Chaos Gorilla is similar to Chaos Monkey, but simulates an outage of an entire Amazon availability zone. We want to verify that our services automatically re-balance to the functional availability zones without user-visible impact or manual intervention.
And even if "capture raw data" suffices - if the bandwidth to their traffic caputring room is at capacity, they very well may tell the upstream switches to slow down so they can "capture [all] raw data".
Until there's enough transparency; it's at least as reasonable to blame the NSA for using lots of bandwidth to cause conjestion as it is to blame all those movie-pirates for using all the bandwidth.
Many agencies already have every officer wearing wearable video ( such as those from this company: http://www.vievu.com/ ).
Google would be a bad solution, though - they have a history of lying to the public and abusing data (PRISM) in a way that puts most local agencies to shame. Would people really want to give Google that much more power?
Better - require law enforcement to wear cameras without specifying a vendor - and instead create a legal framework that would cover under what conditions and to whom (ACLU? Defense Attorneys? NSA? Prosecutors? Community Neighborhood Watch Groups? Victims?) that information could be shared.
With the recent leaks about how Google cooperates with government surveilence; I almost wonder if blatent weaknesses like this are by design.
Sad when what should be outlandish conspiracy theories sound tame compared to what it's revealed they're alerady doing.
While everyone else is speculating about 1990's "fighter planes" - you're probably closer to the truth.
I suspect it's not a carrier for conventional fighters, but, as you say, robots^H^H^H^H^H^Hdrones.
Another problem is Tor's has tiny enough usage that it's easy for a handful of governments to run a critical mass of exit nodes and relays to do traffic analysis.
Instead of discouraging things like bittorrent - I think the Tor project should encourage it, along with encouraging people to contribute back enough bandwidth to make up for their downloads (i.e. contribute about 3X the bandwidth they download).
That way Tor could grow to the scale where it'd be much harder to monitor or take down.
I imagine that the major projects (Debian, Fedora) get adequate security review to trust that the binaries actually match the sources; and tat the sources are reviewed by many eyes.
For a little known distro like Whonix -- why would you think you can trust that the binary doesn't have backdoors installed by the people who put it together.
I find it quite possible that many intel agencies would benefit by putting together their own privacy-tools with backdoors.
How can you be confident that this one isn't one.
(Personally I'm guessing you're safest using either Debian or Fedora (NOT Ubuntu or RHEL) and configuring it yourself.)
People keep speaking of the NSA as one monolithic organism.
I think it's quite possible that many people in the NSA (including it's spokespeople and PR people) are kept in the dark about what goes on in other parts. One step further, it seems possible that the entire NSA doesn't know everything about what the contractors it outsources to (like the one Snowden worked for) are doing.
For example in these interview: http://www.pbs.org/newshour/bb/government_programs/july-dec13/whistleblowers_08-01.html
At around 5:23 into this the NSA General Counsel denies collecting content (as opposed to metadata); and at 6:00 the NSA's inspector general states that the "as [he] understand[s] it and from what [he] know" NSA sticks to what courts authorize it and only collects telephony metadata.
Yet Snowden's leaks clearly suggest that Booz Allen at least had far greater capabilities than what the NSA leadership was apparently aware of.
TL/DR: maybe they're being sincere when they deny knowing what's going on. Not sure if that would be disturbing or re-assuring, though.
Microsft gets a growing market in which to sell their products (for >$0) to replace their existing shrinking market; and meanwhile Linus gets $0 for each of those units shipped with both Office and Linux.
The same rules being used for 802.11 works for me.
Those rules are largely governed by physics -- where even if you wanted to, the signals don't make it that far.
With different wavelenths having very different properties, it's not obvous that the 802.11 rules (don't exceed some small limit that extends about as far as an average property line) would work.
The problem is insecure distribution and control of private keys. (i.e. https that depends on trusting Certificate Authorities that appear easy to abuse by governments).
Better solutions could exist --- for example if HTTPS would only work after checking both certificates from a "trusted" certificate authority *and* a self-signed cert. That way all you rely on is that the CA wasn't compromised when you first exchanged the keys for the self-signed cert. Once that happens, even if a CA cooperates with an oppressive regime later, the self-signed cert would keep you safe.
Anything that can launch stuff into orbit can probably also be tweaked to drop stuff literally anywhere in the world.
Wonder if this'll turn into the poor-man's ICBM -- where you target a house of an enemy with google maps; and drop rocks on it with this 15,600 mph slingshot.
So best of both worlds would be if *TWO* certificates need to match --- both a self-signed one; and a commercial one.
Seems that would fix many of the problems.
That way if the commercial CA is trustworthy at first, you can transfer your public key; and if the commercial CA gets compromised later, your self-signed key protects you.
Govâ(TM)t, certificate authorities conspire to spy on SSL users... which meant that CAs must be handing over certificates so that they could be used with the device.
Slashdot Mirror
and a whole availability zone dying
Even doing that, you end up less stable than amazon.com : http://techblog.netflix.com/2011/07/netflix-simian-army.html
Chaos Gorilla is similar to Chaos Monkey, but simulates an outage of an entire Amazon availability zone. We want to verify that our services automatically re-balance to the functional availability zones without user-visible impact or manual intervention.
How is it that AWS is less reliable than the
How is it that AWS is less reliable than amazon.com ?
Seems Amazon occasionally claims to use AWS - yet amazon.com doesn't seem to die as much.
Are the rest of us just not using it correctly?
And if I understand right - is doing it to foreign markets even legal by design?
It suffices for them to simply capture raw data
Lol. You have no idea what suffices for them.
And even if "capture raw data" suffices - if the bandwidth to their traffic caputring room is at capacity, they very well may tell the upstream switches to slow down so they can "capture [all] raw data".
Until there's enough transparency; it's at least as reasonable to blame the NSA for using lots of bandwidth to cause conjestion as it is to blame all those movie-pirates for using all the bandwidth.
How long has Netcraft been confirming BSD dead?
Google would be a bad solution, though - they have a history of lying to the public and abusing data (PRISM) in a way that puts most local agencies to shame. Would people really want to give Google that much more power?
Better - require law enforcement to wear cameras without specifying a vendor - and instead create a legal framework that would cover under what conditions and to whom (ACLU? Defense Attorneys? NSA? Prosecutors? Community Neighborhood Watch Groups? Victims?) that information could be shared.
Like bitcoins:
It's probably a bigger market than BitCoins - so perhaps they should go after that market first.
I stopped buying Apple products when Wozniak left.
My Apple ][+ was awesome, though. Damn closed/locked-down macintosh.
The one variable I've noticed that is a better predictor of success than anything else: how good is the team?
So we can logically conclude that Software Mangement has two very important roles that do correlate with success:
With the recent leaks about how Google cooperates with government surveilence; I almost wonder if blatent weaknesses like this are by design. Sad when what should be outlandish conspiracy theories sound tame compared to what it's revealed they're alerady doing.
While everyone else is speculating about 1990's "fighter planes" - you're probably closer to the truth. I suspect it's not a carrier for conventional fighters, but, as you say, robots^H^H^H^H^H^Hdrones.
Another problem is Tor's has tiny enough usage that it's easy for a handful of governments to run a critical mass of exit nodes and relays to do traffic analysis. Instead of discouraging things like bittorrent - I think the Tor project should encourage it, along with encouraging people to contribute back enough bandwidth to make up for their downloads (i.e. contribute about 3X the bandwidth they download). That way Tor could grow to the scale where it'd be much harder to monitor or take down.
I imagine that the major projects (Debian, Fedora) get adequate security review to trust that the binaries actually match the sources; and tat the sources are reviewed by many eyes. For a little known distro like Whonix -- why would you think you can trust that the binary doesn't have backdoors installed by the people who put it together. I find it quite possible that many intel agencies would benefit by putting together their own privacy-tools with backdoors. How can you be confident that this one isn't one. (Personally I'm guessing you're safest using either Debian or Fedora (NOT Ubuntu or RHEL) and configuring it yourself.)
Everyone should forward this to any politician they hear crying about the sequester.
As proof that it's badly needed to trim waste? Or as proof that it shouldn't happen?
the NSA is denying
People keep speaking of the NSA as one monolithic organism.
I think it's quite possible that many people in the NSA (including it's spokespeople and PR people) are kept in the dark about what goes on in other parts. One step further, it seems possible that the entire NSA doesn't know everything about what the contractors it outsources to (like the one Snowden worked for) are doing.
For example in these interview: http://www.pbs.org/newshour/bb/government_programs/july-dec13/whistleblowers_08-01.html At around 5:23 into this the NSA General Counsel denies collecting content (as opposed to metadata); and at 6:00 the NSA's inspector general states that the "as [he] understand[s] it and from what [he] know" NSA sticks to what courts authorize it and only collects telephony metadata.
Yet Snowden's leaks clearly suggest that Booz Allen at least had far greater capabilities than what the NSA leadership was apparently aware of.
TL/DR: maybe they're being sincere when they deny knowing what's going on. Not sure if that would be disturbing or re-assuring, though.
Re:I don't know, has he?
No. Microsoft won.
Microsft gets a growing market in which to sell their products (for >$0) to replace their existing shrinking market; and meanwhile Linus gets $0 for each of those units shipped with both Office and Linux.
The same rules being used for 802.11 works for me.
Those rules are largely governed by physics -- where even if you wanted to, the signals don't make it that far.
With different wavelenths having very different properties, it's not obvous that the 802.11 rules (don't exceed some small limit that extends about as far as an average property line) would work.
The problem is insecure distribution and control of private keys. (i.e. https that depends on trusting Certificate Authorities that appear easy to abuse by governments).
Better solutions could exist --- for example if HTTPS would only work after checking both certificates from a "trusted" certificate authority *and* a self-signed cert. That way all you rely on is that the CA wasn't compromised when you first exchanged the keys for the self-signed cert. Once that happens, even if a CA cooperates with an oppressive regime later, the self-signed cert would keep you safe.
how frequently Microsoft web products have been rebranded so far
Bing Drive?
Passport Drive?
MSN DRive?
Vista Drive?
ME Drive?
(personally I think their strongest brand is XBox; so "XBox Drive" would be their best bet if they actually want it to succeed)
At least with laptops, I can stick Linux on them when their version of windows gets too bogged down with viruses.
Wonder if this'll turn into the poor-man's ICBM -- where you target a house of an enemy with google maps; and drop rocks on it with this 15,600 mph slingshot.
Heck, most of them run Windows that has China offices too.
Seems complicit to me.
Or maybe even controlled?
Who knows what interesting facts the PRISM database has on those guys that could hurt their next campaign.
Seems that would fix many of the problems.
That way if the commercial CA is trustworthy at first, you can transfer your public key; and if the commercial CA gets compromised later, your self-signed key protects you.
That's exactly the problem CAs solve.
That's exactly the problem the commercial CA's *cause* when they co-operate with oppressive governments. http://arstechnica.com/security/2010/03/govts-certificate-authorities-conspire-to-spy-on-ssl-users/
Govâ(TM)t, certificate authorities conspire to spy on SSL users ... which meant that CAs must be handing over certificates so that they could be used with the device.