Slashdot Mirror


User: bobbied

bobbied's activity in the archive.

Stories
0
Comments
9,530
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 9,530

  1. Re:Goes through one spot for a reason on Fire Takes Azerbaijan Offline (datacenterdynamics.com) · · Score: 3, Informative

    Actually, it's most likely because they didn't think of physical location redundancy... I've seen "redundant" set ups which where strictly maintained within a building get totally undone the second the fiber runs get mounted on the same poles to cross the street before they split and when their separate ways. Nobody was paying attention until a dump truck accidentally snagged both fiber runs and yanked them down the street, disconnecting both redundant fibers in one accident.

    So, where it may have started as a KGB thing, nobody really thought though how their redundant design on paper, fell to a single physical event because they didn't maintain enough separation. Or, maybe it just was the NSA, providing low cost engineering services to keep them under their thumb?

  2. Not disputing the judgment call part of this, but if done properly, records can be kept and reviewed at a later date and review the testers judgment.

    Like I've said elsewhere (above) depending only on a polygraph result is STUPID. It's an imperfect test and the results need to be treated with a grain of salt. It may raise or lower suspicions but you must ALWAYS work to confirm the test results before you trust them. That being said, if you are looking for the quickest and cheapest way to conduct an investigation, polygraphs can generally direct you in the right directions and more often than not can save the investigator time and resources, by eliminating rabbit trails that have a lower probability of success. Polygraphs are but a tool that helps you with the odds, kind of like card counting helps you with blackjack. Are you going to win that next hand? Who knows, but if there are lots of face cards in the shoe, chances are you will so you play your bets differantly.

  3. It's not a perfect tool, but it quickly weeds out a whole swath of people who have nothing to worry about and lets you zero in on the ones who fail the polygraph for some reason. Polygraphs are NOT sufficient on their own. There still must be active surveillance, background checks and procedures in place to continually review. Polygraphs just give you a general idea of where you might want to investigate first and can usually save you time and money because they are usually right.

    Nobody is calling it a perfect test, only that it gives you reasonably accurate results overall and as such are useful. You still need to be checking into people using multiple methods because no single method is 100%.

    Think of it as a simple medical test that has an 80-90% accuracy rate but it's cheap and quick. You use the test to screen with and then decide if the pass/fail of the test needs additional testing to confirm. You use it as yet again another indicator, one more bit of evidence for your diagnosis. Is the test useful? Sure is. Is it 100% accurate, nope.. Same with a polygraph.

  4. If you can't detect between the people it works on and the people it doesn't work on, it is a useless test.

    Stop right there... IF you know a test is effective say 80% if the time, it's NOT useless, it's actually a fairly reliable indicator that is useful most of the time. Now if you are saying we should be careful interpreting the results because we don't always know if they are accurate, I'm with you. But it can give you a way to quickly winnow down the likely candidates you may need to investigate a bit deeper than others, when you don't have time to do the same for everybody. Polygraphs are a tool, nothing more, they are NOT proof of anything and everybody knows that. But not being proof, does not mean they are useless, only that one must investigate the results of a polygraph further if it raises suspicions.

    So we routinely do medical tests that are not 100% and recommend painful and harmful treatments based on the test results, was that test useless? Of course not. And we don't know which people it is going to work on and which it doesn't, just like a polygraph. Many times the screening tests are used simply to justify further, more invasive, more expensive tests, just like a polygraph.

    So not knowing if the test results are accurate with this specific individual is not a reason to declare the test useless.... It's just a way to determine how to more appropriately apply limited investigative resources.

  5. Seriously? There is a bit more to this than tea leaves or coffee grounds and creamer...

    I'm no expert, I don't give examinations, but it's not hard to understand how these things work. I don't discount that part of the exam is for show, that the examiners put on an act designed to elicit the responses they are looking for, but the measurements of the physiological involuntary responses to their questions IS quite real, and without training and effort to fool the examiner, quite effective. I also don't discount that an examiner can be wrong on both sides of the question, allowing lies to go undetected or calling into question truthful statements. But that doesn't mean they are just snake oil and tea leaves, only that one needs to take the results with a grain of salt, understanding the limitations of the tool.

  6. What part of "it's a single tool in a tool box full of tools" do you not get? If you fire somebody who fails a poly and don't investigate, you deserve the lawsuit coming your way.

    False positives and negatives come out of background checks too, shall we stop using them? Of course not. Background checks are still used, but they have limits. You can lie on the forms, mislead the investigators and you may even be able to fool them if you are sufficiently cunning, not to mention that they can simply miss stuff or catch things which are flagged as bad, when the person really IS trustworthy. But we still use them. Poly's are just another tool, useful up to a point, subject to being inaccurate both by limits of the test and efforts to fool it. You see, it's about determining risk on the front end anyway. You can never really know what somebody is capable of doing, this side of the "minority report" world.

  7. Poly's are NOT nonsense, they are very real, they do work in some ways. They are not reliable enough to be legal evidence, but they do provide useful information most of the time.

    Don't fool yourself, they have some scientific basis in their application, it's not all just smoke and mirrors, there are reasons this device works. No, it's not 100%, but the science theory tells us that, the fact that it's basically a human judgment call when interpreting the results says it's not totally accurate. Humans can be fooled. The test can be fooled if you know how it works and how to make the results less obvious, but that fact doesn't mean the use of Poly's is pointless...

    Even those who offer ways to "beat" a polygraph admit that they generally work. They also admit that their techniques really can only hide dishonest answers, not cover them up. They teach you how to confuse the person trying to read the results, not that the tests don't work. They teach you how to artificially cause the readings to vary and use that to your advantage when trying to hide the truth. It's about fooling the tester, not that you need to believe the test doesn't work.

    So, even the folks who teach you how to lie to a polygraph and get away with it, acknowledge that they CAN work and that unless you are pathological out of the gate, require that you take countermeasures if you wish to try and fool the person looking at the machine... You are mistaken...

  8. The salient points here is that beating the polygraph takes training... I don't dispute that... However, It's just not common to run into people who are trained and can actually beat the test and the vast majority of people don't walk in off the street and can lie to a polygraph.

    Polygraphs remain a useful screening tool even with training available. They are but a tool which can help in specific situations, limited as those situations may be, and being helpful, they are useful.

  9. How so? Background checks are not 100% effective, yet we use and trust them to some extent..

    There is nothing that's 100%.. And polygraphs are certainly not 100%, but when used on a group, or even an individual it's an indicator with value. They have their use..

  10. Re:Old news on Leaked Documents Confirm Polygraph Operators Can't Detect Countermeasures (antipolygraph.org) · · Score: 4, Interesting

    I propose a little test then, being you are so convinced you can beat the polygraph, that you take one...

    MythBusters did a segment on this and they where not able to demonstrate a way to beat the test that was reliable. In fact, I don't think any of their "test subjects" where able to do so. Can some people do it? I think so. But I seriously doubt *you* could beat it unless you are a pathological liar who just doesn't care anything about truth, ethics or morals.

    So it's more than just those who are susceptible to believe the polygraph, it does have some success. Efforts to beat the polygraph are largely ineffective and usually very detectable. Most of these techniques take practice to effectively use and even though folks like you walk around thinking you can easily manipulate the test, you really can't, even if you don't believe in the test.

    So, back to my point.. Polygraphs may not be a perfect tool, they *can* be manipulated by sufficiently trained people, they are never the less a useful tool in the tool box of those tasked with securing information and things. While not admissible as evidence, can assist investigators in confirming or eliminating suspects in crimes. They are still useful part of the tools in the box.

  11. Oh come on... Polygraphs are not 100% pointless, they *do* work for *some* people so there is actually a benefit to their use.... Now, if you *depend* on a polygraph to tell you the truth in 100% of cases, you are stupid.

    As with all tools, polygraphs have their application where they are useful and situations where they are not. So polygraphs are not infallible, neither are background checks or surveillance, but we use them. They are all tools with their limitations and provisos which can be used in the proper ways and enhance security.

  12. That's easy....

    Born into the world gives you choices in your pursuit of happiness, you may have social and civil barriers to overcome, but your life and what you do with it is yours to decide within the bounds of the earth. Is that a limit? Yes, but barely so.

    Born on a space ship, your life is chosen for you, the civil and social barriers pale in relation to the barrier that's the hull of the ship and the direction it is going. You may have some choices, but your horizons are limited to what's inside the ship and you have no choice but to accept that limitation.

    As humans we recognize the limitations on freedom to be generally a bad thing, that having the right to pursue happiness is fundamental to the human condition, that we should be afforded the right to determine for ourselves. Generational ships take much of this fundamental right away from succeeding generations in a very real way. This is not just the social and civil barriers of colonists settling a new land, but a whole new set of limitations that would need to be imposed on multiple generations who are stuck within the hull of a ship with no other choice but death.

  13. Re:Heinlein quote. on Louis Friedman Says Humans Will Never Venture Beyond Mars (scientificamerican.com) · · Score: 1

    Experts say it's impossible to survive in space w/o a space suit... I'm inclined to think they are right... Need I continue?

    Actually, often the experts are correct, more often than they are wrong. In this case, I think said expert is 100% correct. Getting to Mars is within the realm of the possible. We don't have the technology yet to land humans and materials to sustain them on the surface of Mars. We don't have the ability to live long term in a inhospitable place like Mars with it's lack of radiation shielding and oxygen providing atmosphere, but each of these problems are conceivably solved in time so we *might* get there. However....

    There is no other place in the solar system that offers an environment that's even remotely habitable after Mars. So there is no possible reason we'd want to consider trying to put humans there. Quite literally, the next stop from Mars is more than a lifetime away and the technical problems of building a craft that could get there are too great to imagine we could accomplish it, nor could human life survive the trip.

    Then there is the reality that the Earth is going to be literally cooked by the Sun eventually. Stars like ours have a limited lifespan and as they age they eventually expand. Our Sun will absorb all of the inner planets, one at a time as it expands, including Earth. No life on this planet, or the planet itself will survive. We have a general idea how long before this happens and that puts a hard limit on how long mankind has to vacate this rock. Mars won't be far enough away and by then will have no atmosphere anyway and there will be no place we can go that's even remotely habitable in our solar system....

    But the biggest problem is, even if the expert IS wrong, neither you nor I will be around to see it. We will be long dead. gone and forgotten before anybody figures out this expert was wrong.. For all practical purposes, he's right, at least right enough that there will be no settling this argument between you and I even if we go to our graves debating it.

  14. Correct.

    If you don't maintain positive control of your hardware, there is little you can really count on security wise. Drive encryption is nice, but if you give physical access to an attacker, all you've done is made his job a bit harder.

  15. What's the differance? on Ask Slashdot: How To Determine If One Is On a Watchlist? · · Score: 1

    At this point, what difference does it make?

    If you are on a list, you are on it. You won't know one way or another until some authority who uses the list when dealing with you, and even then you may not know. Apart from actually doing something illegal, chances are you will never be on a list beyond the IRS's.

    IMHO - I'm just guessing here, but I seriously doubt that you have caught the attention of *anybody* compiling lists of people to watch compiled by the government if your identity wasn't already suspect. Just doing a Google search, or to or 100 isn't all that significant. Downloading lots of stuff though Tor is not significant either. Unless you are routinely calling your local ISIS recruiter or something else DIRECTLY suspicious, I seriously doubt there is much you can do to get on some government list. There are over a hundred million people in this country, you are going to have to really do something to stand out in the crowd and what you describe is unlikely to draw any attention.

  16. Re: Because today's technology require it so on DARPA Is About To Start Testing an Autonomous, Submarine-Hunting Drone (vice.com) · · Score: 1

    VLF is great but only ONE way - VLF is great to talk TO a sub that you don't know a location of, but it's not so good for a sub to transmit VLF.. I'm guessing you *could* do it, but the problem is that you are basically advertising your location to the world by doing this. The whole point of a submarine is to stay hidden where nobody knows you are and that's going to be really hard to do if you are radiating lots of RF energy.

  17. Re: Because today's technology require it so on DARPA Is About To Start Testing an Autonomous, Submarine-Hunting Drone (vice.com) · · Score: 1

    VLF is good for talking TO something but it's difficult to actually transmit FROM something. It takes very long antennas and lots of power to get any kind of useful signals though sea water. Ground stations that do VLF are huge affairs and run literally megawatts to get world wide coverage. We have mobile VLF transmitters, but those are mounted in aircraft, big aircraft, with miles of wire trailing behind them and extra power generation capacity so they can run enough wattage to be useful. You don't mount these things on a truck, a ship or anything else.

    VLF is also SLOW. It's something like 300 baud or less. That means just sending "hello" is going to take awhile. Sending something as complex as your location and a request for somebody to do something is going to take a really long time. Doing it with reliability, adding checksums or even parity bits just adds to how long all this takes, so here you are, radiating boat loads of RF energy for a really long time sending even simple things over VLF.

    You don't do this on a submarine because it is really hard to accomplish and it's STUPID because VLF is really easy to do direction finding with. Even if they didn't understand what you transmitted they'd have an excellent fix on your location before you could send "hello". It would be roughly the same as heading to the surface in broad daylight, turning on the sonar pinger, popping the hatch and sending up flares in the middle of the adversary's fleet, staying there for 10 min and then trying to sneak away..

    So using VLF to transmit something urgent to a submarine? Great idea, just set up a ground station or aircraft transmitter and bang out the message. Going the other way? Not so great of an idea. In fact a really stupid idea if you intend to stay stealthy in that submarine...

  18. Re: Because today's technology require it so on DARPA Is About To Start Testing an Autonomous, Submarine-Hunting Drone (vice.com) · · Score: 1

    I don't think even laser coms are all that secure anymore.... http://www.bbc.com/news/world-...

    All you do is park a listening satellite near the sub's target bird and watch for communications to happen, volia you have a good position on a sub.

  19. I don't think they are telling us the truth on DARPA Is About To Start Testing an Autonomous, Submarine-Hunting Drone (vice.com) · · Score: 1

    We already have the capacity to "track" submarines with a very well placed set of stationary listening stations. This sonar net covers the Atlantic very well and is pretty good in the Pacific. We can routinely track submarines general locations now, and I'm fairly sure we do. So that begs the question, what is this sub-hunting drone thing really good for?

    I don't think we need it to track submarines in the open ocean, but we need to more easily search for them in shallow congested waters. Right now the destroyer is the platform of choice to use on submarines. You send in the destroyers to deal with the submarine threat, but they are large, expensive and easily tracked so everybody knows what you are doing.

    What these things will be for is to go into an area without being detected, sweep the area for submarines and even possibly deal with the threats they find if necessary. All this is to avoid tipping your hand too far in advance so your adversary can get ready, and for detecting what your adversary is doing with his fleet so you can avoid interacting with it until the terms of the engagement are most favorable.

    So this is really an intelligence gathering device that can shoot at submarines if need be. It is just there to observe and report, It's not really an offensive weapon any more than a drone with a missile is one.

  20. Re: Because today's technology require it so on DARPA Is About To Start Testing an Autonomous, Submarine-Hunting Drone (vice.com) · · Score: 2

    How do you propose the submarine call in an air strike? Dial somebody up on the captain's cell phone?

    Anytime a submarine needs to communicate, it risks giving away it's position. Radio communications require putting *something* above the water and anything you do that with is subject to detection, both physically as well as through direction finding of the RF signals required. Yes, submarines *can* do this sort of thing, but it's pretty much assumed that when they do, they have given up their position to somebody, and that's usually a bad tactical move.

  21. Re:Because today's technology require it so on DARPA Is About To Start Testing an Autonomous, Submarine-Hunting Drone (vice.com) · · Score: 2

    Wouldn't it be really easy for an enemy to attack these? They're on the surface, so any flying drone can spot them and destroy them. Looks to me like these will only be useful in peace time, if you want to know where the Russian and Chinese subs are without any actual conflict going on. If a war starts, it will be like shooting fish that are floating on top of a barrel.

    Depending on the sea state, finding a small boat in miles of ocean can be a seriously difficult problem. I suppose if you know where the submarine the thing is following is the problem is much easier, but as others have pointed out, sending out a search/destroy mission pretty much going to be a dead give away that there really is a submarine here.

    Also, this is a passive system, meaning that the submarine is unlikely to be able to tell they are being monitored. So do you just give away your position because there is a chance the adversary already knows? I don't think so, at least not until you are sure something is shadowing you, and at that point you change tactics and start working on getting away if you can.

    However, this all makes me wonder what this will be used for. We already have a fairly good idea what's going on under the oceans now. We have very sensitive listening devices all over the oceans and are capable of quickly placing a bunch of temporary listening posts if the need arises. I'm not so sure these passive trackers are going to be all that useful, except that they can be sent into an area for a few days to detect possible submarine operations with a bit more detail, without causing suspicion. This is totally different than just tracking a single boat...

  22. Re:So where are the ratings? on 2016 Presidential Candidate Security Investigation (infosecinstitute.com) · · Score: 1

    Never mind.. I found it... Cool PDF with lots of detail... Hacker's dream if you think about it...

  23. So where are the ratings? on 2016 Presidential Candidate Security Investigation (infosecinstitute.com) · · Score: 1

    I'd love to see the site ratings there folks..

  24. Re:Naive analysis on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1

    1 in 50,000 is pretty unsecure if you ask me. That means that there are 200 people in a million that can get into my phone...

    Why not increase the hash size? Because, then you have to come up with some way to account for the physical variations between scans of the same finger, so you lower the hash size and sacrifice the false positive rate to get a lower false negative rate.. There is the real problem with the hash idea, it involves trade offs between convenience and security... The best security involves storing the full fingerprint scan, and storing the ACTUAL data on the device is a really big security problem of it's own. Trade offs are heck sometimes.

  25. Re:Hacking biometrics on Unhashable: Why Fingerprints Are Weaker Security Than Passwords (hackaday.com) · · Score: 1

    I hear that 99.9% of statistics are made up.... (Which must be true, because I just made that up.)

    Seriously, you are laboring under the delusion that it's hard to get a finger print or come up with a way to fool the sensor reading the finger print. You literally leave finger prints EVERYWHERE you go and like it or not, most scanners in use these days are chuck full of compromises on things like not looking at the whole print or they don't save enough detail but condense down your print into some mathematical expression. Not to mention that if you ever are able to break into a system that accepts fingerprints and obtain this data, you can easily construct a way to "fake" the system so they don't need access to you, ever.

    Like all security ideas, it sounds great on paper, but when you start looking at the details of how it all works, the wheels quickly come off the train because doing it the right way is too hard, too expensive or too inconvenient to be useful. Most Fingerprint bio-metric based access control schemes fail in some way because of the implementation issues, they get compromised because they are expensive, or start to loosen the acceptable standards for a match because users complain of too many rejections.

    Fingerprints just look like they'd be secure but as implemented they just don't turn out to be all that secure.