It is possible (and very easy) for a company to install key loggers and monitoring software on their own company computers. Once employees steal time from their employer and update their Facebook page the employer now has the password. When the employer does use the password they check it through a proxy service like Tor. Easy, untraceable, and quiet.
When there is something that the employer doesn't like on the Facebook page the employee will face eventual job termination. Their performance reviews will be poor, the monitoring logs will be used to show misuse of company computers and time, and any complaints by customers will be fully utilized. The content of the Facebook posting will never be referenced and the person will be terminated for valid reasons. After being fired any unemployment benefits will be contested (yes, the ex-employee usually wins regardless), and then appealed (50-50 chance).
Certainly this is not how it is done at any company that I manage.
Daisey went to Foxconn as a creative activist (not a journalist) with a pre-made agenda (discredit Foxconn and Apple as big bad business) for a specific result (better working conditions). However this does not excuse people that listened to the original story and believed it. You should have known better.
The truth is that Foxconn has 900,000+ employees. They must be treating people decently to get to 900,000 employees in the first place. There have been several suicides that have made the news that people use to try to prove that they are a big bad business, but to be FAIR companies in the US also have a lot suicides that don't make the news at a much higher incidence than Foxconn. Yet people won't think and believe anything they are told that Foxconn is mistreating its workers.
The truth is Foxconn recently held a jobs fair to hire for future production and thousands of people lined up and waited for hours to try for those jobs. They produce high tech components that require highly skilled and highly trained staff, and do so successfully. You cannot do this with "forced" labor as has been demonstrated many times in many countries. Most telling is that the United States with its vaunted worker rights (and more worker rights rules coming) cannot get manufacturing jobs. The US does not produce steel, computers, microwave ovens, radios, or medical devices like CAT scanners or heart monitors (I know, I used to work in a hospital). It sounds like Foxconn knows how to do business successfully and profitably.
Yet Daisey went to China to try to do a smear piece on Foxconn, and now justifies it that it is creative activism. This wouldn't be so bad but people are sheep and believed it and still do under the heading of "Fake, but essentially True". The same people will believe everything Obama says like "Ultimately, though, there's no silver bullet here" when referring to gas prices (and still wants to take away the oil subsidy). People will believe the Occupy Wall Street chant of "Tax the Rich" while ignoring the fact that the rich are already HIGHLY taxed, and that even the 1% don't have enough money to balance the U.S. budget. But it makes for a good distraction.
Other ideas that are being brainwashed into without thinking...
Democrats are God (schools singing hymns of worship to Obama) Republicans are big bad businessmen (kill big business) Fox News is bad (remember the government's war on Fox?) Meat is murder People must be forced into Union for their own good (no such thing as a bad union) People must be forced to buy health care Religious organization must be forced to provide abortions Green is good (especially when it is an inferior product) Gene-engineering is bad (especially when it is a better and healthier product) Voter ID is bad (how quick we forget about ACORN and OBAMA)
Think people, THINK! You got fooled by Daisey but still believe Obama, Oliver Stone, and Michael Moore.
I bought it about 6 months ago and keep in it a fanny pack (yes, one of those ultra-non-cool mini-backpacks). The device weights about 2 or 3 pounds (fairly heavy), pumps out 2 mW of interference, and usually jams phones within about 20 feet (more on this later). Cell phone jammers are just too big to constantly lug around in a pants pocket and certainly are noticeable with the antennas sticking out.
That was the problem of the person on the bus. First he was keeping it in plain view. Second he did not hide the fact that he was jamming (in the video he looks at the cameraman he is jamming). The third mistake is that he was constantly keeping it on rather that on-wait 5 secs to burst-kill everything-off.
I'm very careful. I don't look at the person. I reach into my bag, turn it on, and then take out a package of tic-tacs candy and take one, chomp on it for about 5 or 10 seconds while listening to people say WTF around me and then put the tic-tacs back in the bag and shut off the jammer. Anyone looking at me (which is often) sees that I'm sneaking a snack.
My greatest fear is cell-jammer-detectors/trackers which are surprisingly cheap. However I doubt that someone with a tracker can isolate me in 10 second of surprise use. Given that the tracker have to move around holding the device looking at the signal indicators means that I doubt that one can sneak up to me.
I most often have to use it while waiting to check out in shopping centers. People talk talk talk on their phone and never consider the people around them, erupting to gales of laughter. Second most often is in traffic seeing the driver in the car beside me yakking away and not paying attention. Jamming in a car is more difficult and less range but it does still work well. Third most common is at work seeing people that should be WORKING aren't. All these people find that suddenly they don't have phone reception anymore. It usually takes a few applications of jamming but eventually people give up and get back to what they should be doing.
The devise I use says 5-20 meters, but my real-world estimate is 20-30 feet (6-10 meters). In my local wall-to-wall mega-store using the device at the checkout lines causes WTF's from about 5 lines away, and occasionally all the way to the entryway / cart-storage with people stopped dead in their tracks looking with puzzled looks at their phones.
Yes I do know that the legality of the device is problematic and I'm prepared to fight it in court if need be. I only once came close when I was speeding and got pulled over by the police. The officer looked my car over and while talking to me asked what was in the black bag on the passenger seat. I replied that I respectfully refuse to answer any further questions and will exercise my constitutional right to remain silent. The cop dropped being friendly and became all business (not hostile but very imposing). He then wanted to search my car. "No". He goes back to his car for a long time with my license. A second police car shows up and while one is talking to me, the other is looking at my car through every window with special attention to the zipped fanny pack. They walk off a bit to talk it over and eventually after about 30 minutes from being stopped they let me go with a large speeding ticket (no traffic warning for me). Probable cause and fruit of the poison tree for the win.
I'd like to get a car-powered one that is supposed to jam 3G, 4G, GPS up to 50m away but there is no way that could be concealed. I have little fear that I will be caught short of becoming over-confident and careless. In short I am going to continue using my device to thwart the terrible talkers and telephone abusers.
Seriously. You valued this item enough that you had it custom made for yourself, your livelihood as a stage performer depends on it, and to some degree it represents some of your identity (being able to call yourself a Jedi, for example). Obviously this item is important. Yet you left this valuable, important item go unwatched "for a few minutes" in a NYC bar. Imagine that, something valuable disappearing in NYC *and* a bar. What are the chances?
I do not understand why you would bring such a valuable item to a bar and not lock it up, and why you would take your eyes off of a valuable item in the first place. Let me put it another way. If I go to football stadium and leave my high performance laptop on my seat while I go get some food and come back and see that the laptop is gone, should I really be that surprised?
Let me give you another case. For reasons unknown Apple employees 'lose' the prototype of the IPhone 4 in a California bar not once but twice. It could be argued that this was a publicity stunt (esp considering the offending employees were not fired) but there was no sympathy for the lost device. In fact a leading tech magazine got it and started working on a tech story on the IPhone4 specs and capabilities until Apple's lawyers persuaded the magazine to give it back to Apple. Did anyone lament the case for Apple? No, there was much mirth and glee on Slashdot on this story. Because it is outrageous and stupid.
You compare this the childish behavior of someone stealing your toy. Respectfully I would disagree and this is the very adult behavior of someone stealing some valuable property. I do not cheer for thieves of any kind, from burglars, pickpockets, muggers, or carjackers. Part of being adult (and one that most people learn as a child) is that there are certain actions that you can take to lessen your risk. This means that we as adults learn to lock our doors and buy home security systems, we don't walk around with money sticking out of pockets, we watch out for dangerous situations, and we are generally careful with the items that we don't want to lose. You did not do this. So while I will not cheer for the thief in this situation, I also will not sympathize much with you either.
I also don't understand why you would publish the incident to the world. You already know who did it (you have them on video, and have confronted them), you know where it is (this isn't a worldwide issue), and you have taken initial action on it (put up flyers around the area). If you still feel a need for action take them to small claims court. Slashdot is not the right tool for your situation.
Everyone (including me) has lost valuable items and has learned an unpleasant truth from it. I wish you the best of luck in getting your lightsaber back.
New York City is home to 8,175,133 people as of 2011. It uses 64,500 gigawatt-hours of energy per year. Using a standard industrial solar panel (ex Trina Solar 230) which produces 5750 watts (assuming constant supply 5.75 kWh) with a base area of 17.6 sq feet and costs $360. To power NYC it would take 11.2 trillion panels taking up an area of 7081 square miles of solar panels, at a cost that of $500,000,000 per NYC resident.
NYC is also one of the most energy efficient cities in the US. Other cities would require a lot more panels. This also does not account for the need of storage batteries, energy transmission loss, and power loss to material degradation (dusty solar panels), life-cycle (panels last about 20 years), or the fact that during the night there will be no energy production.
I go over these figures every few years and it just does not appear that this is a viable solution. It would be *nice* to use solar panels but if it is not realistic the solar panel industry will never thrive. Where would we fit all of these solar panels, and where would we find the money?
I run a business and have over 550 domains at GoDaddy and no I'm not planning on moving. If GoDaddy CEO Parsons(?) wants to go hunting and kill an elephant, fine. That has absolutely nothing to do with my business model nor does it affect my clients (elephants don't pay for my products). It also does not affect me that GoDaddy wants to promote SOPA and then decide not to. My business is is not in danger of running afoul of SOPA guidelines and having my domain names snatched.
I am surprised that so many people are transferring their domain names to another registrar (ex Namecheap). I work on concentrating on my business bottom line and doing what I do best. Changing registrars does not help that at all. All it does is make a political statement of "I don't like GoDaddy". While this may be mildly satisfying for all of a day or so, it does not do anything for my business. Put concisely, this is not something in my Circle of Influence, and I have doubt about whether this should even be in my Circle of Concern.
GoDaddy outbound transfers: Full of sound and fury, signifying nothing.
There have been numerous studies done which show there is little relationship between wage paid and work done. Wages only influences the retention of your trained workforce (less wages, more training budget) when they switch to a more profitable job (in a bad economy, wage goes down and productivity up).
Put it another way. Take your average production line employee and double his pay. Does production increase any? No. Production is limited by outside factors (order received, assembly time, work flow from other members, waiting for results to be generated...) However that person may feel better, but as a company I really don't care how that employee feels (yes I know this isn't PC but it is real). Why should I then increase a person's wage?
Take another example. A company in the U.S. competes against a company outside of the U.S. Suppose that there is a extreme difference in labor costs between these two countries/companies. As a result the price for the finished product is much lower when produced in the company outside of the U.S. Which one will the consumer buy? (Hint, take a look at where your car/computer/clothing etc was assembled/built). High (or increasing) wages are counter-productive.
Why are so many people unhappy about this? I don't care if the government (federal, state, local) can get an accurate facial recognition / identification program going.
This doesn't interfere with peoples ability to move and work as they want. This just means that if something bad happens (fire, riot, terrorist attack, traffic accident) that the people involved can be quickly identified. The obvious goal is not to prevent or prohibit, but to catch and convict criminals.
This already exists. I fly once a month within the United States, and about once a year internationally. I am certain that there are several databases that have analyzed me and graded me on my "threat" potential. I don't care as long as they do the same for everyone so that my flight can be as safe as possible. I am certain that airports, major shopping malls, sports arenas, concerts, and major metropolitan junctions (ex Times Square in NYC) are monitored, tracked, analyzed, and judged to keep them as safe as possible.
I look forward to the day that when there is a hit-and-run, or a person is assaulted in a sports stadium and put into a coma, or when a there is a riot that the people that did the injury are caught. Too often people have the attitude that they cannot be caught because they will be lost in the crowd.
Are you really protesting being accountable as a loss of liberty?
Please clarify how I am a hypocrite? Please prove your point.
Business is about making *money* and business that don't go bankrupt. The only institution that isn't sensitive to cost and return on investment is the government itself.
Nor am I greedy. I pay property taxes which keep going up which feed directly into the schools. United States has one of the highest expenditures per child on education, yet we have one of the worst literacy, mathematics, and scientific competency rates worldwide. Explain that.
I pay for road and infrastructure improvements. It's part of the gasoline tax. With the price of gas going up the government has been collecting a windfall for improvements. Yet our roads are crumbling and bridges collapsing. When I pass road crews I see about 12 to 20 people and 6 or so heavy machinery vehicles with only 1 or 2 people seeming to do anything.
Environmental mess? Get real. Do you realize that according to current EPA and OSHA rules, a cup of coffee is technically toxic pollution, and spilling it on the ground outside of our office technically needs to call in a full decontamination crew? Remember when that city in California spent $1,200,000,000 to move a bush to protect it? Does this sound reasonable?
I most certainly do pay for my raw material and for the training of my employees. I'd hire a $45,000 web designer and have to train them in Dreamweaver, basic CSS, MySQL, PHP, javascript, and CMS systems. Yes they said they had the skills and their resumes listed 4 years hands on experience. But they don't know it. One person had trouble with the basic math in making web measurements (if the web design is 1000 pixels wide, and the left menu is 180 pixels, with a 5 px margin on each side, how much area does that leave? Her answer "820 pixels?")
My point is that during training the business is depending on an employees performance after training to pay for the period while they were in training. This is to make up for the fact that they are under-educated in the first place. For the employee to demand a raise after training is grossly unfair to the business. Of course after a few times the business learns and refuses to hire those under-educated people in the first place. Good luck in getting that job fresh out of college.
I love your "All that should be FREE for the Almighty, sanctified business owner" statement. Yes, that is it exactly.
Our country was founded on raw grit. It was tough, it was hard, but it was a free wide open country. The textbooks are full of people that despite every hardship, despite cruel discrimination, an unfriendly environment, civil turmoil, and slow transportation still managed to prosper. They did not do it from government help, but in fact despite government interference. They worked 12 hour days, they innovated, retried, and branched out. And we remember them today.
I do have a sense of entitlement. I am entitled to start a business by whichever business model I prefer and believe that I am entitled to be left alone insofar as it doesn't hurt anyone else. I believe in free trade and the ability to hire the best and produce the best and make my products as attractive as possible so that people will buy from me. Yes, I believe that I'm entitled as an American to be GREAT, dammit.
That is what is right with the U.S. And I am proud of it.
I'm a small business in web development and am highly sensitive to costs. I work by myself in my home office. I do need tasks done - graphics, copywriting, and technical analysis. I can't do those myself and so I need to hire people to do that for me. I used to use a labor outsourcing website where jobs can be bid on and I can approve the bidders.
When using that site I submitted between 1 and 4 jobs per week. The people hired for these jobs were rarely from the U.S., and varied from Russia, China, India, the Philippines, Saudi Arabia, and Mexico. The work didn't always get done perfectly for which I blame myself. I learned how to manage a remote workforce and ensure that I put in testing criteria for the product beforehand.
I don't use those outsourcing websites anymore because I kept coming back to the same people that wanted the work. I got their contact info, and can send them a email with "Same thing, same way, new item, same price?". Much quicker than going through the website.
I do work in the U.S. (Pennsylvania) and theoretically could hire at least 3 people to work with me (I really need a fulltime graphic designer). I wouldn't consider doing it though.
First I would need to hire an Human Resources manager to handle all the government paperwork, then probably a lawyer because there are invariably workplace disputes. That is two non-productive (moneymaking) personnel just to set up a business. Then I need to worry about employees. If an employee gets "stressed" they can claim FMLA and get a free paid vacation. If an employee gets pregnant, same thing. If an employee wants to join a national labor union (yes, I've had this happen) I can't do anything to interfere and I have to be careful about handling that person.
I don't have these problems with overseas workers. They work, and they work well. I've spoken to them (yes some of them have strong accents) and they are happy and eager to do business. I've heard the stories about abuses but haven't seen anything to cite specifics. Sure there are past cases from years ago that have been corrected, but to be fair the U.S. has had its share of its own labor abuses in the past.
Now I hear that there is a political figure that wants to penalize business for doing business overseas and move the tax-rate higher. Good luck with that. I am currently a Delaware LLC, but it isn't that expensive (about $5000/yr from what I can find) to become a foreign-owned corporation (Kingstown, in St Vincent is particularly attractive). I would then change myself from listed president to the single paid employee (yes you can tax that $25000), and keep all assets and profits overseas (no, you can't tax what I haven't taken). Yes, this is legal.
America is uncompetitive. We have labor unions that has run manufacturing into bankruptcy (US Steel, textiles, GM, Boeing). Americans are too poorly trained, greedy (once they are competent they want pay raises or leave for other jobs), and arrogant (one employee wanted a room to smoke marijuana in for an hour each day because he had a legal "prescription" for it (stress-related)). Labor in the U.S. has become a nightmare for business owners and a running joke for international observers. This is even written up in current business books about U.S. labor.
It is not just me that is doing this. I'm not the only one using these job outsourcing web sites. I'm seeing signs that there are a lot of companies that are submitting dozens of jobs at a time, or complex jobs that require teams of developers and thousands of man-hours.
When the U.S. become more competitive things will improve. Pretty speeches won't do it.
Solution: configure your email server to scrub all active content in emails. The original article states that there wasn't any active content in the email. The email was just a social engineering ploy to cause a person to go to an innocent looking but actually malware loaded web page. The email that the person in Epsilon received mentioned a forgotten friendship and recent wedding. Everyone has forgotten past friends, and wedding photos can be nice to look at. Certainly an employee would not worry about violating the company's acceptable use policy on this site.
The part I'm curious about is how the website managed to install the malware on the computer. Most company computers now days have the administration functions locked out and cannot be changed by the computer user. Even if Epsilon did not secure the PC's against installation I cannot figure out how the webpage delivered a malware payload that would disable the anti-virus without any warning. After that installing the keyloggers and remote administration is easy.
I'm also surprised that Epsilon did not have any network analyzers already installed. A good system administrator keeps watch over even tiny leaks like Microsoft Office products checking their versions (and serials numbers) with the Microsoft site. System Administrators keep watch to see where their fellow employees have been browsing (www.somethingxxx.??? will get you fired, www.timewastingfunsite.??? will get you a warning, a family site like www.weddingphotos4u.net (the malware site used against Epsilon) will be ignored). How did they miss this traffic going back and forth on their network?
Anyone can be fooled into visiting a hostile site if the attack and site are constructed to be as attractive as possible. I do blame Epsilon for missing the impact and changes that such a site will have on a computer and network.
I don't totally agree with you. He has been working on this code/cipher for years so his personal algorithm has probably gone through several revisions, becoming tougher with time. It is complicated enough that even with his years of playing with that cipher he still makes mistakes.
This really has the look of a code done completely in the persons head without the need of a sheet to do calculations on. There are too many mistakes, and the writing shows haste and carelessness, not the slow process of copying out the resulting code blocks as they are calculated. The three simplest codes that people start using is the simple substitution cipher (ex A becomes Z), transposition ciphers (ABCD becomes CABD) and the Playfair cipher. Next comes the Vigenère cipher, but that is usually too difficult to do in your head.
This doesn't look like it uses a one-time pad since there is too many weird repetitions, notably NCBE and WLD. I'd say something like a combination of a Playfair cipher, simply because there are some things in the message he couldn't encrypt like the 's at the bottom, and the inc near the top of page 1. The circled bit in the top right really looks like a key (and I'd bet the key is obscured by a substitution cipher).
The weird repetition really makes me think of Playfair ciphers, but the problem is the grouping. Playfairs always result in 2-letter groupings, and this message shows a lot of five letter groupings (ex page 1, line 2, block 1 "TFRNE") and even using Playfair would not result is so many NCBE.
That NCBE really puzzles me. Anyone who knows enough about codes to use one would know about the problems with such an obvious repeating element. As other people have mentioned it almost looks like a symbol for the period, but why use a four character replacement, and why be so obvious about it?
I did test out a few Playfair blocks to see if I could get anywhere, but obviously I am missing a few steps somewhere.
Anyone else think that the lines in the middle that have 71, 74, and 75 are steps/directions? It almost looks like the first phrases there are "first", "second" and "third". The part at the bottom almost appears to be an address (194 XXX's (NCBE) XXXXX) the last five either being "drive" or "court"
This PsyOps division engaged in heavy persuasion sounds like what everyone else does everyday. Lets see...
"compiling detailed profiles of the VIPs, including their voting records, their likes and dislikes, and their "hot-button issues." Okay. To some degree this is what a lot of people do before a romantic date. You try to find out what the other person will like by checking their Facebook page, checking with mutual friends, and maybe floating a few vague questions to the date. People going to a job interview does their back research on the president of the company, the company history, and any industry issues so that they appear professional, competent, and knowledgeable. How can it be wrong for the army to do the same commonsense action?
"deeper analysis of pressure points we could use to leverage the delegation for more funds." "What do I have to plant inside their heads?" So what? This is called management. Anyone that has ever been given a job performance warning or given one to an employee has had the same thing. The message is clear. You will do better. You will work harder, longer, and smile while doing it. You are lucky to have a job, and we can fire you. The police are training on how to give clear voice commands to keep order. Mothers constantly work with just this technique to train their children not to do what's fun like hurting the family pet, breaking furniture, and generally dangerous behavior (no, you WILL NOT jump backwards down the stairs. DO YOU UNDERSTAND?!? Good. Now TELL ME what you WON'T DO.) Is the article seriously expect the army not to use the most basic management techniques?
"CIA to put together background dossiers on congressional opponents" Yep, and employers routinely run background checks on all job candidates. Drunk driving, sorry, no job for you. Bad debt means you are irresponsible and untrustworthy.
"exploiting new technologies like blogging and Wikipedia" Companies now monitor all social media sites. I know of one that has software key loggers on all company computers to get the blog passwords and monitor the content. Any negative posting about the company and the person is fired within three weeks for general performance issues (including the use of non-work related blogging on company computers). This is not illegal. Should it be illegal for the army to do the same?
"Holmes learned that he was the subject of an investigation, called an AR 15-6" Yep, and hopefully Holmes will be thrown in prison. In business this is called either insider trading (in finance), or ethical misuse of corporate information (business). It is a felony and there have been a lot of people that have gone to jail for it (ex, Martha Stewart). In the military Bradley Manning (Wiki leaks) has been facing military court martial for basically the same thing. Apparently Holmes feels he special and that he is immune from investigation for exposing serious military intelligence.
"After being reprimanded, Holmes and his team were essentially ignored for the rest of their tours in Afghanistan" Yes, that sounds about right. Who in their right minds pays attention to a general screw-up? In relationships that break up the people remain separated and generally ignore each other afterward. People that are fired are escorted carefully to the door and then forgotten (and replaced). If you switch from one bank to a different bank you don't keep going to the previous bank to make sure they are doing okay. This is only common sense. Holmes is indeed very special.
"there is no way to tell what, if any, influence it had on American policy." Little to none, certainly not illegal or even questionable.
Sure, someone who wants to claim ownership of a picture would never be able to insert desired metadata in the file.
Sure, it has been done. Most notably demonstrated here. I only mentioned that the camera metadata protects me in case of a lawsuit.
There is a stock photography provider called Getty Images that looks for people that have been using their images without approval or payment. To those that infringe they send a RIAA-like letter offering a settlement if a fine is paid. I use a lot of stock photography (mostly through a different but well known and very legitimate site). When possible I use my own puny 6 megapixel camera (and sometimes my 3 megapixel droid) to take stock photos. I always proof that the photos are mine. These photos of mine save me a lot of money.
Even so I've gotten 1 photo infringement letter from a San Diego law firm informing me of pending action. Even though I knew I was right it was extremely worrisome. I did not want to fight the good fight and win a Pyrrhic victory by going bankrupt in legal fees. I sent full details to the firm about the photo, that it was mine, and that I had the raw camera footage for it (including one that had me in the picture). This was a little before camera metadata but that would have been additional proof to make it easier. Regardless I never heard from that firm again.
The point is that these features should be opt in and disabled by default
In a perfect world, yes. However this is not a perfect world so security measures need to be opt-out. All software security measures are opt-out. This includes everything from serial numbers that must be entered so that the software will work to phone-home information that is used by everything from on-line games to the latest version of MSOffice (it must contact MS online every 6 months or it stops working). If this wasn't done the pirates would be disrupting software sales more than they are. Right now pirates are honestly a major nuisance to software developers. If everything was opt-out by default it would be impossible.
However you never really address my original point - that being that these automatically enabled features are helpful and hardly hurt my freedom to do what I want. In fact those are helpful features.
I read the article, and see nothing in the so-called "traitorware" that is objectionable.
I *like* cameras that incorporates metadata. This protects me from lawsuits and proves that the picture is mine and can be used however I want and as often I want. Because I can prove that the photo is mine through the metadata I have an easy way to defend myself in copyright and infringement lawsuits. For me the metadata is a selling feature and a benefit.
Printers that include tags on the paper that can be traced back to the person doing the printing I can also understand. People misuse printers to print out pedophilia (you are scum, and hope you are caught), counterfeiting (I like being able to use money, and hope you are caught), and threatening letters (my sister got several, and I hope you are caught). I just can't get that excited about anyone being able to trace what I print back to me. I can't think of a situation where I would care.
I don't own an IPhone (Droid), but I *like* the idea that it can send my location and heartbeat back to Apple. I'd have liked this on my laptop that had gotten stolen. I'd just call the police, and send Apple the police report. It would make tracking the device actually feasible, and maybe get some of these thieves to be arrested. Cars to some degree have this (called OnStar) and it's a big selling point. I refuse to get concerned about Apple wanting to listen to my heartbeat. Now if they would be so kind to implant the phone, monitor continuously, and notify medical help (and tell them where I am) if the heartbeat becomes arrhythmic and/or stops I would really appreciate that (heart problems is the leading cause of death).
I remember saving up my allowance as a kid so that I could go to the bookstore in the mall (to be fair I think it was a Waldenbooks) and buy new science fiction. I remember the first time I read Dune by Frank Herbert, and more so the White Plague. Later I started buying programming books (no, they aren't cheap) and got a good job. More recently I needed books on business and management, and am now reading "Made to Stick - Why some ideas survive and others die". This was purchased as B&N.
I don't have the opportunities with e-merchants that I do with physical booksellers. I enjoy looking at the flyleaf (sometimes possible at Amazon) and turn to the middle of the book and see how I like it (not possible with Amazon). I like to heavily browse the book before I buy it, which is just not possible with Amazon. This book has been very informative, but I do not think I would have been able to know enough about it to choose it by going to Amazon.
Do I pay more by going to B&N? Sure. Will I be able to find useful books at Amazon? Maybe. Will I enjoy visiting a web site for a bargain basement book that I have to wait 3 days to get as much as seeing it, browsing it, buying it and reading it when I go to the store? Of course not. After I add shipping costs the price works out the same between me going to the bookstore and having Amazon ship it.
On a bigger scale I worry about the power of bookshops being reduced to just a few outlets. Washington has been vastly increasing its power and taking over major industries. Washington is not kind or tolerant to the media. Washington has been caught in altering experts reports to fit its pre-made conclusions. The government now has the power to pick up the phone, call Amazon, and strip books from the shelves. We will be told "It is for the public good".
Silly humans... You shouldn't worry about whether other civilizations in distant star systems will detect your weak radio-spectrum emissions. That's isn't what we are scanning for in our extra-solar search.
In the beginning you humans signaled with visual signals - for example hand gestures, light houses, national flags, and road-side billboards. These are great but have very limited range.
Later you developed audio signaling for example speech, alarms, and air-raid horns. It has much further range and carries far more information, but degrades far more quickly over time.
Still later you developed electrical signaling devices, like the telegraph and early 1900's era telephone wire. You could finally transmit information over a long distance.
Later still your planet turned to the EM-band of communications. This included radio, television, radar, and a vast number of wireless devices. Your airwaves were crammed full of radio emissions leaking from your planet. Understand, these emission would barely be a carrier signal at 40 light years, and at 4000 light years would be a statistical anomaly on the EM band.
Later still you went digital and worried that people distant space civilization wouldn't hear you. Distant civilizations listen for EM band traffic. As stated, it's too hard.
If you continue to progress you will discover Distant Quantum Stimulation (the first step to efficient energy transmission). This *will* emit very strong EM-band emissions to space and is usually the sign of an emerging intelligence.
Later still will come high-energy Quantum Split-pair Sympathetic Signaling Systems (QS^4). This will come about to overcome the vast light-speed time delay in signaling between distant planetary bodies. However in using this there is sympathetic movement by unrelated quantum-bits in other solar systems. Some of those have intelligent life that will take notice.
Much much later, when you really start needing energy you will turn to Solar Photosphere Mining. This can either be "light" mining with light lenses and hot-cold energy channels (mega-batteries), or "heavy" mining like what you Earthlings call Dyson Spheres. Needless to say this significantly alters your star's appearance and can easily be seen at a distance.
In the far distant future you may discover the uses of dark matter - after all it *does* make up the vast majority of the universe. You really should know that there are ways that it can be used. It has vast potential. However any alternation and modification of the great web that is dark matter can be detected far far away. Civilization far and wide will be able to detect such an occurrence and celebrate with the graduating stellar system it's true achievement.
From here vast vistas await. There is no point in detailing them because there will be no point in searching for intelligence beyond your planet. This is because in improving your technology you also improve your capabilities. As you use those techniques more and better means of seeing further and understanding more become available.
There is no use at the lamating of an obsolete technology. To do so is to lament the passing of coastal semaphore stations and bonfire posts to warn of impending raids by Viking longboats. Your planet does not spend much energy in trying to detect such now-questionable methods of communication. Similarly other galactic civilizations do not spend much time or energy scanning for EM-band radiation.
Building foundations are not that expensive compared to construction costs. Building a foundation involves digging a hole according to engineering specs, laying the pipework channels according to blueprint, pre-stressing the sides of the foundation pit, laying in the re-bar, and then pour in a very strong expansive concrete mix - typically in multiple pours and sets. Then an engineer comes in and looks very closely at the sides, and for cracks. Sounds complicated but not really, nor really expensive compared to the building itself.
The taller a building gets it get more expensive due to material physics. Concrete is strong and concrete with re-bar is stronger, and concrete attached to heavy steel girders and beams in compressive mode is still stronger. But the higher you go the more support you need, and the stronger the *lower levels* have to be because they have all the upper levels pressing down on them. This is what causes both towers of the World Trade Center to fail - the structural supports were compromised (for different reasons in each tower) and the weight of the upper floors crushed the lower levels. As a rule of thumb each additional floor is 15% more expensive than the floor below it. This includes labor. Getting a construction worker licensed to work on the ground floor is way different than one licensed for high-rise construction work.
The foundations of buildings are not the expensive part - just generally the most time consuming (for the high-stress concrete to cure) and the most aggravating (all the inspections, documentation, and prep work).
Digging holes is still far cheaper. Underground buildings still win.
Nowdays I'd prefer my buildings to be as *low* as possible. Having a nice *deep* underground bunker would be best.
Tall buildings, as well as other major attractions like stadiums, are a status symbol. Every time the building is mentioned you name either the company, the city, or the country in question. Tall building are a brand image. In these times companies prefer a more conservative (and some may argue greener) profile. Tall buildings in this respect are not useful. It is easier to get the same name-recognition result through other channels - charity events, signage, marketing and teaming on major internet sites, and positive news-generation that involves your company name. Even viral marketing can be a major factor. Ever see the new Lady Gaga video "Bad Romance" and the brands displayed? All of these is far far FAR cheaper than a very tall building.
Now consider a nice *low* building, maybe even one underground. It is a lot more protected, it tends to be greener as can plant trees or solar panels on the top (lots of good press coverage). It tends to be a lot easier to insulate against weather. There's a lot more stability given when digging underground and the sides of the building are braced by the pressing of the surrounding earth. If a company wants the prestige factor they can put a large sign up near the highway/freeway with their company name on it.
Best of all it's good against bombs. Frankly, tall buildings are easy to hit. Underground bunkers are a lot harder.
So I say, build better deep buildings (holes), not tall towers of concrete (poles).
(Gasp) Someone escapes prison and starts updating Facebook? And instead he could be doing something unconstructive like lifting some unwatched goods and running some simple 419 scams. But noooo... this guy updates his Facebook page. Who knows what comes next - World of Warcraft raids, and watching endless YouTube videos? Geez, someone get him a gun before it's too late.
If not he might become something worse, like a web developer. (shudder)
It's easy to break something. It's much harder to completely cover the evidence of who is responsible.
Question 1 - Why did the hacker target the Virginia Health Department?? That wouldn't be a site that most hackers would even think about much less target for major intrusion. Did the hacker in question cover his tracks as to why he chose this obscure site? Might he have been familiar with it because it tracks potential perscription drug abuse, and he had been flagged for further investigation before? Does he have a history with this company?
Question 2 - Did he cover his visits? Few people can find a potential site, explore the site for vulnerabilities, get access to the site, explore the internal structure of the site, devise an attack plan, code it, execute it, and get out in just one sitting. It usually requires several sessions, each time gaining more access and having better intelligence. The last visit can be covered up, but did he cover up the logs of the first few times when he didn't have complete control, and his tracks and actions may still be in an access log?
Question 3 - What methodology did he use to gain access? Having access to the database (and backups) to the degree that an encryption command can be executed would be difficult. It requires the ability to execute several commands remotely on the server. Were these commands given thru web-page vulnerabilities? Did it require log-in credentials, and if so, whose? Did access require special in-house knowledge, and if so, who knew it?
Question 4 - Where did he do this from, and what is his IP address? Hiding your IP address is next to impossible and there are multiple logs kept of access, including by the ISP. Did he do this from home? (If so, FAIL) Did he do this from a public wireless access point? If so did he cover his tracks there? (It's amazing where they put surveillance cameras nowdays) Anonymizer services will usually hand over the original IP addresss if requested by federal authorities, so that isn't going to work. Did the hacker consider that?
Question 5 - Where is he checking that yahoo address from? See question 4.
Question 6 - Is he using a different computer now? If I wanted to be really sneaky I'd ask yahoo to check not only the Yahoo cookie when someone logs into that account, but *also* get the Google one also, and 10 others. Send the cookies to the relavent companies for the data it contains. Is he using a fresh computer to erase tracks left there?
Question 7 - Did he cover up his phrasing carefully from others he used pubicly? Phases like "Uhoh" "gladly" "not to pony up" "Fucking Bunch of Idiots" "bettin'" "drop me a line" "to have gone missing, too" (weird extra comma here and other places) seem to be rather unique. Some of it can be faked, but the phrasing we use says a lot about us.
Question 8 - How is he planning on collecting the money? Most people think international banks (Caymen islands is common) is the answer. No. Most countries/locations (ex Caymen islands) have easy business registration/taxation rules, but are poor choices for trying to stash/launder money. It's not easy collecting large amounts of money. Does the hacker have a plan on how to collect that money?
Question 9 - Is he going to revisit the scene of the crime? Is he checking the internet news sites to find stories about m^Hthis crime? Is he going to give himself away by visiting such a site (like Slashdot) and visiting, leaving his IP address. Who knows, maybe he'll even gladly, comment.;)
Comments can be left at hackingforprofit(the at sign)gmailcom. Drop me a line.;)
Groklaw was certainly informative, and it is nice to see major media give a nod of thanks to an internet site that had done their research. What I wonder is where is Groklaw to grok next?
I'd vote for Groking RIAA, big time.
Grok IP law and squelch that mess once and for all.
And since it the season, groking certain political parties (or all of them) would be nice.
Ok, let me put it this way, with reference to topic at hand...
Let's consider "suspicious" activity of person-vs-person. If I walk down the street normal and non-descript in every way except I was patting the top of my head continously. If addressed by a passer-by I respond "bleek blork bleesums boo" and start hopping. Most people would consider this "suspicious" and more than likely call upon the government to send someone to investigate. This is a reasonable infringement of my privacy for the common good.
Now a second case of person-vs-collective. Same situation, but now in a work environment where I am employed. More than likely I will be escorted to the personnel department for a evaluation. The business/corporation is assuming the powers of the police, and in fact have far more powers than any reasonable government has. They don't need to accord me a trial. I have very little possibilities to appeal. They can pass judgment immediately and unilaterally. Again my absolute personal rights have been infringed upon, but now for the private good of a limited group.
Now a third case. Government has its own classification of suspicious activities and wants to collect information on this - say thru a transit card, or the use of credit cards, phone records, email, bank statements. Some would stand up and say "For shame! This invades my privacy, and will not be!" when in reality this give-and-take of privacy takes place on all levels, and by far the government has the *least* powers to intrude on privacy. The irony in this is that in the first case, people are already appealing to the government for protection against an non-threating suspicious activity, and in the second case the government doesn't even have a role (the business *is* a repressive totalitarian government). What you are advocating in your answer seems to be mob-justice or mafia enforcement. I'd rather the simple answer "Why not let the government peek at a few records to see who is suspicious?"
Slashdot Mirror
It is possible (and very easy) for a company to install key loggers and monitoring software on their own company computers. Once employees steal time from their employer and update their Facebook page the employer now has the password. When the employer does use the password they check it through a proxy service like Tor. Easy, untraceable, and quiet.
When there is something that the employer doesn't like on the Facebook page the employee will face eventual job termination. Their performance reviews will be poor, the monitoring logs will be used to show misuse of company computers and time, and any complaints by customers will be fully utilized. The content of the Facebook posting will never be referenced and the person will be terminated for valid reasons. After being fired any unemployment benefits will be contested (yes, the ex-employee usually wins regardless), and then appealed (50-50 chance).
Certainly this is not how it is done at any company that I manage.
Daisey went to Foxconn as a creative activist (not a journalist) with a pre-made agenda (discredit Foxconn and Apple as big bad business) for a specific result (better working conditions). However this does not excuse people that listened to the original story and believed it. You should have known better.
The truth is that Foxconn has 900,000+ employees. They must be treating people decently to get to 900,000 employees in the first place. There have been several suicides that have made the news that people use to try to prove that they are a big bad business, but to be FAIR companies in the US also have a lot suicides that don't make the news at a much higher incidence than Foxconn. Yet people won't think and believe anything they are told that Foxconn is mistreating its workers.
The truth is Foxconn recently held a jobs fair to hire for future production and thousands of people lined up and waited for hours to try for those jobs. They produce high tech components that require highly skilled and highly trained staff, and do so successfully. You cannot do this with "forced" labor as has been demonstrated many times in many countries. Most telling is that the United States with its vaunted worker rights (and more worker rights rules coming) cannot get manufacturing jobs. The US does not produce steel, computers, microwave ovens, radios, or medical devices like CAT scanners or heart monitors (I know, I used to work in a hospital). It sounds like Foxconn knows how to do business successfully and profitably.
Yet Daisey went to China to try to do a smear piece on Foxconn, and now justifies it that it is creative activism. This wouldn't be so bad but people are sheep and believed it and still do under the heading of "Fake, but essentially True". The same people will believe everything Obama says like "Ultimately, though, there's no silver bullet here" when referring to gas prices (and still wants to take away the oil subsidy). People will believe the Occupy Wall Street chant of "Tax the Rich" while ignoring the fact that the rich are already HIGHLY taxed, and that even the 1% don't have enough money to balance the U.S. budget. But it makes for a good distraction.
Other ideas that are being brainwashed into without thinking...
Democrats are God (schools singing hymns of worship to Obama)
Republicans are big bad businessmen (kill big business)
Fox News is bad (remember the government's war on Fox?)
Meat is murder
People must be forced into Union for their own good (no such thing as a bad union)
People must be forced to buy health care
Religious organization must be forced to provide abortions
Green is good (especially when it is an inferior product)
Gene-engineering is bad (especially when it is a better and healthier product)
Voter ID is bad (how quick we forget about ACORN and OBAMA)
Think people, THINK! You got fooled by Daisey but still believe Obama, Oliver Stone, and Michael Moore.
I bought it about 6 months ago and keep in it a fanny pack (yes, one of those ultra-non-cool mini-backpacks). The device weights about 2 or 3 pounds (fairly heavy), pumps out 2 mW of interference, and usually jams phones within about 20 feet (more on this later). Cell phone jammers are just too big to constantly lug around in a pants pocket and certainly are noticeable with the antennas sticking out.
That was the problem of the person on the bus. First he was keeping it in plain view. Second he did not hide the fact that he was jamming (in the video he looks at the cameraman he is jamming). The third mistake is that he was constantly keeping it on rather that on-wait 5 secs to burst-kill everything-off.
I'm very careful. I don't look at the person. I reach into my bag, turn it on, and then take out a package of tic-tacs candy and take one, chomp on it for about 5 or 10 seconds while listening to people say WTF around me and then put the tic-tacs back in the bag and shut off the jammer. Anyone looking at me (which is often) sees that I'm sneaking a snack.
My greatest fear is cell-jammer-detectors/trackers which are surprisingly cheap. However I doubt that someone with a tracker can isolate me in 10 second of surprise use. Given that the tracker have to move around holding the device looking at the signal indicators means that I doubt that one can sneak up to me.
I most often have to use it while waiting to check out in shopping centers. People talk talk talk on their phone and never consider the people around them, erupting to gales of laughter. Second most often is in traffic seeing the driver in the car beside me yakking away and not paying attention. Jamming in a car is more difficult and less range but it does still work well. Third most common is at work seeing people that should be WORKING aren't. All these people find that suddenly they don't have phone reception anymore. It usually takes a few applications of jamming but eventually people give up and get back to what they should be doing.
The devise I use says 5-20 meters, but my real-world estimate is 20-30 feet (6-10 meters). In my local wall-to-wall mega-store using the device at the checkout lines causes WTF's from about 5 lines away, and occasionally all the way to the entryway / cart-storage with people stopped dead in their tracks looking with puzzled looks at their phones.
Yes I do know that the legality of the device is problematic and I'm prepared to fight it in court if need be. I only once came close when I was speeding and got pulled over by the police. The officer looked my car over and while talking to me asked what was in the black bag on the passenger seat. I replied that I respectfully refuse to answer any further questions and will exercise my constitutional right to remain silent. The cop dropped being friendly and became all business (not hostile but very imposing). He then wanted to search my car. "No". He goes back to his car for a long time with my license. A second police car shows up and while one is talking to me, the other is looking at my car through every window with special attention to the zipped fanny pack. They walk off a bit to talk it over and eventually after about 30 minutes from being stopped they let me go with a large speeding ticket (no traffic warning for me). Probable cause and fruit of the poison tree for the win.
I'd like to get a car-powered one that is supposed to jam 3G, 4G, GPS up to 50m away but there is no way that could be concealed. I have little fear that I will be caught short of becoming over-confident and careless. In short I am going to continue using my device to thwart the terrible talkers and telephone abusers.
Seriously. You valued this item enough that you had it custom made for yourself, your livelihood as a stage performer depends on it, and to some degree it represents some of your identity (being able to call yourself a Jedi, for example). Obviously this item is important. Yet you left this valuable, important item go unwatched "for a few minutes" in a NYC bar. Imagine that, something valuable disappearing in NYC *and* a bar. What are the chances?
I do not understand why you would bring such a valuable item to a bar and not lock it up, and why you would take your eyes off of a valuable item in the first place. Let me put it another way. If I go to football stadium and leave my high performance laptop on my seat while I go get some food and come back and see that the laptop is gone, should I really be that surprised?
Let me give you another case. For reasons unknown Apple employees 'lose' the prototype of the IPhone 4 in a California bar not once but twice. It could be argued that this was a publicity stunt (esp considering the offending employees were not fired) but there was no sympathy for the lost device. In fact a leading tech magazine got it and started working on a tech story on the IPhone4 specs and capabilities until Apple's lawyers persuaded the magazine to give it back to Apple. Did anyone lament the case for Apple? No, there was much mirth and glee on Slashdot on this story. Because it is outrageous and stupid.
You compare this the childish behavior of someone stealing your toy. Respectfully I would disagree and this is the very adult behavior of someone stealing some valuable property. I do not cheer for thieves of any kind, from burglars, pickpockets, muggers, or carjackers. Part of being adult (and one that most people learn as a child) is that there are certain actions that you can take to lessen your risk. This means that we as adults learn to lock our doors and buy home security systems, we don't walk around with money sticking out of pockets, we watch out for dangerous situations, and we are generally careful with the items that we don't want to lose. You did not do this. So while I will not cheer for the thief in this situation, I also will not sympathize much with you either.
I also don't understand why you would publish the incident to the world. You already know who did it (you have them on video, and have confronted them), you know where it is (this isn't a worldwide issue), and you have taken initial action on it (put up flyers around the area). If you still feel a need for action take them to small claims court. Slashdot is not the right tool for your situation.
Everyone (including me) has lost valuable items and has learned an unpleasant truth from it. I wish you the best of luck in getting your lightsaber back.
New York City is home to 8,175,133 people as of 2011. It uses 64,500 gigawatt-hours of energy per year. Using a standard industrial solar panel (ex Trina Solar 230) which produces 5750 watts (assuming constant supply 5.75 kWh) with a base area of 17.6 sq feet and costs $360. To power NYC it would take 11.2 trillion panels taking up an area of 7081 square miles of solar panels, at a cost that of $500,000,000 per NYC resident.
NYC is also one of the most energy efficient cities in the US. Other cities would require a lot more panels. This also does not account for the need of storage batteries, energy transmission loss, and power loss to material degradation (dusty solar panels), life-cycle (panels last about 20 years), or the fact that during the night there will be no energy production.
I go over these figures every few years and it just does not appear that this is a viable solution. It would be *nice* to use solar panels but if it is not realistic the solar panel industry will never thrive. Where would we fit all of these solar panels, and where would we find the money?
I run a business and have over 550 domains at GoDaddy and no I'm not planning on moving. If GoDaddy CEO Parsons(?) wants to go hunting and kill an elephant, fine. That has absolutely nothing to do with my business model nor does it affect my clients (elephants don't pay for my products). It also does not affect me that GoDaddy wants to promote SOPA and then decide not to. My business is is not in danger of running afoul of SOPA guidelines and having my domain names snatched.
I am surprised that so many people are transferring their domain names to another registrar (ex Namecheap). I work on concentrating on my business bottom line and doing what I do best. Changing registrars does not help that at all. All it does is make a political statement of "I don't like GoDaddy". While this may be mildly satisfying for all of a day or so, it does not do anything for my business. Put concisely, this is not something in my Circle of Influence, and I have doubt about whether this should even be in my Circle of Concern.
GoDaddy outbound transfers: Full of sound and fury, signifying nothing.
Wrong
There have been numerous studies done which show there is little relationship between wage paid and work done. Wages only influences the retention of your trained workforce (less wages, more training budget) when they switch to a more profitable job (in a bad economy, wage goes down and productivity up).
Put it another way. Take your average production line employee and double his pay. Does production increase any? No. Production is limited by outside factors (order received, assembly time, work flow from other members, waiting for results to be generated...) However that person may feel better, but as a company I really don't care how that employee feels (yes I know this isn't PC but it is real). Why should I then increase a person's wage?
Take another example. A company in the U.S. competes against a company outside of the U.S. Suppose that there is a extreme difference in labor costs between these two countries/companies. As a result the price for the finished product is much lower when produced in the company outside of the U.S. Which one will the consumer buy? (Hint, take a look at where your car/computer/clothing etc was assembled/built). High (or increasing) wages are counter-productive.
Why are so many people unhappy about this? I don't care if the government (federal, state, local) can get an accurate facial recognition / identification program going.
This doesn't interfere with peoples ability to move and work as they want. This just means that if something bad happens (fire, riot, terrorist attack, traffic accident) that the people involved can be quickly identified. The obvious goal is not to prevent or prohibit, but to catch and convict criminals.
This already exists. I fly once a month within the United States, and about once a year internationally. I am certain that there are several databases that have analyzed me and graded me on my "threat" potential. I don't care as long as they do the same for everyone so that my flight can be as safe as possible. I am certain that airports, major shopping malls, sports arenas, concerts, and major metropolitan junctions (ex Times Square in NYC) are monitored, tracked, analyzed, and judged to keep them as safe as possible.
I look forward to the day that when there is a hit-and-run, or a person is assaulted in a sports stadium and put into a coma, or when a there is a riot that the people that did the injury are caught. Too often people have the attitude that they cannot be caught because they will be lost in the crowd.
Are you really protesting being accountable as a loss of liberty?
I already answered this. Reread my original posts, or are you willfully not listening to anything that doesn't fit your viewpoint?
Please clarify how I am a hypocrite? Please prove your point.
Business is about making *money* and business that don't go bankrupt. The only institution that isn't sensitive to cost and return on investment is the government itself.
Nor am I greedy. I pay property taxes which keep going up which feed directly into the schools. United States has one of the highest expenditures per child on education, yet we have one of the worst literacy, mathematics, and scientific competency rates worldwide. Explain that.
I pay for road and infrastructure improvements. It's part of the gasoline tax. With the price of gas going up the government has been collecting a windfall for improvements. Yet our roads are crumbling and bridges collapsing. When I pass road crews I see about 12 to 20 people and 6 or so heavy machinery vehicles with only 1 or 2 people seeming to do anything.
Environmental mess? Get real. Do you realize that according to current EPA and OSHA rules, a cup of coffee is technically toxic pollution, and spilling it on the ground outside of our office technically needs to call in a full decontamination crew? Remember when that city in California spent $1,200,000,000 to move a bush to protect it? Does this sound reasonable?
I most certainly do pay for my raw material and for the training of my employees. I'd hire a $45,000 web designer and have to train them in Dreamweaver, basic CSS, MySQL, PHP, javascript, and CMS systems. Yes they said they had the skills and their resumes listed 4 years hands on experience. But they don't know it. One person had trouble with the basic math in making web measurements (if the web design is 1000 pixels wide, and the left menu is 180 pixels, with a 5 px margin on each side, how much area does that leave? Her answer "820 pixels?")
My point is that during training the business is depending on an employees performance after training to pay for the period while they were in training. This is to make up for the fact that they are under-educated in the first place. For the employee to demand a raise after training is grossly unfair to the business. Of course after a few times the business learns and refuses to hire those under-educated people in the first place. Good luck in getting that job fresh out of college.
I love your "All that should be FREE for the Almighty, sanctified business owner" statement. Yes, that is it exactly.
Our country was founded on raw grit. It was tough, it was hard, but it was a free wide open country. The textbooks are full of people that despite every hardship, despite cruel discrimination, an unfriendly environment, civil turmoil, and slow transportation still managed to prosper. They did not do it from government help, but in fact despite government interference. They worked 12 hour days, they innovated, retried, and branched out. And we remember them today.
I do have a sense of entitlement. I am entitled to start a business by whichever business model I prefer and believe that I am entitled to be left alone insofar as it doesn't hurt anyone else. I believe in free trade and the ability to hire the best and produce the best and make my products as attractive as possible so that people will buy from me. Yes, I believe that I'm entitled as an American to be GREAT, dammit.
That is what is right with the U.S. And I am proud of it.
I'm a small business in web development and am highly sensitive to costs. I work by myself in my home office. I do need tasks done - graphics, copywriting, and technical analysis. I can't do those myself and so I need to hire people to do that for me. I used to use a labor outsourcing website where jobs can be bid on and I can approve the bidders.
When using that site I submitted between 1 and 4 jobs per week. The people hired for these jobs were rarely from the U.S., and varied from Russia, China, India, the Philippines, Saudi Arabia, and Mexico. The work didn't always get done perfectly for which I blame myself. I learned how to manage a remote workforce and ensure that I put in testing criteria for the product beforehand.
I don't use those outsourcing websites anymore because I kept coming back to the same people that wanted the work. I got their contact info, and can send them a email with "Same thing, same way, new item, same price?". Much quicker than going through the website.
I do work in the U.S. (Pennsylvania) and theoretically could hire at least 3 people to work with me (I really need a fulltime graphic designer). I wouldn't consider doing it though.
First I would need to hire an Human Resources manager to handle all the government paperwork, then probably a lawyer because there are invariably workplace disputes. That is two non-productive (moneymaking) personnel just to set up a business. Then I need to worry about employees. If an employee gets "stressed" they can claim FMLA and get a free paid vacation. If an employee gets pregnant, same thing. If an employee wants to join a national labor union (yes, I've had this happen) I can't do anything to interfere and I have to be careful about handling that person.
I don't have these problems with overseas workers. They work, and they work well. I've spoken to them (yes some of them have strong accents) and they are happy and eager to do business. I've heard the stories about abuses but haven't seen anything to cite specifics. Sure there are past cases from years ago that have been corrected, but to be fair the U.S. has had its share of its own labor abuses in the past.
Now I hear that there is a political figure that wants to penalize business for doing business overseas and move the tax-rate higher. Good luck with that. I am currently a Delaware LLC, but it isn't that expensive (about $5000/yr from what I can find) to become a foreign-owned corporation (Kingstown, in St Vincent is particularly attractive). I would then change myself from listed president to the single paid employee (yes you can tax that $25000), and keep all assets and profits overseas (no, you can't tax what I haven't taken). Yes, this is legal.
America is uncompetitive. We have labor unions that has run manufacturing into bankruptcy (US Steel, textiles, GM, Boeing). Americans are too poorly trained, greedy (once they are competent they want pay raises or leave for other jobs), and arrogant (one employee wanted a room to smoke marijuana in for an hour each day because he had a legal "prescription" for it (stress-related)). Labor in the U.S. has become a nightmare for business owners and a running joke for international observers. This is even written up in current business books about U.S. labor.
It is not just me that is doing this. I'm not the only one using these job outsourcing web sites. I'm seeing signs that there are a lot of companies that are submitting dozens of jobs at a time, or complex jobs that require teams of developers and thousands of man-hours.
When the U.S. become more competitive things will improve. Pretty speeches won't do it.
Actually, there is a couple of degrees for that...
One is majoring in Political Science ("I do not do this for me, nor for my community, but because it the right thing to do for our CHILDREN.")
The other is getting a degree in law (any specialty) ("Is it true that you still beat your wife?")
Solution: configure your email server to scrub all active content in emails.
The original article states that there wasn't any active content in the email. The email was just a social engineering ploy to cause a person to go to an innocent looking but actually malware loaded web page. The email that the person in Epsilon received mentioned a forgotten friendship and recent wedding. Everyone has forgotten past friends, and wedding photos can be nice to look at. Certainly an employee would not worry about violating the company's acceptable use policy on this site.
The part I'm curious about is how the website managed to install the malware on the computer. Most company computers now days have the administration functions locked out and cannot be changed by the computer user. Even if Epsilon did not secure the PC's against installation I cannot figure out how the webpage delivered a malware payload that would disable the anti-virus without any warning. After that installing the keyloggers and remote administration is easy.
I'm also surprised that Epsilon did not have any network analyzers already installed. A good system administrator keeps watch over even tiny leaks like Microsoft Office products checking their versions (and serials numbers) with the Microsoft site. System Administrators keep watch to see where their fellow employees have been browsing (www.somethingxxx.??? will get you fired, www.timewastingfunsite.??? will get you a warning, a family site like www.weddingphotos4u.net (the malware site used against Epsilon) will be ignored). How did they miss this traffic going back and forth on their network?
Anyone can be fooled into visiting a hostile site if the attack and site are constructed to be as attractive as possible. I do blame Epsilon for missing the impact and changes that such a site will have on a computer and network.
I don't totally agree with you. He has been working on this code/cipher for years so his personal algorithm has probably gone through several revisions, becoming tougher with time. It is complicated enough that even with his years of playing with that cipher he still makes mistakes.
This really has the look of a code done completely in the persons head without the need of a sheet to do calculations on. There are too many mistakes, and the writing shows haste and carelessness, not the slow process of copying out the resulting code blocks as they are calculated. The three simplest codes that people start using is the simple substitution cipher (ex A becomes Z), transposition ciphers (ABCD becomes CABD) and the Playfair cipher. Next comes the Vigenère cipher, but that is usually too difficult to do in your head.
This doesn't look like it uses a one-time pad since there is too many weird repetitions, notably NCBE and WLD. I'd say something like a combination of a Playfair cipher, simply because there are some things in the message he couldn't encrypt like the 's at the bottom, and the inc near the top of page 1. The circled bit in the top right really looks like a key (and I'd bet the key is obscured by a substitution cipher).
The weird repetition really makes me think of Playfair ciphers, but the problem is the grouping. Playfairs always result in 2-letter groupings, and this message shows a lot of five letter groupings (ex page 1, line 2, block 1 "TFRNE") and even using Playfair would not result is so many NCBE.
That NCBE really puzzles me. Anyone who knows enough about codes to use one would know about the problems with such an obvious repeating element. As other people have mentioned it almost looks like a symbol for the period, but why use a four character replacement, and why be so obvious about it?
I did test out a few Playfair blocks to see if I could get anywhere, but obviously I am missing a few steps somewhere.
Anyone else think that the lines in the middle that have 71, 74, and 75 are steps/directions? It almost looks like the first phrases there are "first", "second" and "third". The part at the bottom almost appears to be an address (194 XXX's (NCBE) XXXXX) the last five either being "drive" or "court"
This PsyOps division engaged in heavy persuasion sounds like what everyone else does everyday. Lets see...
"compiling detailed profiles of the VIPs, including their voting records, their likes and dislikes, and their "hot-button issues."
Okay. To some degree this is what a lot of people do before a romantic date. You try to find out what the other person will like by checking their Facebook page, checking with mutual friends, and maybe floating a few vague questions to the date. People going to a job interview does their back research on the president of the company, the company history, and any industry issues so that they appear professional, competent, and knowledgeable. How can it be wrong for the army to do the same commonsense action?
"deeper analysis of pressure points we could use to leverage the delegation for more funds." "What do I have to plant inside their heads?"
So what? This is called management. Anyone that has ever been given a job performance warning or given one to an employee has had the same thing. The message is clear. You will do better. You will work harder, longer, and smile while doing it. You are lucky to have a job, and we can fire you. The police are training on how to give clear voice commands to keep order. Mothers constantly work with just this technique to train their children not to do what's fun like hurting the family pet, breaking furniture, and generally dangerous behavior (no, you WILL NOT jump backwards down the stairs. DO YOU UNDERSTAND?!? Good. Now TELL ME what you WON'T DO.) Is the article seriously expect the army not to use the most basic management techniques?
"CIA to put together background dossiers on congressional opponents"
Yep, and employers routinely run background checks on all job candidates. Drunk driving, sorry, no job for you. Bad debt means you are irresponsible and untrustworthy.
"exploiting new technologies like blogging and Wikipedia"
Companies now monitor all social media sites. I know of one that has software key loggers on all company computers to get the blog passwords and monitor the content. Any negative posting about the company and the person is fired within three weeks for general performance issues (including the use of non-work related blogging on company computers). This is not illegal. Should it be illegal for the army to do the same?
"Holmes learned that he was the subject of an investigation, called an AR 15-6"
Yep, and hopefully Holmes will be thrown in prison. In business this is called either insider trading (in finance), or ethical misuse of corporate information (business). It is a felony and there have been a lot of people that have gone to jail for it (ex, Martha Stewart). In the military Bradley Manning (Wiki leaks) has been facing military court martial for basically the same thing. Apparently Holmes feels he special and that he is immune from investigation for exposing serious military intelligence.
"After being reprimanded, Holmes and his team were essentially ignored for the rest of their tours in Afghanistan"
Yes, that sounds about right. Who in their right minds pays attention to a general screw-up? In relationships that break up the people remain separated and generally ignore each other afterward. People that are fired are escorted carefully to the door and then forgotten (and replaced). If you switch from one bank to a different bank you don't keep going to the previous bank to make sure they are doing okay. This is only common sense. Holmes is indeed very special.
"there is no way to tell what, if any, influence it had on American policy."
Little to none, certainly not illegal or even questionable.
Sure, someone who wants to claim ownership of a picture would never be able to insert desired metadata in the file.
Sure, it has been done. Most notably demonstrated here. I only mentioned that the camera metadata protects me in case of a lawsuit.
There is a stock photography provider called Getty Images that looks for people that have been using their images without approval or payment. To those that infringe they send a RIAA-like letter offering a settlement if a fine is paid. I use a lot of stock photography (mostly through a different but well known and very legitimate site). When possible I use my own puny 6 megapixel camera (and sometimes my 3 megapixel droid) to take stock photos. I always proof that the photos are mine. These photos of mine save me a lot of money.
Even so I've gotten 1 photo infringement letter from a San Diego law firm informing me of pending action. Even though I knew I was right it was extremely worrisome. I did not want to fight the good fight and win a Pyrrhic victory by going bankrupt in legal fees. I sent full details to the firm about the photo, that it was mine, and that I had the raw camera footage for it (including one that had me in the picture). This was a little before camera metadata but that would have been additional proof to make it easier. Regardless I never heard from that firm again.
The point is that these features should be opt in and disabled by default
In a perfect world, yes. However this is not a perfect world so security measures need to be opt-out. All software security measures are opt-out. This includes everything from serial numbers that must be entered so that the software will work to phone-home information that is used by everything from on-line games to the latest version of MSOffice (it must contact MS online every 6 months or it stops working). If this wasn't done the pirates would be disrupting software sales more than they are. Right now pirates are honestly a major nuisance to software developers. If everything was opt-out by default it would be impossible.
However you never really address my original point - that being that these automatically enabled features are helpful and hardly hurt my freedom to do what I want. In fact those are helpful features.
I read the article, and see nothing in the so-called "traitorware" that is objectionable.
I *like* cameras that incorporates metadata. This protects me from lawsuits and proves that the picture is mine and can be used however I want and as often I want. Because I can prove that the photo is mine through the metadata I have an easy way to defend myself in copyright and infringement lawsuits. For me the metadata is a selling feature and a benefit.
Printers that include tags on the paper that can be traced back to the person doing the printing I can also understand. People misuse printers to print out pedophilia (you are scum, and hope you are caught), counterfeiting (I like being able to use money, and hope you are caught), and threatening letters (my sister got several, and I hope you are caught). I just can't get that excited about anyone being able to trace what I print back to me. I can't think of a situation where I would care.
I don't own an IPhone (Droid), but I *like* the idea that it can send my location and heartbeat back to Apple. I'd have liked this on my laptop that had gotten stolen. I'd just call the police, and send Apple the police report. It would make tracking the device actually feasible, and maybe get some of these thieves to be arrested. Cars to some degree have this (called OnStar) and it's a big selling point. I refuse to get concerned about Apple wanting to listen to my heartbeat. Now if they would be so kind to implant the phone, monitor continuously, and notify medical help (and tell them where I am) if the heartbeat becomes arrhythmic and/or stops I would really appreciate that (heart problems is the leading cause of death).
How is this so-called "traitorware" an issue?
I view this change with regret
Barnes and Nobles has significantly helped me.
I remember saving up my allowance as a kid so that I could go to the bookstore in the mall (to be fair I think it was a Waldenbooks) and buy new science fiction. I remember the first time I read Dune by Frank Herbert, and more so the White Plague. Later I started buying programming books (no, they aren't cheap) and got a good job. More recently I needed books on business and management, and am now reading "Made to Stick - Why some ideas survive and others die". This was purchased as B&N.
I don't have the opportunities with e-merchants that I do with physical booksellers. I enjoy looking at the flyleaf (sometimes possible at Amazon) and turn to the middle of the book and see how I like it (not possible with Amazon). I like to heavily browse the book before I buy it, which is just not possible with Amazon. This book has been very informative, but I do not think I would have been able to know enough about it to choose it by going to Amazon.
Do I pay more by going to B&N? Sure. Will I be able to find useful books at Amazon? Maybe. Will I enjoy visiting a web site for a bargain basement book that I have to wait 3 days to get as much as seeing it, browsing it, buying it and reading it when I go to the store? Of course not. After I add shipping costs the price works out the same between me going to the bookstore and having Amazon ship it.
On a bigger scale I worry about the power of bookshops being reduced to just a few outlets. Washington has been vastly increasing its power and taking over major industries. Washington is not kind or tolerant to the media. Washington has been caught in altering experts reports to fit its pre-made conclusions. The government now has the power to pick up the phone, call Amazon, and strip books from the shelves. We will be told "It is for the public good".
Silly humans... You shouldn't worry about whether other civilizations in distant star systems will detect your weak radio-spectrum emissions. That's isn't what we are scanning for in our extra-solar search.
In the beginning you humans signaled with visual signals - for example hand gestures, light houses, national flags, and road-side billboards. These are great but have very limited range.
Later you developed audio signaling for example speech, alarms, and air-raid horns. It has much further range and carries far more information, but degrades far more quickly over time.
Still later you developed electrical signaling devices, like the telegraph and early 1900's era telephone wire. You could finally transmit information over a long distance.
Later still your planet turned to the EM-band of communications. This included radio, television, radar, and a vast number of wireless devices. Your airwaves were crammed full of radio emissions leaking from your planet. Understand, these emission would barely be a carrier signal at 40 light years, and at 4000 light years would be a statistical anomaly on the EM band.
Later still you went digital and worried that people distant space civilization wouldn't hear you. Distant civilizations listen for EM band traffic. As stated, it's too hard.
If you continue to progress you will discover Distant Quantum Stimulation (the first step to efficient energy transmission). This *will* emit very strong EM-band emissions to space and is usually the sign of an emerging intelligence.
Later still will come high-energy Quantum Split-pair Sympathetic Signaling Systems (QS^4). This will come about to overcome the vast light-speed time delay in signaling between distant planetary bodies. However in using this there is sympathetic movement by unrelated quantum-bits in other solar systems. Some of those have intelligent life that will take notice.
Much much later, when you really start needing energy you will turn to Solar Photosphere Mining. This can either be "light" mining with light lenses and hot-cold energy channels (mega-batteries), or "heavy" mining like what you Earthlings call Dyson Spheres. Needless to say this significantly alters your star's appearance and can easily be seen at a distance.
In the far distant future you may discover the uses of dark matter - after all it *does* make up the vast majority of the universe. You really should know that there are ways that it can be used. It has vast potential. However any alternation and modification of the great web that is dark matter can be detected far far away. Civilization far and wide will be able to detect such an occurrence and celebrate with the graduating stellar system it's true achievement.
From here vast vistas await. There is no point in detailing them because there will be no point in searching for intelligence beyond your planet. This is because in improving your technology you also improve your capabilities. As you use those techniques more and better means of seeing further and understanding more become available.
There is no use at the lamating of an obsolete technology. To do so is to lament the passing of coastal semaphore stations and bonfire posts to warn of impending raids by Viking longboats. Your planet does not spend much energy in trying to detect such now-questionable methods of communication. Similarly other galactic civilizations do not spend much time or energy scanning for EM-band radiation.
Silly humans with their Very Large Arrays...
Building foundations are not that expensive compared to construction costs. Building a foundation involves digging a hole according to engineering specs, laying the pipework channels according to blueprint, pre-stressing the sides of the foundation pit, laying in the re-bar, and then pour in a very strong expansive concrete mix - typically in multiple pours and sets. Then an engineer comes in and looks very closely at the sides, and for cracks. Sounds complicated but not really, nor really expensive compared to the building itself.
The taller a building gets it get more expensive due to material physics. Concrete is strong and concrete with re-bar is stronger, and concrete attached to heavy steel girders and beams in compressive mode is still stronger. But the higher you go the more support you need, and the stronger the *lower levels* have to be because they have all the upper levels pressing down on them. This is what causes both towers of the World Trade Center to fail - the structural supports were compromised (for different reasons in each tower) and the weight of the upper floors crushed the lower levels. As a rule of thumb each additional floor is 15% more expensive than the floor below it. This includes labor. Getting a construction worker licensed to work on the ground floor is way different than one licensed for high-rise construction work.
The foundations of buildings are not the expensive part - just generally the most time consuming (for the high-stress concrete to cure) and the most aggravating (all the inspections, documentation, and prep work).
Digging holes is still far cheaper. Underground buildings still win.
Nowdays I'd prefer my buildings to be as *low* as possible. Having a nice *deep* underground bunker would be best.
Tall buildings, as well as other major attractions like stadiums, are a status symbol. Every time the building is mentioned you name either the company, the city, or the country in question. Tall building are a brand image. In these times companies prefer a more conservative (and some may argue greener) profile. Tall buildings in this respect are not useful. It is easier to get the same name-recognition result through other channels - charity events, signage, marketing and teaming on major internet sites, and positive news-generation that involves your company name. Even viral marketing can be a major factor. Ever see the new Lady Gaga video "Bad Romance" and the brands displayed? All of these is far far FAR cheaper than a very tall building.
Now consider a nice *low* building, maybe even one underground. It is a lot more protected, it tends to be greener as can plant trees or solar panels on the top (lots of good press coverage). It tends to be a lot easier to insulate against weather. There's a lot more stability given when digging underground and the sides of the building are braced by the pressing of the surrounding earth. If a company wants the prestige factor they can put a large sign up near the highway/freeway with their company name on it.
Best of all it's good against bombs. Frankly, tall buildings are easy to hit. Underground bunkers are a lot harder.
So I say, build better deep buildings (holes), not tall towers of concrete (poles).
(Gasp) Someone escapes prison and starts updating Facebook? And instead he could be doing something unconstructive like lifting some unwatched goods and running some simple 419 scams. But noooo... this guy updates his Facebook page. Who knows what comes next - World of Warcraft raids, and watching endless YouTube videos? Geez, someone get him a gun before it's too late.
If not he might become something worse, like a web developer. (shudder)
Time for the Hacker Intelligence test
It's easy to break something. It's much harder to completely cover the evidence of who is responsible.
Question 1 - Why did the hacker target the Virginia Health Department?? That wouldn't be a site that most hackers would even think about much less target for major intrusion. Did the hacker in question cover his tracks as to why he chose this obscure site? Might he have been familiar with it because it tracks potential perscription drug abuse, and he had been flagged for further investigation before? Does he have a history with this company?
Question 2 - Did he cover his visits? Few people can find a potential site, explore the site for vulnerabilities, get access to the site, explore the internal structure of the site, devise an attack plan, code it, execute it, and get out in just one sitting. It usually requires several sessions, each time gaining more access and having better intelligence. The last visit can be covered up, but did he cover up the logs of the first few times when he didn't have complete control, and his tracks and actions may still be in an access log?
Question 3 - What methodology did he use to gain access? Having access to the database (and backups) to the degree that an encryption command can be executed would be difficult. It requires the ability to execute several commands remotely on the server. Were these commands given thru web-page vulnerabilities? Did it require log-in credentials, and if so, whose? Did access require special in-house knowledge, and if so, who knew it?
Question 4 - Where did he do this from, and what is his IP address? Hiding your IP address is next to impossible and there are multiple logs kept of access, including by the ISP. Did he do this from home? (If so, FAIL) Did he do this from a public wireless access point? If so did he cover his tracks there? (It's amazing where they put surveillance cameras nowdays) Anonymizer services will usually hand over the original IP addresss if requested by federal authorities, so that isn't going to work. Did the hacker consider that?
Question 5 - Where is he checking that yahoo address from? See question 4.
Question 6 - Is he using a different computer now? If I wanted to be really sneaky I'd ask yahoo to check not only the Yahoo cookie when someone logs into that account, but *also* get the Google one also, and 10 others. Send the cookies to the relavent companies for the data it contains. Is he using a fresh computer to erase tracks left there?
Question 7 - Did he cover up his phrasing carefully from others he used pubicly? Phases like "Uhoh" "gladly" "not to pony up" "Fucking Bunch of Idiots" "bettin'" "drop me a line" "to have gone missing, too" (weird extra comma here and other places) seem to be rather unique. Some of it can be faked, but the phrasing we use says a lot about us.
Question 8 - How is he planning on collecting the money? Most people think international banks (Caymen islands is common) is the answer. No. Most countries/locations (ex Caymen islands) have easy business registration/taxation rules, but are poor choices for trying to stash/launder money. It's not easy collecting large amounts of money. Does the hacker have a plan on how to collect that money?
Question 9 - Is he going to revisit the scene of the crime? Is he checking the internet news sites to find stories about m^Hthis crime? Is he going to give himself away by visiting such a site (like Slashdot) and visiting, leaving his IP address. Who knows, maybe he'll even gladly, comment. ;)
Comments can be left at hackingforprofit(the at sign)gmailcom. Drop me a line. ;)
Groklaw was certainly informative, and it is nice to see major media give a nod of thanks to an internet site that had done their research. What I wonder is where is Groklaw to grok next?
I'd vote for Groking RIAA, big time.
Grok IP law and squelch that mess once and for all.
And since it the season, groking certain political parties (or all of them) would be nice.
Ok, let me put it this way, with reference to topic at hand...
Let's consider "suspicious" activity of person-vs-person. If I walk down the street normal and non-descript in every way except I was patting the top of my head continously. If addressed by a passer-by I respond "bleek blork bleesums boo" and start hopping. Most people would consider this "suspicious" and more than likely call upon the government to send someone to investigate. This is a reasonable infringement of my privacy for the common good.
Now a second case of person-vs-collective. Same situation, but now in a work environment where I am employed. More than likely I will be escorted to the personnel department for a evaluation. The business/corporation is assuming the powers of the police, and in fact have far more powers than any reasonable government has. They don't need to accord me a trial. I have very little possibilities to appeal. They can pass judgment immediately and unilaterally. Again my absolute personal rights have been infringed upon, but now for the private good of a limited group.
Now a third case. Government has its own classification of suspicious activities and wants to collect information on this - say thru a transit card, or the use of credit cards, phone records, email, bank statements. Some would stand up and say "For shame! This invades my privacy, and will not be!" when in reality this give-and-take of privacy takes place on all levels, and by far the government has the *least* powers to intrude on privacy. The irony in this is that in the first case, people are already appealing to the government for protection against an non-threating suspicious activity, and in the second case the government doesn't even have a role (the business *is* a repressive totalitarian government). What you are advocating in your answer seems to be mob-justice or mafia enforcement. I'd rather the simple answer "Why not let the government peek at a few records to see who is suspicious?"