The "internet" can't be regulated, but, if physically located inside US jurisdiction, the registrants and admins can be thrown in jail and the servers can be unplugged.
Simple cure: offshore registration, offshore hosting. Maybe few bucks more expensive, but in most locations still very affordable.
I always laboured under the impression that physics was a mere subset of mathematics.
Mathematics is the servant of physics.
Mathematicians are like tailors. They make a lot of clothes; various sizes, various shapes, various number of sleeves and legs. Physicists then come to the warehouse where these things are stored, and search for the proper clothes that will fit their experimental creatures.
In the Mark 15 Mod 0, the third stage is the bomb's casing, which is made of highly-enriched uranium, almost pure U-235.
If I remember correctly, the third phase is not enriched U235, but either natural or depleted uranium, the 238 isotope.
U-238 *is* fissile. But the neutron has to have high energy. A slow neutron just gets absorbed and unstable U-239 nucleus is formed, the kinetic energy of the neutron not being enough to destabilize the nucleus. A fast neutron (with energy higher than if-I-remember-correctly 1.8 MeV) packs enough punch to kick the resulting nucleus over the potential barrier, so it splits and releases energy. So we need to have fast neutrons for U238 fission. These are produced by the fusion stage. So there is no need to use dangerous and expensive enriched uranium for the bomb casing.
I know that the moral thing to do here is to resist and fight the good fight; but the other half of me that just wants to use
my computer and not be bothered by any of this sh*t feels secure that my future interests are in good hands no matter what
happens.
And if you crack it outside the USA in a country where it isn't even illegal to do so, you'll get masked US troops breaking into your house just like what happened in Norway to a teenager who cracked DVD encryption.
(Technically, the masked thugs weren't US troops. They acted on the US megacorp behalf, though.)
Publish anonymously or pseudonymously. There are ways to avoid being tracked down, some involving cybercafes, some (the more reliable) involving wardriving, some (the more expensive) using throwaway cellphones.
As added advantage, if the thing is legal in the country where published, the probability the resources will be spent on tracking down the one who did it is quite low. Another possibility is to cooperate with somebody in Far East; China will do.
A good hint for rapid dissemination is using mailinglists. While it's easy to take down a website, a mail sent to a list is usually on the way to all the listmembers in few minutes. Once a couple hundred tech-minded or freedom-minded people have their hands on the code (or specs), it's fairly impossible to restrict its proliferation; see DeCSS or the anonymous posting of RC4 specs.
can't you just cover them over with something or disable them in the BIOS?
When you disable things on hardware level, you can be reasonably sure they won't work anymore. When you just switch them off, there's still chance of getting them working again by banging the hardware directly via direct I/O and mapped memory access. Not too much of threat here, though. Modifying things on hardware level is fairly bulletproof from the software side, when well-done.
When I see a guy with a soldering iron and a motherboard I become the personification of the "Are you sure?" dialogue box.
Been there. There are fuses on the mobos, on the +5V lines to the ports; they often look like yellow or green resistors. (If they aren't there, then the traces on the boards play their role instead.) Messing with powered-on hardware (especially keyboards, PS/2 mice, and USB ports) often blows them. Replacement is simple; if it's a fuse, either change it or solder a Polyswitch fuse (better than a regular one, these ones will revert to conductive state few seconds after the circuit is interrupted) parallel to it, if it's a blown trace, repair it with a wire with an optional fuse (and if you omit the fuse, make sure the power supply stops working when shorted instead of going up in smoke). I also got a board with couple bad capacitors (from the batch of the Taiwanese ones that had bad electrolyte formula) that was unstable. Replacing them with elyts from other board that died for a different reason cured it. Addition of a TV card and a discarded 14" monitor turned it to a nice TV and a DivX player nearly for free.
Otherwise, at least until the Palladium-grade chipsets start appearing, direct motherboard mods aren't too useful. It's usually better to design it as a PCI card (or USB device, if the operating speed isn't critical) instead.
Kerry has ties with ketchup industry. Bush has ties with oil industry. Was there ever a war motivated by access to strategically located tomato plaintains?
This presumes the passive wiretap scenario. MITM is different - Alice talks with Eve and thinks she's Bob. Bob talks with Eve and thinks she's Alice. Eve sits like a transparent proxy between them and has fun. It screws up the timing, but if Eve attacks the transaction on higher network layer, the timing of individual photons doesn't matter as both the Alice-Eve and Bob-Eve connections are standard-compliant. Which works not only for quantum crypto, but for more mundane things like SSH and SSL and anything that uses a key exchange protocol without authentication. (Moral: Beware of MITM.)
You can spit into Eve's coffee if you're using authentication. If Eve doesn't have something that's Bob's when Alice asks for it (eg. a private half of a RSA key, or in symmetrical scenario some shared secret), Alice becomes suspicious. So either Eve does full-transparency without touching the data, and then MITM degrades to passive wiretap, or she reveals herself. (Moral: check the certificate fingerprints.)
She can also modify the early phase of the protocol handshake, often unencrypted, and degrade security on purpose; eg. she can modify the server response that it allows only export-grade ciphers, or SSLv2 (which has a protocol-level bug), and then break the intercepted comm in her leisure. (Moral: disable support for easily breakable protocols, to prevent this style of attack.)
Uh, why should I worry about whether or not one of the preferentially treated subjects" leaks the information? That is as likely to be helpful to me as not.
That depends on what side you are. If you are the one who pays, or the one to whom the info leaked to, regardless of the color of your hat, you have an advantage against the ones who aren't.
Which puts to disadvantage all the ones who aren't members of (or friendly with) big corporations or e-crime rings. For a small admin of a small network it means just that the adversaries have more time to write worms and that the time between a vulnerability getting known and a vulnerability getting exploited shrunk again, at least for the ones who didn't play the advance-info racket (who will pay for it once more, indirectly, in the form of bandwidth wasted by worms from even more machines patched too lately).
Luckily, as some other posts suggest, the advance information is in this case next to worthless anyway.
Imagine being in a meeting and having real-time subtitles.
That would be a big advantage even if you hear well, just have trouble keeping concentration for prolonged time. If you let your thoughts wander off for a moment, you just read the last couple lines of the log.
For teleconferences, this would also make it easy to participate in more conferences at once. Like having open several IRC windows.
With an automatic translating system, it would help even with multi-language meetings (and, given the inherent features of machine translation, lead to many funny situations - maybe the translators should be aware of ambiguities and show all the possible meanings).
You are forgetting about leaks. How can you ensure that nobody from the "preferentially treated" subjects won't leak the info? Besides, if you'd run a spammer gang or a mafia branch specialized on ebanking-exploiting worms, won't it be worth the couple bucks to buy the vulnerability announcements?
Microsoft apparently isn't content with creating security holes with code bugs only. They have to make things even worse by buggy approach to disclosure.
How long it will take until "isotope ratio kits" appear on the market?
Look up the ratio of various isotopes in your region. Make an estimation of the volume of local water you ingest. Add measured amount of isotope mixture to every your morning coffee, shifting the average ratio to the value of the region you want to appear to be from.
What will be the next round of this game?
We can look forward to interesting new technological games once cheap mass-produced mass spectrometers appear on the market.
Could I be nosy and wonder what one, please, and why did you select this kind? Microchip PICs are my favorite toys? Are you worried about the effects of radiation on the controller (CMOS structures tend to trap charge carriers in the insulator between the junction and the gate, so they are everything but rad-hard)? If yes, what measures you do to mitigate it? Do you have redundant scheme with more controllers, guarding each other, or just a watchdog and a prayer? Do tell, please:)
That would have to be a helluva lot of sand. A small cube won't do, the space is too big.
However, if you want to take out a single known satellite on a low orbit, like most of the IMINT and SIGINT ones are, it should do the job. I read somewhere about the possibility of third-world countries rigging up anti-satellite weapons from bigger ballistic missiles, using them to bring a payload of sand and pebbles into the satellite's orbit. Cheaper than a MIRACL-class laser, more mobile, the staff has already experience with the vehicles, and could be quite effective.
Just look to the low quality of commercial software for a proof.
That was there even before the Outsourcing Mania; it just wasn't that bad because the systems were less complex. Good old times when you could've got a complete schematics with your computer...
It should be possible to get a computer with suitably fat uplink in an area with coverage, then stream the data to Maui. I did something similar within a city, when I wanted to listen to a radio from an office without a receiver, and had a computer at home with a FM card. No reason why the same approach shouldn't work over longer distances, at least with suitable stream buffering.
...you either get the lossy output that will produce artifacts when re-compressed,...
What about applying some DSP technique on the decompressed signal in order to pre-compensate the recompression losses?
The changes of characteristics imposed on the signal by the compression-decompression of XM broadcast/receive chain are known, or at least can be measured. The characteristics of MP3 compression are known as well. Some parts of the signal will get lost. There are three ways to cope:
1) Suck it up and consider it good enough. Or use high-enough bitrate to make the losses not matter; the XM quality itself isn't exactly CD, so 256k MP3 or Ogg variable bitrate stream should be more than enough.
2) Preprocess the analog signal from XM, adding/removing some input-dependent frequencies for the MP3 algorithm to throw away without showing recompression artefacts. Don't ask me how, this is a question for DSP people.
3) Tweak the MP3 compression algorithm to use different model for throwing out information deemed unimportant, to compensate for the compression artefacts of the XM step. Again, question for DSP people.
Users declare that GMailFS's already slow performace cannot possibly get any slower, and then it does. Users abaondon GMailFS and buy a hard disk.
GmailFS is inherently limited, in comparison with a hard disk - which will limit its use to niche roles.
But there are usage scenarios favoring this kind of filesystems. Quasi-anonymous remote file storage is an useful thing, especially as it allows access by multiple people from multiple locations, and especially if encryption layer is added to maintain security. The speed penalty will discourage widespread application, but GmailFS (and similar projects that will inevitably follow) still remains a very good tool to have on one's belt for special cases.
But I suspect the number of kernel changes between say 1.0 and 2.0 was significant, and I'm sure there continue to be many changes (ratio of enhancements to bug fixes I don't know) between each dot release.
LOTS of feature enhancements. Lots of minor bugfixes and cleanups. Fewer major bugfixes. Occassional patch for a bug allowing local privilege escalation.
And this doesn't even touch upon what changes to the open-source kernel
that Red Hat, et alia make before pressing it to CD. I read in one of the posts here, that the update download for the most
recent version of Red Hat was over 150MB (and that's just due to point releases in the kernel and whatever apps they ship
along). The entire update for Windows XP, incorporating all bug fixes known-to-date, was about 75MB (for typical desktop
user).
Very true. However, compare the number of applications shipped with the "Windows XP" distro with the ones available on Red Hat.
Slashdot Mirror
Simple cure: offshore registration, offshore hosting. Maybe few bucks more expensive, but in most locations still very affordable.
Mathematics is the servant of physics.
Mathematicians are like tailors. They make a lot of clothes; various sizes, various shapes, various number of sleeves and legs. Physicists then come to the warehouse where these things are stored, and search for the proper clothes that will fit their experimental creatures.
If I remember correctly, the third phase is not enriched U235, but either natural or depleted uranium, the 238 isotope.
U-238 *is* fissile. But the neutron has to have high energy. A slow neutron just gets absorbed and unstable U-239 nucleus is formed, the kinetic energy of the neutron not being enough to destabilize the nucleus. A fast neutron (with energy higher than if-I-remember-correctly 1.8 MeV) packs enough punch to kick the resulting nucleus over the potential barrier, so it splits and releases energy. So we need to have fast neutrons for U238 fission. These are produced by the fusion stage. So there is no need to use dangerous and expensive enriched uranium for the bomb casing.
So maybe it won't be *that* bad...
Easy to have it both ways. Have two computers. :)
(Technically, the masked thugs weren't US troops. They acted on the US megacorp behalf, though.)
Publish anonymously or pseudonymously. There are ways to avoid being tracked down, some involving cybercafes, some (the more reliable) involving wardriving, some (the more expensive) using throwaway cellphones.
As added advantage, if the thing is legal in the country where published, the probability the resources will be spent on tracking down the one who did it is quite low. Another possibility is to cooperate with somebody in Far East; China will do.
A good hint for rapid dissemination is using mailinglists. While it's easy to take down a website, a mail sent to a list is usually on the way to all the listmembers in few minutes. Once a couple hundred tech-minded or freedom-minded people have their hands on the code (or specs), it's fairly impossible to restrict its proliferation; see DeCSS or the anonymous posting of RC4 specs.
When you disable things on hardware level, you can be reasonably sure they won't work anymore. When you just switch them off, there's still chance of getting them working again by banging the hardware directly via direct I/O and mapped memory access. Not too much of threat here, though. Modifying things on hardware level is fairly bulletproof from the software side, when well-done.
When I see a guy with a soldering iron and a motherboard I become the personification of the "Are you sure?" dialogue box.
Been there. There are fuses on the mobos, on the +5V lines to the ports; they often look like yellow or green resistors. (If they aren't there, then the traces on the boards play their role instead.) Messing with powered-on hardware (especially keyboards, PS/2 mice, and USB ports) often blows them. Replacement is simple; if it's a fuse, either change it or solder a Polyswitch fuse (better than a regular one, these ones will revert to conductive state few seconds after the circuit is interrupted) parallel to it, if it's a blown trace, repair it with a wire with an optional fuse (and if you omit the fuse, make sure the power supply stops working when shorted instead of going up in smoke). I also got a board with couple bad capacitors (from the batch of the Taiwanese ones that had bad electrolyte formula) that was unstable. Replacing them with elyts from other board that died for a different reason cured it. Addition of a TV card and a discarded 14" monitor turned it to a nice TV and a DivX player nearly for free.
Otherwise, at least until the Palladium-grade chipsets start appearing, direct motherboard mods aren't too useful. It's usually better to design it as a PCI card (or USB device, if the operating speed isn't critical) instead.
Kerry has ties with ketchup industry. Bush has ties with oil industry. Was there ever a war motivated by access to strategically located tomato plaintains?
The pressure. A bit of pressure does wonders for project progress.
You can spit into Eve's coffee if you're using authentication. If Eve doesn't have something that's Bob's when Alice asks for it (eg. a private half of a RSA key, or in symmetrical scenario some shared secret), Alice becomes suspicious. So either Eve does full-transparency without touching the data, and then MITM degrades to passive wiretap, or she reveals herself. (Moral: check the certificate fingerprints.)
She can also modify the early phase of the protocol handshake, often unencrypted, and degrade security on purpose; eg. she can modify the server response that it allows only export-grade ciphers, or SSLv2 (which has a protocol-level bug), and then break the intercepted comm in her leisure. (Moral: disable support for easily breakable protocols, to prevent this style of attack.)
The biggest vulnerabilities are usually located between the chairs and the keyboards.
That depends on what side you are. If you are the one who pays, or the one to whom the info leaked to, regardless of the color of your hat, you have an advantage against the ones who aren't.
Which puts to disadvantage all the ones who aren't members of (or friendly with) big corporations or e-crime rings. For a small admin of a small network it means just that the adversaries have more time to write worms and that the time between a vulnerability getting known and a vulnerability getting exploited shrunk again, at least for the ones who didn't play the advance-info racket (who will pay for it once more, indirectly, in the form of bandwidth wasted by worms from even more machines patched too lately).
Luckily, as some other posts suggest, the advance information is in this case next to worthless anyway.
That would be a big advantage even if you hear well, just have trouble keeping concentration for prolonged time. If you let your thoughts wander off for a moment, you just read the last couple lines of the log.
For teleconferences, this would also make it easy to participate in more conferences at once. Like having open several IRC windows.
With an automatic translating system, it would help even with multi-language meetings (and, given the inherent features of machine translation, lead to many funny situations - maybe the translators should be aware of ambiguities and show all the possible meanings).
Microsoft apparently isn't content with creating security holes with code bugs only. They have to make things even worse by buggy approach to disclosure.
You won't have the speed, but if your uplink is the bottleneck anyway, it's not necessarily a show-stopper.
Look up the ratio of various isotopes in your region. Make an estimation of the volume of local water you ingest. Add measured amount of isotope mixture to every your morning coffee, shifting the average ratio to the value of the region you want to appear to be from.
What will be the next round of this game?
We can look forward to interesting new technological games once cheap mass-produced mass spectrometers appear on the market.
Could I be nosy and wonder what one, please, and why did you select this kind? Microchip PICs are my favorite toys? Are you worried about the effects of radiation on the controller (CMOS structures tend to trap charge carriers in the insulator between the junction and the gate, so they are everything but rad-hard)? If yes, what measures you do to mitigate it? Do you have redundant scheme with more controllers, guarding each other, or just a watchdog and a prayer? Do tell, please :)
However, if you want to take out a single known satellite on a low orbit, like most of the IMINT and SIGINT ones are, it should do the job. I read somewhere about the possibility of third-world countries rigging up anti-satellite weapons from bigger ballistic missiles, using them to bring a payload of sand and pebbles into the satellite's orbit. Cheaper than a MIRACL-class laser, more mobile, the staff has already experience with the vehicles, and could be quite effective.
51% share in Diebold. Who controls the vote count, controls the election results, as Batyushka Stalin used to say.
Imagine all you can do with a puppet president in place!
That was there even before the Outsourcing Mania; it just wasn't that bad because the systems were less complex. Good old times when you could've got a complete schematics with your computer...
Hack the phone, fake the ESN. It's technically illegal, but if you won't cause any harm, it's unlikely anybody will find about it.
<paranoia>Is it possible the police department is cashing a commission for every arrest from the defense lawyers?</paranoia>
It should be possible to get a computer with suitably fat uplink in an area with coverage, then stream the data to Maui. I did something similar within a city, when I wanted to listen to a radio from an office without a receiver, and had a computer at home with a FM card. No reason why the same approach shouldn't work over longer distances, at least with suitable stream buffering.
What about applying some DSP technique on the decompressed signal in order to pre-compensate the recompression losses?
The changes of characteristics imposed on the signal by the compression-decompression of XM broadcast/receive chain are known, or at least can be measured. The characteristics of MP3 compression are known as well. Some parts of the signal will get lost. There are three ways to cope:
1) Suck it up and consider it good enough. Or use high-enough bitrate to make the losses not matter; the XM quality itself isn't exactly CD, so 256k MP3 or Ogg variable bitrate stream should be more than enough.
2) Preprocess the analog signal from XM, adding/removing some input-dependent frequencies for the MP3 algorithm to throw away without showing recompression artefacts. Don't ask me how, this is a question for DSP people.
3) Tweak the MP3 compression algorithm to use different model for throwing out information deemed unimportant, to compensate for the compression artefacts of the XM step. Again, question for DSP people.
GmailFS is inherently limited, in comparison with a hard disk - which will limit its use to niche roles.
But there are usage scenarios favoring this kind of filesystems. Quasi-anonymous remote file storage is an useful thing, especially as it allows access by multiple people from multiple locations, and especially if encryption layer is added to maintain security. The speed penalty will discourage widespread application, but GmailFS (and similar projects that will inevitably follow) still remains a very good tool to have on one's belt for special cases.
LOTS of feature enhancements. Lots of minor bugfixes and cleanups. Fewer major bugfixes. Occassional patch for a bug allowing local privilege escalation.
And this doesn't even touch upon what changes to the open-source kernel that Red Hat, et alia make before pressing it to CD. I read in one of the posts here, that the update download for the most recent version of Red Hat was over 150MB (and that's just due to point releases in the kernel and whatever apps they ship along). The entire update for Windows XP, incorporating all bug fixes known-to-date, was about 75MB (for typical desktop user).
Very true. However, compare the number of applications shipped with the "Windows XP" distro with the ones available on Red Hat.