network.
The outside will never be perfect but the inside has more of a responsibility to do so.
If you live in Vancouver, you should protest this.
If you can, you should hack it.
If you know enough people, you should boycott this.
If nothing can stop this: Swap IDs with friends.
What's to stop you from having a Bar ID Swap party?
Is it illegial to have the ID you swipe be false if the person you are presenting it to isn't a law enforcement personal?
Lets just go with this for a moment.
Let's say that I root sshd, even with LIDS, I can still log usernames and passwords, yes?
Then lets take that a step further, I can now login as that user, have it run key stroke recording for when the admin uses LIDS admin tools and then... What?
I own the box.
LIDS is cool but I hardly think I qualify to work for the NSA with the ability to make that type of response.
Anything is possible.