Or are they building their backdoors in their code? Let us not forget that Moscow is not nearly so squeamish as Washington when it comes to individual rights. Go Putin! Bring back the bad old days!
Great, yet another piece of... hardware that won't work properly in 'put_your_*nix_here' because 'put_your_company_here' won't release the specs. Thanks, but I'll just stick with my existing, functioning hardware for now.
You're missing the point entirely. Companies like ChoicePoint and Bank of America should have strict regulations on what information they may retain about consumers and what they can do with it! It does NOT logically follow that the U.S. government should have access to consumers' trasnactional information. Just the opposite would be my preference.
In light of recent news that Choice Point sold the personal data of an as yet unknown thousands of consumers to phony companies, and today's reporting that the Bank of America has lost the account records of 1.2 million customers, I thought I would throw a little scenario out there. Just something to think about.
Since September 11, 2001, the U.S. has been on the defense at home (and offense abroad) against more physical attacks in this country. The terrorists are no doubt finding it much more difficult to go about the business of planning those attacks. The acts required to put together an attack on physical objects is by nature "noisy". If they want to attack a building, they need to case the building. That means visiting, filming, perhaps a number of times. In other words, they need to do things that are visible to and noticeable by other people, people who would likely find those things suspicious. People are much more observant these days, thank goodness.
So, if conducting a physical attack is difficult, what is less difficult, but achieves the goal of attacking democracy and capitalism?
What if an organization with modest funding were to operate from abroad, supported by a friendly host country (why not just pick one at random, say Iran) and, using the legwork of sympathizers, aquire easily obtained infrastructure here in the U.S.? The infrastructure could consist of a simple post office box to establish a mailing address, perhaps rented office space, but not necessarily. A physical office would provide a semi-secure space to install the organization's servers to provide virtual private networking capability in order to have their connections appear to originate inside the U.S. Add VoIP services to allow the organization to pick up the telephone in Iran and seem to appear in Los Angeles (I know, there are some technical issues with this, like latency, but Joe Schmoe at Choice Point might not notice). There are any number of ways to establish a virtual office. The point would be to create a presence allowing the organization to operate without much suspicion.
After having established a presence, this organization could set about establishing the business relationships required to further the goal of attacking the U.S. financial system. This might include paying for the details of consumers' credit reports, including Social Security numbers, credit card accounts, etc. This is not to say that the organization is limited to operating within the confines of the law. Why not also steal the records if you can? How about 1.2 million customer records of a bank? That's quite a lot of information.
The point is this: after obtaining a large amount of information about U.S. consumers (read "evil capitalists"), the organization could set about several things at once. First, it could ruin the credit of thousands, if not millions, of Americans. Two, throw financial institutions, and the economy into turmoil. Three, in accomplishing the first two goals, also accomplish the goal of taking a form of terror to any American anywhere, not just the big cities.
How could this happen? A man going to an office everyday does not seem suspicious, whereas a foreigner filming a building most certainly is. And, by the way, that man going to the office everyday does not necessarily even have to go to the office in the U.S. He might just as well do it from the comfort of Tehran with the support of his friendly host country. If the authorities in the U.S. happen to break into the office in LA, they sieze computers and not personnel. And noone says the connection has to lead directly back to Iran. Using a two-way satellite connection, the organization could operate from anywhere within the satellite's footprint.
I hope I'm not the only one thinking about these things.
I would refer you to the original post and suggest following the links to read about p0f here and here and various port knocking implementations. Port knocking has been covered in/. before and the original idea included consideration of a replay attack possibility. Thus, encryption of the knock sequence.
One thing not mentioned in the reviews is that, while both browsers allow the user to change the reported user-agent string (Firefox through an add-on extension), only Firefox does this correctly, while Opera reports the user-agent you specify, PLUS Opera as well.
In 1995 Money magazine published an article claiming it was high time to ditch Starbucks' stock, since the market was obviously saturated and they couldn't sustain their growth. I believe starbucks was about half its current size at the time.
Slashdot Mirror
Or are they building their backdoors in their code? Let us not forget that Moscow is not nearly so squeamish as Washington when it comes to individual rights. Go Putin! Bring back the bad old days!
Great, yet another piece of ... hardware that won't work properly in 'put_your_*nix_here' because 'put_your_company_here' won't release the specs. Thanks, but I'll just stick with my existing, functioning hardware for now.
You're missing the point entirely. Companies like ChoicePoint and Bank of America should have strict regulations on what information they may retain about consumers and what they can do with it! It does NOT logically follow that the U.S. government should have access to consumers' trasnactional information. Just the opposite would be my preference.
A Scenario For You...
In light of recent news that Choice Point sold the personal data of an as yet unknown thousands of consumers to phony companies, and today's reporting that the Bank of America has lost the account records of 1.2 million customers, I thought I would throw a little scenario out there. Just something to think about.
Since September 11, 2001, the U.S. has been on the defense at home (and offense abroad) against more physical attacks in this country. The terrorists are no doubt finding it much more difficult to go about the business of planning those attacks. The acts required to put together an attack on physical objects is by nature "noisy". If they want to attack a building, they need to case the building. That means visiting, filming, perhaps a number of times. In other words, they need to do things that are visible to and noticeable by other people, people who would likely find those things suspicious. People are much more observant these days, thank goodness.
So, if conducting a physical attack is difficult, what is less difficult, but achieves the goal of attacking democracy and capitalism?
What if an organization with modest funding were to operate from abroad, supported by a friendly host country (why not just pick one at random, say Iran) and, using the legwork of sympathizers, aquire easily obtained infrastructure here in the U.S.? The infrastructure could consist of a simple post office box to establish a mailing address, perhaps rented office space, but not necessarily. A physical office would provide a semi-secure space to install the organization's servers to provide virtual private networking capability in order to have their connections appear to originate inside the U.S. Add VoIP services to allow the organization to pick up the telephone in Iran and seem to appear in Los Angeles (I know, there are some technical issues with this, like latency, but Joe Schmoe at Choice Point might not notice). There are any number of ways to establish a virtual office. The point would be to create a presence allowing the organization to operate without much suspicion.
After having established a presence, this organization could set about establishing the business relationships required to further the goal of attacking the U.S. financial system. This might include paying for the details of consumers' credit reports, including Social Security numbers, credit card accounts, etc. This is not to say that the organization is limited to operating within the confines of the law. Why not also steal the records if you can? How about 1.2 million customer records of a bank? That's quite a lot of information.
The point is this: after obtaining a large amount of information about U.S. consumers (read "evil capitalists"), the organization could set about several things at once. First, it could ruin the credit of thousands, if not millions, of Americans. Two, throw financial institutions, and the economy into turmoil. Three, in accomplishing the first two goals, also accomplish the goal of taking a form of terror to any American anywhere, not just the big cities.
How could this happen? A man going to an office everyday does not seem suspicious, whereas a foreigner filming a building most certainly is. And, by the way, that man going to the office everyday does not necessarily even have to go to the office in the U.S. He might just as well do it from the comfort of Tehran with the support of his friendly host country. If the authorities in the U.S. happen to break into the office in LA, they sieze computers and not personnel. And noone says the connection has to lead directly back to Iran. Using a two-way satellite connection, the organization could operate from anywhere within the satellite's footprint.
I hope I'm not the only one thinking about these things.
You can't stop me. I'll move to an even slower, more decrepit form of communication.
I would refer you to the original post and suggest following the links to read about p0f here and here and various port knocking implementations. Port knocking has been covered in /. before and the original idea included consideration of a replay attack possibility. Thus, encryption of the knock sequence.
I mean, the Times is a respected paper...
The times used to be a respected paper, before the Jayson Blair episode shed some light on the lack of editorial control there.
One thing not mentioned in the reviews is that, while both browsers allow the user to change the reported user-agent string (Firefox through an add-on extension), only Firefox does this correctly, while Opera reports the user-agent you specify, PLUS Opera as well.
In 1995 Money magazine published an article claiming it was high time to ditch Starbucks' stock, since the market was obviously saturated and they couldn't sustain their growth. I believe starbucks was about half its current size at the time.