Note: I am not the original poster and I am not from or even live in the U.S.
it still doesn't repeal the 4th Amendment.
I don't view what the NSA is a violation of the 4th amendment (was it ever fully confirmed the gathering of data was warrantless, or was it entirely through FBI's warrants?) .
The method of duplicating data they used does not look anything close to a search and seizure to me. Nor do I see persons being deprived of houses, papers, and effects in this intelligence gathering.
I feel that trying to use the 4th amendment to stop this is somewhat weak, the amendment seems more constructed in a form to prevent people from being hassled/harassed and deprived of personal effects. Then there are words like "unreasonable" used, so even if this is considered to be infringing the 'search and seizure' contexts, I am uncertain that this can be considered unreasonable considering the context of what this amendment appears to have been written in.
Now, of course, there are going to be rulings that disagree and agree with me, but my point here is that I feel the 4th amendment argument is actually quite weak in this scenario and feels more like you're trying to use something unrelated to get your way. I should also point out that there have been since a bunch of law changes that give approval to such actions - I don't know if that would make it considered 'reasonable' since it's been approved at various levels of government institutions which are ran by the people.
It would be great to see better arguments than "it still doesn't repeal the 4th Amendment." with no decent explanation as to how the 4th amendment is really involved.
Just "doing your job" is not justification for furthering the agenda of a quite clearly malicious organization.
You do realize the organization in this case, is the U.S. government (after all, this sort of thing goes beyond just the NSA).
Assuming you live in the U.S, you are going to be paying some form of taxes, one way or another to it (such as sales taxes when you buy something from a store, taxes on earnings etc).
I have quite full time jobs for pretty decent money twice in my life to become a freelancer. I hate it, and am looking to exit it, but I at least took responsibility for myself instead of just saying: "Oh this company was paying me to steal code, but it's okay because I was just following orders!"
Seeing that you have such a moral aptitude on stealing, one can assume you wouldn't steal from other tax payers. On the other hand, you would be "furthering the agenda of a quite clearly malicious organization" if you did.
Is this an admission of tax evasion and hurting the tax payer or an admission that you can't justify "furthering the agenda of a quite clearly malicious organization", but you're doing it anyway, making you a hypocrite?
When I can get Zelda and Mario games through STEAM, I will be a happy man.
I somewhat imagine if Nintendo really took this seriously, they would be making it possible for you to buy a Wii U with Zelda and Mario games through the Steam store.
If you spend a lot of your time interacting with video games, you learn to interact based on the patterns you learn in video games.
I imagine that the extreme result of this is someone who acts like one of those annoying NPCs in games that have no real use. In particular, every time someone talks to him, he just stands there and gives them the same sentence.
I'm quite sure, given the "free" license of QT is based on LGPL, that a developer will need a commercial license from Digia to publish an iOS app on the App Store:(
I think it's expected on the Apple platforms to pay for things, after all, the fee charged for access to publish on the app store etc.
You also avoid you add more complexity, cpu usage, memory usage, & other forms of added I/O as well as electricity usage that dns servers entail
Okay, I'm going to pretend I don't know what I'm talking about now...
I tried to generate a hosts file to block all of example.com and all it's subdomains using your wise advice that it's smaller and more efficient. Knowing that DNS hostnames are limited to 255 characters in length, I wrote a program that generates every possible character combination possible for example.com subdomains. I grew kind of bored after waiting two hours and the file had grown to 65.9 GiB and it was still growing, so I aborted mid generation since the hard-drive I was going to stick it on didn't have much space anyway. I then installed a fresh install of Windows, it worked quite well resolution wise.
Then, I added the hosts file, which should have no penalty compared to my DNS system on Linux as you say. However I discovered resolution stopped working entirely. Even after reboots, resolution would not work any more. The system also became significantly sluggish and I got warnings that windows was running out of memory.
Clearly I am doing something wrong, so please explain to me what I did wrong with the generation of my hosts file (grab a copy here) it appears to be significantly larger than my zone file despite the fact it is largely incomplete. My zone file (grab a copy here) on Linux is significantly smaller.
Thus - Your use of tcp vs. udp = you being less efficient & slower: Tcp != faster than udp & has literally twice as many operations + overheads. Newsflash: udp does no callback (tcp does).
If you want to make yourself more vulnerable to DNS poisoning, go ahead. Unlike the current workaround (the patches that don't use DNSSEC), this prevents spoofing entirely. If I am going to have to wait an extra millisecond, so be it. Regardless,still dfoes not invalidate my point that it does not effect the blocked DNS entries (since there is no resolution needed).
Lameness filter is forcing me to split up my replies.
Then You introduced overheads due to "callbacks" TCP does vs. UDP.
These 'overheads' do not effect the resolution of blocked domains at all.
DNS DATA IS LARGER, adds more "moving parts" above the TCP/IP stack (& hosts are a tightly integrated part of that - no "extra moving parts" like DNS, required).
Still nothing compared to a hosts file that has every possible subdomain combination bruteforced, just to block a single domain.
Hosts take up MORE MEMORY than an entire DNS setup according to you? Ok - Have you ever SEEN the interior of a custom hosts file vs. that of the config files on DNS servers???? Hosts file data is SMALLER than DNS server files data & programs!
A few million lines in a hosts file to block a single domain because you have to bruteforce every single subdomain verses a tiny zone file.
Yeah, no. Hosts file is not smaller in this instance. I can see it being smaller in the cases where you want to block a very specific address like update.adobe.com, but certainly not when it comes to blocking entire malicious/unwanted domains.
How do you figure a SINGLE FILE takes up more space in memory OR ON DISK, than an entire setup of a DNS server?? You're losing it!
Bruteforcing millions of lines for every single possible combination a domain can have to block that domain is going to make the file really large. Compared to just the zone file I wrote above.
Your data for DNS config is STILL BIGGER than a single host file is - again: Have you ever SEEN the interior of a hosts file vs. that for DNS config files? DNS ones are bigger... not just in summation, but on their interior(s) & there are MORE THAN JUST 1 too for DNS!
In my examples, blocking entire domains with their subdomains etc. is smaller than hosts files and less intensive on the system to look up.
There is the added benefit that no IP address is returned, so the system doesn't even bother trying to connect to the address.
DNS = clearly faulty (especially in security) & you use it, hosts overcome that!
I've already explained to you how I use TCP mode in that thread, no risk of DNS poisoning.
5 years after major DNS flaw is discovered, few US companies have deployed long-term fix
Why does this matter to me? I'm not a US company and if I was, I would have fixed it in a way that didn't require DNSSEC support. Such as via the method I mentioned in the thread. I also wouldn't be dumb enough to require the deployment of a hosts file to an entire organisation instead of blocking malicious traffic at the gateway.
P.S.=> Anyone wonder WHY I built this, then?
Nope.
See this discussion & only a partial list fragment of good results virtues a single file bestows on you running outta kernelmode in a multi-OS ported STABLE & FAST IP Stack as a driver using it as a filter (& since that's what it's really about, not the program, but the resulting output file's massive usefulness on many levels of versatility, nigh ubiquituous almost, in added/better speed, security, reliability, & even "anonymity" to an extent as well...)...
I already brought up how hosts file are slower, take up more memory, more space and likely more CPU to sort through such a massive list when wanting to block an entire domain because you need to generate every single possible combination in order to do it effectively. Which is in that thread I linked.
In other words, my method is less intensive and doesn't require you to litter memory with giant lists of hostnames since a wildcard can be trivially specified. It's going to be faster because the system doesn't have to look through as large of a table either to return a result.
How the FUCK is a custom hosts file more "resource intensive" when it's a SINGLE FILE being run from a kernelmode driver in the IP stack's own built in resolver (tcpip.sys)?
Should have read the thread I linked.
Fact: DNS has more "moving parts" LAYERED ON over that... that, in & OF itself means DNS is more complex and thus more prone to breakdown as well (as if "fastflux" botnets don't prove that much for me, easily)!
Should have read the thread I linked.
More evasions on electrical usage being GREATER with more added moving parts, ala a DNS server, too I see? Sorry - there IS NO DISPROVING THAT MUCH from myself on your part either...
Should have read the thread I linked.
If you did, your reading comprehension is pretty bad.
Solve the 99% unpatched DNS servers out there vs. the Kaminsky flaw (especially considering they are MOSTLY out there @ the ISP level no less).
I told you how to do it with existing DNS infrastructure.
Solve the excessive moving parts that running a local DNS server entails vs. using a custom hosts file for MOST single computer home users (which is most of them) or even on a small home LAN.
We talked about the resource usage, where I showed that HOSTS file was more intensive. I also showed you repeatedly it was the best solution for me, on a small LAN.
Solve the excessive electrical usage of running a local DNS server system (or even as a separate service/daemon).
Which again was also resolved in our original conversation.
DNS = far from perfect & gets exploited by FastFlux botnets all day long too (and other malwares as well via redirection/dns-poisonings - how many evidences of this should I produce for you over time?).
Blah blah blah, doesn't effect me.
Want to show us where you have "disproven" me before
This is one of our many arguments, I don't know why you insist on me doing this all the time.
Because developers have a consistent environment to write code to?
And yet the last Resident Evil game ran at crap FPS on the original PS3 while GTA 4 often ran at crap FPS on the xbox 360.
Because then I can just drop the DVD into the machine and play?
Not always, see above.
I bought it and picked up the three intro DLC packs (another 50 tunes maybe). But I continued playing the Xbox360 vs the PC. In part because having to reboot my PC in order to successfully (most of the time) have the PC start Rocksmith without bailing. So it's a little annoying to have to muck with the PC in order to play Rocksmith when I can just hit the various power switches, hit the 'A' button, 'Start', 'A', 'A', and select a song to play. And when I'm done, bring it back to the Song listing (to save my place), and power it all off.
Devils may cry for the PC, runs on the machine at stunning fps with quality. On the PS3, capped at 30fps for HD. That's a game that was running 'well' on the console. At least if something is being crap on the PC, I can upgrade it.
Slashdot Mirror
Note: I am not the original poster and I am not from or even live in the U.S.
I don't view what the NSA is a violation of the 4th amendment (was it ever fully confirmed the gathering of data was warrantless, or was it entirely through FBI's warrants?) .
The method of duplicating data they used does not look anything close to a search and seizure to me. Nor do I see persons being deprived of houses, papers, and effects in this intelligence gathering.
I feel that trying to use the 4th amendment to stop this is somewhat weak, the amendment seems more constructed in a form to prevent people from being hassled/harassed and deprived of personal effects. Then there are words like "unreasonable" used, so even if this is considered to be infringing the 'search and seizure' contexts, I am uncertain that this can be considered unreasonable considering the context of what this amendment appears to have been written in.
Now, of course, there are going to be rulings that disagree and agree with me, but my point here is that I feel the 4th amendment argument is actually quite weak in this scenario and feels more like you're trying to use something unrelated to get your way. I should also point out that there have been since a bunch of law changes that give approval to such actions - I don't know if that would make it considered 'reasonable' since it's been approved at various levels of government institutions which are ran by the people.
It would be great to see better arguments than "it still doesn't repeal the 4th Amendment." with no decent explanation as to how the 4th amendment is really involved.
Note: Not the original poster
That tends to bother me because I don't like my personal space being violated to that extent.
But that won't stop someone looking over my shoulder. Your solution doesn't solve the problem.
I went through most of the pages, they look terrible when stretching the comics to fit 1080p. It's even worse on retina display devices!
Clearly they should have had more ads to compensate for this.
Talk to them about themes.
Works for me.
You probably broke your system in some weird way.
You do realize the organization in this case, is the U.S. government (after all, this sort of thing goes beyond just the NSA).
Assuming you live in the U.S, you are going to be paying some form of taxes, one way or another to it (such as sales taxes when you buy something from a store, taxes on earnings etc).
Seeing that you have such a moral aptitude on stealing, one can assume you wouldn't steal from other tax payers. On the other hand, you would be "furthering the agenda of a quite clearly malicious organization" if you did.
Is this an admission of tax evasion and hurting the tax payer or an admission that you can't justify "furthering the agenda of a quite clearly malicious organization", but you're doing it anyway, making you a hypocrite?
I somewhat imagine if Nintendo really took this seriously, they would be making it possible for you to buy a Wii U with Zelda and Mario games through the Steam store.
You appear to have completely missed their new IP like Wii sports, Wii fitness etc.
Cloudflare is better at protecting my server infrastructure than TOR is.
Help! The video games are real!
I imagine that the extreme result of this is someone who acts like one of those annoying NPCs in games that have no real use. In particular, every time someone talks to him, he just stands there and gives them the same sentence.
I think it's expected on the Apple platforms to pay for things, after all, the fee charged for access to publish on the app store etc.
Okay, I'm going to pretend I don't know what I'm talking about now...
I tried to generate a hosts file to block all of example.com and all it's subdomains using your wise advice that it's smaller and more efficient. Knowing that DNS hostnames are limited to 255 characters in length, I wrote a program that generates every possible character combination possible for example.com subdomains. I grew kind of bored after waiting two hours and the file had grown to 65.9 GiB and it was still growing, so I aborted mid generation since the hard-drive I was going to stick it on didn't have much space anyway. I then installed a fresh install of Windows, it worked quite well resolution wise.
Then, I added the hosts file, which should have no penalty compared to my DNS system on Linux as you say. However I discovered resolution stopped working entirely. Even after reboots, resolution would not work any more. The system also became significantly sluggish and I got warnings that windows was running out of memory.
Clearly I am doing something wrong, so please explain to me what I did wrong with the generation of my hosts file (grab a copy here) it appears to be significantly larger than my zone file despite the fact it is largely incomplete. My zone file (grab a copy here) on Linux is significantly smaller.
Lameness filter forced me to split up my comment.
If you want to make yourself more vulnerable to DNS poisoning, go ahead. Unlike the current workaround (the patches that don't use DNSSEC), this prevents spoofing entirely. If I am going to have to wait an extra millisecond, so be it. Regardless,still dfoes not invalidate my point that it does not effect the blocked DNS entries (since there is no resolution needed).
Lameness filter is forcing me to split up my replies.
These 'overheads' do not effect the resolution of blocked domains at all.
Still nothing compared to a hosts file that has every possible subdomain combination bruteforced, just to block a single domain.
A few million lines in a hosts file to block a single domain because you have to bruteforce every single subdomain verses a tiny zone file.
Yeah, no. Hosts file is not smaller in this instance. I can see it being smaller in the cases where you want to block a very specific address like update.adobe.com, but certainly not when it comes to blocking entire malicious/unwanted domains.
Bruteforcing millions of lines for every single possible combination a domain can have to block that domain is going to make the file really large. Compared to just the zone file I wrote above.
In my examples, blocking entire domains with their subdomains etc. is smaller than hosts files and less intensive on the system to look up.
There is the added benefit that no IP address is returned, so the system doesn't even bother trying to connect to the address.
I've already explained to you how I use TCP mode in that thread, no risk of DNS poisoning.
Why does this matter to me? I'm not a US company and if I was, I would have fixed it in a way that didn't require DNSSEC support. Such as via the method I mentioned in the thread. I also wouldn't be dumb enough to require the deployment of a hosts file to an entire organisation instead of blocking malicious traffic at the gateway.
Nope.
I already brought up how hosts file are slower, take up more memory, more space and likely more CPU to sort through such a massive list when wanting to block an entire domain because you need to generate every single possible combination in order to do it effectively. Which is in that thread I linked.
In other words, my method is less intensive and doesn't require you to litter memory with giant lists of hostnames since a wildcard can be trivially specified. It's going to be faster because the system doesn't have to look through as large of a table either to return a result.
If you read the thread, you would know this.
This may come as a surprise, I don't own that infrastructure.
Regarding your "P.S.": tl;dr.
Should have read the thread I linked.
Should have read the thread I linked.
Should have read the thread I linked.
If you did, your reading comprehension is pretty bad.
I told you how to do it with existing DNS infrastructure.
We talked about the resource usage, where I showed that HOSTS file was more intensive. I also showed you repeatedly it was the best solution for me, on a small LAN.
Which again was also resolved in our original conversation.
Blah blah blah, doesn't effect me.
This is one of our many arguments, I don't know why you insist on me doing this all the time.
I've already disproven APK before on my DNS solution, I don't need to do it again.
I hold you responsible for summoning APK.
And yet the last Resident Evil game ran at crap FPS on the original PS3 while GTA 4 often ran at crap FPS on the xbox 360.
Not always, see above.
Devils may cry for the PC, runs on the machine at stunning fps with quality. On the PS3, capped at 30fps for HD. That's a game that was running 'well' on the console. At least if something is being crap on the PC, I can upgrade it.
It's been four days, you told me I could have it today. Why do you delay?
I'm not sure that an AC that claims they are the CEO of Opera is believable either.
And what is your point exactly?