It's one thing to create edited video that fools a casual observer, and another that stands up to forensic analysis.
It won't matter once the general population is too stupid to understand the science behind forensic analysis. And we're heading rapidly in that direction.
They run it because they have to. Didn't always used to be that way, but I've not seen significant technical innovation out of Oracle in a very, very long time. And given their other disasters with managed services, if I were running Oracle, I certainly wouldn't entrust it to their cloud service.
"Assuming an attacker has access to the computer's console"
I was always taught that this pretty much means game over. It might be an interesting way to get a root shell, but if I am sitting in front of the machine with console access, I can think of a number of other ways to get a root shell.
Sounds to me like they want to *write* student loans. Which is quite different from selling them. I would be interested in buying the notes, if that's what they were selling. Usurious interest rates, no chance of discharge in bankruptcy, no expiration. This is the kind of investment vehicle I would want to own.
Good point. Any prosecutor or law enforcement official with an axe to grind could point at any random string of characters they found on anyone's device, and say, "Look! Unbreakable encryption!"
I recently stayed in a hotel that provided a tablet in every room for accessing amenities, such as room service. It appeared to be equipped with a camera and microphone, as most tablets are. And I have little doubt the security at that hotel was as bad as what the poster described.
The government already has all that, they don't need to break into DropBox or OneDrive to read that stuff.
True, and the government is not my main concern with putting sensitive data, albeit encrypted, in the cloud. My main concern is that someday, the encryption might be broken. Once that happens any script kiddie with the right tools can to get to the data, and there's no sure way to remove it from the cloud.
you will be at no risk of hackers or anyone else gaining access that way
I disagree. Encryption algorithms are constantly being tested and broken, and there is great incentive for that to continue. From the NSA and other governmental entities deliberately weakening the tools we use to encrypt, to as-yet undiscovered flaws, nobody can say with 100% certainty that current encryption technology will forever be secure.
And that's the biggest problem with the cloud. Once a single copy has been posted, you no longer have a sure way to delete every copy in existence.
That is essentially what all ISPs want when they say they want to sell "fast lanes" on the internet. It's censorship. I'm just saying, give them what they want and then hold them criminally liable for anything illegal that gets through: pirated material, objectionable content, etc. No filter is perfect, and when the execs start landing in prison they'll change their tune soon enough.
Seems to me that if ISPs want to selectively favor content, they should be held responsible for *any* content passing through their systems. Start throwing their execs in prison for distributing whatever illegal material passes through, and watch how fast they scramble to be classified as common carriers.
For the hosting providers then fun really starts when you can't get a public IPv4 for your new webserver, that'll be fun. There's no NAT workaround for that, some european hosting providers are already feeling the crunch in their IPv4 blocks, you can only host so many servers. So what can you do? Jack up the prices ofcourse, isn't the free market wonderful!
This. This is why IPv4 will stick around for decades to come. There is too much profit potential in it, and IPv6 costs too much money to implement.
Is this the same Pearson that designs and administers tests for IT and other professional certifications? If so, it would explain a lot. The ones I've taken seem to be designed not to test your skills in the subject matter, so much as to test your capacity to parse bad English and to solve trick questions. It's horrifying to think that we are subjecting first graders to this crap.
If your data is worth encrypting, do you really want it in the cloud at all? The internet never forgets. Given the rapid advances in both raw compute power and cryptography, something that takes unimaginably long to brute force today, might be trivial to crack in just a few years.
...you should no longer have to pay school taxes since you never used the government school.
Wrong. Society as a whole benefits from public education. Children who grow up and have no marketable skills will become a drain on society. Worse, they won't have the understanding to make intelligent choices at the ballot box. If you want a democracy, you want good public education.
Slashdot Mirror
It won't matter once the general population is too stupid to understand the science behind forensic analysis. And we're heading rapidly in that direction.
It's Google or Apple listening to your phone's mic. Facebook just buys the data your phone's OS provider is already harvesting.
They run it because they have to. Didn't always used to be that way, but I've not seen significant technical innovation out of Oracle in a very, very long time. And given their other disasters with managed services, if I were running Oracle, I certainly wouldn't entrust it to their cloud service.
I was always taught that this pretty much means game over. It might be an interesting way to get a root shell, but if I am sitting in front of the machine with console access, I can think of a number of other ways to get a root shell.
Every device with a microphone should have a physical, hardwired switch with an indicator that tells when it's enabled or disabled.
Sounds to me like they want to *write* student loans. Which is quite different from selling them. I would be interested in buying the notes, if that's what they were selling. Usurious interest rates, no chance of discharge in bankruptcy, no expiration. This is the kind of investment vehicle I would want to own.
Good point. Any prosecutor or law enforcement official with an axe to grind could point at any random string of characters they found on anyone's device, and say, "Look! Unbreakable encryption!"
I recently stayed in a hotel that provided a tablet in every room for accessing amenities, such as room service. It appeared to be equipped with a camera and microphone, as most tablets are. And I have little doubt the security at that hotel was as bad as what the poster described.
This article https://theintercept.com/2015/11/15/exploiting-emotions-about-paris-to-blame-snowden-distract-from-actual-culprits-who-empowered-isis/ is a pretty good discussion of what's in play. Kudos to the NYT for pulling the article. Shame they published it in the first place.
Have you been to Arstechnica, Phoronix, and The Register? Browse their headlines and you'll see a 12-24 hour preview of what's going to show up on /.
True, and the government is not my main concern with putting sensitive data, albeit encrypted, in the cloud. My main concern is that someday, the encryption might be broken. Once that happens any script kiddie with the right tools can to get to the data, and there's no sure way to remove it from the cloud.
I disagree. Encryption algorithms are constantly being tested and broken, and there is great incentive for that to continue. From the NSA and other governmental entities deliberately weakening the tools we use to encrypt, to as-yet undiscovered flaws, nobody can say with 100% certainty that current encryption technology will forever be secure.
And that's the biggest problem with the cloud. Once a single copy has been posted, you no longer have a sure way to delete every copy in existence.
The FBI said they do not believe the incident is related to terrorism.
In other words, it's only terrorism when it suits our political agenda to call it that.
https://www.youtube.com/watch?...
That is essentially what all ISPs want when they say they want to sell "fast lanes" on the internet. It's censorship. I'm just saying, give them what they want and then hold them criminally liable for anything illegal that gets through: pirated material, objectionable content, etc. No filter is perfect, and when the execs start landing in prison they'll change their tune soon enough.
Seems to me that if ISPs want to selectively favor content, they should be held responsible for *any* content passing through their systems. Start throwing their execs in prison for distributing whatever illegal material passes through, and watch how fast they scramble to be classified as common carriers.
One can only hope.
And here I thought he was just being punny.
This. This is why IPv4 will stick around for decades to come. There is too much profit potential in it, and IPv6 costs too much money to implement.
This seems to be the standard way to make inconvenient records disappear. http://youtu.be/hZEvA8BCoBw
This is why I have little use for cloud storage. Encryption is best thought of as a delay mechanism.
Is this the same Pearson that designs and administers tests for IT and other professional certifications? If so, it would explain a lot. The ones I've taken seem to be designed not to test your skills in the subject matter, so much as to test your capacity to parse bad English and to solve trick questions. It's horrifying to think that we are subjecting first graders to this crap.
If your data is worth encrypting, do you really want it in the cloud at all? The internet never forgets. Given the rapid advances in both raw compute power and cryptography, something that takes unimaginably long to brute force today, might be trivial to crack in just a few years.
Wrong. Society as a whole benefits from public education. Children who grow up and have no marketable skills will become a drain on society. Worse, they won't have the understanding to make intelligent choices at the ballot box. If you want a democracy, you want good public education.
Couldn't have said it better myself. Shame you posted this AC but I think I understand why you did.