Maybe the Chinese government didn't get access to the W8 source code (unlike with XP), or maybe they got some access, but where unable to produce out of those sources a 1:1 identical binary to the released W8 version.
With all the NSA spying going on worldwide, it's prudent for the chinese administration to steer clear of Windows 8 at the moment.
Although I've never been incarcerated and it's highly unlikely that I ever will be, I don't think a criminal record should be a permanent millstone around anyone's neck. If you've done your time and are no longer a threat to anyone or anything, it should need a court order to turn up criminal records. Time done, move on. Anything else is vengeance, not justice.
That's an example of cultural differences between the US and Europe.
The question is: how do you reconcile both opposing views? By respecting each one on the other side of the divide, i.e. by having US outfits respect Europe's privacy laws w.r.t. EU citizens, and having European outfits respect US's right to public information w.r.t. US citizens? Now the question becomes: how do you determine whose citizen someone is?
"Google is welcome to shut down its various European subsidiaries (including the ones in Ireland and the Netherlands that they use to shelter income)."
Indeed. What's the point of having some subsidiaries in the EU, and have to put up with silly EU regulations that are incompatible to US regulations? Everyone, including EU citizens, can access Google services even if Google are only in the US; and every advertiser from the EU can advertise with Google USA directly. So what's the point in forming subsidiaries abroad at all?
Just because there's some pressure from the outside to do immoral things, doesn't mean they had to cave in. Evil previls because good keeps silent. Sorry Mozilla, but that was a REALLY bad decision.
Every so called "safer" language (than C) is also less efficient. For OpenSSL, we need maximum efficiency/speed in big data scenarios, and in cases where hardware acceleration is asked for. Playing with Go, Java & Co. is a no-go here. Plus, C can be just as safe, when used properly and when code is properly audited and screened. The problem with Heartbleed was that auditing took way too long to materialize and to catch up. A bug in a, say, Go version of OpenSSL would have probably taken just as long to get discovered, if auditing happens so seldom.
Only problem is that the American people are the targets of both punches!
Non-American people all around the world are even a lot more targets of the NSA punch, because they don't even benefit from FISA laws that protect, at least partially, Americans...
The USA will be attacked again and again, and the NSA will continue to sit on its hands doing nothing.
They may have plenty of leads, but if they lead to US persons, they are by law prohibited from even reporting them to the FBI. Blame the NSA for a lot of the current Orwellian dystopia, but not for following the law, at least once.
You're assuming that all terrorists do have half a brain. Considering the kind of terrorists that blow themselves up instead of using remote controls, one can doubt that they even have half a brain. Of course, I'm NOT implying that mass surveillance would be justified, just because we're in a fight against half- or full morons, I'm just saying that there's still a slim chance to catch the less intelligent among the terrorists. Do we want this slim chance at the price of giving up freedom and privacy altogether? That's the real question.
As long as he gets contradicting opinions from his advisers on every single issue, what's the harm? It's Obama's job to finally decide what to do. Coming to an informed decision means looking at an issue from all possible angles. If this Morell guy plays advocatus diaboli, so be it.
So, I'm looking for a PC capable of running ZFS/FreeBSD on at least 8, if not more spindles. The only PC I found was some custom-made platform using a SuperMicro motherboard, 96 GB of registered EEC RAM (expandable to 512 GB) and so on, with two CPU sockets sucking up to 150 Watts or so. Somewhat more expensive than run-off-the-mill PCs, but the only way to provide redundant storage on ZFS file system basis nowadays. Basically, it's a "fat desktop" or a "desktop-capable server". Normal PC makers rarely include more than a couple of SATA ports in their machines, and there are severe limitations on RAM slots. No wonder, the PC market is dwindling fast: there's no upgrade path from a standard set a decade or so ago. Industry-PCs or servers are doing well though; they're just not for the consumer market.
While most won't mind the NSA blackmailing (potential) terrorists using their web history, why stop there? Hasn't the NSA already blackmailed high ranking EU politicians, using the very same techniques, to ensure that SWIFT data will continue to be shared with the US, despite the European Parliament's motion to suspend this data sharing? See where all this leads to?
How do you prevent traffic analysis by using end-to-end encryption (only)? We need more than just encryption, we also need to hide the traffic somehow using obfuscating routing algorithms on a very wide scale. Ideally, everyone should participate in this activity, but that will remain a pipe dream of privacy advocates.
Even without Utah, the NSA can still access all data at Google, Facebook, Yahoo!, Amazon, SWIFT, et al. data centers through back doors. There should be no need to mirror all this at their own facilities. NSA's data centers will collect the remaining scraps, like phone calls, metadata etc, and for this, they don't need Utah, they have enough capacity of their own already. Utah is for future growth, but that's another story.
Of course there are surveillance plans running in EU also, but not necessarily anything as massive and intrusive that NSA is conducting.
Who knows? At least CGHQ has been doing some pretty heavy surveillance and spying on an international level too in recent years. Never underestimate the capacity of a government hellbent on eavesdropping everything that is being sent down the wire.
There's no "reform" unless the US stops breaking ITS OWN LAWS.
Even if the US abode by its own laws, spying on foreigners, including EU Citizens, would still be allowed, under those laws. Changing laws to include EU Citizens in the list of persons not to be spied upon would be a confidence building measure... but we all know that the US won't stop snooping in Europe. There are way too many juicy trade secrets there to steal, so a no-spy rule w.r.t. Europe won't make it through Congress.
... and not some metatag whose absence or presence the authorities will detect.
The question is: can it be done with cryptographic means? If you distributed your site to a select audience of subscribers by encrypting it with their public keys, there's a special canary distribution algorithm on top of this architecture that can't be detected by outsiders (outsiders as in: someone who doesn't have access to at least one private key of the subscribers). That algorithm is hardened by switching to a P2P infrastructure where an outsider is one that doesn't at least have N-M (M greater than 0, sometimes even down to 1!) private subscriber keys.
On first thought, yes that's paranoid. On second thought... not so much anymore. The only question is: how could the NSA have done it? With remote SIGINT? Or do they muddle with HUMINT nowadays?
Slashdot Mirror
With all the NSA spying going on worldwide, it's prudent for the chinese administration to steer clear of Windows 8 at the moment.
But if some EU-think remains after all, we well also have the right to forget about those shitty things.
That's an example of cultural differences between the US and Europe.
The question is: how do you reconcile both opposing views? By respecting each one on the other side of the divide, i.e. by having US outfits respect Europe's privacy laws w.r.t. EU citizens, and having European outfits respect US's right to public information w.r.t. US citizens? Now the question becomes: how do you determine whose citizen someone is?
Indeed. What's the point of having some subsidiaries in the EU, and have to put up with silly EU regulations that are incompatible to US regulations? Everyone, including EU citizens, can access Google services even if Google are only in the US; and every advertiser from the EU can advertise with Google USA directly. So what's the point in forming subsidiaries abroad at all?
Just because there's some pressure from the outside to do immoral things, doesn't mean they had to cave in. Evil previls because good keeps silent. Sorry Mozilla, but that was a REALLY bad decision.
Every so called "safer" language (than C) is also less efficient. For OpenSSL, we need maximum efficiency/speed in big data scenarios, and in cases where hardware acceleration is asked for. Playing with Go, Java & Co. is a no-go here. Plus, C can be just as safe, when used properly and when code is properly audited and screened. The problem with Heartbleed was that auditing took way too long to materialize and to catch up. A bug in a, say, Go version of OpenSSL would have probably taken just as long to get discovered, if auditing happens so seldom.
You are supposed to use a different phone for 2-factor authentication. If you lump all into one, what's the whole point?
If he told them the password previously, but they didn't even try it, maybe the password was "F*ck you!"?
You have been modded funny, but what if it was indeed true? That should be a deeply unsettling thought.
Non-American people all around the world are even a lot more targets of the NSA punch, because they don't even benefit from FISA laws that protect, at least partially, Americans...
They may have plenty of leads, but if they lead to US persons, they are by law prohibited from even reporting them to the FBI. Blame the NSA for a lot of the current Orwellian dystopia, but not for following the law, at least once.
You're assuming that all terrorists do have half a brain. Considering the kind of terrorists that blow themselves up instead of using remote controls, one can doubt that they even have half a brain. Of course, I'm NOT implying that mass surveillance would be justified, just because we're in a fight against half- or full morons, I'm just saying that there's still a slim chance to catch the less intelligent among the terrorists. Do we want this slim chance at the price of giving up freedom and privacy altogether? That's the real question.
As long as he gets contradicting opinions from his advisers on every single issue, what's the harm? It's Obama's job to finally decide what to do. Coming to an informed decision means looking at an issue from all possible angles. If this Morell guy plays advocatus diaboli, so be it.
It concerns patent EP0618540. Looks like FAT-32 to me, at first sight.
So, I'm looking for a PC capable of running ZFS/FreeBSD on at least 8, if not more spindles. The only PC I found was some custom-made platform using a SuperMicro motherboard, 96 GB of registered EEC RAM (expandable to 512 GB) and so on, with two CPU sockets sucking up to 150 Watts or so. Somewhat more expensive than run-off-the-mill PCs, but the only way to provide redundant storage on ZFS file system basis nowadays. Basically, it's a "fat desktop" or a "desktop-capable server". Normal PC makers rarely include more than a couple of SATA ports in their machines, and there are severe limitations on RAM slots. No wonder, the PC market is dwindling fast: there's no upgrade path from a standard set a decade or so ago. Industry-PCs or servers are doing well though; they're just not for the consumer market.
Step 1: Dismantle the NSA...
Step 2: ???
Step 3: Profit!
While most won't mind the NSA blackmailing (potential) terrorists using their web history, why stop there? Hasn't the NSA already blackmailed high ranking EU politicians, using the very same techniques, to ensure that SWIFT data will continue to be shared with the US, despite the European Parliament's motion to suspend this data sharing? See where all this leads to?
How do you prevent traffic analysis by using end-to-end encryption (only)? We need more than just encryption, we also need to hide the traffic somehow using obfuscating routing algorithms on a very wide scale. Ideally, everyone should participate in this activity, but that will remain a pipe dream of privacy advocates.
Even without Utah, the NSA can still access all data at Google, Facebook, Yahoo!, Amazon, SWIFT, et al. data centers through back doors. There should be no need to mirror all this at their own facilities. NSA's data centers will collect the remaining scraps, like phone calls, metadata etc, and for this, they don't need Utah, they have enough capacity of their own already. Utah is for future growth, but that's another story.
Who knows? At least CGHQ has been doing some pretty heavy surveillance and spying on an international level too in recent years. Never underestimate the capacity of a government hellbent on eavesdropping everything that is being sent down the wire.
Even if the US abode by its own laws, spying on foreigners, including EU Citizens, would still be allowed, under those laws. Changing laws to include EU Citizens in the list of persons not to be spied upon would be a confidence building measure... but we all know that the US won't stop snooping in Europe. There are way too many juicy trade secrets there to steal, so a no-spy rule w.r.t. Europe won't make it through Congress.
You may want to watch this very on-topic keynote.
The question is: can it be done with cryptographic means? If you distributed your site to a select audience of subscribers by encrypting it with their public keys, there's a special canary distribution algorithm on top of this architecture that can't be detected by outsiders (outsiders as in: someone who doesn't have access to at least one private key of the subscribers). That algorithm is hardened by switching to a P2P infrastructure where an outsider is one that doesn't at least have N-M (M greater than 0, sometimes even down to 1!) private subscriber keys.
On first thought, yes that's paranoid. On second thought... not so much anymore. The only question is: how could the NSA have done it? With remote SIGINT? Or do they muddle with HUMINT nowadays?