1. Can you attach and detach a iSomething 10 times a second? I don't believe so. 2. wait_until_next_LOTS_OF_events_are_ ready() is quite a complicated procedure. You would still either poll, or run a lot of threads which wait for their personal events. 3. And BTW: USB that your mouse driver attaches to has polling ONLY. It has NO side channel that can inform hosts about events. It also applies to USB bootable flash or HDD.
As a result, I have a latency too short to be noticed, and also the process eats almost no processor time when idle. If the Microsoft or Apple programmers cannot just do the same (I don't imagine that they have no more sophisticated methods for dealing with external events) - I wonder why they don't stand with "WILL WRITE WINDOWS PROGRAMS FOR BREAD" boards.
Once more: I wrote not about ENCRYPTED application but about ANONYMOUS VoIP application. The attacker should be unable to FIND the FACT of communication, since if he has this fact he can torture both sides of communication or all your contact list to reveal the message.
You propose solution that is neither anonymous (the server writes logs that can be extorted) nor VoIP (it transfers messages and files ONLY, NOT the live speech, at least I have such an impressionafter reading Wikipedia).
Only our friends from Israel could use Iron Dome rockets (US$40000 each) to target pieces of Palestinian water plumbing filled with fertilizer - and consider it profitable:-)
Maybe they run MSVS (Modulnaya Sistema Vooruzhennyh Sil - Modular Armed Forces System). I hadn't tried it but it is somewhere in my collection. Full Disclosure and Disclaimer: It was on rutracker.org so I do not disclose any Russian state secrets not disclosed earlier.
The expression "Apple does not have a backdoor per se" basically cannot be proven unless you have a full source code. Moreover, nothing will stop a real hackers from desoldering a flash and attaching it to reader. And also: I've never seen a modern device which does not have some JTAG or similar debug port that can be useful to program the very bootloader that verifies the digital signatures of bootable code. Times when BIOS was pluggable are gone.
Buy anything where you can install your preferred encrypted OS and any connectivity module. For instance, I'd buy some CDMA modem for my OQO2 because encrypted FreeBSD runs well on it.
But IMHO problem is not that the smartphone contains something illicit. Problem is that after Microsoft bought Skype there is NO VoIP application which is fully anonymous so THEY can still compile your contact list from your traffic logs only and apply a rubberhose decryptor (We Russians say "Rectothermal decryptor") to all your contact list.
To use Goertzel, you basically should need to know the frequency of whistle beforehand. It's nice when you have a fixed-frequency whistle but bad if you whistle by mouth. The autocorrelation algo or any other pitch determination algo would behave better.
If I play games, I can use Windows since nothing bad happens when (not "if") I spend a week for killing viruses and installing drivers. If I use computer for work I should be absolutely sure it works and will work when I need it. "Will write a letter with bad font" is acceptable. "Will need to work from command line" is acceptable. "Cannot do it due to virus" - NOT acceptable.
none1@pci0:6:7:0: class=0x0c0010 card=0x81fe1043 chip=0x30441106 rev=0xc0 hdr=0x00
vendor = 'VIA Technologies, Inc.'
device = 'VT6306/7/8 [Fire II(M)] IEEE 1394 OHCI Controller'
class = serial bus
subclass = FireWire
and I just look for the specific drivers by name. And it mostly knows the vendor and hardware ID even if it does not have drivers for this specific hardware. If something pretending to be named Operating System does not do this simple task, should it be still named Operating System?
I see nobody has mentioned FreeBSD and Kernel Mode Switching. Problem is that some time ago in a galaxy not far away the authors of opensource Radeon driver decided to abandon UMS in favor to KMS which obviously required card-specific code in OS kernel of every OS that uses the card. FreeBSD folks work hard, but my Radeon supermeganotebook that costs me a fortune still collects dust, and I have been forced to sell my Radeon, buy Geforce and use proprietary drivers. They suck - they have some issue with framebuffer sync appearing as ghostly stripes on everything moving (both mplayer and Mozilla scrolling).
There are some rumors that NASA already has experimented with orbital sex. Results are: 1) Sex is almost impossible without gravity. 2) It caused traumas that lead to possible infertility, and NASA stopped experimenting in this area. So, forget it.
I just had enough good experience with ATI long time ago in a galaxy far away that has ossified my upper hemispheres to extrapolate that Radeons will be good forever. I couldn't imagine that one team (X) will just require KMS without any consultation with other team (FreeBSD) that should implement it.
I was stupid enough to buy a Radeon notebook only to find that it has 2 videos, one of which is simple, economic and old as mammoth's feces, and second one - a supermegagigateracard which is NOT supported in FreeBSD but with NO means to turn it off and burning my hands when I touch this monster. FreeBSD trouble report didn't help, as a result that book collects dust. And as I know Radeons need KMS, and I have no idea about it's implementation in FreeBSD. Next time I bought a simple Geforce and use closed (and buggy) Nvidia drivers since I have no other choice.
Don't recommend to migrate to Linux, please, or I'll ask "to WHICH Linux?" When I met Unix, Linus was 11 years old.
... While I always see 1-2 Chinese nodes in I2P NetDB, I have not seen any Iranian node. Why? Does it mean that anybody trying to connect is persistently looked for, or just the system is not popular? Or, maybe, TOR client is much less visible than I2P node and so is more secure?
Why do you think that it will NOT incriminate your family members? For instance, my friend's granddaddy was a hunter and left a lot of rifles and ammo. My friend does not want to surrender it due to understandable self-defense concerns (It's Soviet Russia!) but if he dies his family members should know where his arsenal is hidden.
In America, you can always find a party . In Soviet Russia, the Party always finds YOU!! So I decided to encrypt ALL my data. The data I am going to give to my heirs will be encoded with some key on bootable flash drives and entrusted to 3 different persons, each having 2/3 of total key length. Any 2 of them (but no single person) will be able to decode them. If the Party finds any one of them while I live it will be impossible to obtain the data.
It's a misunderstanding. Nominally, aGPS is the use of ALMANAC and EPHEMERIS data obtained from the network, and not from the navigation signal itself. It speeds the acquisition - and nothing more. At least, U-blox dox say so. Unfortunately, I heard that some GPS chipsets have aGPS ONLY and have NO GPS data channel. The test is simple: Ensure that your smartphone can show your position while the network is absent.
Full disclosure: I am NOT a GPS specialist (GPS specialists sit in a neighboring lab).
And BTW: The original post does not talk about GPS - only about intrusion to the phone and conversion of it to the beacon.
I believe that the encrypted communication is useless in conditions where every single fact of such communication is traced and the participants logged. and bugged. The really secure communicator should not allow any party except Alice and Bob to know the fact of communication, and any party - IP of other party or anything that allows to find them in meatspace.
Unfortunately, the only communicator I know that claims to do this is I2P The Invisible Internet Project. And it does not support VoIP.
I have heard about mesh networks, for instance, B.A.T.M.A.N. or Netsukuku. You just need a mesh network to GSM gate that impersonates your phone and sends the calls via the mesh to the endpoint router with VoIP gate. It's quite difficult to trace the mesh but all this project needs at least tens of paranoiacs around the city that keep the mesh routers up and running.
For the REALLY paranoid geek I have a variant. There are lots of GSM modules that are intended for installation in some equipment. They need some power source, keyboard and microphone to operate. You may use something like the simplest PIC controller for keyboard and microphone control and be sure that unless you explicitly turn the microphone on it will be off.
It will still be a beacon, but you can invent some countermeasures, too. Your controller can detect the transmission and duly warn you if it finds something suspicious, for instance, long transmission without calls. If you are STILL overparanoid you may add a GPS device that will just turn the phone off while in zones where you don't want to be tracked.
Stationary GSM module with WiFi link to your real phone (or to your second secret GSM phone) is to be added according to taste.
NEVER read at loud. Doing so limits your reading speed down to listening speed which is much lower. The same about thinking at loud - you should not think in words, the unspeakable thoughts are MUCH faster. The only exception is reading poetry.
Slashdot Mirror
1. Can you attach and detach a iSomething 10 times a second? I don't believe so.
2. wait_until_next_LOTS_OF_events_are_ ready() is quite a complicated procedure. You would still either poll, or run a lot of threads which wait for their personal events.
3. And BTW: USB that your mouse driver attaches to has polling ONLY. It has NO side channel that can inform hosts about events. It also applies to USB bootable flash or HDD.
Basically, I don't like complicated code, and my brain has been spoiled with Fortran. I write:
somelabel: if(something_happened() process_it(); usleep(100000); goto somelabel;
As a result, I have a latency too short to be noticed, and also the process eats almost no processor time when idle. If the Microsoft or Apple programmers cannot just do the same (I don't imagine that they have no more sophisticated methods for dealing with external events) - I wonder why they don't stand with "WILL WRITE WINDOWS PROGRAMS FOR BREAD" boards.
Because some kinds of tree "must be refreshed from time to time". Yes, if you are proud to be American you have understood me.
Once more: I wrote not about ENCRYPTED application but about ANONYMOUS VoIP application. The attacker should be unable to FIND the FACT of communication, since if he has this fact he can torture both sides of communication or all your contact list to reveal the message.
You propose solution that is neither anonymous (the server writes logs that can be extorted) nor VoIP (it transfers messages and files ONLY, NOT the live speech, at least I have such an impressionafter reading Wikipedia).
Only our friends from Israel could use Iron Dome rockets (US$40000 each) to target pieces of Palestinian water plumbing filled with fertilizer - and consider it profitable :-)
Maybe they run MSVS (Modulnaya Sistema Vooruzhennyh Sil - Modular Armed Forces System). I hadn't tried it but it is somewhere in my collection. Full Disclosure and Disclaimer: It was on rutracker.org so I do not disclose any Russian state secrets not disclosed earlier.
The expression "Apple does not have a backdoor per se" basically cannot be proven unless you have a full source code. Moreover, nothing will stop a real hackers from desoldering a flash and attaching it to reader. And also: I've never seen a modern device which does not have some JTAG or similar debug port that can be useful to program the very bootloader that verifies the digital signatures of bootable code. Times when BIOS was pluggable are gone.
Buy anything where you can install your preferred encrypted OS and any connectivity module. For instance, I'd buy some CDMA modem for my OQO2 because encrypted FreeBSD runs well on it.
But IMHO problem is not that the smartphone contains something illicit. Problem is that after Microsoft bought Skype there is NO VoIP application which is fully anonymous so THEY can still compile your contact list from your traffic logs only and apply a rubberhose decryptor (We Russians say "Rectothermal decryptor") to all your contact list.
And what will you do with a noise that randomly falls into the frequency window?
To use Goertzel, you basically should need to know the frequency of whistle beforehand. It's nice when you have a fixed-frequency whistle but bad if you whistle by mouth. The autocorrelation algo or any other pitch determination algo would behave better.
If I play games, I can use Windows since nothing bad happens when (not "if") I spend a week for killing viruses and installing drivers. If I use computer for work I should be absolutely sure it works and will work when I need it. "Will write a letter with bad font" is acceptable. "Will need to work from command line" is acceptable. "Cannot do it due to virus" - NOT acceptable.
My system gives me something like
none1@pci0:6:7:0: class=0x0c0010 card=0x81fe1043 chip=0x30441106 rev=0xc0 hdr=0x00
vendor = 'VIA Technologies, Inc.'
device = 'VT6306/7/8 [Fire II(M)] IEEE 1394 OHCI Controller'
class = serial bus
subclass = FireWire
and I just look for the specific drivers by name. And it mostly knows the vendor and hardware ID even if it does not have drivers for this specific hardware. If something pretending to be named Operating System does not do this simple task, should it be still named Operating System?
I see nobody has mentioned FreeBSD and Kernel Mode Switching. Problem is that some time ago in a galaxy not far away the authors of opensource Radeon driver decided to abandon UMS in favor to KMS which obviously required card-specific code in OS kernel of every OS that uses the card. FreeBSD folks work hard, but my Radeon supermeganotebook that costs me a fortune still collects dust, and I have been forced to sell my Radeon, buy Geforce and use proprietary drivers. They suck - they have some issue with framebuffer sync appearing as ghostly stripes on everything moving (both mplayer and Mozilla scrolling).
There are some rumors that NASA already has experimented with orbital sex. Results are: 1) Sex is almost impossible without gravity. 2) It caused traumas that lead to possible infertility, and NASA stopped experimenting in this area. So, forget it.
I just had enough good experience with ATI long time ago in a galaxy far away that has ossified my upper hemispheres to extrapolate that Radeons will be good forever. I couldn't imagine that one team (X) will just require KMS without any consultation with other team (FreeBSD) that should implement it.
I was stupid enough to buy a Radeon notebook only to find that it has 2 videos, one of which is simple, economic and old as mammoth's feces, and second one - a supermegagigateracard which is NOT supported in FreeBSD but with NO means to turn it off and burning my hands when I touch this monster. FreeBSD trouble report didn't help, as a result that book collects dust. And as I know Radeons need KMS, and I have no idea about it's implementation in FreeBSD. Next time I bought a simple Geforce and use closed (and buggy) Nvidia drivers since I have no other choice.
Don't recommend to migrate to Linux, please, or I'll ask "to WHICH Linux?" When I met Unix, Linus was 11 years old.
... While I always see 1-2 Chinese nodes in I2P NetDB, I have not seen any Iranian node. Why? Does it mean that anybody trying to connect is persistently looked for, or just the system is not popular? Or, maybe, TOR client is much less visible than I2P node and so is more secure?
Except these provisions will be known to notary who will send them to KGB before one's death.
Why do you think that it will NOT incriminate your family members? For instance, my friend's granddaddy was a hunter and left a lot of rifles and ammo. My friend does not want to surrender it due to understandable self-defense concerns (It's Soviet Russia!) but if he dies his family members should know where his arsenal is hidden.
In America, you can always find a party . In Soviet Russia, the Party always finds YOU!! So I decided to encrypt ALL my data. The data I am going to give to my heirs will be encoded with some key on bootable flash drives and entrusted to 3 different persons, each having 2/3 of total key length. Any 2 of them (but no single person) will be able to decode them. If the Party finds any one of them while I live it will be impossible to obtain the data.
It's a misunderstanding. Nominally, aGPS is the use of ALMANAC and EPHEMERIS data obtained from the network, and not from the navigation signal itself. It speeds the acquisition - and nothing more. At least, U-blox dox say so. Unfortunately, I heard that some GPS chipsets have aGPS ONLY and have NO GPS data channel. The test is simple: Ensure that your smartphone can show your position while the network is absent.
Full disclosure: I am NOT a GPS specialist (GPS specialists sit in a neighboring lab).
And BTW: The original post does not talk about GPS - only about intrusion to the phone and conversion of it to the beacon.
I believe that the encrypted communication is useless in conditions where every single fact of such communication is traced and the participants logged. and bugged. The really secure communicator should not allow any party except Alice and Bob to know the fact of communication, and any party - IP of other party or anything that allows to find them in meatspace.
Unfortunately, the only communicator I know that claims to do this is I2P The Invisible Internet Project. And it does not support VoIP.
I have heard about mesh networks, for instance, B.A.T.M.A.N. or Netsukuku. You just need a mesh network to GSM gate that impersonates your phone and sends the calls via the mesh to the endpoint router with VoIP gate. It's quite difficult to trace the mesh but all this project needs at least tens of paranoiacs around the city that keep the mesh routers up and running.
For the REALLY paranoid geek I have a variant. There are lots of GSM modules that are intended for installation in some equipment. They need some power source, keyboard and microphone to operate. You may use something like the simplest PIC controller for keyboard and microphone control and be sure that unless you explicitly turn the microphone on it will be off.
It will still be a beacon, but you can invent some countermeasures, too. Your controller can detect the transmission and duly warn you if it finds something suspicious, for instance, long transmission without calls. If you are STILL overparanoid you may add a GPS device that will just turn the phone off while in zones where you don't want to be tracked.
Stationary GSM module with WiFi link to your real phone (or to your second secret GSM phone) is to be added according to taste.
NEVER read at loud. Doing so limits your reading speed down to listening speed which is much lower. The same about thinking at loud - you should not think in words, the unspeakable thoughts are MUCH faster. The only exception is reading poetry.