They've occasionally made a mistake over the years, but targets of mistakes respond by contacting Spamhaus directly or at most using lawsuits, not by launching massive DDOS attacks. And most of the lawsuits and whining in the press come from ISPs who deserve to be blacklisted.
The reason Spamhaus has a good reputation is that they're very careful, and very conservative, and don't go blacklisting people at random or because of petty vendettas or making themselves hard to contact, like SORBS used to. The original MAPS RBL occasionally escalated by blacklisting whole ISPs when they wouldn't address problem customers; the ISP I was using back in the mid-90s got listed by them briefly, but responded reasonably well considering that they'd been hit in the face with a 2x4, and both sides became more professional as a result.
I haven't looked at the DNS RBL market in a few years, but Spamhaus is the only one that I'd consider using to actually block traffic (plus some geo-location lists, since I really don't need to get email from Nigeria or Korea.) It's possible that there are some other RBLs today that are as good, but I didn't trust most of the others for anything other than SpamAssassin weighting or maybe greylisting.
The employees are there to make money and have fun. If a court orders their upstream providers to cut off internet access to the company, the company's customers stop paying them money. If the money goes away, the bosses stop paying the employees, the employees stop getting paid and having fun, and they'll leave. They're not an ideologically motivated terrorist army or a bunch of actual pirates who'll fight their way out with cutlasses and cannons, they're a bunch of regular dudes. You don't have to starve them out or send ninjas in after them.
Unfortunately, too many DNS configurations can be used for amplification, because the responses are larger than the queries, especially if you've got new and interesting record types like DNSSEC, and too many ISPs still ignore the Best Current Practices #38 recommendation on blocking spoofed traffic. RPF is your friend.
There's some mitigation out there because the bigger response record types don't always fit in a single UDP packet, so DNS servers may handle them over TCP (which is harder to forge), and many DNS providers limit who they'll accept requests from, but there's still a lot of sloppy DNS administration out there.
It's only self-sustaining for 10 years if they've stocked it for that long and don't care about making money, which militaries of nuclear powers generally don't. But their threat model is nuclear war and maybe blitzkrieg, not slow attacks; these things were built long after the Maginot line.
It's a business. The employees are there for money and fun. It's probably stocked with enough fuel for a couple weeks worth of power outages, and enough food, beer, and weed to get them through a long snowstorm. But they don't have that many upstream internet providers, and if those stop providing bandwidth, the money stops flowing, the bosses stop paying the employees, the employees stop having fun.
At that point, you don't need a SWAT team, you need a cop with a thermos full of coffee by the front entrance and maybe another by the secret back door. And since this is the Netherlands and not the US, the cops can put an extra lock on the employees' bikes with a note saying that they'll unlock them in return for some paperwork. Much easier than towing their cars away from the parking lot.
These bunkers are made to keep big fast explosions out, and protect the people inside from dangerous radiation outside (assuming they've brought enough food, and keep the equipment running even if external power fails. Sure, they may not be designed to protect against engineers with thermal lances cutting their way in slowly, but they're also not designed to protect the people inside from being stuck there if they do want to leave. If you cut off the employees' paychecks, they're not going to hang around forever, and they're not going to shoot their way out. A Dutch approach would be to have a cop sitting outside with a thermos of coffee and maybe a few packs of cigarettes, politely waiting for them to leave, though you could park a truck in front of the doors or weld them shut and wait for the employees to ask really nicely if you'd please let them out.
You don't need to bust your way in through the big macho doors, and you don't need a thermal lance to cut through them when you can just glue them shut or park a truck in front of the doors. If the upstream ISPs cut them off, they're not making any money, and if the bosses aren't paying the employees, the employees aren't going to stick around, and they're not going to shoot their way out.
It's just business. You don't need to bust your way in, you can wait for the employees to come out. If they're not getting paid, they're not going to stick around long, and if the company doesn't have the internet connection, all a bunker does is provide some macho flash and maybe keep their air conditioning costs low, which doesn't help much.
Dude, you don't start by physically attacking them, no matter how macho they're trying to appear. If they're causing problems for the rest of the Internet, you get their upstream ISPs to stop accepting traffic from them (or at minimum, to stop accepting spoofed traffic from them.) They probably have contractual terms that they're violating, in which case their upstreams should be willing to cut them off directly, or if not, you sue them and get a court to order them disconnected.
Furthermore, they're not located in the US, they're located in the Netherlands, which is a democracy. There are legal procedures and due process, and you're not allowed to physically attack them without getting them convicted first. If they're criminals, fine, they can deal with that, but it's likely that any "crimes" they've committed are at most torts or civil offenses, not violent crimes. (I was going to say "it's not like they're pirating Disney movies or something", but they probably are:-)
They're a business, not a terrorist group or armed militia. They're in it for the money. If the money's not there, they're just sitting in a bunker not having fun. The owners might be grumpy about it, but the employees aren't going to stick around if they're not getting paid.
You can only say it's "lucky to be alive" if you think it's alive. The standard theorem of AI is that when anything AI-ish gets developed, people say "Oh, that's not really Intelligence, that's just {Pattern Recognition / Expert System solving / Machine Vision / OCR/ etc.}" But if it is actually alive, then it's lucky somebody noticed so they know not to turn it off.
I didn't say that they're not a valid currency, nor that people should stop thinking about them. But they do have different characteristics than conventional commodity or government-fiat money. If you can give them to people in return for stuff you want, they're currency. They're not going to revolutionize the world economy and replace the greenback, but if you want to buy politically incorrect pharmaceuticals on line, they can quite easily replace Paypal.
You can't grow farm crops in California without having to talk about water usage. How do "energy beets" compare with corn? They can probably get by with less fertilizer (which is one of the things that make corn-based ethanol a ridiculous fuel source, because producing artificial fertilizers uses a lot of energy.)
And you can't talk about either water usage in California or corn farming in the Midwest without talking about Federal subsidies, because both are heavily subsidized agribusinesses that are heavily tied into politics.
Back in the early 90s I was working on a project that had a really large database (about 10,000 rows.) My coworkers were doing the user interface, and I was doing backend data interfaces. I spent a day learning enough SQL and Informix to do what we needed, but management didn't want to spring for $5K for an Informix software license, so I built the pieces I needed out of the standard Unix sort and join. It worked well enough, though it took an extra week or two because there are lots of slightly different versions of join out there (between v7, BSD, SystemV, SunOS, v8, maybe gnu by then, etc.) The alternative would have been to use dbm / Berkeley db stuff to get all the b-trees and such, but our data spent most of its time sorted in text files, so it was easier to build shell scripts and occasional awk to glue commands together rather than writing it in C.
Unlike gold or silver, bitcoins don't even have a vague amount of price stability that lets them be a store for value. They're purely transactional currency, designed to be hard enough to make that their value probably won't change very much very fast, but easy enough to make that the quantity can expand to support a growing market (at least for a while.) So they're useful for online drug deals, where the potential currency risk is a lot smaller than the profit from making convenient transactions possible, but they're not something that it makes sense to stash in your mattress as a hedge against inflation. Their value isn't backed by a useful commodity, like gold or oil, or by the ability of a government to tax its subjects, they're just backed by the fact that they're designed to be useful for some kinds of transactions that might not happen otherwise, and by the existence of exchanges where you can trade the things for cash at today's price, which is random but usually somewhat close to yesterday's.
I was in college before CDs came out, so the audiophile types had vinyl, fancy-for-the-time turntables, high-quality cartridges and needles, etc. One of my housemates liked classical music, and said that once he had a medium-quality stereo system, it didn't make sense to spend more money upgrading the audio quality - it was a lot more important to get records from better orchestras with better conductors. His system was good enough that he could pretty much hear what they were playing, and if you were listening to Beethoven you wanted the Berlin Philharmonic, not the 101 Strings, and you probably had opinions about whether you wanted Furtwangler or von Karajan conducting, and getting rid of that next-to-last bit of distortion wasn't going to fix a lousy recording.
I mostly listen to music in my car. A decent MP3 is close enough to CD quality when played over road noise, and it doesn't skip when you go over bumps.
Theoretically, if you're car-camping, a dutch oven can be really useful, because it gives you a way to bake stuff over a fire, and can almost double as a frying pan. I don't go camping much, bread's a lot lighter than iron, and I can do pancakes just as well. And there are some meat dishes for which a dutch oven can be more useful than cast-iron frying pan, because you can brown the meat and then stew it in the same pot, but I don't eat meat. Otherwise, they're just a big cast-iron pot, and a lot less versatile than my non-stick spaghetti pot.
I do still have a couple of slow-cooker crockpots leftover from the 70s, but they're also specialized limited-use gadgets. They're good for bringing hot dishes to potluck dinners, which is the main reason we still have them, but meat stew is about the only thing I've found that benefits from cooking unattended all day when you're at work, and we probably only bothered doing that once or twice back when I ate meat. Basically, they're a lot more trouble to clean than a big pot, and if I have something that needs to cook for a long time (like various beans), I can cook it in the evening or on a day I'm working from home.
What's been really useful is a steamer pot. Most veggies work really well steamed, especially things like broccoli or zucchini. I've got the type that's a pot with holes in the bottom that stacks on top of a regular cooking pot. You can also use those fold-out insert things, but they always fall apart or tip over and scratch non-stick pans, and some people use rice cookers for steaming, though I've always found rice so easy to cook that I've never bothered getting one.
Laurel's Kitchen was pretty much the canonical vegetarian reference cookbook in the 80s - as with Joy of Cooking, it has recipes, but it also has a lot about ingredients and technique, and a lot of data about nutrition, cooking times, how much water to use for different grains, suggestions about what different foods go together to make interesting meals, etc.
Tassajara Cooking is much less about recipes and more about cooking and experiencing food - what kinds of ingredients are there, how do they taste and feel like, how do different cooking techniques affect taste and texture, how do you decide what things go together. It's not a collection of manual pages, it's a book about learning to hack food. It's especially useful if you're cooking for one or two people, because you're not usually going to bother with fancy recipes.
Meat eaters have a choice of good cookbooks that talk about techniques and complexities for dealing with meat, and all that Maillard reaction stuff about what happens to proteins and fats and blood vessels as you change temperature and timing. Most of those cookbooks don't spend much time on vegetables, except saying "here's some stuff to put next to the meat", or "here's something you can crunch on while you're waiting for the meat to cook", or "different veggies for different kinds of meat." Ok, the section on "dessert" is useful, and some of them do ok with bread.
Moosewood Cookbook was the vegetarian cookbook I started with (besides Joy of Cooking, of course), because they had been the local hippie vegetarian restaurant where I had gone to college, the recipes were reasonably accessible, it had big hand-drawn print and pictures, and it also had a lot of good discussion of how to combine different kinds of dishes to make good friendly meals. It was fun, and valuable, but isn't something I've gone back to much after the first year or so.
The last food-related book I bought was named something like Asian Vegetables, because now that I live in California there are all these things in the markets that I had no clue what they are or how to use many of them, and this had a page or two each about a lot of different ingredients.
Some nations are out for international supremacy. But some just have crazy people in charge who need to keep the level of crazy pumped up as a way of keeping their subjects in line. Fortunately, it's only exceptionally crazy countries like Best Korea that have that problem, and it would never happen here in the US.
Every time you try to operate one of these weird black controls, which are labeled in black on a black background, a small black light lights up black to let you know you've done it.
As you say, the politics there are.... interesting. There seem to be a lot of laws giving Muslims preference over Christians (which might make it unsafe for me to talk about my religious values, though it beats Saudi Arabia.) They've got the anti-drug fanaticism like their neighbors in Singapore (though probably not as bad as Dubai.) They periodically talk about censoring the whole Internet, with the excuse that it's about pornography but the reality that it's about criticisms of their politicians.
The Malaysian food I've had here in California has been great. They like their hot peppers and other spices. I don't care for hot humid weather (I had cousins who lived in Singapore and thought it was worse than US midwestern summers.)
Is it some US government agency asking you to spy for them? Or is it the local police counter-espionage people trying to entrap you as a spy by pretending to be Americans? Both of those have happened. (And the US government does that to immigrants and other potential suckers in the US, which has led to a number of recent "Idiot convicted of terrorism for planting bomb with fake explosive he got from FBI informant" news stories.)
RC4 provides reasonably good security as long as you don't use it for things it wasn't meant for. (Rule#1 of RC4 club is "Never encrypt the same stuff twice".) Bernstein's attack is interesting, because he's using TLS/SSL to push RC4 to do things it wasn't meant to do.
Sure, Dianne Feinstein's no friend of the 2nd Amendment (in spite of believing that politicians should be able to get gun permits), but to be fair and balanced about it, she's no friend of the First or Fourth Amendments either, and is a big fan of the drug war.
Slashdot Mirror
They've occasionally made a mistake over the years, but targets of mistakes respond by contacting Spamhaus directly or at most using lawsuits, not by launching massive DDOS attacks. And most of the lawsuits and whining in the press come from ISPs who deserve to be blacklisted.
The reason Spamhaus has a good reputation is that they're very careful, and very conservative, and don't go blacklisting people at random or because of petty vendettas or making themselves hard to contact, like SORBS used to. The original MAPS RBL occasionally escalated by blacklisting whole ISPs when they wouldn't address problem customers; the ISP I was using back in the mid-90s got listed by them briefly, but responded reasonably well considering that they'd been hit in the face with a 2x4, and both sides became more professional as a result.
I haven't looked at the DNS RBL market in a few years, but Spamhaus is the only one that I'd consider using to actually block traffic (plus some geo-location lists, since I really don't need to get email from Nigeria or Korea.) It's possible that there are some other RBLs today that are as good, but I didn't trust most of the others for anything other than SpamAssassin weighting or maybe greylisting.
The employees are there to make money and have fun. If a court orders their upstream providers to cut off internet access to the company, the company's customers stop paying them money. If the money goes away, the bosses stop paying the employees, the employees stop getting paid and having fun, and they'll leave. They're not an ideologically motivated terrorist army or a bunch of actual pirates who'll fight their way out with cutlasses and cannons, they're a bunch of regular dudes. You don't have to starve them out or send ninjas in after them.
I hadn't known that there'd been a previous Cyberbunker company.
Unfortunately, too many DNS configurations can be used for amplification, because the responses are larger than the queries, especially if you've got new and interesting record types like DNSSEC, and too many ISPs still ignore the Best Current Practices #38 recommendation on blocking spoofed traffic. RPF is your friend.
There's some mitigation out there because the bigger response record types don't always fit in a single UDP packet, so DNS servers may handle them over TCP (which is harder to forge), and many DNS providers limit who they'll accept requests from, but there's still a lot of sloppy DNS administration out there.
It's only self-sustaining for 10 years if they've stocked it for that long and don't care about making money, which militaries of nuclear powers generally don't. But their threat model is nuclear war and maybe blitzkrieg, not slow attacks; these things were built long after the Maginot line.
It's a business. The employees are there for money and fun. It's probably stocked with enough fuel for a couple weeks worth of power outages, and enough food, beer, and weed to get them through a long snowstorm. But they don't have that many upstream internet providers, and if those stop providing bandwidth, the money stops flowing, the bosses stop paying the employees, the employees stop having fun.
At that point, you don't need a SWAT team, you need a cop with a thermos full of coffee by the front entrance and maybe another by the secret back door. And since this is the Netherlands and not the US, the cops can put an extra lock on the employees' bikes with a note saying that they'll unlock them in return for some paperwork. Much easier than towing their cars away from the parking lot.
These bunkers are made to keep big fast explosions out, and protect the people inside from dangerous radiation outside (assuming they've brought enough food, and keep the equipment running even if external power fails. Sure, they may not be designed to protect against engineers with thermal lances cutting their way in slowly, but they're also not designed to protect the people inside from being stuck there if they do want to leave. If you cut off the employees' paychecks, they're not going to hang around forever, and they're not going to shoot their way out. A Dutch approach would be to have a cop sitting outside with a thermos of coffee and maybe a few packs of cigarettes, politely waiting for them to leave, though you could park a truck in front of the doors or weld them shut and wait for the employees to ask really nicely if you'd please let them out.
You don't need to bust your way in through the big macho doors, and you don't need a thermal lance to cut through them when you can just glue them shut or park a truck in front of the doors. If the upstream ISPs cut them off, they're not making any money, and if the bosses aren't paying the employees, the employees aren't going to stick around, and they're not going to shoot their way out.
It's just business. You don't need to bust your way in, you can wait for the employees to come out. If they're not getting paid, they're not going to stick around long, and if the company doesn't have the internet connection, all a bunker does is provide some macho flash and maybe keep their air conditioning costs low, which doesn't help much.
Dude, you don't start by physically attacking them, no matter how macho they're trying to appear. If they're causing problems for the rest of the Internet, you get their upstream ISPs to stop accepting traffic from them (or at minimum, to stop accepting spoofed traffic from them.) They probably have contractual terms that they're violating, in which case their upstreams should be willing to cut them off directly, or if not, you sue them and get a court to order them disconnected.
Furthermore, they're not located in the US, they're located in the Netherlands, which is a democracy. There are legal procedures and due process, and you're not allowed to physically attack them without getting them convicted first. If they're criminals, fine, they can deal with that, but it's likely that any "crimes" they've committed are at most torts or civil offenses, not violent crimes. (I was going to say "it's not like they're pirating Disney movies or something", but they probably are :-)
They're a business, not a terrorist group or armed militia. They're in it for the money. If the money's not there, they're just sitting in a bunker not having fun. The owners might be grumpy about it, but the employees aren't going to stick around if they're not getting paid.
You can only say it's "lucky to be alive" if you think it's alive. The standard theorem of AI is that when anything AI-ish gets developed, people say "Oh, that's not really Intelligence, that's just {Pattern Recognition / Expert System solving / Machine Vision / OCR/ etc.}" But if it is actually alive, then it's lucky somebody noticed so they know not to turn it off.
I didn't say that they're not a valid currency, nor that people should stop thinking about them. But they do have different characteristics than conventional commodity or government-fiat money. If you can give them to people in return for stuff you want, they're currency. They're not going to revolutionize the world economy and replace the greenback, but if you want to buy politically incorrect pharmaceuticals on line, they can quite easily replace Paypal.
You can't grow farm crops in California without having to talk about water usage. How do "energy beets" compare with corn? They can probably get by with less fertilizer (which is one of the things that make corn-based ethanol a ridiculous fuel source, because producing artificial fertilizers uses a lot of energy.)
And you can't talk about either water usage in California or corn farming in the Midwest without talking about Federal subsidies, because both are heavily subsidized agribusinesses that are heavily tied into politics.
Back in the early 90s I was working on a project that had a really large database (about 10,000 rows.) My coworkers were doing the user interface, and I was doing backend data interfaces. I spent a day learning enough SQL and Informix to do what we needed, but management didn't want to spring for $5K for an Informix software license, so I built the pieces I needed out of the standard Unix sort and join. It worked well enough, though it took an extra week or two because there are lots of slightly different versions of join out there (between v7, BSD, SystemV, SunOS, v8, maybe gnu by then, etc.) The alternative would have been to use dbm / Berkeley db stuff to get all the b-trees and such, but our data spent most of its time sorted in text files, so it was easier to build shell scripts and occasional awk to glue commands together rather than writing it in C.
Unlike gold or silver, bitcoins don't even have a vague amount of price stability that lets them be a store for value. They're purely transactional currency, designed to be hard enough to make that their value probably won't change very much very fast, but easy enough to make that the quantity can expand to support a growing market (at least for a while.) So they're useful for online drug deals, where the potential currency risk is a lot smaller than the profit from making convenient transactions possible, but they're not something that it makes sense to stash in your mattress as a hedge against inflation. Their value isn't backed by a useful commodity, like gold or oil, or by the ability of a government to tax its subjects, they're just backed by the fact that they're designed to be useful for some kinds of transactions that might not happen otherwise, and by the existence of exchanges where you can trade the things for cash at today's price, which is random but usually somewhat close to yesterday's.
I was in college before CDs came out, so the audiophile types had vinyl, fancy-for-the-time turntables, high-quality cartridges and needles, etc. One of my housemates liked classical music, and said that once he had a medium-quality stereo system, it didn't make sense to spend more money upgrading the audio quality - it was a lot more important to get records from better orchestras with better conductors. His system was good enough that he could pretty much hear what they were playing, and if you were listening to Beethoven you wanted the Berlin Philharmonic, not the 101 Strings, and you probably had opinions about whether you wanted Furtwangler or von Karajan conducting, and getting rid of that next-to-last bit of distortion wasn't going to fix a lousy recording.
I mostly listen to music in my car. A decent MP3 is close enough to CD quality when played over road noise, and it doesn't skip when you go over bumps.
Theoretically, if you're car-camping, a dutch oven can be really useful, because it gives you a way to bake stuff over a fire, and can almost double as a frying pan. I don't go camping much, bread's a lot lighter than iron, and I can do pancakes just as well. And there are some meat dishes for which a dutch oven can be more useful than cast-iron frying pan, because you can brown the meat and then stew it in the same pot, but I don't eat meat. Otherwise, they're just a big cast-iron pot, and a lot less versatile than my non-stick spaghetti pot.
I do still have a couple of slow-cooker crockpots leftover from the 70s, but they're also specialized limited-use gadgets. They're good for bringing hot dishes to potluck dinners, which is the main reason we still have them, but meat stew is about the only thing I've found that benefits from cooking unattended all day when you're at work, and we probably only bothered doing that once or twice back when I ate meat. Basically, they're a lot more trouble to clean than a big pot, and if I have something that needs to cook for a long time (like various beans), I can cook it in the evening or on a day I'm working from home.
What's been really useful is a steamer pot. Most veggies work really well steamed, especially things like broccoli or zucchini. I've got the type that's a pot with holes in the bottom that stacks on top of a regular cooking pot. You can also use those fold-out insert things, but they always fall apart or tip over and scratch non-stick pans, and some people use rice cookers for steaming, though I've always found rice so easy to cook that I've never bothered getting one.
Laurel's Kitchen was pretty much the canonical vegetarian reference cookbook in the 80s - as with Joy of Cooking, it has recipes, but it also has a lot about ingredients and technique, and a lot of data about nutrition, cooking times, how much water to use for different grains, suggestions about what different foods go together to make interesting meals, etc.
Tassajara Cooking is much less about recipes and more about cooking and experiencing food - what kinds of ingredients are there, how do they taste and feel like, how do different cooking techniques affect taste and texture, how do you decide what things go together. It's not a collection of manual pages, it's a book about learning to hack food. It's especially useful if you're cooking for one or two people, because you're not usually going to bother with fancy recipes.
Meat eaters have a choice of good cookbooks that talk about techniques and complexities for dealing with meat, and all that Maillard reaction stuff about what happens to proteins and fats and blood vessels as you change temperature and timing. Most of those cookbooks don't spend much time on vegetables, except saying "here's some stuff to put next to the meat", or "here's something you can crunch on while you're waiting for the meat to cook", or "different veggies for different kinds of meat." Ok, the section on "dessert" is useful, and some of them do ok with bread.
Moosewood Cookbook was the vegetarian cookbook I started with (besides Joy of Cooking, of course), because they had been the local hippie vegetarian restaurant where I had gone to college, the recipes were reasonably accessible, it had big hand-drawn print and pictures, and it also had a lot of good discussion of how to combine different kinds of dishes to make good friendly meals. It was fun, and valuable, but isn't something I've gone back to much after the first year or so.
The last food-related book I bought was named something like Asian Vegetables, because now that I live in California there are all these things in the markets that I had no clue what they are or how to use many of them, and this had a page or two each about a lot of different ingredients.
Some nations are out for international supremacy. But some just have crazy people in charge who need to keep the level of crazy pumped up as a way of keeping their subjects in line. Fortunately, it's only exceptionally crazy countries like Best Korea that have that problem, and it would never happen here in the US.
BBC article says it's malware, not DDOS as originally speculated.
Even so, there was chaos, anarchy, dogs and cats living together, people having to pay cash at Starbucks...
Every time you try to operate one of these weird black controls, which are labeled in black on a black background, a small black light lights up black to let you know you've done it.
As you say, the politics there are .... interesting. There seem to be a lot of laws giving Muslims preference over Christians (which might make it unsafe for me to talk about my religious values, though it beats Saudi Arabia.) They've got the anti-drug fanaticism like their neighbors in Singapore (though probably not as bad as Dubai.) They periodically talk about censoring the whole Internet, with the excuse that it's about pornography but the reality that it's about criticisms of their politicians.
The Malaysian food I've had here in California has been great. They like their hot peppers and other spices. I don't care for hot humid weather (I had cousins who lived in Singapore and thought it was worse than US midwestern summers.)
DNS can use udp/53, but it also supports tcp/53 (and even requires it for longer query types.) You'll want to block both just to be sure.
Is it some US government agency asking you to spy for them? Or is it the local police counter-espionage people trying to entrap you as a spy by pretending to be Americans? Both of those have happened. (And the US government does that to immigrants and other potential suckers in the US, which has led to a number of recent "Idiot convicted of terrorism for planting bomb with fake explosive he got from FBI informant" news stories.)
RC4 provides reasonably good security as long as you don't use it for things it wasn't meant for. (Rule#1 of RC4 club is "Never encrypt the same stuff twice".) Bernstein's attack is interesting, because he's using TLS/SSL to push RC4 to do things it wasn't meant to do.
Sure, Dianne Feinstein's no friend of the 2nd Amendment (in spite of believing that politicians should be able to get gun permits), but to be fair and balanced about it, she's no friend of the First or Fourth Amendments either, and is a big fan of the drug war.