your name, address, phone, password, birthday, answers to security questions, and who knows what else
But all that stuff is more or less public these days. Except for 'password' and some security questions.
At my job, I do worry about internet-facing systems. I think it's really hard to overstate the type of infrastructure damage that could be caused by a 50-million unit high-performance botnet.
I'd written a blog post speculating about a worst-case scenario involving attackers using the leaked firmware signing keys to push a malicious firmware update from Sony's compromised backend servers.
Personally, I've disconnected my PS3 from the network until the all-clear sounds from Sony.
Reportedly they have many other reactors of this design in operation. Surely they have spare parts sitting around, or parts that they could borrow quickly.
Or maybe it's just not practical to perform repairs on a reactor while radioactive fires and explosions are going off all around you.
You've got two groups of trolls trying to figure out who's attempting to troll whom, and if said trolling is a threat to their own trolling efforts. Why exactly this is considered news is beyond me.
I think it's delightfully surreal. A postmodern civil war in cyberspace. Now being disclaimed by one side!
These groups were simply made for each other, for our entertainment. Certainly a better use of packets than streaming sitcom television anyway.
When Wow gets hacked and your virtual gold is stolen, they pay people to help you put it all back the way it was because they value your business as a customer.
Moxie has a way better track record than the Haystack folks.
Plus, he's in the "extra search club" at airports supposedly for having been in Jacob Appelbaum's address book. That means he either has something good, or the feds are incompetent idiots.
Oh wait.
Or maybe that's exactly what they want us to think. Or all of the above.
But maybe low orbit isn't really more bigger than the pacific ocean than the proposed nets are to pool skimmers.
Let me try again:-)
Low orbit is big, but so is the pacific ocean. And these nets are big too, much bigger than pool skimmers. Plus, they could hang out for a long time with little or no human intervention.
And probably someone has, in fact, used a pool skimmer to clean something out of the Pacific Ocean in a useful way.
So if Assange is awarded the prize, then extradited to the US and executed for espionage or some such, would it be the first time one Nobel Peace Prize winner is executed by another?
it was given to barack obama, because instead of emphasizing divisions and accumulated (rightful) anger, he chose to express a road of peace, union and collaboration in between races, and managed to successfully bring black and white together during his election campaign
As far as I could tell, he conducted a very ordinary campaign for a Democratic presidential candidate with the exception of himself being a black dude. This is not particularly noteworthy, and in my opinion, that speaks the loudest.
You make it sound as if US politics is being conducted in the deep South in 1965 or something with race riots and the like dominating the political process. That's absurd. It's not like that and the proof is in the fact that the majority of Americans voted for him and race wasn't really an issue.
Give the Nobel Prize to the American people for that. Obama was mostly in the right place at the right time.
Senator Joe Lieberman and other bill sponsors have refuted the charges that the Protecting Cyberspace as a National Asset Act gives the president an Internet "kill switch." Instead, the bill puts limits on the powers the president already has to cause "the closing of any facility or stations for wire communication" in a time of war, as described in the Communications Act of 1934, they said in a breakdown of the bill published on the Senate Homeland Security and Governmental Affairs Committee website.
There are other references to this in the press, but as you said, I don't believe in links. Or maybe they aren't links I can believe in. Or maybe one of us just isn't believing hard enough.
Haha, they'd better be sure to phone and email their reserves and tell them to show up for that mission _before_ they take out the ISPs. They'd also better order some extra food ahead of time because those distribution channels are going down too.
There's probably nothing that could hamper a US mobilization more at this point than doing what Egypt is doing.
No, only one party needs a certificate (call them party S for server). The other party (C for client) picks a random symmetric key and encrypts it to the public key of S. S decrypts it and the two ends can exchange data.
This is a (greatly oversimplified) overview of how SSL usually works, without client certificates. The CA is necessary because the client doesn't know the server's cert in advance. It does have the limitation that S cannot prove the absence of a man-in-the-middle, but C can. In practice, S relies on C to do a good job of this. If C trusts a corrupt CA, then all bets are off.
SSL was originally designed to make people feel comfortable typing their credit card numbers into web forms on the internet. So it didn't originally provide any way for the server to prove the security of the connection (hey as long as the card goes through, right?)
Apparently Mozilla doesn't accept Tunisia as a trusted CA at this time. I blogged about this issue regarding CNNIC.
Sadly, https://www.facebook.com/ [facebook.com] does work, but you have to force it... and continue to force it because each request sent over https generates a response as http.
Which is basically another way of saying "it doesn't work", no?
Slashdot Mirror
Except there are something like 50 million. Never mind the mass recall, imagine them all DDoSing some critical sector of the economy.
Oh well that's just great. Being a vegetarian, I won't benefit from the impending surfeit of goat bacon.
But all that stuff is more or less public these days. Except for 'password' and some security questions.
At my job, I do worry about internet-facing systems. I think it's really hard to overstate the type of infrastructure damage that could be caused by a 50-million unit high-performance botnet.
I'd written a blog post speculating about a worst-case scenario involving attackers using the leaked firmware signing keys to push a malicious firmware update from Sony's compromised backend servers. Personally, I've disconnected my PS3 from the network until the all-clear sounds from Sony.
Reportedly they have many other reactors of this design in operation. Surely they have spare parts sitting around, or parts that they could borrow quickly. Or maybe it's just not practical to perform repairs on a reactor while radioactive fires and explosions are going off all around you.
I know, really. Sometimes I wonder about this guy.
I think it's delightfully surreal. A postmodern civil war in cyberspace. Now being disclaimed by one side!
These groups were simply made for each other, for our entertainment. Certainly a better use of packets than streaming sitcom television anyway.
When Wow gets hacked and your virtual gold is stolen, they pay people to help you put it all back the way it was because they value your business as a customer.
Moxie has a way better track record than the Haystack folks.
Plus, he's in the "extra search club" at airports supposedly for having been in Jacob Appelbaum's address book. That means he either has something good, or the feds are incompetent idiots.
Oh wait.
Or maybe that's exactly what they want us to think. Or all of the above.
Actually, wrenches.
http://en.wikipedia.org/wiki/Space_debris
http://en.wikipedia.org/wiki/File:Bye_tool_bag.jpg
Or alternatively...
Hey, Kleetus. Wanna have some fun?
Yeah, I would be one of those people.
But maybe low orbit isn't really more bigger than the pacific ocean than the proposed nets are to pool skimmers.
Let me try again :-)
Low orbit is big, but so is the pacific ocean. And these nets are big too, much bigger than pool skimmers. Plus, they could hang out for a long time with little or no human intervention.
And probably someone has, in fact, used a pool skimmer to clean something out of the Pacific Ocean in a useful way.
So it sounds like it could be a useful plan.
This comment is not an app
So if Assange is awarded the prize, then extradited to the US and executed for espionage or some such, would it be the first time one Nobel Peace Prize winner is executed by another?
As far as I could tell, he conducted a very ordinary campaign for a Democratic presidential candidate with the exception of himself being a black dude. This is not particularly noteworthy, and in my opinion, that speaks the loudest.
You make it sound as if US politics is being conducted in the deep South in 1965 or something with race riots and the like dominating the political process. That's absurd. It's not like that and the proof is in the fact that the majority of Americans voted for him and race wasn't really an issue.
Give the Nobel Prize to the American people for that. Obama was mostly in the right place at the right time.
I remember seeing an article where an official in the executive branch was basically asserting the same thing.
Sigh. I may not believe in links, but I guess you don't believe in search engines. But since you asked so nicely here's a quote from the second search hit:
There are other references to this in the press, but as you said, I don't believe in links. Or maybe they aren't links I can believe in. Or maybe one of us just isn't believing hard enough.
That's because Obama claims he already has one in the form of some communications base-station takeover provision in a pre-WWII law.
There's probably nothing that could hamper a US mobilization more at this point than doing what Egypt is doing.
Probably your parents thought you didn't care about America too.
That sounds kind of unusable to me. I'm not on FB so I don't know. Perhaps someone can answer:
Is the FB interface usable in a practical sense over https, or not?
No, only one party needs a certificate (call them party S for server). The other party (C for client) picks a random symmetric key and encrypts it to the public key of S. S decrypts it and the two ends can exchange data.
This is a (greatly oversimplified) overview of how SSL usually works, without client certificates. The CA is necessary because the client doesn't know the server's cert in advance. It does have the limitation that S cannot prove the absence of a man-in-the-middle, but C can. In practice, S relies on C to do a good job of this. If C trusts a corrupt CA, then all bets are off.
SSL was originally designed to make people feel comfortable typing their credit card numbers into web forms on the internet. So it didn't originally provide any way for the server to prove the security of the connection (hey as long as the card goes through, right?)
Apparently Mozilla doesn't accept Tunisia as a trusted CA at this time. I blogged about this issue regarding CNNIC.
Which is basically another way of saying "it doesn't work", no?
But you don't actually know that when the page is downloaded via plain http. It can be trivially modified in transit, as the attackers did here.