Where I live, people are not criminally liable for other people's actions, so no, I wouldn't be liable for someone doing something illegal through my network.
"for other people's actions" applies if the evidence is interpreted to show that it wasn't actually you, when it shows the incriminating traffic coming from your IP address. You can try your luck with "it wasn't me, it was somebody who hacked my router" and maybe you will succeed (after being raided and possibly arrested) but it is not as straightforward as you might think. At least in the US and Canada, from what I've seen, this often gets the same reaction as when saying something like "the evidence was planted in my house" (i.e. the onus becomes on you to prove it as opposed to the "assumed innocent until proven guilty"). It may be different in Europe and other places.
You did not say what "short" means to you. As I told you even a minute is too short for obvious reasons, so I gave you the benefit of the doubt and thought you meant something more than that. If you meant polling every few seconds then your idea is even worse (completely useless in practice).
I still use WEP on my home network, because I still have a few devices that simply won't reliably do anything better. I figure that this is largely ok because:
1. Everything I do over the wireless network internally is using encrypted protocols anyway, and I wouldn't be using non-encrypted protocols for transporting sensitive data externally anyway.
2. There are a bunch of my neighbours' completely unsecured APs visible from my house so I figure if someone is interested in cracking a wireless network, they're probably going to go for the easy option and use one of those networks rather than cracking my WEP key.
Cracking a WEP key takes minutes and almost zero effort if there is already traffic on the network (and a bit more if there isn't). There may be completely unsecured APs around but whether they are actually as usable as yours depends on 1) the signal quality and 2) how many others are connected to these open APs and sucking up bandwidth. You say that everything using the network is encrypted but that is only half of the problem. The other half is somebody using your network to do (very) illegal things on the internet, all of which you would be potentially liable for. That is, unless you require VPN authentication before allowing internet access.
And if I were to get a little text file like that, how would I know that you didn't actually tamper something else in the process.
You cannot know whether anyone tampered with your files regardless of whether the text file was put there. That's the whole point of letting you know about the problem: anyone can do whatever they want with your files and hopefully after you see the file you will take steps to fix that.
You still don't get it. The point is that if it weren't for NAT, it would not be neccesery to poll or to do keep-alive. This is only made more important by the problems of wireless connections that you are talking about because they make keep-alive more difficult. Also, how does your brilliant idea of polling work with VoIP? Should people calling me wait for minutes until my device polls? (not to mention that as it was previously mentioned, polling every few minutes is terrible from power management perspective)
Entanglement only gives you correlations between the two sides, nothing more. You always need a second, classical, link, which in this case would be radio or laser. The only thing you can send with entanglement itself is random numbers. This does have some uses in encryption but is hardly neccesery, unless all symmetric ciphers somehow get broken. And it does severly limit your bandwidth compared to using just radio/laser.
Why would you want to use quantum entanglement for communication with Mars? If you are after faster-than-light communication, quantum entanglement is not going to help you. (and it is extremely unlikely anything else would either)
The point is, the statement was known to be false even when it was originially made, regardless of who made it. This is simply not the case with "cold fusion". In fact, most of the people who still insist on it are not even claiming that it's fusion anymore. Last I heard the current theory had something to do with the weak nuclear force instead, and there are still no published peer-reviewed results.
Not any harder or easier than any other number of possible plaintexts, ecrypted with the same key. In modern crypto, knowing the plaintext is irrelelvant (even if you know exactly what it is), only the quality of the key matters. If the key is apropriately random and unknown to the attackers, then they will have to brute force the entire keyspace to get to the pins, same as any other encrypted piece of information.
In general, many of these bugs (both in iOS and Android) do not necceserily require physical access, even if that is the easiest way to use them. Ultimately they are just a regular app without any special permissions that, once up and running, use a traditional privilege-escalation type of exploit to gain root privileges on the device and complete its job.
It's right there in the paper referenced in the summary. Figure 2 (also available here) shows you the diagram for 2008 and earlier models, where the LED is connected to the STANDBY line, which normally gives you what you expect but can be disabled in software, which is what they did.
No, it's a perfectly normal feature. This is a general-purpose image sensor that has many different applications. Some of them benefit from using the STANDBY line, others don't. So, naturally, the image sensor will give the designer the choice of whether to use it or not.
The important point here is that the STANDBY line was never meant to be a security feature (most likely it has to do with power saving). The people who designed the laptop and chose to use it in such a way either didn't think it through or simply didn't care enough.
On the contrary, if you are talking about real engineering (i.e. the type that requires a license to practice), this is quite normal. You as a manager simply do not have a choice. If you need a Professional Engineer to design something and to put his/her stamp on it at the end, you have to play by their rules. This is not always a good thing in practice but this is how it is and is the norm, not the exception.
It is a common misconception. The laws of quantum mechanics, as they are currently known, do not allow any possibility of faster then light communication.
That's not how SETI works. The only thing they try to detect are very high-power, high-gain signals, intenionally aimed at us, or possibly military radar that is very close.
Signals intended for local communication would not be detectable past the nearest star and that has always been the case, unless we are talking about impractically large receiving antennas (orders of magnutude bigger than our planet) but even then it would only work no more than 10 light years or so.
Slashdot Mirror
Where I live, people are not criminally liable for other people's actions, so no, I wouldn't be liable for someone doing something illegal through my network.
"for other people's actions" applies if the evidence is interpreted to show that it wasn't actually you, when it shows the incriminating traffic coming from your IP address. You can try your luck with "it wasn't me, it was somebody who hacked my router" and maybe you will succeed (after being raided and possibly arrested) but it is not as straightforward as you might think. At least in the US and Canada, from what I've seen, this often gets the same reaction as when saying something like "the evidence was planted in my house" (i.e. the onus becomes on you to prove it as opposed to the "assumed innocent until proven guilty"). It may be different in Europe and other places.
You did not say what "short" means to you. As I told you even a minute is too short for obvious reasons, so I gave you the benefit of the doubt and thought you meant something more than that. If you meant polling every few seconds then your idea is even worse (completely useless in practice).
I still use WEP on my home network, because I still have a few devices that simply won't reliably do anything better. I figure that this is largely ok because:
1. Everything I do over the wireless network internally is using encrypted protocols anyway, and I wouldn't be using non-encrypted protocols for transporting sensitive data externally anyway.
2. There are a bunch of my neighbours' completely unsecured APs visible from my house so I figure if someone is interested in cracking a wireless network, they're probably going to go for the easy option and use one of those networks rather than cracking my WEP key.
Cracking a WEP key takes minutes and almost zero effort if there is already traffic on the network (and a bit more if there isn't). There may be completely unsecured APs around but whether they are actually as usable as yours depends on 1) the signal quality and 2) how many others are connected to these open APs and sucking up bandwidth. You say that everything using the network is encrypted but that is only half of the problem. The other half is somebody using your network to do (very) illegal things on the internet, all of which you would be potentially liable for. That is, unless you require VPN authentication before allowing internet access.
And if I were to get a little text file like that, how would I know that you didn't actually tamper something else in the process.
You cannot know whether anyone tampered with your files regardless of whether the text file was put there. That's the whole point of letting you know about the problem: anyone can do whatever they want with your files and hopefully after you see the file you will take steps to fix that.
You still don't get it. The point is that if it weren't for NAT, it would not be neccesery to poll or to do keep-alive. This is only made more important by the problems of wireless connections that you are talking about because they make keep-alive more difficult. Also, how does your brilliant idea of polling work with VoIP? Should people calling me wait for minutes until my device polls? (not to mention that as it was previously mentioned, polling every few minutes is terrible from power management perspective)
Entanglement only gives you correlations between the two sides, nothing more. You always need a second, classical, link, which in this case would be radio or laser. The only thing you can send with entanglement itself is random numbers. This does have some uses in encryption but is hardly neccesery, unless all symmetric ciphers somehow get broken. And it does severly limit your bandwidth compared to using just radio/laser.
Why would you want to use quantum entanglement for communication with Mars? If you are after faster-than-light communication, quantum entanglement is not going to help you. (and it is extremely unlikely anything else would either)
This is simply not the case with "cold fusion".
That should, of course, say "is not the case with the criticism of "cold fusion".
The point is, the statement was known to be false even when it was originially made, regardless of who made it. This is simply not the case with "cold fusion". In fact, most of the people who still insist on it are not even claiming that it's fusion anymore. Last I heard the current theory had something to do with the weak nuclear force instead, and there are still no published peer-reviewed results.
Not any harder or easier than any other number of possible plaintexts, ecrypted with the same key. In modern crypto, knowing the plaintext is irrelelvant (even if you know exactly what it is), only the quality of the key matters. If the key is apropriately random and unknown to the attackers, then they will have to brute force the entire keyspace to get to the pins, same as any other encrypted piece of information.
In general, many of these bugs (both in iOS and Android) do not necceserily require physical access, even if that is the easiest way to use them. Ultimately they are just a regular app without any special permissions that, once up and running, use a traditional privilege-escalation type of exploit to gain root privileges on the device and complete its job.
It's right there in the paper referenced in the summary. Figure 2 (also available here) shows you the diagram for 2008 and earlier models, where the LED is connected to the STANDBY line, which normally gives you what you expect but can be disabled in software, which is what they did.
Could be a debug bit
No, it's a perfectly normal feature. This is a general-purpose image sensor that has many different applications. Some of them benefit from using the STANDBY line, others don't. So, naturally, the image sensor will give the designer the choice of whether to use it or not.
The important point here is that the STANDBY line was never meant to be a security feature (most likely it has to do with power saving). The people who designed the laptop and chose to use it in such a way either didn't think it through or simply didn't care enough.
On the contrary, if you are talking about real engineering (i.e. the type that requires a license to practice), this is quite normal. You as a manager simply do not have a choice. If you need a Professional Engineer to design something and to put his/her stamp on it at the end, you have to play by their rules. This is not always a good thing in practice but this is how it is and is the norm, not the exception.
It is a common misconception. The laws of quantum mechanics, as they are currently known, do not allow any possibility of faster then light communication.
That's not how SETI works. The only thing they try to detect are very high-power, high-gain signals, intenionally aimed at us, or possibly military radar that is very close.
Signals intended for local communication would not be detectable past the nearest star and that has always been the case, unless we are talking about impractically large receiving antennas (orders of magnutude bigger than our planet) but even then it would only work no more than 10 light years or so.