No, but would you necessarily trust the US government either... The difference is that the US government has more reason to spy on a random US citizen then a foreign government does, and are more likely to do something with the information. If you're going to use something thats backdoored, better to have it backdoored by someone who has no interest in you.
How do they know that was their home ip address and not just another compromised host? And even if it was their ip, were they in a jurisdiction where they don't care about exposing it?
Very true, and has been the case for a long time... Criminals however have a lot less constraints on their hiring, for instance many people with a criminal record will be immediately rejected by most companies as will people without the right immigration status or without the right certifications. Companies may also choose an otherwise less suitable candidate in order to fulfil diversity quotas etc. It's also more difficult for companies to get rid of dead wood.
The current criminal record process means that someone who has committed a crime in the past is driven towards committing more crimes... They will meet new criminal contacts in jail and find it hard to get any decent paying legitimate work. Someone who made a stupid mistake in their youth may end up facing a choice between committing more crimes or going hungry.
The servers in Ireland ultimately belong to an american company so an american court is demanding that an american company hand over data that they have access to, facebook is not a Brazilian company and the servers in question are not hosted in brazil, and i doubt wether Diego Dzodan actually has sufficient authority within the company structure to do what the courts are demanding.
The oldest aircraft in that list first flew in 1981, Concorde first flew in 1969... Aircraft are becoming more efficient over time, but development of supersonic passenger aircraft basically stopped in the early 70s.
What made it worse was that a lot of those routes fly over land, where people don't want to hear the sonic booms... Flights between europe and the middle east or asia, flights across the US.. You're basically left with routes from europe to east coast usa, routes from west coast usa to asia and routes to/from australia. Even the supersonic Concorde flights from europe has to remain sub sonic until they were several miles clear of the coast which added quite a bit of time to the flights.
Concorde was also the first generation supersonic airliner... There were already plans for a model B Concorde which had improved range and reduced fuel consumption. If more of them had been sold to other airlines then there would have been continued development and improvements, just like there have been with sub sonic aircraft. Concorde is basically 1960s technology and was never developed any further before being retired in 2003, look how far other fields have come in that time? If Concorde had continued development then the current models would be very different. Concorde's engines were actually extremely efficient, what let it down relative to sub sonic aircraft was the capacity of the aircraft. A single Concorde flight used less fuel than a 747 doing the same route and took half the time, but the 747 carried 4 times as many passengers. The engines were also most efficient at mach 2 and were terribly inefficient at lower speeds.
Also Concorde didn't lose money, BA ran it profitably at least (not sure about AF).
So someone needs to market an easy to use but otherwise secure home firewall device which has a dmz network to put questionable devices in, and an easily configured vpn that you can use to access things remotely... I have all of this setup at home, and some very shady cctv cameras in their own vlan isolated away from anything else.
I too always wondered why more hasn't been made of MIPS64... 64bit MIPS has been around since the early 90s, it has OS and compiler support which is extremely mature, and yet they didn't push this advantage and a lot of resources were instead diverted to 64bit ARM...
It's bad advertisers that destroyed the relationship, ad blocking is just a natural reaction to that... It was the most intrusive ads (ie popups) that got blocked first, and it's the really intrusive ones (eg with sound) that cause people to install adblockers. Personally i installed an adblocker after i had a large number of tabs open and suddenly one of them started playing an ad with sound, it took me ages to hunt down and close the tab making noise so the anger triggered a response.
Or they can intentionally set their timezone to a different value to mislead... Chances are of zeroes are the default and tor sites have explicitly turned this off, then that's exactly what they've done... People running sites via tor are likely to be privacy conscious, so if they've changed a setting to a non default value they probably did it for a reason.
Sky do exactly the same thing, in order to receive their non-free channels you are expected to have one of their large and somewhat ugly boxes. There are a variety of third party boxes that can work with the service but none are officially supported and sky frequently change things around to stop them from working.
So given that Oracle creates btrfs as a competitor to zfs because the latter used a license incompatible with the linux kernel, and now they own zfs, why wouldnt they just gpl (or dual license) zfs and forget about btrfs?
All these vendors are basically running the same software with minor rebranding, and its linux based, shouldn't be all that difficult to build a replacement...
A ton of vendors use the same software, just nominally rebranded... But often the passwords differ by vendor among other things.
Given that these devices are all basically the same, and the default firmware is complete crap both from a security and usability perspective perhaps we could develop an open source replacement?
Because the key is a private key with a public key counterpart, while the passphrase is a symmetric key for decrypting (in this case the main private key)... If you have the public key its easier to attack the private key, so the private key generally needs a much larger keyspace to provide an equivalent level of assurance to a symmetric key.
If you're concerned about google reading your mail then such a system wouldn't work, while in theory the javascript performs all its work client side there is nothing stopping them changing the javascript to submit your passphrase to the server. Unless you're going to thoroughly inspect the javascript every time?
You can as a minimum implement verification of signatures into a webmail client, as that can all be done server side...
Users already have to (or should) remember that there's different rules when accessing webmail, in fact you shouldn't be accessing the webui from random machines if you value security at all. You should always carry your own portable device, and access your mail from there.
When it comes to mobile, apple already implement s/mime on ios although configuring it is not as simple as it could be (ie even if you have mail accounts synced from a mac it can't automatically transfer your keys).
Well by portable i guess they mean that it can be accessed from any device without needing to install a client (ie from your work desktop)... From a mobile device that you control is entirely different as you can install whatever encryption tools you want on there.
While webmail can be convenient, it's also dangerous not only because of the lack of end to end encryption but also because its primary utility (ie logging in from a random place) is its biggest danger - how do you know who's monitoring any given random box you might use?
1, users would need to trust google (but clearly they already do or they wouldn't be using their mail service) 2, the worst case (google getting hacked) would be no worse than the current status quo.
So basically email signed/encrypted by google would be better than what we currently have, but not ideal. And users are free to pick a different provider and/or do proper client side crypto but most simply don't bother. If gmail started implementing pgp or s/mime even server side and started prominently showing when mails are signed or encrypted then it would massively increase usage and awareness which could only be a good thing.
Slashdot Mirror
No, but would you necessarily trust the US government either...
The difference is that the US government has more reason to spy on a random US citizen then a foreign government does, and are more likely to do something with the information.
If you're going to use something thats backdoored, better to have it backdoored by someone who has no interest in you.
How do they know that was their home ip address and not just another compromised host?
And even if it was their ip, were they in a jurisdiction where they don't care about exposing it?
Very true, and has been the case for a long time...
Criminals however have a lot less constraints on their hiring, for instance many people with a criminal record will be immediately rejected by most companies as will people without the right immigration status or without the right certifications. Companies may also choose an otherwise less suitable candidate in order to fulfil diversity quotas etc. It's also more difficult for companies to get rid of dead wood.
The current criminal record process means that someone who has committed a crime in the past is driven towards committing more crimes... They will meet new criminal contacts in jail and find it hard to get any decent paying legitimate work. Someone who made a stupid mistake in their youth may end up facing a choice between committing more crimes or going hungry.
The servers in Ireland ultimately belong to an american company so an american court is demanding that an american company hand over data that they have access to, facebook is not a Brazilian company and the servers in question are not hosted in brazil, and i doubt wether Diego Dzodan actually has sufficient authority within the company structure to do what the courts are demanding.
And the TU-160s are still flying today, conducting bombing runs in Syria...
The oldest aircraft in that list first flew in 1981, Concorde first flew in 1969... Aircraft are becoming more efficient over time, but development of supersonic passenger aircraft basically stopped in the early 70s.
What made it worse was that a lot of those routes fly over land, where people don't want to hear the sonic booms... Flights between europe and the middle east or asia, flights across the US.. You're basically left with routes from europe to east coast usa, routes from west coast usa to asia and routes to/from australia.
Even the supersonic Concorde flights from europe has to remain sub sonic until they were several miles clear of the coast which added quite a bit of time to the flights.
Concorde was also the first generation supersonic airliner... There were already plans for a model B Concorde which had improved range and reduced fuel consumption. If more of them had been sold to other airlines then there would have been continued development and improvements, just like there have been with sub sonic aircraft.
Concorde is basically 1960s technology and was never developed any further before being retired in 2003, look how far other fields have come in that time? If Concorde had continued development then the current models would be very different.
Concorde's engines were actually extremely efficient, what let it down relative to sub sonic aircraft was the capacity of the aircraft. A single Concorde flight used less fuel than a 747 doing the same route and took half the time, but the 747 carried 4 times as many passengers. The engines were also most efficient at mach 2 and were terribly inefficient at lower speeds.
Also Concorde didn't lose money, BA ran it profitably at least (not sure about AF).
So someone needs to market an easy to use but otherwise secure home firewall device which has a dmz network to put questionable devices in, and an easily configured vpn that you can use to access things remotely...
I have all of this setup at home, and some very shady cctv cameras in their own vlan isolated away from anything else.
How would you configure your router to actually work (ie before it has working connectivity)?
I too always wondered why more hasn't been made of MIPS64...
64bit MIPS has been around since the early 90s, it has OS and compiler support which is extremely mature, and yet they didn't push this advantage and a lot of resources were instead diverted to 64bit ARM...
It's bad advertisers that destroyed the relationship, ad blocking is just a natural reaction to that... It was the most intrusive ads (ie popups) that got blocked first, and it's the really intrusive ones (eg with sound) that cause people to install adblockers.
Personally i installed an adblocker after i had a large number of tabs open and suddenly one of them started playing an ad with sound, it took me ages to hunt down and close the tab making noise so the anger triggered a response.
You're thinking of BST, GMT is constant and the uk switches to BST during the summer.
Or they can intentionally set their timezone to a different value to mislead...
Chances are of zeroes are the default and tor sites have explicitly turned this off, then that's exactly what they've done... People running sites via tor are likely to be privacy conscious, so if they've changed a setting to a non default value they probably did it for a reason.
Sky do exactly the same thing, in order to receive their non-free channels you are expected to have one of their large and somewhat ugly boxes.
There are a variety of third party boxes that can work with the service but none are officially supported and sky frequently change things around to stop them from working.
So given that Oracle creates btrfs as a competitor to zfs because the latter used a license incompatible with the linux kernel, and now they own zfs, why wouldnt they just gpl (or dual license) zfs and forget about btrfs?
All these vendors are basically running the same software with minor rebranding, and its linux based, shouldn't be all that difficult to build a replacement...
A ton of vendors use the same software, just nominally rebranded... But often the passwords differ by vendor among other things.
Given that these devices are all basically the same, and the default firmware is complete crap both from a security and usability perspective perhaps we could develop an open source replacement?
It looks like the source wasn't actually open, based on the guy requesting a copy of the sources...
Because the key is a private key with a public key counterpart, while the passphrase is a symmetric key for decrypting (in this case the main private key)... If you have the public key its easier to attack the private key, so the private key generally needs a much larger keyspace to provide an equivalent level of assurance to a symmetric key.
If you're concerned about google reading your mail then such a system wouldn't work, while in theory the javascript performs all its work client side there is nothing stopping them changing the javascript to submit your passphrase to the server. Unless you're going to thoroughly inspect the javascript every time?
You can as a minimum implement verification of signatures into a webmail client, as that can all be done server side...
Users already have to (or should) remember that there's different rules when accessing webmail, in fact you shouldn't be accessing the webui from random machines if you value security at all. You should always carry your own portable device, and access your mail from there.
When it comes to mobile, apple already implement s/mime on ios although configuring it is not as simple as it could be (ie even if you have mail accounts synced from a mac it can't automatically transfer your keys).
Well by portable i guess they mean that it can be accessed from any device without needing to install a client (ie from your work desktop)... From a mobile device that you control is entirely different as you can install whatever encryption tools you want on there.
While webmail can be convenient, it's also dangerous not only because of the lack of end to end encryption but also because its primary utility (ie logging in from a random place) is its biggest danger - how do you know who's monitoring any given random box you might use?
So you're saying that...
1, users would need to trust google (but clearly they already do or they wouldn't be using their mail service)
2, the worst case (google getting hacked) would be no worse than the current status quo.
So basically email signed/encrypted by google would be better than what we currently have, but not ideal. And users are free to pick a different provider and/or do proper client side crypto but most simply don't bother. If gmail started implementing pgp or s/mime even server side and started prominently showing when mails are signed or encrypted then it would massively increase usage and awareness which could only be a good thing.