It's extremely difficult to keep track of where bombs fell... Even if you keep records of all the targets, there were many bombs that fell short of their targets for various reasons.
This was a time of WAR, against an extremely aggressive and efficient enemy with advanced technology and very few limits to the lengths they will go to in order to win. You take *any* advantage you can in a war like this, and being ruthless is an advantage.
If you show any form of weakness to a ruthless enemy they will exploit it. If you show that you are unwilling to endanger the lives of kids, they will build schools inside their military bases to stop you bombing them. Also keep in mind that membership of the hitler youth was mandatory, these kids received brainwashing through nazi propaganda on a routine basis. Kids are quite impressionable and probably believed the propaganda, and would not have hesitated to drop bombs on british kids if given the chance.
Building simple weapons is also an advantage... A cylindrical bomb provides many advantages over a more accurate but complex shape with fins etc...
Cylinders fit better into the cylindrical fuselages of aircraft, with less wasted space. Deliver more explosives per mission. Simpler weapons are easier and cheaper to make, as are the manufacturing tools which are used during their construction. The people doing the construction also require less training. This is extremely important in a war not only because you want to produce as many bombs as you can, but also because the enemy will be trying their best to disrupt your production and you want to be able to recover quickly if they do.
Also keep in mind that many bombs won't even make it to the target, the enemy will be attempting to shoot down the aircraft before they reach the target. Some of those bombs will end up going down with the aircraft, or being dropped on a random target by an aircraft that is too damaged to make its way to the target.
Not really, many people don't or can't upgrade for a variety of reasons...
No admin rights. Slow or metered connection (updates are large). Older OS that won't run the newer versions of chrome. Updates turned off for whatever reason.
There's the key point, you started on mainframes so you were never locked in to the windows way of doing things... users who start out on windows tend to get stuck there.
Those are all niche use cases... How do you cut someone's hair, construct a building or plough a field using a desktop? You don't...
For the vast majority of office workers who make use of a computer for their day to day tasks, a mobile platform is more than adequate to their needs, possibly with a bluetooth keyboard if they want to input lots of data (although speech to text is actually better for a lot of people who aren't fast typists).
Most users don't do much multitasking... They tend to have one application running full screen at any one time and switch between them occasionally. The multitasking abilities of mobile platforms may not be suited to geeks who run many things at once, but they are well suited to the average use case.
Business users are however moving more to web based applications... Once enough of their applications are delivered this way, the lock-in keeping windows desktops around is broken and you can use anything you like to access the web based applications. Given the requirement of "running a browser", very few people are going to choose windows above any of the other options out there, and linux becomes an obvious choice for business even if only based on cost.
Well that's the difference between a white hat researcher who's trying to demonstrate a point, and a nefarious actor who's trying to commit fraud...
Someone out to commit fraud will not take the cards to the restaurant themselves, instead they'll do other things with gift cards like:
Spend them online to have goods sent to a suitably anonymous location. Recruit mules to do the risky work of actually using the cards in person. Sell the cards to unsuspecting third parties.
And probably do all of these things while operating in a country outside of the reach of the law enforcement agencies that their victims are likely to contact.
All the time... Because MANY things in law are based on authorization to do something... A contract can grant such authorization.
Taking items from a shop is illegal, its commonly referred to as shoplifting or stealing. But if you comply with the terms set out by the shop owner (usually payment an arbitrary amount depending what you want to take) then the shop authorizes you to take certain goods, which is therefore no longer illegal.
It's possible to make an agreement with a home removal company giving them the right to enter your house and take your property, and people make such agreements all the time. Entering a residence and removing property is perfectly legal when authorization has been granted either by the owner of the residence or a legal authority with appropriate jurisdiction.
Who's to say you couldnt enter an agreement with microsoft giving them the right to enter your property and take anything they want? The fact that you agreed to a set of terms without properly reading or understanding them is your fault.
To enable the activation function and validation checks, the software may from time to time require updates or additional downloads of the validation, licensing or activation functions of the software. The updates or downloads are required for the proper functioning of the software and may be downloaded and installed without further notice to you.
So under the excuse of "license checks" they may download and execute arbitrary code on your machine without notifying you. Windows 10 includes new license checking code, so you've given them the right to download and install it silently under this clause.
Section 7a says:
a. Consent for Internet-Based Services. The software features described below and in the Windows 7 Privacy Statement connect to Microsoft or service provider computer systems over the Internet. In some cases, you will not receive a separate notice when they connect. In some cases, you may switch off these features or not use them.
It may connect to microsoft or their affiliates, and may not notify you of doing so. You can only switch this off "in some cases" - ie they are leaving the door open for services which cannot be turned off.
Section 7b:
We may also share it with others, such as hardware and software vendors.
Gives them the right to share collected data with "others"
They may not clock as high, but they're used for small battery powered mobile devices with passive cooling. They could probably clock them up quite significantly with some moderate heatsinks and fans.
And by the time the current iphones become obsolete and need to be replaced, they will be able to replace them with new iphones and continue running the same applications. They won't need to drop everything and start again.
There are already decentralised and open messaging services, the problem is if a system is open its also open to spammers too (eg email), and also getting users to use it... Anyone can run their own XMPP server which will talk to any other XMPP service in a similar way to email, you simply need a valid domain name to create your own server.
Sites like spamdecoy.net are useful for that - sign up with an email address on there to get your free gift, then never use the address again... You can also sign up for free email services like gmail, use it solely for receiving spam and then discard it.
If you're connecting to wifi from a location with public wifi, chances are facebook has already correlated the ip address with other users using the same wifi but with geolocation turned on. You'd need to stick to your cellular network, or force all trafffic through a vpn.
Of course this is bullying of those nations who have nuclear technology against those who don't... What gives one country more of a right to develop nuclear technologies than any other? It's basically bullying and keeping smaller countries "in their place". Look at existing countries which *do* have nuclear weapons such as pakistan. They're not stupid enough to actually use those weapons because they know the retaliation would immediately wipe them out, but simply having them gives them a much louder voice and stops other countries from pushing them around and making unreasonable demands against them.
Sanctions however don't hurt the government of the target country, as those in power will still have their own black market channels to get whatever they want. On the other hand, these sanctions do hurt:
American companies - like Apple, all those potential customers in Iran will now go elsewhere, probably to a chinese or russian vendor who will happily supply to Iran. Iranian people - now have less choice, and will lose any investment they made in existing devices or apps and will have to deal with reduced functionality of their existing devices, as well as having less choice and/or higher prices for products they may want to buy.
In fact this HELPS the Iranian government, because they can now point to the fact american companies won't sell to them and use it as propaganda against america. Look they are the bad guys, they won't let you have the shiny toys you want...
No, definitely from Japan.. The used car dealerships all advertise the fact they have cars imported from japan, and many cars still have stickers in the window from their former use in japan, many also have smart card readers which were seemingly commonly used for something in japan and are totally useless in myanmar, but just havent been removed.
Most of the entertainment systems are also still running in japanese, where navigation systems are present they will usually be in japanese and contain japanese maps (rendering them somewhat useless), many don't even have the option to change the language to english and i've not yet seen any which supported burmese.
No it doesn't, the passwords are still stored using NTLM, kerberos is only used at the network layer... Don't confuse NTLM authentication with NTLM password hash storage, they are two different (but closely interdependent) things.
Try running any of the many password hash dumping tools on your domain controller and see what you get out, crackmapexec is good for this.
No.. If you care enough about the principles of the matter *AND* you can afford to carry through with the case. If you can't afford the fees it doesn't matter how much you care or wether you're right or not.
Slashdot Mirror
It's extremely difficult to keep track of where bombs fell...
Even if you keep records of all the targets, there were many bombs that fell short of their targets for various reasons.
This was a time of WAR, against an extremely aggressive and efficient enemy with advanced technology and very few limits to the lengths they will go to in order to win. You take *any* advantage you can in a war like this, and being ruthless is an advantage.
If you show any form of weakness to a ruthless enemy they will exploit it. If you show that you are unwilling to endanger the lives of kids, they will build schools inside their military bases to stop you bombing them.
Also keep in mind that membership of the hitler youth was mandatory, these kids received brainwashing through nazi propaganda on a routine basis. Kids are quite impressionable and probably believed the propaganda, and would not have hesitated to drop bombs on british kids if given the chance.
Building simple weapons is also an advantage...
A cylindrical bomb provides many advantages over a more accurate but complex shape with fins etc...
Cylinders fit better into the cylindrical fuselages of aircraft, with less wasted space. Deliver more explosives per mission.
Simpler weapons are easier and cheaper to make, as are the manufacturing tools which are used during their construction. The people doing the construction also require less training. This is extremely important in a war not only because you want to produce as many bombs as you can, but also because the enemy will be trying their best to disrupt your production and you want to be able to recover quickly if they do.
Also keep in mind that many bombs won't even make it to the target, the enemy will be attempting to shoot down the aircraft before they reach the target. Some of those bombs will end up going down with the aircraft, or being dropped on a random target by an aircraft that is too damaged to make its way to the target.
Not really, many people don't or can't upgrade for a variety of reasons...
No admin rights.
Slow or metered connection (updates are large).
Older OS that won't run the newer versions of chrome.
Updates turned off for whatever reason.
There's the key point, you started on mainframes so you were never locked in to the windows way of doing things... users who start out on windows tend to get stuck there.
People were editing movies and digital photos 10 years ago on desktops less powerful than today's smartphones, so yes...
Those are all niche use cases...
How do you cut someone's hair, construct a building or plough a field using a desktop? You don't...
For the vast majority of office workers who make use of a computer for their day to day tasks, a mobile platform is more than adequate to their needs, possibly with a bluetooth keyboard if they want to input lots of data (although speech to text is actually better for a lot of people who aren't fast typists).
Most users don't do much multitasking... They tend to have one application running full screen at any one time and switch between them occasionally. The multitasking abilities of mobile platforms may not be suited to geeks who run many things at once, but they are well suited to the average use case.
Business users are however moving more to web based applications... Once enough of their applications are delivered this way, the lock-in keeping windows desktops around is broken and you can use anything you like to access the web based applications.
Given the requirement of "running a browser", very few people are going to choose windows above any of the other options out there, and linux becomes an obvious choice for business even if only based on cost.
Well that's the difference between a white hat researcher who's trying to demonstrate a point, and a nefarious actor who's trying to commit fraud...
Someone out to commit fraud will not take the cards to the restaurant themselves, instead they'll do other things with gift cards like:
Spend them online to have goods sent to a suitably anonymous location.
Recruit mules to do the risky work of actually using the cards in person.
Sell the cards to unsuspecting third parties.
And probably do all of these things while operating in a country outside of the reach of the law enforcement agencies that their victims are likely to contact.
All the time... Because MANY things in law are based on authorization to do something... A contract can grant such authorization.
Taking items from a shop is illegal, its commonly referred to as shoplifting or stealing. But if you comply with the terms set out by the shop owner (usually payment an arbitrary amount depending what you want to take) then the shop authorizes you to take certain goods, which is therefore no longer illegal.
It's possible to make an agreement with a home removal company giving them the right to enter your house and take your property, and people make such agreements all the time. Entering a residence and removing property is perfectly legal when authorization has been granted either by the owner of the residence or a legal authority with appropriate jurisdiction.
Who's to say you couldnt enter an agreement with microsoft giving them the right to enter your property and take anything they want? The fact that you agreed to a set of terms without properly reading or understanding them is your fault.
That's all the rights they give *you*...
Section 5b says:
To enable the activation function and validation checks, the software may from time to time require updates or additional downloads of the validation, licensing or activation functions of the software. The updates or downloads are required for the proper functioning of the software and may be downloaded and installed without further notice to you.
So under the excuse of "license checks" they may download and execute arbitrary code on your machine without notifying you. Windows 10 includes new license checking code, so you've given them the right to download and install it silently under this clause.
Section 7a says:
a. Consent for Internet-Based Services. The software features described below and in the Windows 7 Privacy Statement connect to Microsoft or service provider computer systems over the Internet. In some cases, you will not receive a separate notice when they connect. In some cases, you may switch off these features or not use them.
It may connect to microsoft or their affiliates, and may not notify you of doing so. You can only switch this off "in some cases" - ie they are leaving the door open for services which cannot be turned off.
Section 7b:
We may also share it with others, such as hardware and software vendors.
Gives them the right to share collected data with "others"
They may not clock as high, but they're used for small battery powered mobile devices with passive cooling. They could probably clock them up quite significantly with some moderate heatsinks and fans.
And by the time the current iphones become obsolete and need to be replaced, they will be able to replace them with new iphones and continue running the same applications. They won't need to drop everything and start again.
The "good enough" android phones have applications to run on them, as well as a future upgrade path... Windows phones do not.
There are already decentralised and open messaging services, the problem is if a system is open its also open to spammers too (eg email), and also getting users to use it...
Anyone can run their own XMPP server which will talk to any other XMPP service in a similar way to email, you simply need a valid domain name to create your own server.
Sites like spamdecoy.net are useful for that - sign up with an email address on there to get your free gift, then never use the address again...
You can also sign up for free email services like gmail, use it solely for receiving spam and then discard it.
If you're connecting to wifi from a location with public wifi, chances are facebook has already correlated the ip address with other users using the same wifi but with geolocation turned on. You'd need to stick to your cellular network, or force all trafffic through a vpn.
I wonder how easy it would be to poison facebook's data by entering random numbers into a few phones and letting it ingest this data...
So you attended the same college at the same time? Surely that would be an easy connection to make?
Of course this is bullying of those nations who have nuclear technology against those who don't...
What gives one country more of a right to develop nuclear technologies than any other? It's basically bullying and keeping smaller countries "in their place".
Look at existing countries which *do* have nuclear weapons such as pakistan. They're not stupid enough to actually use those weapons because they know the retaliation would immediately wipe them out, but simply having them gives them a much louder voice and stops other countries from pushing them around and making unreasonable demands against them.
Sanctions however don't hurt the government of the target country, as those in power will still have their own black market channels to get whatever they want. On the other hand, these sanctions do hurt:
American companies - like Apple, all those potential customers in Iran will now go elsewhere, probably to a chinese or russian vendor who will happily supply to Iran.
Iranian people - now have less choice, and will lose any investment they made in existing devices or apps and will have to deal with reduced functionality of their existing devices, as well as having less choice and/or higher prices for products they may want to buy.
In fact this HELPS the Iranian government, because they can now point to the fact american companies won't sell to them and use it as propaganda against america. Look they are the bad guys, they won't let you have the shiny toys you want...
No, definitely from Japan..
The used car dealerships all advertise the fact they have cars imported from japan, and many cars still have stickers in the window from their former use in japan, many also have smart card readers which were seemingly commonly used for something in japan and are totally useless in myanmar, but just havent been removed.
Most of the entertainment systems are also still running in japanese, where navigation systems are present they will usually be in japanese and contain japanese maps (rendering them somewhat useless), many don't even have the option to change the language to english and i've not yet seen any which supported burmese.
No it doesn't, the passwords are still stored using NTLM, kerberos is only used at the network layer... Don't confuse NTLM authentication with NTLM password hash storage, they are two different (but closely interdependent) things.
Try running any of the many password hash dumping tools on your domain controller and see what you get out, crackmapexec is good for this.
No..
If you care enough about the principles of the matter *AND* you can afford to carry through with the case. If you can't afford the fees it doesn't matter how much you care or wether you're right or not.