the fisc is for supervising fisa, as feinstein notes. the report detailed violations under eo12333. feinstein also notes the need to step up oversight of eo12333 by the intel committees, *not* the fisc court
' President Obama said in June, 'We also have federal judges that we've put in place who are not subject to political pressure. They've got lifetime tenure as federal judges, and they're empowered to look over our shoulder at the executive branch to make sure that these programs aren't being abused.'
Tell me please, who is it that is misleading here?
We don't have any evidence (yet) of malicious intent
How often do you think abuse is required to maintain the status quo of those in power? Hardly ever, and when it does happen it won't leave much of a paper trail, if any.
Here's something for NSA employees to think about. The Snowden leaks have made that entire org collectively shit its pants in fear. So who do you think that vast spying apparatus is now being turned on? I bet every single NSA employee that has clearance to so much as make a cup of coffee is having their data gone over with a fine tooth comb. They now have to deal with the fact that every move they make, every hotel they check in to, every email they send or phone conversation they have, every purchase of groceries with their credit card is going to be looked at by an analyst. Is this guy going to leak? Is he a Snowden sympathiser? How can we find leakers before they get away? That's going to be the big questions on their mind. And god forbid an NSA employee starts up Tor, sends something using PGP or books a flight to Hong Kong.
They know that there are limits to how tight they can make internal security. So monitoring their own staff as closely as they do terrorists is the logical next step. Perhaps they were already doing so. Snowden was pretty damn paranoid so it obviously wasn't out of the question even before what he did.
If you're a part of the US national security apparatus, you can pretty much kiss your personal privacy goodbye right now.
While I agree that this *should* be the situation, the sloppiness exposed by both Snowden and these audits indicates that after initial screening based on protocol, most employees are trusted to do the right thing. It's all about the initial screening. They don't even appear to have processes in place to properly track events that don't follow expected protocol (although they track everything done following protocol pretty well, from what the audits show, including the stuff that attempts to follow it but fails). I hope I'm wrong.
It isn't like they were digging up dirt on political candidates in order to sway elections or blackmailing the leaders of the Occupy movement to make them back off.
no but we DO know that the IRS was abusing political opponants, damn near everything that we have been told has been a lie since obama took office (and before he did to be clear) I dont know how you or anyone can still say things like "well we dont know...." we know enough to know they lied, about ALOT. I feel that we have only just begun to find the truth in this administration.
Well, now we know what Obama meant by transparency.... I definitely feel a lot more informed about what's going on during his term than I did before....
But I think it is relevant whether the unlawful searches were deliberate or not. It indicates whether the problem is just one of training and tightening procedures or one of criminal intent. If these illegal searches were done deliberately there should be some accountability (even though there won't be).
The point that these revelations demonstrate is that procedures can always be erroneously implemented or circumvented. This means that you need to consider willful circumvention of procedure when deciding whether a program violates people's rights. It means that "we would never actually look at any of that data without court approval," is exactly as much bullshit as it sounds. My privacy is invaded when to government collects their metadata or content or whatever they're recording; whether a human ever looks at that data is immaterial.
This is especially the case when the government is farming out the handling of said recorded data to private third parties. Even if somehow "the government" can promise they'd never look at the data, they're not the only ones handling it. This data needs HIPAA-level controls, and currently doesn't have them.
Jobs was not the product designer, hello. He got real designers to design the producuts, you make it sound like he designed them himself.
I didn't read it that way... Jobs got others to design things... and then he either accepted and praised the design if he thought it fit into the puzzle, or he told the designer it was crap and he'd better do better, and better do it now.
He was more of a metadesigner; he designed how products and image fit together, not how the little things actually worked. Getting image and product to line up is no simple feat -- he achieved it by stepping on the necks of extremely talented people.
The peripheral issues of nuclear weapons possession (e.g. radioactive materials and chemical explosives) run afoul of the state's police power to protect public health and safety.
...but why does encryption fall under the same classification? Does not being able to snoop into people's private lives really adversely affect public health and safety? If it does, the argument could be applied to pretty much anything that hinders law enforcement getting what they want.
As we're talking about the perversion of language, a topic dear to Orwell, let me say I believe everyone should insist that the term 'Authority' be used only in cases where the supposed authority has aetiologically created the domain of said 'authority', in substantial portion or entirety.
Try replacing the word Authority with Author, see how it fits or does not fit. In too many cases Authority is used in a sense of pecking order, which is a corruption. By doing this we are assisting the perverse alteration of thought through language of which Orwell warned.
If we insist that an Authority is only someone that is also an Author we will remove the subconscious attribution we give to people who are merely higher in pecking order. They wish us to think they had made or created their domain of power and hence are properly its source, a relationship so often unjustified.
Of course, it could easily be postulated that the authority referenced is in regards to the fate of the individual -- where anyone higher in the pecking order is indeed an author of your fate. Perverted, yes... but then, that's how language grows.
Though, to be honest, I've rarely ever installed additional RAM in any PC I had - given its cost, it's usually cheaper to buy the max up front than in a few years when memory standards change and it's difficult to buy it cheaply (e.g., DDR or DDR2) - especially the larger modules - they either simply stop existing or are still wildly expensive years later.
I've never bought a Mac with RAM fixed to the logic board; and with pretty much every Mac I've ever bought, I've bought it with the minimum RAM configuration and then gone third party to top it up either immediately or within 2 years -- usually saving a few hundred dollars. The one thing Apple IS known for is overcharging for RAM. They've always done this, even back in the SIMM days. They argue that it's because they have higher standards, and thus you're only getting the best RAM from them. I've NEVER had a problem with using properly sourced cheaper RAM with a Mac.
I hope Manning hasn't suffered so much abuse that he actually believes he was wrong and that the "proper authority" is unquestionably correct.
He said this during his sentencing hearing, where "shows remorse" is one of the tick boxes on the form. The statement was written by his attorney, and then memorized and recited by Manning. There is no reason to believe it reflects his true beliefs.
Actually, it probably does reflect his true beliefs -- the wording is very lawyer-massaged.
"I'm apologizing for the unintended consequences of my actions. I believed I was going to help people, not hurt people." -- He's sorry for any consequences he didn't intend, especially where it hurt US citizens. I can believe that.
"I look back at my decisions and wonder, 'How on earth could I, a junior analyst, possibly believe I could change the world for the better over the decisions of those with the proper authority?'" -- Translation: "How on earth did I believe that just by releasing that info, I could overturn the decisions of those with the proper authority?" What he's saying here is not that proper authority was better suited to handling the information, but that he has been disillusioned that his course of action would cause them to change their ways. I can believe that too.
This can be done for every bit of his statement. Sure, it can be interpreted as "he has remorse for what he did and is a better, more educated and mature person now who sees the error of his ways" and the checkbox on his sentencing can be ticked. However, the wording is very precise in what it doesn't say. As such, his statement can also be summed up as "I did what I did, thought I could fix the system, and discovered that my chosen method wasn't successful. If I had the opportunity to do it again, I'd do it differently."
You guys are referring to the first camera episode done 6 years ago, which didn't include the nophoto jammer, and had multiple other issues (like the horrible attempt at a chaff jammer). They revisited the camera recently and tested the newer products. The manufacturer of the camera then explained why the nojammer doesn't work (their cameras don't just use IR for focus and speed sensing).
The problem, as I understand it, is that the nojammer, while obfuscating from the CCD in the IR range, provides an easily trackable token for the cameras (large IR glare from plate surface) which actually makes tracking and focus EASIER. The camera is then able to filter out IR when processing the actual plate image. This wouldn't work on a consumer camera (which wouldn't be able to focus on the plate, nor do the CCD analysis software packages include the right filters), which is why these devices can be believably sold (because anyone using a regular camera will see the washout effect).
To really work, the IR camera jammer has to target the CCD itself (probably via high-powered IR laser). It might even be possible to use a polarized filter in tandem with a weaker IR source to first limit the light to a specific polarity, and then flood that polarity with IR. But anything using unpolarized IR in a reflective way is going to be hit-and-miss at best.
But this brings up an interesting point: encryption tech is still (although not as much as it used to be) treated as munitions by the US government. As such, does the right to properly encrypted data fall under the right to bear arms?
Anything that is too dangerous doesn't fall under the 2nd amendment. The obvious example is, you can't own nuclear weapons. I don't understand why this is the case, but it's how the 2nd amendment is interpreted.
Which raises yet another question... why does "the land of the free" consider information obfuscation "too dangerous" at the same level as possessing a nuclear warhead?
And if you think it doesn't, check the paperwork you require to export a cellphone SIM card vs the paperwork you need to export enriched uranium -- it's the same paperwork.
You really shouldn't use pseudo-science performed by special effects artists as a reference.
Why not? Unlike the badly done yawn experiment, the license plate experiment was done by testing license plate cameras with a wide range of products, including the one the parent mentioned. The camera had no problem capturing the plate (much to my surprise, for that's the one product I thought would work).
Any time the result can be proven in such a manner, where the products are tested plus the claims on why the products are supposed to work are debunked, I'd trust the results. Whenever they start "testing" with too many variables, the bad science is pretty obvious, and using it as a reference is just silly.
If Mythbusters was known to fake results, that'd be one thing... as it is, they just often have faulty tests (and then get plenty of feedback on what they did wrong). That's the scientific method at work -- you just have to supply your own critical thinking.
...the MythBusters determined that the only way to fight speed cameras was with speed itself — and lots of it. Speed camera sensors can generally detect cars traveling up to 200 miles per hour.
So, in theory, you can crank up a hot rod capable of speeds greater than 200 mph and beat the camera. Well, until you're nabbed for reckless driving and excessive speeding, that is.
Exactly. The right to bear arms didn't do Edward Snowden or Bradley Manning a fat lot of good either.
Manning gave up that right when he enlisted. He traded it for the responsibility to bear arms.
But this brings up an interesting point: encryption tech is still (although not as much as it used to be) treated as munitions by the US government. As such, does the right to properly encrypted data fall under the right to bear arms? Or is the US interpreting the constitution these days to say you can bear as many arms as you want, but munitions are off-limits?
So, can someone clarify for me exactly what the implications of this are? Is this a lowering of the relevant exponent in the exponentially hard problem, meaning you should multiply your key sizes by some factor that perhaps the paper somehow could provide, or is it a constant factor meaning you should extend your keys by a fixed amount?
Either way, this is important news. I expect the details depend on the nature of the data in question, so there aren't easy answers. Its things like this that are the reasons we use key sizes that are significantly larger than could be practically cracked today.
This might be news in mathematical circles, but this has been a known issue in cryptoanalysis circles for years. It's even the basis for the smart card attacks performed by a German group in the mid-90's. Shannon entropy theory is fine for its limited domain, but as soon as you start dealing with encryption-during-transit of values known to the attacker (plus timings and order of sequence), a LOT more has to be done to ensure high entropy of the metainformation too, and Shannon entropy doesn't account for that.
So in properly defined encryption systems, this isn't much of an issue. The problem arises when people shout "we use AES-256" or "we use SSL/TLS 2.0" (which have fine Shannon entropy) and yet handle that encrypted data in a way that exposes it to pattern analysis attack, whether encrypted or not.
Note that this is a separate issue from that of choosing a secure encryption key/keylength in the first place. It has more to do with how you're wrapping the unencrypted data and how random separate unencrypted data sets using the same key are.
The way I've always thought of it is: if the entropy source is truly random, then any meaningful data injected into it will impart a pattern into the randomness. This can be used to identify the data based on patterns discovered in the supposedly random data. Conversely, if the entropy source isn't truly random, it is possible to discover its pattern, extract that from the equation, and what you are left with is the data.
You still have to deal with the secret key in either case, but this makes building that key exponentially easier, given a known cleartext source and a collection of cleartext encrypted samples. The more encrypted samples of the known cleartext you've got, the simpler the decryption becomes.
.. that the ad immediately to the right of this was for BIG DATA & ANALYTICS services for IBM? Apropos ad placement humor.
Even better, my quote at the bottom: "We can found no scientific discipline, nor a healthy profession on the technical mistakes of the Department of Defense and IBM. -- Edsger Dijkstra"
Megacorp: Somebody set up us the big data. POTUS: Main screen turn on. China: All your dbase are belong to us. China: You have no chance to survive make your social network. NSA: 1;DROP TABLE users NSA: For great justice.
I can hit: ChoicePoint, Credit Bureaus, various database services that aggregate all that data and then some - like court records, insurance claims - and then there's Google.
And if I can't find anything or very little, then I think you're an illegal alien - with all the legal trappings with that.
So folks, unless employment laws get less restricting (ADA, EEOC, etc..) and Immigration laws get reformed, you're just fucked because corporate America is spying on you and you agreed to it when: you got that credit card, that loan, that student loan, and when you applied for that job. Yep, it's circular, baby! Apply for a job makes you vulnerable!
This only applies in the US of A.
Oh! Let's not get into the horseshit of FaceBook or LinkedIN!
Outside of the US of A, corporate America is spying on you and doesn't have to require you to agree to it. The same goes for the US government. *
* actually, they DO have to require you to agree to it in many countries, but they don't -- just see the spat between Facebook and the Canadian Privacy Commissioner for a simple example. At least the EU is going after Google to some degree.
Slashdot Mirror
the fisc is for supervising fisa, as feinstein notes. the report detailed violations under eo12333. feinstein also notes the need to step up oversight of eo12333 by the intel committees, *not* the fisc court
' President Obama said in June, 'We also have federal judges that we've put in place who are not subject to political pressure. They've got lifetime tenure as federal judges, and they're empowered to look over our shoulder at the executive branch to make sure that these programs aren't being abused.'
Tell me please, who is it that is misleading here?
OOPS Wrong tab wrong article! Too many slashdot tabs open..Got to keep it to under 50.
...and here I thought you were trying to say something deep about the two articles....
Is the US constitution being represented by the meteor?
How often do you think abuse is required to maintain the status quo of those in power? Hardly ever, and when it does happen it won't leave much of a paper trail, if any.
Here's something for NSA employees to think about. The Snowden leaks have made that entire org collectively shit its pants in fear. So who do you think that vast spying apparatus is now being turned on? I bet every single NSA employee that has clearance to so much as make a cup of coffee is having their data gone over with a fine tooth comb. They now have to deal with the fact that every move they make, every hotel they check in to, every email they send or phone conversation they have, every purchase of groceries with their credit card is going to be looked at by an analyst. Is this guy going to leak? Is he a Snowden sympathiser? How can we find leakers before they get away? That's going to be the big questions on their mind. And god forbid an NSA employee starts up Tor, sends something using PGP or books a flight to Hong Kong.
They know that there are limits to how tight they can make internal security. So monitoring their own staff as closely as they do terrorists is the logical next step. Perhaps they were already doing so. Snowden was pretty damn paranoid so it obviously wasn't out of the question even before what he did.
If you're a part of the US national security apparatus, you can pretty much kiss your personal privacy goodbye right now.
While I agree that this *should* be the situation, the sloppiness exposed by both Snowden and these audits indicates that after initial screening based on protocol, most employees are trusted to do the right thing. It's all about the initial screening. They don't even appear to have processes in place to properly track events that don't follow expected protocol (although they track everything done following protocol pretty well, from what the audits show, including the stuff that attempts to follow it but fails). I hope I'm wrong.
It isn't like they were digging up dirt on political candidates in order to sway elections or blackmailing the leaders of the Occupy movement to make them back off.
no but we DO know that the IRS was abusing political opponants, damn near everything that we have been told has been a lie since obama took office (and before he did to be clear) I dont know how you or anyone can still say things like "well we dont know...." we know enough to know they lied, about ALOT. I feel that we have only just begun to find the truth in this administration.
Well, now we know what Obama meant by transparency.... I definitely feel a lot more informed about what's going on during his term than I did before....
But I think it is relevant whether the unlawful searches were deliberate or not. It indicates whether the problem is just one of training and tightening procedures or one of criminal intent. If these illegal searches were done deliberately there should be some accountability (even though there won't be).
The point that these revelations demonstrate is that procedures can always be erroneously implemented or circumvented. This means that you need to consider willful circumvention of procedure when deciding whether a program violates people's rights. It means that "we would never actually look at any of that data without court approval," is exactly as much bullshit as it sounds. My privacy is invaded when to government collects their metadata or content or whatever they're recording; whether a human ever looks at that data is immaterial.
This is especially the case when the government is farming out the handling of said recorded data to private third parties. Even if somehow "the government" can promise they'd never look at the data, they're not the only ones handling it. This data needs HIPAA-level controls, and currently doesn't have them.
What party were those presidents from?
Oh yeah, that 'less government' party that keeps giving us more government.
Don't listen to what politicians say to you, look at what they actually do. Democrats spend too much money and Republicans spend even more.
I thought both of those groups generally partied together? They might have arrived in different limousines, but they're at the same party.
"no abuse and plenty of oversight"
"the check is in the mail"
I'll respect you in the morning"
Need I go on ??? After all, they ARE from the Government, and here to help. . . .
I don't think I've ever had anyone from the government attempt that third one on me....
Jobs was not the product designer, hello. He got real designers to design the producuts, you make it sound like he designed them himself.
I didn't read it that way... Jobs got others to design things... and then he either accepted and praised the design if he thought it fit into the puzzle, or he told the designer it was crap and he'd better do better, and better do it now.
He was more of a metadesigner; he designed how products and image fit together, not how the little things actually worked. Getting image and product to line up is no simple feat -- he achieved it by stepping on the necks of extremely talented people.
The peripheral issues of nuclear weapons possession (e.g. radioactive materials and chemical explosives) run afoul of the state's police power to protect public health and safety.
...but why does encryption fall under the same classification? Does not being able to snoop into people's private lives really adversely affect public health and safety? If it does, the argument could be applied to pretty much anything that hinders law enforcement getting what they want.
As we're talking about the perversion of language, a topic dear to Orwell, let me say I believe everyone should insist that the term 'Authority' be used only in cases where the supposed authority has aetiologically created the domain of said 'authority', in substantial portion or entirety.
Try replacing the word Authority with Author, see how it fits or does not fit. In too many cases Authority is used in a sense of pecking order, which is a corruption. By doing this we are assisting the perverse alteration of thought through language of which Orwell warned.
If we insist that an Authority is only someone that is also an Author we will remove the subconscious attribution we give to people who are merely higher in pecking order. They wish us to think they had made or created their domain of power and hence are properly its source, a relationship so often unjustified.
Of course, it could easily be postulated that the authority referenced is in regards to the fate of the individual -- where anyone higher in the pecking order is indeed an author of your fate. Perverted, yes... but then, that's how language grows.
So the question is... who is being called racist?
How about they put that casino loophole to good use and pay for their own goddamned infractructure.
And no, before anybody starts, they weren't 'always here'.
Casino investment is what Nova's been using prior funds for. I see this datacentre as a positive change.
As in, back to the first hand. Is there a less awkward / more correct way of wording that?
On the first hand....
Though, to be honest, I've rarely ever installed additional RAM in any PC I had - given its cost, it's usually cheaper to buy the max up front than in a few years when memory standards change and it's difficult to buy it cheaply (e.g., DDR or DDR2) - especially the larger modules - they either simply stop existing or are still wildly expensive years later.
I've never bought a Mac with RAM fixed to the logic board; and with pretty much every Mac I've ever bought, I've bought it with the minimum RAM configuration and then gone third party to top it up either immediately or within 2 years -- usually saving a few hundred dollars. The one thing Apple IS known for is overcharging for RAM. They've always done this, even back in the SIMM days. They argue that it's because they have higher standards, and thus you're only getting the best RAM from them. I've NEVER had a problem with using properly sourced cheaper RAM with a Mac.
I hope Manning hasn't suffered so much abuse that he actually believes he was wrong and that the "proper authority" is unquestionably correct.
He said this during his sentencing hearing, where "shows remorse" is one of the tick boxes on the form. The statement was written by his attorney, and then memorized and recited by Manning. There is no reason to believe it reflects his true beliefs.
Actually, it probably does reflect his true beliefs -- the wording is very lawyer-massaged.
"I'm apologizing for the unintended consequences of my actions. I believed I was going to help people, not hurt people."
-- He's sorry for any consequences he didn't intend, especially where it hurt US citizens. I can believe that.
"I look back at my decisions and wonder, 'How on earth could I, a junior analyst, possibly believe I could change the world for the better over the decisions of those with the proper authority?'"
-- Translation: "How on earth did I believe that just by releasing that info, I could overturn the decisions of those with the proper authority?" What he's saying here is not that proper authority was better suited to handling the information, but that he has been disillusioned that his course of action would cause them to change their ways. I can believe that too.
This can be done for every bit of his statement. Sure, it can be interpreted as "he has remorse for what he did and is a better, more educated and mature person now who sees the error of his ways" and the checkbox on his sentencing can be ticked. However, the wording is very precise in what it doesn't say. As such, his statement can also be summed up as "I did what I did, thought I could fix the system, and discovered that my chosen method wasn't successful. If I had the opportunity to do it again, I'd do it differently."
You guys are referring to the first camera episode done 6 years ago, which didn't include the nophoto jammer, and had multiple other issues (like the horrible attempt at a chaff jammer). They revisited the camera recently and tested the newer products. The manufacturer of the camera then explained why the nojammer doesn't work (their cameras don't just use IR for focus and speed sensing).
The problem, as I understand it, is that the nojammer, while obfuscating from the CCD in the IR range, provides an easily trackable token for the cameras (large IR glare from plate surface) which actually makes tracking and focus EASIER. The camera is then able to filter out IR when processing the actual plate image. This wouldn't work on a consumer camera (which wouldn't be able to focus on the plate, nor do the CCD analysis software packages include the right filters), which is why these devices can be believably sold (because anyone using a regular camera will see the washout effect).
To really work, the IR camera jammer has to target the CCD itself (probably via high-powered IR laser). It might even be possible to use a polarized filter in tandem with a weaker IR source to first limit the light to a specific polarity, and then flood that polarity with IR. But anything using unpolarized IR in a reflective way is going to be hit-and-miss at best.
But this brings up an interesting point: encryption tech is still (although not as much as it used to be) treated as munitions by the US government. As such, does the right to properly encrypted data fall under the right to bear arms?
Anything that is too dangerous doesn't fall under the 2nd amendment. The obvious example is, you can't own nuclear weapons. I don't understand why this is the case, but it's how the 2nd amendment is interpreted.
Which raises yet another question... why does "the land of the free" consider information obfuscation "too dangerous" at the same level as possessing a nuclear warhead?
And if you think it doesn't, check the paperwork you require to export a cellphone SIM card vs the paperwork you need to export enriched uranium -- it's the same paperwork.
http://science.slashdot.org/story/07/04/23/2218246/busting-the-mythbusters-yawn-experiment
You really shouldn't use pseudo-science performed by special effects artists as a reference.
Why not? Unlike the badly done yawn experiment, the license plate experiment was done by testing license plate cameras with a wide range of products, including the one the parent mentioned. The camera had no problem capturing the plate (much to my surprise, for that's the one product I thought would work).
Any time the result can be proven in such a manner, where the products are tested plus the claims on why the products are supposed to work are debunked, I'd trust the results. Whenever they start "testing" with too many variables, the bad science is pretty obvious, and using it as a reference is just silly.
If Mythbusters was known to fake results, that'd be one thing... as it is, they just often have faulty tests (and then get plenty of feedback on what they did wrong). That's the scientific method at work -- you just have to supply your own critical thinking.
http://dsc.discovery.com/tv-shows/mythbusters/mythbusters-database/way-to-beat-police-speed-cameras.htm
Exactly. The right to bear arms didn't do Edward Snowden or Bradley Manning a fat lot of good either.
Manning gave up that right when he enlisted. He traded it for the responsibility to bear arms.
But this brings up an interesting point: encryption tech is still (although not as much as it used to be) treated as munitions by the US government. As such, does the right to properly encrypted data fall under the right to bear arms? Or is the US interpreting the constitution these days to say you can bear as many arms as you want, but munitions are off-limits?
So, can someone clarify for me exactly what the implications of this are? Is this a lowering of the relevant exponent in the exponentially hard problem, meaning you should multiply your key sizes by some factor that perhaps the paper somehow could provide, or is it a constant factor meaning you should extend your keys by a fixed amount?
Either way, this is important news. I expect the details depend on the nature of the data in question, so there aren't easy answers. Its things like this that are the reasons we use key sizes that are significantly larger than could be practically cracked today.
This might be news in mathematical circles, but this has been a known issue in cryptoanalysis circles for years. It's even the basis for the smart card attacks performed by a German group in the mid-90's. Shannon entropy theory is fine for its limited domain, but as soon as you start dealing with encryption-during-transit of values known to the attacker (plus timings and order of sequence), a LOT more has to be done to ensure high entropy of the metainformation too, and Shannon entropy doesn't account for that.
So in properly defined encryption systems, this isn't much of an issue. The problem arises when people shout "we use AES-256" or "we use SSL/TLS 2.0" (which have fine Shannon entropy) and yet handle that encrypted data in a way that exposes it to pattern analysis attack, whether encrypted or not.
Note that this is a separate issue from that of choosing a secure encryption key/keylength in the first place. It has more to do with how you're wrapping the unencrypted data and how random separate unencrypted data sets using the same key are.
The way I've always thought of it is: if the entropy source is truly random, then any meaningful data injected into it will impart a pattern into the randomness. This can be used to identify the data based on patterns discovered in the supposedly random data. Conversely, if the entropy source isn't truly random, it is possible to discover its pattern, extract that from the equation, and what you are left with is the data.
You still have to deal with the secret key in either case, but this makes building that key exponentially easier, given a known cleartext source and a collection of cleartext encrypted samples. The more encrypted samples of the known cleartext you've got, the simpler the decryption becomes.
.. that the ad immediately to the right of this was for BIG DATA & ANALYTICS services for IBM? Apropos ad placement humor.
Even better, my quote at the bottom:
"We can found no scientific discipline, nor a healthy profession on the technical mistakes of the Department of Defense and IBM. -- Edsger Dijkstra"
Megacorp: Somebody set up us the big data.
POTUS: Main screen turn on.
China: All your dbase are belong to us.
China: You have no chance to survive make your social network.
NSA: 1;DROP TABLE users
NSA: For great justice.
because freedom!
But we all know that freedom fries.
I can hit: ChoicePoint, Credit Bureaus, various database services that aggregate all that data and then some - like court records, insurance claims - and then there's Google.
And if I can't find anything or very little, then I think you're an illegal alien - with all the legal trappings with that.
So folks, unless employment laws get less restricting (ADA, EEOC, etc ..) and Immigration laws get reformed, you're just fucked because corporate America is spying on you and you agreed to it when: you got that credit card, that loan, that student loan, and when you applied for that job. Yep, it's circular, baby! Apply for a job makes you vulnerable!
This only applies in the US of A.
Oh! Let's not get into the horseshit of FaceBook or LinkedIN!
Outside of the US of A, corporate America is spying on you and doesn't have to require you to agree to it. The same goes for the US government. *
* actually, they DO have to require you to agree to it in many countries, but they don't -- just see the spat between Facebook and the Canadian Privacy Commissioner for a simple example. At least the EU is going after Google to some degree.