The speech by Hillary Clinton took place on Wednesday, May 23rd at a Gala event at the Special Operations Command in Tampa, FL. Her speech was transcribed by the State Department (as all of her speeches are), and the transcription is hosted at the State Department's website.
I've re-hosted the original article by Karen DeYoung and Ellen Nakashima of the Washington Post.
I can't say i'm surprised The Washington Post completely misinterpreted a government official's speech, but the conclusions these writers jumped to, and i fell for, certainly carry more brevity than the conclusions found in your everyday newspaper article.
This is why i usually prefer CSPAN. But i will certainly look a bit more into detail about each article i find interesting before i post it here.
It's a blatant and inexcusable display of negligence on Adobe's part to schedule an update over a month after telling us that a REMOTE EXECUTION EXPLOIT is confirmed, and is being exploited in the wild. Again, with confirmation. To add to that, this isn't even something where you can advise everyone to turn off javascript and pray everyone follows your instructions while keeping an eye on traffic. It's nothing short of nightmare to be honest. The fact that this software is installed on everything from a consumer's new laptop or desktop, to a hell of a lot of government agencies doesn't sit well with me either.
Admittingly, the following two clues as to who the author(s) of Conficker are, are circumstantial, but i would like to offer them to you guys for consideration since this behavior from Conficker has been observed and documented -
1.
"Once Conficker [A] infects a system, it includes a keyboard layout check, via the GetKeyboardLayout API, to determine whether the victim is currently using the Ukrainian keyboard layout. If so, [A] will exit without infecting the system. This suicide exit scheme has been observed in other malware-related software, such as Baka Software's Antivirus XP Trojan installer."
The suggestion is that Conficker's author(s) were trying to avoid violating the local laws of their native country. Presumably Ukraine (who's laws concerning computer crime seem to have several loopholes).
In a honeynet, there was a connection observed of the [B] variant of Conficker using variant [A]'s protocol to take over a machine already infected with Variant [A]... so it was Conficker trying to replace variant [A] with Variant [B]. For several reasons (located in the source link below), it is suggested the packet captured was an instance of Conficker testing it's own robust nature to not be taken over by another author or virus.
The significance of this is the "hybrid" packet described above came from an address owned by, again, Baka Software in the Ukraine.
I don't think the immediate characterization of Huawei as a puppet to Beijing is altogether justified, seeing how here in America we have SPECIFIC branches of the government - like the CIA - making donations to stateside companies - like Facebook.
The CIA donates to a social network (facebook) = China blocks the network (Facebook).
Then America calls it censorship.
But when Beijing donates ($8 Million) to Huawei and America blocks it...
Huawei and ZTE have not done any industrial espionage that we know of (or espionage of any kind, for that matter). Nor is the investigation by the House of Representatives’ intelligence committee, in fact, concerned with any espionage done by either Huawei or ZTE. Also, it should be noted that Huawei have opened their hardware to inspection by the British government.
Inaccurate post titles like these come at the expense of discussion, since less and less people are actually reading the stories posted here. As was previously posted, the concern here is what malevolent capabilities a Huawei network would give groups like the People's Liberation Army with whom they have alleged ties to.
There is nothing stopping you from using a GNU System with the linux kernel, or concocting a mix of the linux kernel with GNU & non-GNU software. I whole-heartily share your concern about privacy in the smartphone world, and that is why i would suggest using the Geeksphone with either a linux distribution or Replicant.
I would also suggest using webDAV at home or setup remotely, and configure your calendar, contacts, bookmarks and other file-syncing that way (of course encrypting everything before it hits the wire).
Additionally, in September RMS wrote a great piece on Android that might be of interest to you. Also, this little nugget from Firefox developers doing a pseudo-Q/A on Reddit (i know, i'm sorry) regarding your privacy in the browser might also be of concern to you.
I Started Using Tumbleweed A Week Ago...
on
OpenSUSE 12.1 Released
·
· Score: 3, Interesting
...(for desktop use) and am using OpenSUSE not out of preference, but just to get myself familiar with other systems. Alsa worked flawlessly (as opposed to Alsa having minor issues in my previous distro, Debian Testing/Wheezy). I haven't gotten the hang of YaST for package management just yet, but zypper... the command line front-end to YaST, is very powerful. You add a switch and a URL to the zypper command to add repositories, and there are a multitude of command shortcuts available for software installation. I've been using zypper a lot since installation, and as a Debian user for three years i can say it's certainly giving APT a run for it's money.
The software available for OpenSUSE is great, but the whole PORTAL documentation way of organizing it has been a little difficult to get used to at times. Again, i've just been using this for a week so that may not be the most educated judgement. Anyway, default repositories are - SUSE Updates, debug, source, OSS Software, and non-OSS Software (OSS = Open Source Software). Additionally, the Packman repository for OpenSUSE makes available pre-built RPM's for another large assortment of software. They currently don't have a US mirror, but being in New York and using the UK mirror... the speeds are fine.
What's interesting to me is OpenSUSE is using systemd (by Lennart Poettering who also did Pulseaudio and avahi).
Anyway, have a lot of fun. Hope i don't sound like too much of a salesman here.
Slashdot Mirror
The speech by Hillary Clinton took place on Wednesday, May 23rd at a Gala event at the Special Operations Command in Tampa, FL. Her speech was transcribed by the State Department (as all of her speeches are), and the transcription is hosted at the State Department's website.
I've re-hosted the original article by Karen DeYoung and Ellen Nakashima of the Washington Post.
I can't say i'm surprised The Washington Post completely misinterpreted a government official's speech, but the conclusions these writers jumped to, and i fell for, certainly carry more brevity than the conclusions found in your everyday newspaper article.
This is why i usually prefer CSPAN. But i will certainly look a bit more into detail about each article i find interesting before i post it here.
Sorry about that, folks.
No, no DuQu does not, and has never attempted to, 'take out nuclear reactors.' That was a different piece of malware.
It would benefit us all - as well as yourself - if before you commented you educated yourself on the subject of the submitted story.
I agree 110%.
It's a blatant and inexcusable display of negligence on Adobe's part to schedule an update over a month after telling us that a REMOTE EXECUTION EXPLOIT is confirmed, and is being exploited in the wild. Again, with confirmation. To add to that, this isn't even something where you can advise everyone to turn off javascript and pray everyone follows your instructions while keeping an eye on traffic. It's nothing short of nightmare to be honest. The fact that this software is installed on everything from a consumer's new laptop or desktop, to a hell of a lot of government agencies doesn't sit well with me either.
I'm doubting this story.
Admittingly, the following two clues as to who the author(s) of Conficker are, are circumstantial, but i would like to offer them to you guys for consideration since this behavior from Conficker has been observed and documented -
1.
"Once Conficker [A] infects a system, it includes a keyboard layout check, via the GetKeyboardLayout API, to determine whether the victim is currently using the Ukrainian keyboard layout. If so, [A] will exit without infecting the system. This suicide exit scheme has been observed in other malware-related software, such as Baka Software's Antivirus XP Trojan installer."
The suggestion is that Conficker's author(s) were trying to avoid violating the local laws of their native country. Presumably Ukraine (who's laws concerning computer crime seem to have several loopholes).
Source
2.
In a honeynet, there was a connection observed of the [B] variant of Conficker using variant [A]'s protocol to take over a machine already infected with Variant [A]... so it was Conficker trying to replace variant [A] with Variant [B]. For several reasons (located in the source link below), it is suggested the packet captured was an instance of Conficker testing it's own robust nature to not be taken over by another author or virus.
The significance of this is the "hybrid" packet described above came from an address owned by, again, Baka Software in the Ukraine.
Source
Interesting.
I don't think the immediate characterization of Huawei as a puppet to Beijing is altogether justified, seeing how here in America we have SPECIFIC branches of the government - like the CIA - making donations to stateside companies - like Facebook.
The CIA donates to a social network (facebook) = China blocks the network (Facebook).
Then America calls it censorship.
But when Beijing donates ($8 Million) to Huawei and America blocks it...
America says it's National Security?
Huawei and ZTE have not done any industrial espionage that we know of (or espionage of any kind, for that matter). Nor is the investigation by the House of Representatives’ intelligence committee, in fact, concerned with any espionage done by either Huawei or ZTE. Also, it should be noted that Huawei have opened their hardware to inspection by the British government. Inaccurate post titles like these come at the expense of discussion, since less and less people are actually reading the stories posted here. As was previously posted, the concern here is what malevolent capabilities a Huawei network would give groups like the People's Liberation Army with whom they have alleged ties to.
I would also suggest using webDAV at home or setup remotely, and configure your calendar, contacts, bookmarks and other file-syncing that way (of course encrypting everything before it hits the wire).
Additionally, in September RMS wrote a great piece on Android that might be of interest to you. Also, this little nugget from Firefox developers doing a pseudo-Q/A on Reddit (i know, i'm sorry) regarding your privacy in the browser might also be of concern to you.
...(for desktop use) and am using OpenSUSE not out of preference, but just to get myself familiar with other systems. Alsa worked flawlessly (as opposed to Alsa having minor issues in my previous distro, Debian Testing/Wheezy). I haven't gotten the hang of YaST for package management just yet, but zypper... the command line front-end to YaST, is very powerful. You add a switch and a URL to the zypper command to add repositories, and there are a multitude of command shortcuts available for software installation. I've been using zypper a lot since installation, and as a Debian user for three years i can say it's certainly giving APT a run for it's money. The software available for OpenSUSE is great, but the whole PORTAL documentation way of organizing it has been a little difficult to get used to at times. Again, i've just been using this for a week so that may not be the most educated judgement. Anyway, default repositories are - SUSE Updates, debug, source, OSS Software, and non-OSS Software (OSS = Open Source Software). Additionally, the Packman repository for OpenSUSE makes available pre-built RPM's for another large assortment of software. They currently don't have a US mirror, but being in New York and using the UK mirror... the speeds are fine. What's interesting to me is OpenSUSE is using systemd (by Lennart Poettering who also did Pulseaudio and avahi). Anyway, have a lot of fun. Hope i don't sound like too much of a salesman here.