Snowden didn't do shit. As much as we all "love" him for his previous leaks, he didn't shoot ANYTHING down. He only answered how to dedup a list to make it smaller, not answer how large the list would be after the fact or how long it would take to comb through said remaining list.
Use a Linux Live distro which automatically connects through Tor. Don't want to build it yourself? No worries, it is already done for you! https://tails.boum.org/
That, and bill's text for disaster relief can be pre-written, and simply enacted upon disaster. If the text hasn't changed, then there shouldn't be any issues.
As a reminder for anyone who may need Facebook for communication of any kind (especially in countries attempting to prevent free speech), Facebook officially runs a Tor hidden service.
Yeeeeeup, exactly this. Goddamn do I ever wish I had the resources available to me to actually do my job properly. Company wont provide resources for unit testing the hundreds of variables for our data entry forms that all inter-relate to one-another. Think of it as a massive fucking configuration matrix that shits all over itself. I've proposed for years entirely replacing said system with something extremely simple, but am always shot down. And since we don't have the resources to properly unit test the system in place now, instead there is an audit log that simply tracks our staff's actions with the system, and when an issue arises, it usually takes only a few minutes to debug and push a fix live.
Welcome to "Patch Tuesday" syndrome, horribly amplified by the fact they're now doing a unified single update per month of everything all rolled up into one. You get an all-or-nothing patching system, regardless of how much it fucks up your computer in the process!
As a F/OSS ISO torrent seeder on a 1gbps connection, let me tell ya... it doesn't matter. I had planned on setting limits on my seeding server, but it hardly ever breaks 10-20mbps upload. With files in the 1-5GB range mostly (CD and DVD ISO files), those are fairly large, but once people have em, they have em, and the bandwidth stops. This logic doesn't really change much for other types of content either.
Google Succeeded as far as I'm concerned. Their initial point wasn't the fact that GOOGLE could do it, it was the fact that ISPs across the country were not being honest about how much bandwidth really cost. While it may not quite be at the same $75-ish price point of Google Fiber, there are now countless companies who have done massive upgrades to their networks to support FTTH in markets that were previously uncompetitive, even ones Google was't even eying. Where I live, CenturyLink used to offer only 3mbps DSL service, but in January of this year they rolled out fiber city wide and now offer both symmetrical 100mbps and 1gbps services in the $100 range. Just checked this week, and Comcast is now offering their 2gbps service locally as well, which wasn't there when I looked over the summer. So while we were never on Google's radar for some reason or another, the other existing ISPs got their fucking asses in gear finally and upgraded BECAUSE of pressure from Google in other markets, and strong consumer demand locally.
Natural outsider reaction. Sorry, but Seattle isn't home to Microsoft (though it is home to Amazon). Seattle is actually across the lake and down the street a ways. Over in Redmond? Yeah, everyone is fucking rich as hell and things are great! However Seattle isn't the same, with many poor neighborhoods that receive little to no love from companies or government alike.
Since when is this NEW? All major telcos keeps records of activity by their own customers. How the hell do you think they even bill you in the first place? They just arbitrarily make up numbers!? (oh wait, we're not talking about Comcast here, are we)
For every single person I've had to help service and get into their phone information through their carrier, the carrier's web site for that account has a full detailed history of every single incoming call, outgoing call, time of call, duration of call, and other various tidbits of metadata.
Now, some want to scream "HOLYSHIT, MASS DATA TRACKING!!" - Now compare this to the DEFAULT configuration within Apache or Nginx, which literally logs every single web site request to itself, along with IP address of requester, time of day, URL of request, etc...
And also, about physical location information. How the hell do you think the cell phone network works in the first place? Your wireless phone isn't some magical device that works EVERYWHERE. It is highly regionalized for communication. It has to connect to a base station somewhere close by (sometimes smaller than a quarter mile within a big city, upwards of 10-20 miles out in the open country). Each of these stations has a unique ID to them, too. Why is that needed? So the damn phone company knows how to route a call to you when you receive it!
Sure, for an extremely exaggerated definition of "grey" - Just checked SublimeText's default theme: the text color is #F8F8F2, so just a hint of a shade off of absolute pure white leaning to yellow. The background, however, is indeed a "dark grey", but very well contrasted, as it is #272822. The default font is also a nice bold font which is easy to read. The other text editors on your list also follow a very similar style to this too.
This type of system has already been defeated in the simplest way possible. There was a cracking group that had a DDoS system similar to what has been described for HTTP requests to a page which had a captcha. What they did was accept the captcha, and then forward it onto a porn web site they controlled. For users who want all them naughty bits, those users had to fill out the forwarded captcha! Then that information was sent back into the botnet to "validate" their requests to the intended target.
As long as there is porn online, there will be an easy way to kill captcha! WON'T SOMEONE THINK OF THE CHILDREN AND BLOCK ALL THE PR0NZ OMGZ!?!?
Information Technology and Computer Science need to be entirely split up. This within itself will virtually entirely solve the problem. The problem right now is that they're treated as one in the same, with the same requirements for entirely different jobs. The programs in school focus specifically on short algorithm design for things like tree searching or solving various mathematical principals. In the real world, however, the primary focus is on finding solutions to either business logic problems or finding new ways for users to interact with their devices and the environment around them. The CS side focuses primarily on the mathematics of computing, while IT focus more on the logical side of computing. Developing a great and simple API doesn't require much of a math background, but needs quite a bit of logical thinking. But again, as stated initially, the schools are only focusing on the mathematical side, which correlates to an extremely small part of the actual tech sector, with the logical side being the majority of the jobs in the workplace. Schools need to finally get their shit together and teach the industry, rather than teach what some particular program is more or less forced upon them by a very few companies that dont fully represent the industry.
Ya'see, I'm getting sick and tired of hearing this goddamn argument over and over again. "Just make it secure in the first place", like technical security is just a magical flip of a switch. "Oh, Yeah, I downloaded and installed the SECURE library into my app, things are PERFECT now!"
Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow. This is true of both software and non-software technical systems. This is true of both open and closed source software. This research that happened is EXACTLY what we need to ensure security, having people willing to disclose vulnerabilities to the general masses, because similar exploits may exist in other implementations. The alternative is selling exploits on the black market. Which would you honestly prefer?
From TFA: "Dormann said instead of hard-coding credentials or setting default usernames and passwords that many users will never change, hardware makers should require users to pick a strong password when setting up the device."
This advice is just plain wrong. It requires educating every single end user on security best practices. Lately I've seen a trend from ISPs for their router admin pages and wifi access points: they come pre-configured with a randomly generated password for each, which is then printed out on a sticker and stuck to the side of the device. Without physical access to the device, nobody would know the credentials for it. This keeps the burden of security within the realm of those who know what they are doing and making good decisions. The act of using a poor password would then end up on the end user, having to type in the secured password, and then change it to something less secure.
Slashdot Mirror
Except NASA doesn't have the budget for lawyers... (que super sad music)
Snowden didn't do shit. As much as we all "love" him for his previous leaks, he didn't shoot ANYTHING down. He only answered how to dedup a list to make it smaller, not answer how large the list would be after the fact or how long it would take to comb through said remaining list.
It's just as secure as the web browser you're using right now (HTTP vs HTTPS)
B) The binary would be protected from write access by UAC.
Use a Linux Live distro which automatically connects through Tor. Don't want to build it yourself? No worries, it is already done for you! https://tails.boum.org/
Apparently you are unaware of this... https://www.youtube.com/watch?...
Multi-master replication across multiple datacenters for high availability and low latency reads. How many databases have this feature right now?
That, and bill's text for disaster relief can be pre-written, and simply enacted upon disaster. If the text hasn't changed, then there shouldn't be any issues.
Sounds about right, considering attempting to view code on code.gov just takes you to the agency's various Github repos anyways!
As a reminder for anyone who may need Facebook for communication of any kind (especially in countries attempting to prevent free speech), Facebook officially runs a Tor hidden service.
Details: https://www.facebook.com/faceb...
Tor Hidden Service: https://facebookcorewwwi.onion...
(or as they call it, Facebook Core WWW Infrastructure)
Yeeeeeup, exactly this. Goddamn do I ever wish I had the resources available to me to actually do my job properly. Company wont provide resources for unit testing the hundreds of variables for our data entry forms that all inter-relate to one-another. Think of it as a massive fucking configuration matrix that shits all over itself. I've proposed for years entirely replacing said system with something extremely simple, but am always shot down. And since we don't have the resources to properly unit test the system in place now, instead there is an audit log that simply tracks our staff's actions with the system, and when an issue arises, it usually takes only a few minutes to debug and push a fix live.
If North Korea can have internet, ANYONE can have internet!
Welcome to "Patch Tuesday" syndrome, horribly amplified by the fact they're now doing a unified single update per month of everything all rolled up into one. You get an all-or-nothing patching system, regardless of how much it fucks up your computer in the process!
As a F/OSS ISO torrent seeder on a 1gbps connection, let me tell ya... it doesn't matter. I had planned on setting limits on my seeding server, but it hardly ever breaks 10-20mbps upload. With files in the 1-5GB range mostly (CD and DVD ISO files), those are fairly large, but once people have em, they have em, and the bandwidth stops. This logic doesn't really change much for other types of content either.
Never leave home without it! (warning: flash, and sometimes loads slowly) http://cow.org/csi/
NXP is also synonymous with NFC technology. This is entirely missed in both the summary and TFA it appears.
Google Succeeded as far as I'm concerned. Their initial point wasn't the fact that GOOGLE could do it, it was the fact that ISPs across the country were not being honest about how much bandwidth really cost. While it may not quite be at the same $75-ish price point of Google Fiber, there are now countless companies who have done massive upgrades to their networks to support FTTH in markets that were previously uncompetitive, even ones Google was't even eying. Where I live, CenturyLink used to offer only 3mbps DSL service, but in January of this year they rolled out fiber city wide and now offer both symmetrical 100mbps and 1gbps services in the $100 range. Just checked this week, and Comcast is now offering their 2gbps service locally as well, which wasn't there when I looked over the summer. So while we were never on Google's radar for some reason or another, the other existing ISPs got their fucking asses in gear finally and upgraded BECAUSE of pressure from Google in other markets, and strong consumer demand locally.
Natural outsider reaction. Sorry, but Seattle isn't home to Microsoft (though it is home to Amazon). Seattle is actually across the lake and down the street a ways. Over in Redmond? Yeah, everyone is fucking rich as hell and things are great! However Seattle isn't the same, with many poor neighborhoods that receive little to no love from companies or government alike.
Since when is this NEW? All major telcos keeps records of activity by their own customers. How the hell do you think they even bill you in the first place? They just arbitrarily make up numbers!? (oh wait, we're not talking about Comcast here, are we)
For every single person I've had to help service and get into their phone information through their carrier, the carrier's web site for that account has a full detailed history of every single incoming call, outgoing call, time of call, duration of call, and other various tidbits of metadata.
Now, some want to scream "HOLYSHIT, MASS DATA TRACKING!!" - Now compare this to the DEFAULT configuration within Apache or Nginx, which literally logs every single web site request to itself, along with IP address of requester, time of day, URL of request, etc...
And also, about physical location information. How the hell do you think the cell phone network works in the first place? Your wireless phone isn't some magical device that works EVERYWHERE. It is highly regionalized for communication. It has to connect to a base station somewhere close by (sometimes smaller than a quarter mile within a big city, upwards of 10-20 miles out in the open country). Each of these stations has a unique ID to them, too. Why is that needed? So the damn phone company knows how to route a call to you when you receive it!
Maybe Slashdot editors need to be reviewed by Consumer Reports for reliability...
Sure, for an extremely exaggerated definition of "grey" - Just checked SublimeText's default theme: the text color is #F8F8F2, so just a hint of a shade off of absolute pure white leaning to yellow. The background, however, is indeed a "dark grey", but very well contrasted, as it is #272822. The default font is also a nice bold font which is easy to read. The other text editors on your list also follow a very similar style to this too.
This type of system has already been defeated in the simplest way possible. There was a cracking group that had a DDoS system similar to what has been described for HTTP requests to a page which had a captcha. What they did was accept the captcha, and then forward it onto a porn web site they controlled. For users who want all them naughty bits, those users had to fill out the forwarded captcha! Then that information was sent back into the botnet to "validate" their requests to the intended target.
As long as there is porn online, there will be an easy way to kill captcha! WON'T SOMEONE THINK OF THE CHILDREN AND BLOCK ALL THE PR0NZ OMGZ!?!?
Information Technology and Computer Science need to be entirely split up. This within itself will virtually entirely solve the problem. The problem right now is that they're treated as one in the same, with the same requirements for entirely different jobs. The programs in school focus specifically on short algorithm design for things like tree searching or solving various mathematical principals. In the real world, however, the primary focus is on finding solutions to either business logic problems or finding new ways for users to interact with their devices and the environment around them. The CS side focuses primarily on the mathematics of computing, while IT focus more on the logical side of computing. Developing a great and simple API doesn't require much of a math background, but needs quite a bit of logical thinking. But again, as stated initially, the schools are only focusing on the mathematical side, which correlates to an extremely small part of the actual tech sector, with the logical side being the majority of the jobs in the workplace. Schools need to finally get their shit together and teach the industry, rather than teach what some particular program is more or less forced upon them by a very few companies that dont fully represent the industry.
Ya'see, I'm getting sick and tired of hearing this goddamn argument over and over again. "Just make it secure in the first place", like technical security is just a magical flip of a switch. "Oh, Yeah, I downloaded and installed the SECURE library into my app, things are PERFECT now!"
Security is an ever evolving moving target. What is deemed secure today may very well become insecure tomorrow. This is true of both software and non-software technical systems. This is true of both open and closed source software. This research that happened is EXACTLY what we need to ensure security, having people willing to disclose vulnerabilities to the general masses, because similar exploits may exist in other implementations. The alternative is selling exploits on the black market. Which would you honestly prefer?
From TFA: "Dormann said instead of hard-coding credentials or setting default usernames and passwords that many users will never change, hardware makers should require users to pick a strong password when setting up the device."
This advice is just plain wrong. It requires educating every single end user on security best practices. Lately I've seen a trend from ISPs for their router admin pages and wifi access points: they come pre-configured with a randomly generated password for each, which is then printed out on a sticker and stuck to the side of the device. Without physical access to the device, nobody would know the credentials for it. This keeps the burden of security within the realm of those who know what they are doing and making good decisions. The act of using a poor password would then end up on the end user, having to type in the secured password, and then change it to something less secure.