If I would have to go that route I probably would run checksum comparisons to accepted values for each file in the system.
Congratulations, you just re-invented tripwire which has been in linux since about 1992 or so. It scans the entire system and compares every file to stored checksums last time it was run. Apparently it has been developed into a commercial product since then but the free original version is still around.
Actually, I have the historical answer to your question. You are more or less correct.
Believe it or not, it was the monopoly of the first "telecom" company, that the rules were put it place to not compete with - the Post Office!
The amateur rules also included prohibitions of discussing religion, politics, or any "controversial" subject matter of any kind, for that you were supposed to write a letter, not sully the airwaves with argument!
Needless to say these rules have been somewhat relaxed in recent days, but ordering a pizza used to be prohibited as doing business on amateur radio. Now it considered "personal business" and it is technically allowed, but is still considered somewhat controversial because it is furthering the commercial interests of the Pizza parlor, so there is still two schools of thought on that one.
And I'd like to see the statistics that prove that 5-10 years of appeals cost more than keeping someone alive in prison for 40-60 years!
I tend to favor the Texas standard - if 3 credible eyewitnesses see you commit a heinous crime, you go "to the front of the line".
In other words, if there is ABSOLUTELY NO DOUBT you are guilty, why waste any time with keeping your sorry ass alive another day? I have no problem with a moratorium on the death penalty if there is even a shadow of a doubt, but there should be "A WHOLE CROWD SAW HIM DO IT, HE'S DEFINITELY GUILTY" category that doesn't waste time or money on lengthy appeals or a life sentence.
For software backup, Norton Ghost enterprise is the way to go unless you have some solution you already are using / have to use...
For wiping the hard disks, they used to make bench-top hardware boxes you could hook up 4 drives to directly and mass-copy them all 4 at a crack. You can use a clean formatted drive as a source and "duplicate" that to wipe the drives clean, 4 at a time simultaneously.
I'm not sure if there are similar devices that do Ultra-ATA or SATA, but it might be worth looking into getting one if you have that many devices and time is critical.
Yea, but you can use a scanner with digital capability to receive the digital traffic, but none of them have decryption capability, even if you were lucky enough to know what the key is. The required room-full of computers required to brute-force decrypt an AES-256 key in less than 100,000 years isn't exactly portable.
Encryption steps it up a whole bunch of notches, to whole 'nother level. You have to have the resources of a major corporation, university or government to deal with anything approaching real-time decryption.
Sort of. I know the NSA used to deliver to the Secret Service tapes of the 10,000 "best" keys in the DES space. The facility that sends keys out to radios picks 16 of those 10,000 strongest keys, so ridiculously obvious ones like "1234" and "0000" are eliminated (I know they're not proper length keys but they're just for example). I suppose there is always the rare possibility of the 1st one you try just happening to be the right one but statistically that situation would happen once in every x years of billions of tries, based on key length and algorithm strength. I don't know if there are any "weak" keys for AES-256 because that is what all the serious players with three-letter names are using these days.
As for secure "enough"... it's all a game of money. I'll bet your Beowulf won't crack my AES-256 in the 24 hours between me re-keying. But again the other side of the phrase applies too - if the message is not time-sensitive, you can replay and retry the brute-force till you're blue in the GPU or you get it. Just don't rely on that key still being actively used by the time you figure it out...
That is exactly what APCO Project-25 was SUPPOSED to be for. Unfortunately, Motorola couldn't wait and released their "Astro" system before P25 was finalized, then had to change all the radios in the field. Then, inexplicably, they produced "MotoTRBO" another non-interoperable incompatible digital standard. Then ICOM came out with D-STAR and IDAS. Then Kennwood came out with NexEdge. Then GE came out with Aegis. Then Harris came out with OpenSky...
FUCK FUCK FUCK!
There is now a clusterfuck of incompatible "standards" with each manufacturer churning out their own brand of spew. Either they need to go with one and ONE ONLY, or pick a new one and make EVERYONE USE THAT. FUCKING PERIOD.
No, but this is no shit, I did hear a stakeout squad bitching about someone they were watching verbatim:
Unit 1: God it's hot in this fucking van. Unit 2: Hey he's on the move - he's going upstairs. Unit 1: This is the Girlfriend's apartment, right? Unit 2: Yes. Unit 1: What's he going up there for in the middle of the afternoon? Unit 2: You've been married too long!
No kiddin. The system is an old unencrypted system, but because it was a trunked radio system, the detectives thought no one could listen in. Hah!
Also, while you're at it look up frequency-inversion scrambling. How it works is it actually does a double-sideband mix of the voice audio signal in the AUDIO domain, instead of the RF domain, then swaps the sidebands! This causes a very similar sound to listening to the wrong sideband, but I assure you the "scrambler" of yesteryear works exactly in this fashion. Motorola used to call it VP (Voice Privacy). There are newer more sophisticated versions of audio frequency-inversion scrambling that segment the audio spectrum into more than 2 bands and swap them around, and some even use "rolling codes" or they vary the way in which they swap the audio bands.
Trust me on these matters, I'm a ham, I own a digital repeater system, and used to be an engineer at Motorola.
The American equivalent to Tetra, APCO Project-25, has been hacked, but to what effectiveness? By "hacked" you mean they have figured out the protocol stack and the encryption algorithm, and they have even brute-force figured out a few weaker 40-bit keys, but each key is a unique case. The stiffer DES 56-bit key takes a significantly greater amount of horsepower to crack with a GPU array, think many weeks instead of a few days. However, for government stuff they use AES-256, which can take many years to brute-force a key, or longer. Each time the key changes or a different agency's system is "hacked" you have to figure out the new key of the day/week/month, and if it takes you 2 months to brute-force a DES key and they change them monthly, well, you're fucked.
That is the essence of a truly secure encryption system, BTW. All it needs to be is secure *enough* to last until the information is no longer useful or the key changes.
So has the American equivalent to Tetra, APCO Project-25. But "cracked" is a definition of degrees. By "cracked" you mean they have figured out the protocol stack and the encryption algorithm, and they have brute-forced figured out a few weaker 40-bit keys, yes. The stiffer DES 56 bit key takes a significantly greater amount of horsepower to crack with a GPU array, think many weeks instead of a few days. However, for government stuff they use AES-256, which can take many years to brute-force a key, or longer. Each time the key changes or a different agency's system is "cracked" you have to figure out the new key of the day/week/month, and if it takes you 2 months to brute-force a DES key and they change them monthly, well, you're fucked.
That is the essence of a truly secure encryption system, BTW. All it needs to be is secure "enough" to last until the information is no longer useful or the key changes.
Actually, they can re-key the radios over-the-air. That removes the requirement that everyone bring in their radios once a week/month/year to get them re-keyed to the latest keyset. If there is a stolen radio, first they send it a "remote monitor" command to listen in without the radio indicating it is transmitting (!) or to try to home in on it with a doppler (Lo-Jack) direction finder. If that fails, then they send it a "stun" command, which kills the radio until it is sent back to the factory. Finally, they re-key all the other radios in the system in case the keys were compromised. At least that is SUPPOSED to be the procedure... If the radio is turned off, then the stun command, etc. is queued in the system controller so as soon as it's turned on, it will get killed immediately.
They do, sort of. Trunked radio systems use "talkgroups" which are isolated group-call (multicast) messages aimed at specific radios. You can send a voice "message" (transmission) to a specific radio if needed, but normal transmission go to the entire talkgroup. You would have Fire on one, Police dispatch on one, detectives on one, etc. That way they normally only get traffic they are interested in, but in an emergency they would all switch to a "city-wide" talkgroup so everone would hear everything. They also can reserve the talkgroups to be forced encryption or forced non-encrypted (clear) in case someone doesn't have the proper keys.
There are also common clear channels reserved for interoperability nation-wide in the 800 MHz band just in case someone outside the state needs to join in the fun.
Voice IS data. The encryption systems necessarily digitize the voice using a vocoder, then scramble the bitstream. The only "encryption" for analog signals is frequency-inversion ("donald duck" sounding type old-school "scramblers").
Actually no. Almost all the modern digital radios have a simple software encryption built-in. This makes it trivial to just turn on to use it. If a higher degree of security is required, then a hardware encryption board can be added as an option to most of the newer radios, that make them secure for even government non-classified traffic (lowest level of security but still encrypted). Anyway, since it is so easy and no extra cost to have basic encryption a lot of agencies are using it by default nowadays.
Encryption also makes the conversations unavailable to portable scanners, as well as the internet audio feeds to smartphones. These have been around a lot longer. It is just the recent upsurge in people using the scanner audio streaming apps that is feeding this latest FUD. In my state there is a concerted statewide effort to get all local municipalities on the state-wide system, which can very easily use encryption if the local agency wants to. This is aimed at "fixing" interoperability by having everyone on the same system using the same keys.
Notwithstanding the poster's hilarious urinary colloquialism, what he's saying is the people attracted to deep discounts like that are unlikely to ever become full-price regular paying customers once the deal is over.
Groupon doesn't pre-sell the items online, they only are giving out the opportunity for a discount. She could have refused the sales at the door, but she decided not to until they had 8500 orders, not wanting to take a PR hit and getting a bad name for "running out". Two bad decisions, one to take the Groupon deal without setting a practical limit to start with, and another to not put the brakes on an out-of-control situation sooner.
I second the HP firesale Touchpads. They have excellent, sharp bright displays, and are very snappy and functional with WebOS. Although the hardware is at end of life (or maybe not, there's talk of Win8 on them soon), HP is still committed to the WebOS thing, either they will continue and make a new Touchpad someday, or will try to sell off the WebOS division, but either way it's not being buried like the hardware was. Updates from HP continue to present day, I got one last week.
You can "root" the device in developer mode with a simple browser macro (type in a URL...) that is hilarious - it's the old Konami game cheat code "upupdowndownleftrightleftrightABAB":) As I recall, that is it or very close to it, and you just have to throw a soft "switch" to put the unit in developer mode. This allows you to sideload apps either from a host PC or by copying the installer files to the internal "disk" storage tree and installing from there.
Plus you can even run Android OS in a WINDOW! How's that for portability / flexible dev environment? Kind of like a VM built-in.
Not to mention you can still find the 16GB ones on eBay for about $200-250, which is even still half to a third the price of current production tablets.
The only thing is it's a 9/10" tablet not quite as small as the one you want, they were actually in development of a 7" version when they killed the line, unfortunately it never saw the light of day.
I have had many big banks refuse to cash a check for me, too. As a non-customer of theirs, even when the damn check was DRAFTED ON THAT BANK, they refused! They cited some ridiculous bullshit about not being able to identify me or some crap even though they try to humiliate and even fingerprint you when you want to get a simple check cashed. Utter crap - that should be fucking illegal - if a check is drafted on a given institution, it should have to honor it no matter what.
Slashdot Mirror
If I would have to go that route I probably would run checksum comparisons to accepted values for each file in the system.
Congratulations, you just re-invented tripwire which has been in linux since about 1992 or so. It scans the entire system and compares every file to stored checksums last time it was run. Apparently it has been developed into a commercial product since then but the free original version is still around.
Actually, I have the historical answer to your question. You are more or less correct.
Believe it or not, it was the monopoly of the first "telecom" company, that the rules were put it place to not compete with - the Post Office!
The amateur rules also included prohibitions of discussing religion, politics, or any "controversial" subject matter of any kind, for that you were supposed to write a letter, not sully the airwaves with argument!
Needless to say these rules have been somewhat relaxed in recent days, but ordering a pizza used to be prohibited as doing business on amateur radio. Now it considered "personal business" and it is technically allowed, but is still considered somewhat controversial because it is furthering the commercial interests of the Pizza parlor, so there is still two schools of thought on that one.
Disclaimer - IAAARO.
And I'd like to see the statistics that prove that 5-10 years of appeals cost more than keeping someone alive in prison for 40-60 years!
I tend to favor the Texas standard - if 3 credible eyewitnesses see you commit a heinous crime, you go "to the front of the line".
In other words, if there is ABSOLUTELY NO DOUBT you are guilty, why waste any time with keeping your sorry ass alive another day? I have no problem with a moratorium on the death penalty if there is even a shadow of a doubt, but there should be "A WHOLE CROWD SAW HIM DO IT, HE'S DEFINITELY GUILTY" category that doesn't waste time or money on lengthy appeals or a life sentence.
For software backup, Norton Ghost enterprise is the way to go unless you have some solution you already are using / have to use...
For wiping the hard disks, they used to make bench-top hardware boxes you could hook up 4 drives to directly and mass-copy them all 4 at a crack. You can use a clean formatted drive as a source and "duplicate" that to wipe the drives clean, 4 at a time simultaneously.
I'm not sure if there are similar devices that do Ultra-ATA or SATA, but it might be worth looking into getting one if you have that many devices and time is critical.
Yea, but you can use a scanner with digital capability to receive the digital traffic, but none of them have decryption capability, even if you were lucky enough to know what the key is. The required room-full of computers required to brute-force decrypt an AES-256 key in less than 100,000 years isn't exactly portable.
Encryption steps it up a whole bunch of notches, to whole 'nother level. You have to have the resources of a major corporation, university or government to deal with anything approaching real-time decryption.
Sort of. I know the NSA used to deliver to the Secret Service tapes of the 10,000 "best" keys in the DES space. The facility that sends keys out to radios picks 16 of those 10,000 strongest keys, so ridiculously obvious ones like "1234" and "0000" are eliminated (I know they're not proper length keys but they're just for example). I suppose there is always the rare possibility of the 1st one you try just happening to be the right one but statistically that situation would happen once in every x years of billions of tries, based on key length and algorithm strength. I don't know if there are any "weak" keys for AES-256 because that is what all the serious players with three-letter names are using these days.
As for secure "enough"... it's all a game of money. I'll bet your Beowulf won't crack my AES-256 in the 24 hours between me re-keying. But again the other side of the phrase applies too - if the message is not time-sensitive, you can replay and retry the brute-force till you're blue in the GPU or you get it. Just don't rely on that key still being actively used by the time you figure it out...
Actually, there are now SEVEN incompatible digital systems in use!
See my post on this earlier: http://it.slashdot.org/comments.pl?sid=2541466&cid=38154576
That is exactly what APCO Project-25 was SUPPOSED to be for. Unfortunately, Motorola couldn't wait and released their "Astro" system before P25 was finalized, then had to change all the radios in the field. Then, inexplicably, they produced "MotoTRBO" another non-interoperable incompatible digital standard. Then ICOM came out with D-STAR and IDAS. Then Kennwood came out with NexEdge. Then GE came out with Aegis. Then Harris came out with OpenSky...
FUCK FUCK FUCK!
There is now a clusterfuck of incompatible "standards" with each manufacturer churning out their own brand of spew. Either they need to go with one and ONE ONLY, or pick a new one and make EVERYONE USE THAT. FUCKING PERIOD.
No, but this is no shit, I did hear a stakeout squad bitching about someone they were watching verbatim:
Unit 1: God it's hot in this fucking van.
Unit 2: Hey he's on the move - he's going upstairs.
Unit 1: This is the Girlfriend's apartment, right?
Unit 2: Yes.
Unit 1: What's he going up there for in the middle of the afternoon?
Unit 2: You've been married too long!
No kiddin. The system is an old unencrypted system, but because it was a trunked radio system, the detectives thought no one could listen in. Hah!
Oops, sorry - didn't see the other guy's post about the inversion scrambling before my reply - thanks, mate!
Also, while you're at it look up frequency-inversion scrambling. How it works is it actually does a double-sideband mix of the voice audio signal in the AUDIO domain, instead of the RF domain, then swaps the sidebands! This causes a very similar sound to listening to the wrong sideband, but I assure you the "scrambler" of yesteryear works exactly in this fashion. Motorola used to call it VP (Voice Privacy). There are newer more sophisticated versions of audio frequency-inversion scrambling that segment the audio spectrum into more than 2 bands and swap them around, and some even use "rolling codes" or they vary the way in which they swap the audio bands.
Trust me on these matters, I'm a ham, I own a digital repeater system, and used to be an engineer at Motorola.
The American equivalent to Tetra, APCO Project-25, has been hacked, but to what effectiveness? By "hacked" you mean they have figured out the protocol stack and the encryption algorithm, and they have even brute-force figured out a few weaker 40-bit keys, but each key is a unique case. The stiffer DES 56-bit key takes a significantly greater amount of horsepower to crack with a GPU array, think many weeks instead of a few days. However, for government stuff they use AES-256, which can take many years to brute-force a key, or longer. Each time the key changes or a different agency's system is "hacked" you have to figure out the new key of the day/week/month, and if it takes you 2 months to brute-force a DES key and they change them monthly, well, you're fucked.
That is the essence of a truly secure encryption system, BTW. All it needs to be is secure *enough* to last until the information is no longer useful or the key changes.
So has the American equivalent to Tetra, APCO Project-25. But "cracked" is a definition of degrees. By "cracked" you mean they have figured out the protocol stack and the encryption algorithm, and they have brute-forced figured out a few weaker 40-bit keys, yes. The stiffer DES 56 bit key takes a significantly greater amount of horsepower to crack with a GPU array, think many weeks instead of a few days. However, for government stuff they use AES-256, which can take many years to brute-force a key, or longer. Each time the key changes or a different agency's system is "cracked" you have to figure out the new key of the day/week/month, and if it takes you 2 months to brute-force a DES key and they change them monthly, well, you're fucked.
That is the essence of a truly secure encryption system, BTW. All it needs to be is secure "enough" to last until the information is no longer useful or the key changes.
Actually, they can re-key the radios over-the-air. That removes the requirement that everyone bring in their radios once a week/month/year to get them re-keyed to the latest keyset. If there is a stolen radio, first they send it a "remote monitor" command to listen in without the radio indicating it is transmitting (!) or to try to home in on it with a doppler (Lo-Jack) direction finder. If that fails, then they send it a "stun" command, which kills the radio until it is sent back to the factory. Finally, they re-key all the other radios in the system in case the keys were compromised. At least that is SUPPOSED to be the procedure... If the radio is turned off, then the stun command, etc. is queued in the system controller so as soon as it's turned on, it will get killed immediately.
They do, sort of. Trunked radio systems use "talkgroups" which are isolated group-call (multicast) messages aimed at specific radios. You can send a voice "message" (transmission) to a specific radio if needed, but normal transmission go to the entire talkgroup. You would have Fire on one, Police dispatch on one, detectives on one, etc. That way they normally only get traffic they are interested in, but in an emergency they would all switch to a "city-wide" talkgroup so everone would hear everything. They also can reserve the talkgroups to be forced encryption or forced non-encrypted (clear) in case someone doesn't have the proper keys.
There are also common clear channels reserved for interoperability nation-wide in the 800 MHz band just in case someone outside the state needs to join in the fun.
Voice IS data. The encryption systems necessarily digitize the voice using a vocoder, then scramble the bitstream. The only "encryption" for analog signals is frequency-inversion ("donald duck" sounding type old-school "scramblers").
Actually no. Almost all the modern digital radios have a simple software encryption built-in. This makes it trivial to just turn on to use it. If a higher degree of security is required, then a hardware encryption board can be added as an option to most of the newer radios, that make them secure for even government non-classified traffic (lowest level of security but still encrypted). Anyway, since it is so easy and no extra cost to have basic encryption a lot of agencies are using it by default nowadays.
Encryption also makes the conversations unavailable to portable scanners, as well as the internet audio feeds to smartphones. These have been around a lot longer. It is just the recent upsurge in people using the scanner audio streaming apps that is feeding this latest FUD. In my state there is a concerted statewide effort to get all local municipalities on the state-wide system, which can very easily use encryption if the local agency wants to. This is aimed at "fixing" interoperability by having everyone on the same system using the same keys.
Notwithstanding the poster's hilarious urinary colloquialism, what he's saying is the people attracted to deep discounts like that are unlikely to ever become full-price regular paying customers once the deal is over.
"Taking the piss" is British slang (see http://en.wikipedia.org/wiki/Taking_the_piss). Get a sense of humor. Really.
Groupon doesn't pre-sell the items online, they only are giving out the opportunity for a discount. She could have refused the sales at the door, but she decided not to until they had 8500 orders, not wanting to take a PR hit and getting a bad name for "running out". Two bad decisions, one to take the Groupon deal without setting a practical limit to start with, and another to not put the brakes on an out-of-control situation sooner.
I second the HP firesale Touchpads. They have excellent, sharp bright displays, and are very snappy and functional with WebOS. Although the hardware is at end of life (or maybe not, there's talk of Win8 on them soon), HP is still committed to the WebOS thing, either they will continue and make a new Touchpad someday, or will try to sell off the WebOS division, but either way it's not being buried like the hardware was. Updates from HP continue to present day, I got one last week.
You can "root" the device in developer mode with a simple browser macro (type in a URL...) that is hilarious - it's the old Konami game cheat code "upupdowndownleftrightleftrightABAB" :) As I recall, that is it or very close to it, and you just have to throw a soft "switch" to put the unit in developer mode. This allows you to sideload apps either from a host PC or by copying the installer files to the internal "disk" storage tree and installing from there.
Plus you can even run Android OS in a WINDOW! How's that for portability / flexible dev environment? Kind of like a VM built-in.
Not to mention you can still find the 16GB ones on eBay for about $200-250, which is even still half to a third the price of current production tablets.
The only thing is it's a 9/10" tablet not quite as small as the one you want, they were actually in development of a 7" version when they killed the line, unfortunately it never saw the light of day.
Are you a dumbfuck?
Try to think of SPAM like farts on the subway.
They have the whiff of shit. You simply can't avoid them.
Just try to wince and ignore them as best you can, as complaining doesn't help at all.
Yes, set your cat on fire and toss through their front door.
That ought to do it.
I have had many big banks refuse to cash a check for me, too. As a non-customer of theirs, even when the damn check was DRAFTED ON THAT BANK, they refused! They cited some ridiculous bullshit about not being able to identify me or some crap even though they try to humiliate and even fingerprint you when you want to get a simple check cashed. Utter crap - that should be fucking illegal - if a check is drafted on a given institution, it should have to honor it no matter what.