I have a 2013 with 95k miles on it. I still owe about $9,000. The deal will pay me about $18,000, so I'll walk away with $9,000 in cash after paying off the loan.
I'm headed over to my dealer this weekend to see what kind of incentive he'll give me on top of that for sticking with VW. Considering new Jettas start around $15,000, I could end up with a new car (2017 model year) for almost nothing.
Let me know if you figure out how to do that with an encrypted SSD drive. You'd essentially need a boot device that was able to reach out to the Internet to get a key to unlock the 2nd stage device. It gets complicated, because then you have to secure THAT.
Then you have a major speech impediment and should probably see a therapist for it.
Using your post at a sample, I am able to read it aloud in 22 seconds at a conversational rate. This is the same rate I use reading stories aloud to my children. Using my slower, more enunciated "speech recognition" voice, usually reserved for Google input, it takes me 37 seconds and the only thing I had to correct afterwards was the ( and ) you used. That includes all of your punctuation and the automatic correction of "keboard" to "keyboard" that you missed. With Dragon Dictate, I'm closer to the 22 seconds than the 37, but I only use that at work.
Typing it out -- and I can touch type and quite a good clip -- gives me 75 seconds. That included two uses of the backspace key to correct my typing errors.
Yes, I greatly prefer to edit text using a keyboard. It allows for deliberation of thought as well as a much greater precision in actual editing. But, for just getting words to the page, even with basic formatting in place, speech recognition is by far faster.
Good for him! Most DR exercises I've seen are planned weeks, if not months in advance. They are more of a scheduled fail-over to a redundant site and not an actual disaster recovery test.
In the event of an actual disaster, there would be no recovery.
Appointed Officials are required to comply with FISMA at the very least, which means annual Security & Privacy Awareness Training.
As the person responsible for overseeing this in a Federal Executive Branch Agency, I can tell you first hand that they are required to take the training and, if they don't complete it, will lose access to the Agency IT network.
Been there, pulled the plug myself on a couple. Most know they're required and just take the training without any issues at all.
I can't speak to harassment as that is a totally different arena.
If a Senate-appointed or elected official can't pass a security background check to get clearance, they don't get clearance. It seriously impacts their job and, in the couple of cases I've seen, means they have to delegate that work down a rung or two in the ladder to a Deputy.
Not being able to get a security clearance for good cause, such as ties to a criminal enterprise or foreign government, and not something pedestrian like "your credit sucks", is usually a showstopper for Congressional Appointees. At that point they usually withdraw or resign for "personal reasons".
It would have been clintonh@state.gov. Because Gov't e-mail addresses are easily guessable, many appointed heads of Agencies have multiple different e-mail addresses. The one that follows Agency guidelines on naming -- which is a giant cesspool of spam and rants from anyone who can guess the e-mail scheme -- and one that is used to get actual work done.
And honestly, most of the people in State were probably using Outlook, which just hid it behind the simple name of "Hillary Clinton" and didn't display the actual e-mail address.
The FBI doesn't investigate "crimes", they investigate incidents to see if they maybe were crimes.
It isn't a crime until there is a criminal conviction. If you shoot someone, the police will investigate. If their investigation determines that the evidence points to justifiable homicide, then *no crime has been committed*.
Unfortunately, that example will make more sense if you happen to be black.
The whole "I don't remember getting a briefing" is such colossal bullshit. Those briefings are required by law *annually*, not just once. And she would have gotten a separate briefing when she got her clearance, and any time it was upgraded.
She understands the difference. She thinks she is above all that. Rules, like taxes, are for little people.
She didn't tell any lies about the server. She didn't know details any more than a major corporation CEO knows what actual physical server their mail runs on.
She has enough plausible deniability and can answer with enough vagueness to not be chargeable.
"That is what the people who run the thing told me."
In short, she had no real first-hand knowledge of the server setup other than it was in her basement and handled her e-mail. The rest is typical VIP know nothing blather.
Because at the time she did this is was against State Department internal regulations, but not a criminal offense.
You only put people in jail for criminal offenses that have jail as punishment codified in the law, and even then jail is usually only one of many options available as punishment.
The problem with this argument is the FBI's report does not say it was only a sentence or two. It says there were thousands of classified emails, some of which were entire classified documents, markings and all.
No, it didn't. At least Comey's summary says nothing of the sort.
"Eight of those chains contained information that was Top Secret at the time they were sent; 36 chains contained Secret information at the time; and eight contained Confidential information, which is the lowest level of classification. Separate from those, about 2,000 additional e-mails were âoeup-classifiedâ to make them Confidential; the information in those had not been classified at the time the e-mails were sent."
And...
"With respect to the thousands of e-mails we found that were not among those produced to State, agencies have concluded that three of those were classified at the time they were sent or received, one at the Secret level and two at the Confidential level. There were no additional Top Secret e-mails found. Finally, none of those we found have since been âoeup-classified.â
Finally...
"Separately, it is important to say something about the marking of classified information. Only a very small number of the e-mails containing classified information bore markings indicating the presence of classified information."
So flat out, unless you are in possession of a different report that indicates Comey made up the summary in whole cloth, you're being dishonest in your claims.
There are "little people" currently in prison for negligent handling of classified. Right now. Actually in prison.
There are also several that aren't. Administrative punishments are common, depending on the material in question, and the circumstances. In some cases, absolutely nothing was done.
For example, all of the people who accessed the early Wikileaks stuff and those people who accessed the Guardian articles that contained the Snowden material. There was an entire PR campaign directed at Executive Branch Agencies reminding people that "until officially declassified, just because it is published in public doesn't mean you can read it".
I personally contacted DHS regarding multiple "classified spills" surrounding the Wikileaks material being accessed on non-Classified systems and sent around in e-mail. Their answer? "Delete it and remind people not to do that. No, you don't have to destroy you entire MS Exchange storage array."
Under your criteria, hundreds of people would have been put in jail. They weren't and some of that Snowden stuff was SCI/Code word.
The Wikileaks stuff in 2010 was Bradley Manning's leak of, mostly, diplomatic cables -- exactly the type of stuff Clinton was dealing with -- except Clinton's was indirect reference (e-mail about) not full cables. In other words, de minimis.
According to your gross misunderstanding of our classification system, what crime did Petraeus commit? He had a clearance, and his girlfriend had a clearance. If "had a clearance" is good enough to excuse Clinton, then why was it not good enough to excuse Patraeus?
You're baiting him. You know the difference, which is Patraeus committed a conscious, direct act in knowingly and intentionally giving classified material to a person who was not authorized to have it. Clearance or not, she didn't have the necessary "need to know".
He also explicitly and directly lied to the FBI investigators by flat out denying he did it. Hillary has been very indirect and there is no indication she every did ANYTHING remotely similar to Patraeus.
There is a significant difference between "here is my notebook loaded with TS/SCI material that you shouldn't see" and, to the FBI, "never happened"; and "received or sent e-mail that may have contained a sentence or two copy-pasted from (95%) Confidential material".
Did you watch Citizenfour? There were a couple scenes in there, IIRC, where comments were made about a "second leaker". I believe there were also mentions in some of the Guardian articles as well. Not a lot in either, but definite indications the Snowden was not the only one.
It has been a while since I've dug thru the DoC EAR, but from what I remember -- and what I seem to glean from digging thru your link to the Fed Reg -- is that most of this applies only if you're using proprietary encryption. The use of open source algorithms where you provide the relevant source code, such as using AES, Blowfish, or TwoFish, is an exemption.
To be clear, I'm talking about mass market stuff which gets the MMKT designation, nor crypto gear primarily sold to foreign governments.
If using only the published, open source stuff for crypto, then the exporter has only to file the paperwork. The 30-day delay was removed, and there is no real "review request", the paperwork is just on file.
RSA fits the bill just fine, and there is no restriction that I can find for using ginormous keys -- 4,096 bits and beyond.
Feel free to use Elliptic Curve instead of RSA, avoiding Dual EC DRBG (obviously) and the NIST recommended curves if you're paranoid.
I understand that exporting certain hardware requires paperwork, but I'm firmly in the camp of thinking that states "proprietary encryption should be avoided at all costs".
Yeah...Rijndael was developed by a couple of Belgian cryptographers, yet chosen through open and well participated public competition to be AES. What exactly is wrong with it, or the way NIST conducted the selection process?
Please differentiate between algorithms and actual implementation code.
You're forgetting the difference between a flaw and the path to exploiting a flaw. The flaw can exist in silicon, but it needs software to exploit it. You can safely run flawed code all day if you are in tight control of the software executing on the system. It isn't until you run untrusted code that you have a problem.
This is why Java is such a vector. Once you connect it to a browser, you're blindly running someone else's untrusted code on your JVM.
When Java is used in an EE environment, not hooked to a browser, then it is much safer simply because exploit code doesn't have a path to any flaw.
Slashdot Mirror
Uh, what? That has to be a typo.
I have a 2013 with 95k miles on it. I still owe about $9,000. The deal will pay me about $18,000, so I'll walk away with $9,000 in cash after paying off the loan.
I'm headed over to my dealer this weekend to see what kind of incentive he'll give me on top of that for sticking with VW. Considering new Jettas start around $15,000, I could end up with a new car (2017 model year) for almost nothing.
It most certainly can if you can recover the costs by capturing the customers in Apple's ecosystem.
This would be a variation of the razor-blade model of sales.
Let me know if you figure out how to do that with an encrypted SSD drive. You'd essentially need a boot device that was able to reach out to the Internet to get a key to unlock the 2nd stage device. It gets complicated, because then you have to secure THAT.
That would mean it couldn't reboot unless you were physically right there -- making it useless for any form of remote application.
Then you have a major speech impediment and should probably see a therapist for it.
Using your post at a sample, I am able to read it aloud in 22 seconds at a conversational rate. This is the same rate I use reading stories aloud to my children. Using my slower, more enunciated "speech recognition" voice, usually reserved for Google input, it takes me 37 seconds and the only thing I had to correct afterwards was the ( and ) you used. That includes all of your punctuation and the automatic correction of "keboard" to "keyboard" that you missed. With Dragon Dictate, I'm closer to the 22 seconds than the 37, but I only use that at work.
Typing it out -- and I can touch type and quite a good clip -- gives me 75 seconds. That included two uses of the backspace key to correct my typing errors.
Yes, I greatly prefer to edit text using a keyboard. It allows for deliberation of thought as well as a much greater precision in actual editing. But, for just getting words to the page, even with basic formatting in place, speech recognition is by far faster.
The primary security concern is the balcony not being big enough or strong enough to support Julian's ego.
Good for him! Most DR exercises I've seen are planned weeks, if not months in advance. They are more of a scheduled fail-over to a redundant site and not an actual disaster recovery test.
In the event of an actual disaster, there would be no recovery.
I'm heartened to see SOMEONE does it right.
Appointed Officials are required to comply with FISMA at the very least, which means annual Security & Privacy Awareness Training.
As the person responsible for overseeing this in a Federal Executive Branch Agency, I can tell you first hand that they are required to take the training and, if they don't complete it, will lose access to the Agency IT network.
Been there, pulled the plug myself on a couple. Most know they're required and just take the training without any issues at all.
I can't speak to harassment as that is a totally different arena.
If a Senate-appointed or elected official can't pass a security background check to get clearance, they don't get clearance. It seriously impacts their job and, in the couple of cases I've seen, means they have to delegate that work down a rung or two in the ladder to a Deputy.
Not being able to get a security clearance for good cause, such as ties to a criminal enterprise or foreign government, and not something pedestrian like "your credit sucks", is usually a showstopper for Congressional Appointees. At that point they usually withdraw or resign for "personal reasons".
It would have been clintonh@state.gov. Because Gov't e-mail addresses are easily guessable, many appointed heads of Agencies have multiple different e-mail addresses. The one that follows Agency guidelines on naming -- which is a giant cesspool of spam and rants from anyone who can guess the e-mail scheme -- and one that is used to get actual work done.
And honestly, most of the people in State were probably using Outlook, which just hid it behind the simple name of "Hillary Clinton" and didn't display the actual e-mail address.
To determine if it was a criminal offense.
The FBI doesn't investigate "crimes", they investigate incidents to see if they maybe were crimes.
It isn't a crime until there is a criminal conviction. If you shoot someone, the police will investigate. If their investigation determines that the evidence points to justifiable homicide, then *no crime has been committed*.
Unfortunately, that example will make more sense if you happen to be black.
The whole "I don't remember getting a briefing" is such colossal bullshit. Those briefings are required by law *annually*, not just once. And she would have gotten a separate briefing when she got her clearance, and any time it was upgraded.
She understands the difference. She thinks she is above all that. Rules, like taxes, are for little people.
Are you saying it couldn't handle Bubba's load? What, did they name the server "Monica"?
monica.clintonmail.com
"I'm sorry about your lack of e-mail communication with Bill, Mrs. Clinton. It seems monica went down again. We're working on it."
She didn't tell any lies about the server. She didn't know details any more than a major corporation CEO knows what actual physical server their mail runs on.
She has enough plausible deniability and can answer with enough vagueness to not be chargeable.
"That is what the people who run the thing told me."
In short, she had no real first-hand knowledge of the server setup other than it was in her basement and handled her e-mail. The rest is typical VIP know nothing blather.
Because at the time she did this is was against State Department internal regulations, but not a criminal offense.
You only put people in jail for criminal offenses that have jail as punishment codified in the law, and even then jail is usually only one of many options available as punishment.
BDXL ranges between 100 Gb and 128 Gb per disc, if you want to go that way. For durability, use M-Disc for 1,000 year storage.
Fine, then name one country. Even Saudi Arabia makes women remove their veils for State ID photos.
The problem with this argument is the FBI's report does not say it was only a sentence or two. It says there were thousands of classified emails, some of which were entire classified documents, markings and all.
No, it didn't. At least Comey's summary says nothing of the sort.
https://www.fbi.gov/news/pressrel/press-releases/statement-by-fbi-director-james-b-comey-on-the-investigation-of-secretary-hillary-clinton2019s-use-of-a-personal-e-mail-system
"Eight of those chains contained information that was Top Secret at the time they were sent; 36 chains contained Secret information at the time; and eight contained Confidential information, which is the lowest level of classification. Separate from those, about 2,000 additional e-mails were âoeup-classifiedâ to make them Confidential; the information in those had not been classified at the time the e-mails were sent."
And...
"With respect to the thousands of e-mails we found that were not among those produced to State, agencies have concluded that three of those were classified at the time they were sent or received, one at the Secret level and two at the Confidential level. There were no additional Top Secret e-mails found. Finally, none of those we found have since been âoeup-classified.â
Finally...
"Separately, it is important to say something about the marking of classified information. Only a very small number of the e-mails containing classified information bore markings indicating the presence of classified information."
So flat out, unless you are in possession of a different report that indicates Comey made up the summary in whole cloth, you're being dishonest in your claims.
An insightful read: http://www.politico.com/magazine/story/2016/03/the-forgotten-1957-trial-that-explains-our-countrys-bizarre-whistleblower-laws-213771
There are "little people" currently in prison for negligent handling of classified. Right now. Actually in prison.
There are also several that aren't. Administrative punishments are common, depending on the material in question, and the circumstances. In some cases, absolutely nothing was done.
For example, all of the people who accessed the early Wikileaks stuff and those people who accessed the Guardian articles that contained the Snowden material. There was an entire PR campaign directed at Executive Branch Agencies reminding people that "until officially declassified, just because it is published in public doesn't mean you can read it".
I personally contacted DHS regarding multiple "classified spills" surrounding the Wikileaks material being accessed on non-Classified systems and sent around in e-mail. Their answer? "Delete it and remind people not to do that. No, you don't have to destroy you entire MS Exchange storage array."
Under your criteria, hundreds of people would have been put in jail. They weren't and some of that Snowden stuff was SCI/Code word.
The Wikileaks stuff in 2010 was Bradley Manning's leak of, mostly, diplomatic cables -- exactly the type of stuff Clinton was dealing with -- except Clinton's was indirect reference (e-mail about) not full cables. In other words, de minimis.
According to your gross misunderstanding of our classification system, what crime did Petraeus commit? He had a clearance, and his girlfriend had a clearance. If "had a clearance" is good enough to excuse Clinton, then why was it not good enough to excuse Patraeus?
You're baiting him. You know the difference, which is Patraeus committed a conscious, direct act in knowingly and intentionally giving classified material to a person who was not authorized to have it. Clearance or not, she didn't have the necessary "need to know".
He also explicitly and directly lied to the FBI investigators by flat out denying he did it. Hillary has been very indirect and there is no indication she every did ANYTHING remotely similar to Patraeus.
There is a significant difference between "here is my notebook loaded with TS/SCI material that you shouldn't see" and, to the FBI, "never happened"; and "received or sent e-mail that may have contained a sentence or two copy-pasted from (95%) Confidential material".
Did you watch Citizenfour? There were a couple scenes in there, IIRC, where comments were made about a "second leaker". I believe there were also mentions in some of the Guardian articles as well. Not a lot in either, but definite indications the Snowden was not the only one.
I was wondering what happened to #2...
It has been a while since I've dug thru the DoC EAR, but from what I remember -- and what I seem to glean from digging thru your link to the Fed Reg -- is that most of this applies only if you're using proprietary encryption. The use of open source algorithms where you provide the relevant source code, such as using AES, Blowfish, or TwoFish, is an exemption.
To be clear, I'm talking about mass market stuff which gets the MMKT designation, nor crypto gear primarily sold to foreign governments.
If using only the published, open source stuff for crypto, then the exporter has only to file the paperwork. The 30-day delay was removed, and there is no real "review request", the paperwork is just on file.
RSA fits the bill just fine, and there is no restriction that I can find for using ginormous keys -- 4,096 bits and beyond.
Feel free to use Elliptic Curve instead of RSA, avoiding Dual EC DRBG (obviously) and the NIST recommended curves if you're paranoid.
I understand that exporting certain hardware requires paperwork, but I'm firmly in the camp of thinking that states "proprietary encryption should be avoided at all costs".
Yeah...Rijndael was developed by a couple of Belgian cryptographers, yet chosen through open and well participated public competition to be AES. What exactly is wrong with it, or the way NIST conducted the selection process?
Please differentiate between algorithms and actual implementation code.
What federal regulation would that be? "Export grade encryption" restrictions were removed back in 1996. It has been 20 years already (OMG, I'm old).
There is no federal regulation that I am aware of that limits key length. Citation please.
So one motive down, dozens of other possible motives remain and professional assassin is not high in statistical probability.
When you hear hooves, you should think horses and not stampeding okapi. Occam's Razor and all that.
You're forgetting the difference between a flaw and the path to exploiting a flaw. The flaw can exist in silicon, but it needs software to exploit it. You can safely run flawed code all day if you are in tight control of the software executing on the system. It isn't until you run untrusted code that you have a problem.
This is why Java is such a vector. Once you connect it to a browser, you're blindly running someone else's untrusted code on your JVM.
When Java is used in an EE environment, not hooked to a browser, then it is much safer simply because exploit code doesn't have a path to any flaw.
And rightfully so, considering Apple designs their own processors and codes the drivers now.