"That so-called webmasters think they are guarding access by only encrypting/authenticating the login amuses me."
..which is why you need to let real webmasters get on with it and not try it yourself. We are protecting -something-; it's your loss if you cannot work out what that is.
Because random data looks like real data, or mashed up real data, or encrypted data. Or whatever. All zeros on an in-use drive would make me suspicious:-)
Nope.. it works just fine; it will write a new value to each end every storage location in the device. Eventually this will overwrite every bit of data stored there including the coolstuff.rar file. It cannot fail, also see my previous post; there is no secret extra storage for the data to hide in and avoid overwriting.
But the sudo rm -rf/mountpoint trick will also work quite effectively because the wear levelling stuff also responds to it and modifies the disk structure severely enough in a short timeframe that the disk becomes 'corrupted' as -evidence-. This is despite the fact that fragments of data still remain and are recoverable, it's just that a slick lawyer will ask the defence to prove the data is unmodified; which they will be unable to do.
Piping random shit to every cell on the device will still be better if you have time.
Nope.. that command will write a random data packet to every storage location on the device. That's why I'm writing to/dev
$ cat/dev/urandom | dd of=/dev/ssdX
A common misconceptions with SSD's is that their cells 'wear out'; so there is some magic 'hidden space' that only becomes available when other cells 'die'. This is nonsense.. once a cell has worn out it is dead; and the disk capacity is reduced by that amount. No secret extra storage will appear to take it's place.
Wear levelling is just a mechanism to spread out the write cycles evenly over the cells; so that you do not get 'dead spots' where files are being constantly written. It's ultimate goal is to ensure the disk 'wears out' all in one go; rather then piece by piece.
What wear levelling gives with one hand (performance and life) at the expense of the OS never knowing in which memory cell the data has -actually- been stored; making targeted deletion runreliable..
..it takes back with the other; deleted files will begin to be overwritten very rapidly when new data arrives; whatever the OS thinks about it, data recovery, even using specialist tooling, will struggle to get complete files or metadata from the media if the drive has seen some real use after the data was deleted.
and, most importantly:
$ cat/dev/urandom >>/dev/ssdX
Just needs to be run once to -really- bollox an investigation..
When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation.
To what end? Does it record the call and then transfer the audio somewhere? or is there a whole army of hackers waiting to 'listen in' on the calls as they get conferenced to some central numbers. Oh, and what are these numbers and has anybody tried calling them?
Or does it just add costs to your call by turning it into a conference call? If so does one particular Telco benefit?
Agreed. As far as I can tell Googles plan is supposed to go like:
1) Gather last digits of SSNs from kids who like art, live in US and can get an online form filled in. 2) Spend a bit of processing power turning the partial SSN into a guess at the full SSN. And dance round laughing like maniacs having stolen almost several thousands of artistic kids SSN's. 3) ?? 4) Profit!
Jeez.. looks like they ARE evil then.. I'd just never spotted it before.
Or maybe they have been hired by a someone who is dyslexic to get the SSN's of Autistic kids, but the plan went predictably wrong.
Actually I think of this sort of article as an 'idiot trap'. - What Google are doing is seeding stories like this so they can generate a list of 'online losers who will fall for anything delivered in a stern 'anti-Google voice of authority'. - Then they will complete their fortune by targeted selling of special 'anti google' tinfoil lined beenies to them later on.
"FBI... Mastercard... Paypal... Visa....' blah... 'Some deep pockets'.. blah...
yes.. but in those deep pockets are their own hands firmly grasped around their own dicks..
That is a list of stagnating unintelligent grunts who have only got where they are by buying other peoples work and then aggressively maintaining their monopolies by force (through the medium of money, collusion, corruption and occasional broken legs). The only name there worth technical s**t is Amazon.
I doubt if they will find many worthwhile whitehats who would work for them no matter how much money they offer... Unreliable whitehats will, however, be crawling out of the woodwork as we speak... each of them after a slice of the 'anonymous bashing' cake.
The bit where they used his own twitter feed to announce and link to the release of the 'document' that he was going to sell to the Feds was quite funny too:-D
Usage statistics based on the store usage data will not be 100% accurate.. but will still be much more accurate than random slashdot trolls making shite guesses about things they do not understand.
Does it clearly state that it collects -all- search results; including results for other search providers?
If it does not; then it is a classic wonks 'lie by omission'; done because they know that normal people (eg. excepting the deeply paranoid and/. trolls) would assume that they looked at their own results and kept their filthy thieving hands out of data not specific to their specific product (bing).
There is probably a good car analogy in this but I cant think of it..
Slashdot Mirror
The scary thing is that the last one is real!
Fair point; it's the language that gets my attention.
standard family broadband connections are often hard to locate, even to county-level accuracy
Advertisers rarely seem to be affected by this; every time I plug my laptop in while abroad the adverts change to the current locale..
SSL for virtual hosts is a server side problem, at least for name based hosts; the browser is irrelevant.
"That so-called webmasters think they are guarding access by only encrypting/authenticating the login amuses me."
..which is why you need to let real webmasters get on with it and not try it yourself. We are protecting -something-; it's your loss if you cannot work out what that is.
"I really do not appreciate the thought that the US military might be taking an active, covert role in my country's political and social dialogue."
Glad you could join us; Welcome to the world as it has been for the last 50 years..
Commies! Upsetting the peaceful internets.. shoot 'em
Why randomish data? Why not just zeroes?
Because random data looks like real data, or mashed up real data, or encrypted data. Or whatever. All zeros on an in-use drive would make me suspicious :-)
Nope.. it works just fine; it will write a new value to each end every storage location in the device. Eventually this will overwrite every bit of data stored there including the coolstuff.rar file. It cannot fail, also see my previous post; there is no secret extra storage for the data to hide in and avoid overwriting.
But the sudo rm -rf /mountpoint trick will also work quite effectively because the wear levelling stuff also responds to it and modifies the disk structure severely enough in a short timeframe that the disk becomes 'corrupted' as -evidence-. This is despite the fact that fragments of data still remain and are recoverable, it's just that a slick lawyer will ask the defence to prove the data is unmodified; which they will be unable to do.
Piping random shit to every cell on the device will still be better if you have time.
Nope.. that command will write a random data packet to every storage location on the device. That's why I'm writing to /dev
$ cat /dev/urandom | dd of=/dev/ssdX
A common misconceptions with SSD's is that their cells 'wear out'; so there is some magic 'hidden space' that only becomes available when other cells 'die'. This is nonsense.. once a cell has worn out it is dead; and the disk capacity is reduced by that amount. No secret extra storage will appear to take it's place.
Wear levelling is just a mechanism to spread out the write cycles evenly over the cells; so that you do not get 'dead spots' where files are being constantly written. It's ultimate goal is to ensure the disk 'wears out' all in one go; rather then piece by piece.
6 seconds of confusion followed by a minute of laughter.. rankyou!
What wear levelling gives with one hand (performance and life) at the expense of the OS never knowing in which memory cell the data has -actually- been stored; making targeted deletion runreliable..
and, most importantly:
$ cat /dev/urandom >> /dev/ssdX
Just needs to be run once to -really- bollox an investigation..
Does LamePal already have a financial/military sector corporate pimp?
Or is this just another displaying of the wares to attract one?
That's true; only capture calls made to known bank customer service lines etc.. then just listen to them manually..
All that takes is a keylogger, I was wondering about the apparent desire to capture audio data.
When users are making phone calls, the spyware automatically adds itself to the call to monitor the conversation.
To what end? Does it record the call and then transfer the audio somewhere? or is there a whole army of hackers waiting to 'listen in' on the calls as they get conferenced to some central numbers. Oh, and what are these numbers and has anybody tried calling them?
Or does it just add costs to your call by turning it into a conference call? If so does one particular Telco benefit?
Agreed. As far as I can tell Googles plan is supposed to go like:
1) Gather last digits of SSNs from kids who like art, live in US and can get an online form filled in.
2) Spend a bit of processing power turning the partial SSN into a guess at the full SSN. And dance round laughing like maniacs having stolen almost several thousands of artistic kids SSN's.
3) ??
4) Profit!
Jeez.. looks like they ARE evil then.. I'd just never spotted it before.
Or maybe they have been hired by a someone who is dyslexic to get the SSN's of Autistic kids, but the plan went predictably wrong.
Actually I think of this sort of article as an 'idiot trap'.
- What Google are doing is seeding stories like this so they can generate a list of 'online losers who will fall for anything delivered in a stern 'anti-Google voice of authority'.
- Then they will complete their fortune by targeted selling of special 'anti google' tinfoil lined beenies to them later on.
Wait for this guy to be told to STFU; If you don't have mass hysteria how can you have a mass clampdown?
What keeps him in power so long? You mean apart from owning the press, subverting due process and being beloved by the police?
The funny thing is that put that way; he sounds just like most of our beloved leaders.
"FBI... Mastercard... Paypal... Visa....' blah... 'Some deep pockets'.. blah...
yes.. but in those deep pockets are their own hands firmly grasped around their own dicks..
That is a list of stagnating unintelligent grunts who have only got where they are by buying other peoples work and then aggressively maintaining their monopolies by force (through the medium of money, collusion, corruption and occasional broken legs). The only name there worth technical s**t is Amazon.
I doubt if they will find many worthwhile whitehats who would work for them no matter how much money they offer... Unreliable whitehats will, however, be crawling out of the woodwork as we speak... each of them after a slice of the 'anonymous bashing' cake.
The bit where they used his own twitter feed to announce and link to the release of the 'document' that he was going to sell to the Feds was quite funny too :-D
Updates to applications are done via the store.
The store has been around for a long time.
Usage statistics based on the store usage data will not be 100% accurate.. but will still be much more accurate than random slashdot trolls making shite guesses about things they do not understand.
Unless you delete the appstore it will be a current measure, because the app store is accessed when you look for updates.
Does it clearly state that it collects -all- search results; including results for other search providers?
If it does not; then it is a classic wonks 'lie by omission'; done because they know that normal people (eg. excepting the deeply paranoid and /. trolls) would assume that they looked at their own results and kept their filthy thieving hands out of data not specific to their specific product (bing).
There is probably a good car analogy in this but I cant think of it..
Yeah.. but the Nassa comment is from Michael Totten; and here is another:
"If you don’t join us now, when Saddam’s regime falls and Iraqis cheer the US Marines, you are really going to feel like a jackass."
The bloke is a jerk.. why are you quoting him? because it reinforces your islamaphobia?