The case you cited is completely different. If you understand how Credit Card Clearing works you would know that. The clearing agencies have a vested interest in the transaction volume and amount thus any fraud there could have pretty serious impact on thier financials. TJX just got hacked for the numbers there was no Sales data involved, that data is transferred to the General Ledger immediately.
BTW, the case you cited was dismissed under SOX. It was appealed but seem like if they had won something would have been published about it on that page you refererenced.
SOX whistleblower does not apply in this instance, the issue had nothing to do with financial record keeping practices of a public company. MAYBE a creative lawyer could stretch and grasp that but it wouldn't stick in court.
If I'm a Manager at Company X why should I hire a "security expert" who was so dumb he couldn't make himself anonymous and who runs his mouth about company secrets on the Internet THINKING he is anonymous? This guys isn't even technically smart not to mention his common sense, ethics and judgement are questionable. So he's not someone I hire to run my Security.
It doesn't have to get as far as terrorists and nukes if the Credit Card companies would enforce the penalties for non-compliance to the PCI Standard. I know that the credit card processing agreement that my s.o. business has indicates that if your firm is "leaking" card numbers due to inadequate security they can penalize UP TO the removal of your firm priveleges to accept credit cards. Seeing as how many retail stores get 50%+ of their sales from Credit Cards or branded debit cards that would be a big hurt if they had thier acceptance revoked.
Just to be clear I've never seen or heard of this credit card death penalty being applied as it would hurt Visa/MC/Amex too as they wouldn't be getting fees on each sale (which can be 3-5%). So penalizing TJX could cost Visa/MC/AMEX a large sum of money. IMHO a better way would be to keep increasing the cut the card companies get when a firm has sucky security until it's gets too expensive NOT to fix the problem.
Not to mention these mice are genetically predisposed to develop cancer. These strains in the lab are not nearly as diverse genetically as humans. If 90% of mice get something that does not mean 90% or even 9% of humans would get the same disease or problems. Scientists try to accomodate for the shorter mice lifetime by increasing the dose of the suspect cancinogen. I always thought that was not too a reasonable trade. Higher doses can cause different problems than a low dose over time. of course as someone said the press just sees the chance to slam science by reporting bad news or to sell more papers/magazines with sensational stories based very loosely on fact.
Say what? The losses for light propagating in fibers is about 0.2 dB/km for modern single-mode silica fibers. That's pretty darn efficient. And typically, the reflected power is about 4% of the incident power and a glass to air interface. Many lasers for (current) optical transmission are under 10 watts. If IBM has gotten the speed they got for 100watts that's impressive.
As for equipment, Optical switches use a couple Watts, optical routers aren't that bad, I can spec a system of about 2.5Tbps (Juniper T-series)that uses about 4500 watts for chassis, cards, control logic, hard drives, etc. By the way, the logic is all in ASIC, very little discrete ciruitry.
You are getting a discount for volume and a discount (CALS) for being 100% MS. Not everyone gets that deal.
I don't think it's 12K/user unless they have one user and have bought one of everything at retail price, but I think your figure is a bit low. You DO have to add in physical server costs, backup costs, electricity, racks and floor space as well to get TCO.
It's not just licensing, scalability kicks in too with large apps that use multiple servers. If it takes 12 servers to run the app with Win2K3 and SQL but only 8 with Lunix and a database such as MySQL then there is an instant savings of more than 33%.
So the same techs at 50K each take care of 750 desktops and users, the 20 Win@K3 servers and the SQL servers? Thats a tremendous amount of work for two people. That number of servers really needs a dedicated sysadmin perhaps two or three depending on the expertise level of the admin and if 24x7 on-site is required. I've seen UNIX and Linux shops where they had one admin for every 150+ servers. The UNIX/Linux servers just don't require a lot of work. I know one business associate who has an old Sun Ultra-2 server that he hasn't had to reboot in serveral years.
As someone who worked on several satellites I can attest you are dead on in your analysis. Fuel, Solar Panels and Payload (Transmitters, CPUS, etc) are going to be important. The more capability the satellites need the more power they need and the bigger the panels and fuel tanks and thus the overall size and weight go up and with that the costs.
The orbit is also key, you want them in a low orbit with the right inclination but not so low that atmospheric drag is significant. They also have to be line of sight to their n neighbors to communicate. So until the full netwotk is up you are going to have gaps. Also, when new technologies emerge how to you upgrade? Do you cripple the new birds to have a compatiability mode with the old ones in terms of data rate and communication bands?
The bus concept has been around 10-12 yrs from Hughes, the "network of satellites" has been around longer, think GPS and Iridium. Also the NASA TDRS system falls into this concept too.
All and ASAT has to do is take out two satellites such that there is a gap in the network that can't be bridged and the concept degrades to darn near useless. You also have to build Ground Stations to communicate and to manage the network. Take out the satellite that a critical ground station uses as an uplink and you've forced then to ship the data to another uplink point via terristrial means which negates the whole reason for the satellite network.
All things considered, this is a stupid R&D project. Seems somoene at DARPA read a re-hased proposal from the 1980's and decided it was something cool to throw money at.
At this point in time we don't even have a Manned Moon Mission in the planning horizon. It's Mars first right now. Of course the same launch vehicle can be used for both but we don't have a Lunar Lander (revive the old one and modernize?) nor do we have a way for astronauts to stay on the moon more than a week or so. Neither one of those is insurmountable but they are essential precursors to building a large structure manned or unmanned on the Moon.
OK, I gotcha on that one. Even before 9/11 they were screening you, just not as close. If there were constitutional issues I would have expected a plethora of lawsuits by now. Or maybe there are some pending?
I agree you can't substitute in some cases, but the Gov't doesn't have any business making it easier to get your upward mobility from networking, etc. Nor are they really preventing it. I see the TSA as the traveling public's version of the IRS. A Gov't Pain in the Ass that we just have to deal with because once in a while they do something good (i.e. IRS has helped bust some major criminals on tax fraud). I just hope they get better at what they do. I'd almost rather have a robot screener as they can only do what the program allows and they'll do it the same way everytime.
The founding princples of this country were personal liberty and the abolishment of unreasonable demands of Governments, specifically taxation w/o representation. But it has always been held by the Founding Fathers than the Government was to make rules for the "common good" and "National Defense" and would regulate "Interstate Commerce". To me the TSA screenings clearly fall into these areas. They also thought your liberty stops where it infringes on mine. That's why you can't scream "Fire" in a crowded theater, nor drive while drunk, or take certain drugs that have bad effects on society. Having someone blow up of hijack a plane certainly isn't in the best interest of the public.
Non sequitor..you can't even get to the gate without being run thru the metal detector so how could you try to board? I'm not sure where you got the idea they interrogate you if you are found with "contraband". I've seen people threatened with detainment when they got in a big argument with the TSA. But you have to remember TSAs are essentially Federal Law Enforcement Officers and as such they can detain you.
When I'm not traveling I work from home, a high speed internet connection and a savvy employer is all I need. But in cases where face-to-face contact is essential you can't always drive, so you fly. But you can do a heck of a good living working without travel. I did it for a long time and others do too.
And there are many professions that don't require travel to be competitive, say a Doctor or Lawyer. They often travel for educational purposes but they can take those same courses online.
The Constitution does say what the LIMITS on our rights are and spells out the Essential liberties (i.e. Bill of Rights which equates to what Hamilton was writing about). The Declaration of Independance is closer to what you are saying.
Don't know who you talk to but the only complaints I hear are the TSA is slow, inefficient and inconsistent. No one objects to the process as a whole. I for one with they were faster and the screeners were better. A lot of screeners just let shit pass if it doesn't exactly fit the contraband items the TSA told them to look for, and they others kick out way too much stuff for hand screening.
It IS illegal to possess the items taken in that circumstance. In a lot of places it's illegal to posess fireworks and if you get stopped they take them in the name of public safety, same with the TSA, the public travels on airplanes. This one has been up the stack to the Supreme Court and upheld. So there are not any grounds for an effective argument. 100% liberty without limits is pretty much the same as anarchy.
This is/. I don't have to RTFA!
However I did and to do the attacks you need PHYSICAL access which isn't trivial. If you got physical access then all bets are off on what you can do to a machine. Grabbing the keys this way (cold reboot) only helps you until they change the keys, if you have physical access then you would be better off planting a trojan to grab data for the longer term. If they can steal the chips or the data and take them back to a lab then they can run all the error correction and key crackers they mention but they can't crazk those in a few seconds. The article also states "At normal operating temperatures, we generally saw a low rate of bit corruption for several seconds, followed by a period of rapid decay. Newer memory technologies, which use higher circuit densities, appeared to decay more quickly than older ones". Can you USB boot in several seconds??? Here is what they said "We found
that the dimensions of the decay curves varied considerably between machines, with the fastest exhibiting complete data loss in approximately 2.5 seconds and the slowest taking an average of 35 seconds.....Can you USB boot and copy in several seconds?, they couldn't.."We succeeded in dumping 1 GB of RAM to a flash drive in approximately 4 minutes." So the results will vary, the DDR2 decays fastest and those chips are pretty common in desktops & laptops. There is also the bit about ECC memory, it's harder in some ways as it's commonly cleared immediately on bootup.
I agree the approach WILL work, it's just not a practical approach when you have physical access and can boot the machine.
I travel a LOT and oof you don't co-operate they just don't let you thru. I've even been busted for having items on the no-fly list, they just make you throw them away and you can go, or you can go without your bag. I've never seen anyone detained and escorted away.
Sorry for the misunderstanding on Gitmo.
Yes, it's nonzero. But if it's in standby and they can crack your login/password thats easier than taking it apart. 95% of laptops stolen are stolen for the hardware not the data. But the other 5% could contain some seriously valuable info. The fix you mentioned sounds reasonable, however I'm not sure standby mode is something software can detect, I'm not sure about half the time XP even remembers!
That's the hard part, so any hack using this method almost has to be an inside job. How many hackers can actually walk into a location, take down the system, open it up and remove the memory DIMMS? In every data center I've worked at someone with that level of access is pretty well checked out, or if they are a vendor they are escorted and watched carefully. Pulling DIMMs out an puting them into liquid nitrogen is surely going to be noticed. It's not like you carry a Dewar in your pocket. Sure you can spoof the system once in a while but you got to be a damned good imposter. If it was your personal/corporate laptop/desktop and you had "Geek Squad" working on a problem you may have an issue.
Also, consider the data in RAM is binary and could be anything from OS Code to App Code to data, you really have to know how the layout of how the chips store and access info as well as the structure of the information (what's code, whats data) and how to identify each type of information. Bit decay is also a problem, when you reach a certain time the bits start to decay, and you can't always tell with certainty it's a 1 or a zero. That decay time will vary by mfg, technology, speed of chips, etc.
Once you have access to a machine deep enough to pull chips there are MUCH easier hacks, backdoors, trojans, malware, booting your "custom" OS off a thumb drive, burning files to a "backup CD", etc. are all much easier. It's RESEARCH not (yet) a reasonable way to hack the system.
No, the fifth amendment has no bearing. Here is the text: No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use without just compensation.
TSA is not convicting and trying anyone so the first part doesn't hold. Generally travelers arent in the land, naval or Militia (i.e. National Guard) forces. Double jeopardy certainly doesn't apply, compelled to testify against self does not apply, you are NOT being deprived of life, liberty (i.e you are not arrested or even detained, you just can't board a plane), property taken is not used for public use (it's sold and the funds put back in the TSA budget, this one might be tricky). Its not any different that a cop stopping you for being "suspicious" because you are in the wrong area driving a out of state car. The cases of polce stopping someone for a search are well defined case law that shows they didn't violate the due process clause.
Muslim internment camps? You mean Gitmo? There are a few hundred enemy combatants and terrorists in a military prision there that were captured in battle or we have credible evidence they were terrorists. The fact 99% of the are Muslim has to do with geography not politics. You don't hear the info that if they are deemed NOT to be a threat of a serious nature they are actully released.
The US Constitution says no such thing. It prohits "illegal search and siezure" by specifing that judicially sanctioned search and arrest warrants must be supported by probable cause and be limited in scope according to specific information supplied by a person (usually a peace officer) who has sworn by it and is therefore accountable to the issuing court. Before you go off ranting about more scenarios do some research and get your facts straight. Start here : http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution and pay attention to the section on case law, the TSA is well inside the limits of the 4th Amendment as defined by the courts You gripe about the TSA at airports, in WWII they locked up Japanese Americans, in WWI and the Civil War they severely limited free speech, so this is really nothing. If you think it's unconstitutional then find yourself a good legal scholar, pay his fees and file yourself a lawsuit.
The SM-3 (I said SM-2 earlier and I was wrong, same missile just newer generation) is owned and operated by the US NAVY. Unless they are lauching the intercept from the Pacific Test Range/Kwajelin Atoll or Scofield Barracks, Hawaii there isn't an Army presence nearby.
As others have said this bird is coming down very, very soon either in a big chunk or lots of pieces. "blasting" stuff into a higher orbit that takes longer to decay technically could happen but the extra time to decay and re-enter would be on the order of a few minutes not days.
Missle is small enough that it will burn up on re-entry. It also has a self-destruct for range safety reasons. Only during time of war can the range safety self-destruct be turned off. Heck, even the Shuttle has a self-destruct, and all US space lauch vehicles as well.
Go look up Hydrazine (mono-methyl or di-methyl) and it's dangers. Tell ya what..heres the link to Wikipedia http://en.wikipedia.org/wiki/Monomethylhydrazine and OSHA http://www.osha.gov/dts/chemicalsampling/data/CH_255500.html
Think about how dangerous it is and how much of it is onboard (50kg or so). Then think about how much a good ambulance chaser aka "personal injury" lawyer could make off said dangers by suing Boeing, the Government and who knows else if someone's land was "contaminated" and there was an "injury". Then get back to me about if $60M is expensive.
FAS always raises hell over weapons tests of any kind. What else is new.
The SM-2 to be used is actually being MODIFIED with new software to try to do the intercept. It's not certain it'll work. So I guess that makes it a test.
The eclipse likely makes it easier to spot the "target".
But at least we aren't leaving a shitload of crap to fuck up usuable orbit space like the ChiComms did in their ASAT test. This bird is coming down NOW so why not test on it. It's cheap, if it works maybe we have a new use for an existing system w/o spending millions, we clean up our own mess by shooting it down, the debris will come down (with some risk as it's smaller pieces) and not clutter the crap out of orbital space, and we trash anything secret the enemy might try to capture (assuming it survived re-entry..but why risk it?). Sounds like a bargin "test" to me.
You'll see stock prices are random. Study after study proves it. It's not a mystery but there isn't a formula either.
You'll see that cutting tax rates leads to increased Gov't revenues by growing the economy. (Don't give me the crap about Reagan, he spent it and then some but it busted the Soviet Union..not a bad use of the money).
You'll see the greater than 50% of the Budget goes to Social Programs started in the New Deal and continued to this day. Remember the real cost of Social Security is not well known, it's an off-budget item. And these costs are growing. Medicare alone is predicted to outgrow the growth in GNP (and thus increases in taxes if rates remanin constant) by several hundred percent.
You'll see most people who are retired can't live on Social Security alone. So much for that program.
You'll see that black Americans still are very improverished, and we now have a class of citizens who have been on welfare for generations. Is that helping anyone?
You'll see that other than in 1996 when the Republicans kept their majorities in both the Senate and the House, marking the first time since the late 1920s that Republicans comprised a majority of the House for two consecutive sessions. Republicans held a majority in the U.S. Senate from 1981 through 1986 as well (Reagan 1st term), for one year in 2000 again in 2002 but not since. You can't blame long term problems on groups who haven't been in control of the process.
You'll see a failure to increase a program budget by the proposed X% is called a "cut". If your boss didn't give you that 10% raise did your salary go down?
It's just flat incorrect when you look at facts (scientific methods look at facts not opinions) to blame anyone but the liberal Democrats for the social spending problems we have. Democrats controlled Congress for 80% of the time, and they built the programs and they continued to fund them at increasing rates. Yes, the War in Iraq has taken money in recent years and made things worse but that's a blip of 6 yrs on the radar screen of close to 70 yrs of social spending.
This is the SAME scenario as I said with my employment records tape. Iron Mountain LOST IBM's data. There is not any way to know if unauthorized access occured but you have to assume it was.
IIRC, BB admitted it was likely the laptop was stolen which is unauthorized access right there. What if all of a sudden her bank account was zero because she was stupid enough to let Firefox store her ID and password? Is Best Buy no longer liable as they didn't perform the unathorized access yet their lack of security faciliated the act. If she gets in front of a jury she'll get her money.
I meant to say DHCP. There are DHCP servers that will request Authentication or only allow certain MAC addresses to get IP's.
No one has yet solved the issue of how you know the bank has just the right printer with just the right firmware version. Plus how do you know what IP address is a printer without special tools such as a sniffer. It's not a hack for the amatuer.
Also, don't you want to control that printer and it's agent from outside the bank? To do that you got to do a lot more things, like change firewall/router rules and routing tables, etc. which will require a login to the firewall. You may also have a DMZ you have to deal with. Once you are in it's not going to be easy to punch out.
The old janitor/maintenance man trick may work to get access if the bank employees are stupid but it'll only work once. There is also the assumption the Cat5 cables are running over the area of the restroom and that they carry internal traffic.
If you found a haphazardly Windows system that was configured by poor admins you might get it to work. It's probably easier to steal an employee acess ID and password, then you got it all at your fingertips.
Slashdot Mirror
The case you cited is completely different. If you understand how Credit Card Clearing works you would know that. The clearing agencies have a vested interest in the transaction volume and amount thus any fraud there could have pretty serious impact on thier financials. TJX just got hacked for the numbers there was no Sales data involved, that data is transferred to the General Ledger immediately. BTW, the case you cited was dismissed under SOX. It was appealed but seem like if they had won something would have been published about it on that page you refererenced.
SOX whistleblower does not apply in this instance, the issue had nothing to do with financial record keeping practices of a public company. MAYBE a creative lawyer could stretch and grasp that but it wouldn't stick in court.
If I'm a Manager at Company X why should I hire a "security expert" who was so dumb he couldn't make himself anonymous and who runs his mouth about company secrets on the Internet THINKING he is anonymous? This guys isn't even technically smart not to mention his common sense, ethics and judgement are questionable. So he's not someone I hire to run my Security.
It doesn't have to get as far as terrorists and nukes if the Credit Card companies would enforce the penalties for non-compliance to the PCI Standard. I know that the credit card processing agreement that my s.o. business has indicates that if your firm is "leaking" card numbers due to inadequate security they can penalize UP TO the removal of your firm priveleges to accept credit cards. Seeing as how many retail stores get 50%+ of their sales from Credit Cards or branded debit cards that would be a big hurt if they had thier acceptance revoked. Just to be clear I've never seen or heard of this credit card death penalty being applied as it would hurt Visa/MC/Amex too as they wouldn't be getting fees on each sale (which can be 3-5%). So penalizing TJX could cost Visa/MC/AMEX a large sum of money. IMHO a better way would be to keep increasing the cut the card companies get when a firm has sucky security until it's gets too expensive NOT to fix the problem.
Not to mention these mice are genetically predisposed to develop cancer. These strains in the lab are not nearly as diverse genetically as humans. If 90% of mice get something that does not mean 90% or even 9% of humans would get the same disease or problems. Scientists try to accomodate for the shorter mice lifetime by increasing the dose of the suspect cancinogen. I always thought that was not too a reasonable trade. Higher doses can cause different problems than a low dose over time. of course as someone said the press just sees the chance to slam science by reporting bad news or to sell more papers/magazines with sensational stories based very loosely on fact.
Say what? The losses for light propagating in fibers is about 0.2 dB/km for modern single-mode silica fibers. That's pretty darn efficient. And typically, the reflected power is about 4% of the incident power and a glass to air interface. Many lasers for (current) optical transmission are under 10 watts. If IBM has gotten the speed they got for 100watts that's impressive.
As for equipment, Optical switches use a couple Watts, optical routers aren't that bad, I can spec a system of about 2.5Tbps (Juniper T-series)that uses about 4500 watts for chassis, cards, control logic, hard drives, etc. By the way, the logic is all in ASIC, very little discrete ciruitry.
You are getting a discount for volume and a discount (CALS) for being 100% MS. Not everyone gets that deal.
I don't think it's 12K/user unless they have one user and have bought one of everything at retail price, but I think your figure is a bit low. You DO have to add in physical server costs, backup costs, electricity, racks and floor space as well to get TCO.
It's not just licensing, scalability kicks in too with large apps that use multiple servers. If it takes 12 servers to run the app with Win2K3 and SQL but only 8 with Lunix and a database such as MySQL then there is an instant savings of more than 33%.
So the same techs at 50K each take care of 750 desktops and users, the 20 Win@K3 servers and the SQL servers? Thats a tremendous amount of work for two people. That number of servers really needs a dedicated sysadmin perhaps two or three depending on the expertise level of the admin and if 24x7 on-site is required. I've seen UNIX and Linux shops where they had one admin for every 150+ servers. The UNIX/Linux servers just don't require a lot of work. I know one business associate who has an old Sun Ultra-2 server that he hasn't had to reboot in serveral years.
As someone who worked on several satellites I can attest you are dead on in your analysis. Fuel, Solar Panels and Payload (Transmitters, CPUS, etc) are going to be important. The more capability the satellites need the more power they need and the bigger the panels and fuel tanks and thus the overall size and weight go up and with that the costs.
The orbit is also key, you want them in a low orbit with the right inclination but not so low that atmospheric drag is significant. They also have to be line of sight to their n neighbors to communicate. So until the full netwotk is up you are going to have gaps. Also, when new technologies emerge how to you upgrade? Do you cripple the new birds to have a compatiability mode with the old ones in terms of data rate and communication bands?
The bus concept has been around 10-12 yrs from Hughes, the "network of satellites" has been around longer, think GPS and Iridium. Also the NASA TDRS system falls into this concept too.
All and ASAT has to do is take out two satellites such that there is a gap in the network that can't be bridged and the concept degrades to darn near useless. You also have to build Ground Stations to communicate and to manage the network. Take out the satellite that a critical ground station uses as an uplink and you've forced then to ship the data to another uplink point via terristrial means which negates the whole reason for the satellite network.
All things considered, this is a stupid R&D project. Seems somoene at DARPA read a re-hased proposal from the 1980's and decided it was something cool to throw money at.
At this point in time we don't even have a Manned Moon Mission in the planning horizon. It's Mars first right now. Of course the same launch vehicle can be used for both but we don't have a Lunar Lander (revive the old one and modernize?) nor do we have a way for astronauts to stay on the moon more than a week or so. Neither one of those is insurmountable but they are essential precursors to building a large structure manned or unmanned on the Moon.
OK, I gotcha on that one. Even before 9/11 they were screening you, just not as close. If there were constitutional issues I would have expected a plethora of lawsuits by now. Or maybe there are some pending?
I agree you can't substitute in some cases, but the Gov't doesn't have any business making it easier to get your upward mobility from networking, etc. Nor are they really preventing it. I see the TSA as the traveling public's version of the IRS. A Gov't Pain in the Ass that we just have to deal with because once in a while they do something good (i.e. IRS has helped bust some major criminals on tax fraud). I just hope they get better at what they do. I'd almost rather have a robot screener as they can only do what the program allows and they'll do it the same way everytime.
The founding princples of this country were personal liberty and the abolishment of unreasonable demands of Governments, specifically taxation w/o representation. But it has always been held by the Founding Fathers than the Government was to make rules for the "common good" and "National Defense" and would regulate "Interstate Commerce". To me the TSA screenings clearly fall into these areas. They also thought your liberty stops where it infringes on mine. That's why you can't scream "Fire" in a crowded theater, nor drive while drunk, or take certain drugs that have bad effects on society. Having someone blow up of hijack a plane certainly isn't in the best interest of the public.
Non sequitor..you can't even get to the gate without being run thru the metal detector so how could you try to board? I'm not sure where you got the idea they interrogate you if you are found with "contraband". I've seen people threatened with detainment when they got in a big argument with the TSA. But you have to remember TSAs are essentially Federal Law Enforcement Officers and as such they can detain you. When I'm not traveling I work from home, a high speed internet connection and a savvy employer is all I need. But in cases where face-to-face contact is essential you can't always drive, so you fly. But you can do a heck of a good living working without travel. I did it for a long time and others do too. And there are many professions that don't require travel to be competitive, say a Doctor or Lawyer. They often travel for educational purposes but they can take those same courses online. The Constitution does say what the LIMITS on our rights are and spells out the Essential liberties (i.e. Bill of Rights which equates to what Hamilton was writing about). The Declaration of Independance is closer to what you are saying. Don't know who you talk to but the only complaints I hear are the TSA is slow, inefficient and inconsistent. No one objects to the process as a whole. I for one with they were faster and the screeners were better. A lot of screeners just let shit pass if it doesn't exactly fit the contraband items the TSA told them to look for, and they others kick out way too much stuff for hand screening.
It IS illegal to possess the items taken in that circumstance. In a lot of places it's illegal to posess fireworks and if you get stopped they take them in the name of public safety, same with the TSA, the public travels on airplanes. This one has been up the stack to the Supreme Court and upheld. So there are not any grounds for an effective argument. 100% liberty without limits is pretty much the same as anarchy.
This is /. I don't have to RTFA!
However I did and to do the attacks you need PHYSICAL access which isn't trivial. If you got physical access then all bets are off on what you can do to a machine. Grabbing the keys this way (cold reboot) only helps you until they change the keys, if you have physical access then you would be better off planting a trojan to grab data for the longer term. If they can steal the chips or the data and take them back to a lab then they can run all the error correction and key crackers they mention but they can't crazk those in a few seconds. The article also states "At normal operating temperatures, we generally saw a low rate of bit corruption for several seconds, followed by a period of rapid decay. Newer memory technologies, which use higher circuit densities, appeared to decay more quickly than older ones". Can you USB boot in several seconds??? Here is what they said "We found
that the dimensions of the decay curves varied considerably between machines, with the fastest exhibiting complete data loss in approximately 2.5 seconds and the slowest taking an average of 35 seconds.....Can you USB boot and copy in several seconds?, they couldn't.."We succeeded in dumping 1 GB of RAM to a flash drive in approximately 4 minutes." So the results will vary, the DDR2 decays fastest and those chips are pretty common in desktops & laptops. There is also the bit about ECC memory, it's harder in some ways as it's commonly cleared immediately on bootup.
I agree the approach WILL work, it's just not a practical approach when you have physical access and can boot the machine.
I travel a LOT and oof you don't co-operate they just don't let you thru. I've even been busted for having items on the no-fly list, they just make you throw them away and you can go, or you can go without your bag. I've never seen anyone detained and escorted away. Sorry for the misunderstanding on Gitmo.
Yes, it's nonzero. But if it's in standby and they can crack your login/password thats easier than taking it apart. 95% of laptops stolen are stolen for the hardware not the data. But the other 5% could contain some seriously valuable info. The fix you mentioned sounds reasonable, however I'm not sure standby mode is something software can detect, I'm not sure about half the time XP even remembers!
That's the hard part, so any hack using this method almost has to be an inside job. How many hackers can actually walk into a location, take down the system, open it up and remove the memory DIMMS? In every data center I've worked at someone with that level of access is pretty well checked out, or if they are a vendor they are escorted and watched carefully. Pulling DIMMs out an puting them into liquid nitrogen is surely going to be noticed. It's not like you carry a Dewar in your pocket. Sure you can spoof the system once in a while but you got to be a damned good imposter. If it was your personal/corporate laptop/desktop and you had "Geek Squad" working on a problem you may have an issue. Also, consider the data in RAM is binary and could be anything from OS Code to App Code to data, you really have to know how the layout of how the chips store and access info as well as the structure of the information (what's code, whats data) and how to identify each type of information. Bit decay is also a problem, when you reach a certain time the bits start to decay, and you can't always tell with certainty it's a 1 or a zero. That decay time will vary by mfg, technology, speed of chips, etc. Once you have access to a machine deep enough to pull chips there are MUCH easier hacks, backdoors, trojans, malware, booting your "custom" OS off a thumb drive, burning files to a "backup CD", etc. are all much easier. It's RESEARCH not (yet) a reasonable way to hack the system.
No, the fifth amendment has no bearing. Here is the text: No person shall be held to answer for a capital, or otherwise infamous crime, unless on a presentment or indictment of a Grand Jury, except in cases arising in the land or naval forces, or in the Militia, when in actual service in time of War or public danger; nor shall any person be subject for the same offense to be twice put in jeopardy of life or limb; nor shall be compelled in any criminal case to be a witness against himself, nor be deprived of life, liberty, or property, without due process of law; nor shall private property be taken for public use without just compensation. TSA is not convicting and trying anyone so the first part doesn't hold. Generally travelers arent in the land, naval or Militia (i.e. National Guard) forces. Double jeopardy certainly doesn't apply, compelled to testify against self does not apply, you are NOT being deprived of life, liberty (i.e you are not arrested or even detained, you just can't board a plane), property taken is not used for public use (it's sold and the funds put back in the TSA budget, this one might be tricky). Its not any different that a cop stopping you for being "suspicious" because you are in the wrong area driving a out of state car. The cases of polce stopping someone for a search are well defined case law that shows they didn't violate the due process clause. Muslim internment camps? You mean Gitmo? There are a few hundred enemy combatants and terrorists in a military prision there that were captured in battle or we have credible evidence they were terrorists. The fact 99% of the are Muslim has to do with geography not politics. You don't hear the info that if they are deemed NOT to be a threat of a serious nature they are actully released.
The US Constitution says no such thing. It prohits "illegal search and siezure" by specifing that judicially sanctioned search and arrest warrants must be supported by probable cause and be limited in scope according to specific information supplied by a person (usually a peace officer) who has sworn by it and is therefore accountable to the issuing court. Before you go off ranting about more scenarios do some research and get your facts straight. Start here : http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution and pay attention to the section on case law, the TSA is well inside the limits of the 4th Amendment as defined by the courts You gripe about the TSA at airports, in WWII they locked up Japanese Americans, in WWI and the Civil War they severely limited free speech, so this is really nothing. If you think it's unconstitutional then find yourself a good legal scholar, pay his fees and file yourself a lawsuit.
The SM-3 (I said SM-2 earlier and I was wrong, same missile just newer generation) is owned and operated by the US NAVY. Unless they are lauching the intercept from the Pacific Test Range/Kwajelin Atoll or Scofield Barracks, Hawaii there isn't an Army presence nearby. As others have said this bird is coming down very, very soon either in a big chunk or lots of pieces. "blasting" stuff into a higher orbit that takes longer to decay technically could happen but the extra time to decay and re-enter would be on the order of a few minutes not days.
Missle is small enough that it will burn up on re-entry. It also has a self-destruct for range safety reasons. Only during time of war can the range safety self-destruct be turned off. Heck, even the Shuttle has a self-destruct, and all US space lauch vehicles as well.
Go look up Hydrazine (mono-methyl or di-methyl) and it's dangers. Tell ya what..heres the link to Wikipedia http://en.wikipedia.org/wiki/Monomethylhydrazine and OSHA http://www.osha.gov/dts/chemicalsampling/data/CH_255500.html Think about how dangerous it is and how much of it is onboard (50kg or so). Then think about how much a good ambulance chaser aka "personal injury" lawyer could make off said dangers by suing Boeing, the Government and who knows else if someone's land was "contaminated" and there was an "injury". Then get back to me about if $60M is expensive.
FAS always raises hell over weapons tests of any kind. What else is new.
The SM-2 to be used is actually being MODIFIED with new software to try to do the intercept. It's not certain it'll work. So I guess that makes it a test.
The eclipse likely makes it easier to spot the "target".
But at least we aren't leaving a shitload of crap to fuck up usuable orbit space like the ChiComms did in their ASAT test. This bird is coming down NOW so why not test on it. It's cheap, if it works maybe we have a new use for an existing system w/o spending millions, we clean up our own mess by shooting it down, the debris will come down (with some risk as it's smaller pieces) and not clutter the crap out of orbital space, and we trash anything secret the enemy might try to capture (assuming it survived re-entry..but why risk it?). Sounds like a bargin "test" to me.
Ok, approach it scientifically and
You'll see stock prices are random. Study after study proves it. It's not a mystery but there isn't a formula either.
You'll see that cutting tax rates leads to increased Gov't revenues by growing the economy. (Don't give me the crap about Reagan, he spent it and then some but it busted the Soviet Union..not a bad use of the money).
You'll see the greater than 50% of the Budget goes to Social Programs started in the New Deal and continued to this day. Remember the real cost of Social Security is not well known, it's an off-budget item. And these costs are growing. Medicare alone is predicted to outgrow the growth in GNP (and thus increases in taxes if rates remanin constant) by several hundred percent.
You'll see most people who are retired can't live on Social Security alone. So much for that program.
You'll see that black Americans still are very improverished, and we now have a class of citizens who have been on welfare for generations. Is that helping anyone?
You'll see that other than in 1996 when the Republicans kept their majorities in both the Senate and the House, marking the first time since the late 1920s that Republicans comprised a majority of the House for two consecutive sessions. Republicans held a majority in the U.S. Senate from 1981 through 1986 as well (Reagan 1st term), for one year in 2000 again in 2002 but not since. You can't blame long term problems on groups who haven't been in control of the process.
You'll see a failure to increase a program budget by the proposed X% is called a "cut". If your boss didn't give you that 10% raise did your salary go down?
It's just flat incorrect when you look at facts (scientific methods look at facts not opinions) to blame anyone but the liberal Democrats for the social spending problems we have. Democrats controlled Congress for 80% of the time, and they built the programs and they continued to fund them at increasing rates. Yes, the War in Iraq has taken money in recent years and made things worse but that's a blip of 6 yrs on the radar screen of close to 70 yrs of social spending.
This is the SAME scenario as I said with my employment records tape. Iron Mountain LOST IBM's data. There is not any way to know if unauthorized access occured but you have to assume it was. IIRC, BB admitted it was likely the laptop was stolen which is unauthorized access right there. What if all of a sudden her bank account was zero because she was stupid enough to let Firefox store her ID and password? Is Best Buy no longer liable as they didn't perform the unathorized access yet their lack of security faciliated the act. If she gets in front of a jury she'll get her money.
I meant to say DHCP. There are DHCP servers that will request Authentication or only allow certain MAC addresses to get IP's. No one has yet solved the issue of how you know the bank has just the right printer with just the right firmware version. Plus how do you know what IP address is a printer without special tools such as a sniffer. It's not a hack for the amatuer. Also, don't you want to control that printer and it's agent from outside the bank? To do that you got to do a lot more things, like change firewall/router rules and routing tables, etc. which will require a login to the firewall. You may also have a DMZ you have to deal with. Once you are in it's not going to be easy to punch out. The old janitor/maintenance man trick may work to get access if the bank employees are stupid but it'll only work once. There is also the assumption the Cat5 cables are running over the area of the restroom and that they carry internal traffic. If you found a haphazardly Windows system that was configured by poor admins you might get it to work. It's probably easier to steal an employee acess ID and password, then you got it all at your fingertips.