I would LOVE to see what the DODI 8510.01 RMF C&A package for this deployment would look like. Hell, the Ports, Protocols, and Services mapping alone would be breathtaking. (And, frankly, very useful for us mortals to study to find the other privacy backdoors the geek press hasn't cottoned on to yet.)
Let me clarify that last. To gain certification and accreditation to deploy a new software or hardware technology to a DoD network, you have to fully disclose all long-haul network access, down to which ingress or egress ports (or service numbers) using what transport protocol. All of them. So Microsoft's "phone-home" bullshit would have to be completely, explicitly, and accurately mapped.
And in the typical 1960s computer room, you didn't even have to remove the corpses. Just pull up a floor tile and drop the body into the underfloor morgue, I mean, cooling plenum in the subfloor.
Several of the examples in TFA were obviously printed on a DEC DECWriter printer, like an LA36.
Also, the snippets of code that were there looked a lot like DEC BASIC, running on a TOPS 10 or 20 minicomputer, but it's hard to tell with such small samples.
The Sun creates 1.2 trillion tons of helium a second. There's plenty of it. The only hard part is getting it. Which is why we need a crash program to either deep-drill or strip-mine the Sun for the valuable helium it's hiding from us.
After their big push to get flying drones registered, they were really not looking forward to requiring the registration of hovermoms and helicopter daddies.
I don't think you were reading who you were responding to, or read but discounted it.
PP (Parent Poster) indicates that the hypothetical user isn't connecting to the internet. MMS requires internet connectivity to deliver its "more advanced than SMS" payload. From Wikipedia:
Technical description
MMS messages are delivered in a totally different way from SMS. The first step is for the sending device to encode the multimedia content in a fashion similar to sending a MIME message (MIME content formats are defined in the MMS Message Encapsulation specification). The message is then forwarded to the carrier's MMS store and forward server, known as the MMSC (Multimedia Messaging Service Centre). If the receiver is on a carrier different from the sender, then the MMSC acts as a relay, and forwards the message to the MMSC of the recipient's carrier using the Internet.
Once the recipient's MMSC has received a message, it first determines whether the receiver's handset is "MMS capable", that it supports the standards for receiving MMS. If so, the content is extracted and sent to a temporary storage server with an HTTP front-end. An SMS "control message"(ping) containing the URL of the content is then sent to the recipient's handset to trigger the receiver's WAP browser to open and receive the content from the embedded URL. Several other messages are exchanged to indicate status of the delivery attempt. Before delivering content, some MMSCs also include a conversion service that will attempt to modify the multimedia content into a format suitable for the receiver. This is known as "content adaptation".
The bolded portion of the last paragraph makes it clear: accessing the multimedia content requires HTTP connectivity via some TCP/IP network, which PP is disallowing in his hypothetical.
I think you're describing the Stagefright vulnerability, and it's true that if you allow a vulnerable Android device to access malware MMS multimedia content, the malware will exploit the weaknesses of the Stagefright APIs and pwn the phone. However, most SMS/MMS programs can be configured to not automatically download multimedia content (but rather requiring user action to start the download). This changes Stagefright MMS from a "drive-by" vulnerability to a slightly less risky "requires user consent" one.
It's precisely analogous to internet metadata collection: who you're communicating with, at what time. But not what you're saying (by not being allowed to open the envelope and read the mail, or not being able to crack message content encryption).
In the context of OP's question, paper-and-pen offer no meaningful improvement.
Surgically extracting a portion of a brain, giving it senses and mobility, and teaching it to navigate a maze is much more impressive than just discovering that its neural activation is symmetrical.
If they'd done the development at Berkeley, it wouldn't have had such problems. But then anyone could come along, take the design, and add to it without backporting to the US Navy.
Experience says that whistle-blowing is the best and fastest way to get blackballed. I'm pretty sure "You'll never work on this planet again" is already the case.
Slashdot Mirror
You don't get anything by writing letters.
That's not really fair. Getting put onto a watchlist for disloyalty to the United Corporate States of America, Inc. qualifies as "getting something".
Ah, Nissan didn't take long to put their damage-controlls online.
Thanks for sharing the company's PR perspective with us, AC. But how 'bout we actually discuss the real facts and the real effects, hmm?
Slashdot moderators... I am disappoint.
Does Uber uses systemd in their technological infrastructure? That might explain it.
What I heard was more like "Problem, Freedom?"
I would LOVE to see what the DODI 8510.01 RMF C&A package for this deployment would look like. Hell, the Ports, Protocols, and Services mapping alone would be breathtaking. (And, frankly, very useful for us mortals to study to find the other privacy backdoors the geek press hasn't cottoned on to yet.)
Let me clarify that last. To gain certification and accreditation to deploy a new software or hardware technology to a DoD network, you have to fully disclose all long-haul network access, down to which ingress or egress ports (or service numbers) using what transport protocol. All of them. So Microsoft's "phone-home" bullshit would have to be completely, explicitly, and accurately mapped.
*happy dance*
Well, a geek can dream.
You speak ignorance with great authority.
Defeating brute-force attacks is very precisely part of strong encryption.
It's just gone 8 o'clock and time for the penguin on top of your television set to explode.
And in the typical 1960s computer room, you didn't even have to remove the corpses. Just pull up a floor tile and drop the body into the underfloor morgue, I mean, cooling plenum in the subfloor.
What harm would one more do? Have you ever seen the Fire God when he's angry? You don't want to.
"Snow Goddess".
So, yeah, in addition to being superstitious luddites, they're apparently SJWs and Frozen fans.
"Of course our customers are satisfied! What makes you think they have any choice in the matter?"
@whipslash - mobile is dropping [strong]seditious[/strong] content.
FTFY.
DEBUG g=c800:5
Stupid != Virtuous
God is save-scumming.
Several of the examples in TFA were obviously printed on a DEC DECWriter printer, like an LA36.
Also, the snippets of code that were there looked a lot like DEC BASIC, running on a TOPS 10 or 20 minicomputer, but it's hard to tell with such small samples.
Finite? Depleting?
The Sun creates 1.2 trillion tons of helium a second. There's plenty of it. The only hard part is getting it. Which is why we need a crash program to either deep-drill or strip-mine the Sun for the valuable helium it's hiding from us.
After their big push to get flying drones registered, they were really not looking forward to requiring the registration of hovermoms and helicopter daddies.
Thankfully, availing one's self of the First Amendment doesn't require any kind of moral defense.
I'm sure Japan has no desire to resurrect its war crimes on the Korean Peninsula. You're flirting with a diplomatic disaster, Friend.
I don't think you were reading who you were responding to, or read but discounted it.
PP (Parent Poster) indicates that the hypothetical user isn't connecting to the internet. MMS requires internet connectivity to deliver its "more advanced than SMS" payload. From Wikipedia:
The bolded portion of the last paragraph makes it clear: accessing the multimedia content requires HTTP connectivity via some TCP/IP network, which PP is disallowing in his hypothetical. I think you're describing the Stagefright vulnerability, and it's true that if you allow a vulnerable Android device to access malware MMS multimedia content, the malware will exploit the weaknesses of the Stagefright APIs and pwn the phone. However, most SMS/MMS programs can be configured to not automatically download multimedia content (but rather requiring user action to start the download). This changes Stagefright MMS from a "drive-by" vulnerability to a slightly less risky "requires user consent" one.
Use pen and paper. Personal papers have more legal protection than digital data that cross over the ether.
Only if you're hand-delivering. If you're using U.S. Snail Mail, they've been photographing envelopes for metadata collection for years.
It's precisely analogous to internet metadata collection: who you're communicating with, at what time. But not what you're saying (by not being allowed to open the envelope and read the mail, or not being able to crack message content encryption).
In the context of OP's question, paper-and-pen offer no meaningful improvement.
Pray tell, where was the rest of the rat?
Surgically extracting a portion of a brain, giving it senses and mobility, and teaching it to navigate a maze is much more impressive than just discovering that its neural activation is symmetrical.
If they'd done the development at Berkeley, it wouldn't have had such problems. But then anyone could come along, take the design, and add to it without backporting to the US Navy.
By clapping you in prison until you surrender the keys to "escrow"?
Well-placed Hellfire missile strike?
Obviously, if you don't agree, you're the ENEMY. And we know how that ends.
Experience says that whistle-blowing is the best and fastest way to get blackballed. I'm pretty sure "You'll never work on this planet again" is already the case.