lots of people have never bought apple/itunes products in the first place. Things such as buying mp3s, buying ebooks, buying things at set prices, buying video games at retail prices, these are things that most people who are fairly technically savvy have never dealt with and never will. For them, this is much ado about nothing. Also, this tech savvy crowd grows everyday.
That was first couple results on google. No phone is secure. Storing anything company, corporate, etc is not going to be secure on any mobile device. Duh.
Youtube has nothing to do with how legitimate or not cracking is, if the first result for (device name)+(encryption cracking) shows up for every device in every search engine, which it does. If you're relying on youtube, maybe you should try checking out/b/ or any CEH website that shows the pitfalls of modern encryption done to governmental standards. Real encryption is higher grade than government allows.
they can write anything they want in the affidavit and the women can claim whatever they want. All of that fails to focus on that this was pushed by the US gov't and that the US gov't is very clearly to blame for trying to blow this out of proportion (and making the US look even worse). Really, interpol for this? a 200k pound bond for a $700 fine in sweden?
I'm amazed that we still see this being pushed around the globe even though it just highlights everything and creates that much more scrutiny.
basically, they're saying that people who do a shitty job are going to fail faster, which is an overall good.
the people who do a good job are also going to succeed faster. So this means that brick and mortar shitstores like best buy will hopefully go out of business (and good riddance)
there's a reason less and less people watch the news on tv: they're not oblivious to the bias, the spin, and the misinformation on all sides.
whether people go to an unbiased site as a result or not of course, is up to the individual. But to trust republicans or democrats or libertarians or tea party folks is a huge mistake.
duh! of course proxies are not guaranteed anonymity, but going through multiple ways of making yourself hard to identify can make it enough of a pain in the ass that while you can still be traced, it will be enough that government will not try to track it down.
Think of this like the RIAA cases: it's hard enough (and costly) enough for them to sue one person. It's been what, 5 years for jammie thomas now? Can you imagine that for hundreds of people? It's no different.
uh, because in a lot of legal stuff when it's not 100% certain they get people to hold off in the meantime until the decision is made?
It's called "a sound legal decision", even if you and I and most of the world know that modchipping isn't illegal. The idea is to prevent more harm in the possibility that something could be bad.
Meanwhile, the catch is that the legal system is slow as shit so it puts things in limbo for a long time. Not unlike how don't ask don't tell has been for what, 10 years?
while that is probably optimal for the police (and in violation of substantial rights worldwide), it's not even realistic - they will only find the dumbest folks who do not use proxies, vpn, etc.
bingo. I haven't used anything other than spamgourmet to register for things for years, and boy has it shown that amazon is pure fucking evil and full of spam.
meanwhile, you can send an outbound email from the spamgourmet domain if necessary for email confirmations, as well.
if there's an email address linked, then expect that email address to be tested across hundreds of sites and then they can rainbow attack sites that validate your email address (it's easy enough to do).
Basically, signing up with a legitimate email address is a huge mistake.
if your username + password lets people guess on anything, they're going to try it on every site that exists to try to exploit it.
so actually, yes, this does matter if you didn't take the proper steps to make it hard to identify the email address/username/etc used in the original registration.
uh, there is no such thing as the victims being outmatched on this.
this is roughly back to basics all over again - the people who are DDOS'ing don't need a central command location - that is easily mirrored anywhere in the world.
the people who are defending however, do need a centralized location.
meanwhile, calling this war, is just a blatant lack of understanding - this is more of a political statement than an act of a aggression - it is not harmless, but that is not the focus here.
If this were a war, it would be more about sneaking viruses onto servers and malware and things like that.
uh, actually, it was suspected that everyone who does the LOIC will be IP spoofing, and only the stupid chanop who got arrested actually didn't. It's true that doing it over tor would effectively ddos tor.
I mean why would you join something such as the LOIC without IP spoofing?
that's not even governmental, that's just general IT best practices - allowing remote media is basically just asking for vulnerabilities. There's a reason that there's always a way to disable it.
Meanwhile, it still won't stop things, just make em slightly less convenient to get out. Transfer to another device where remote is allowed and -> off we go!, or wireless, or bluetooth, or simple email - if it's networked, it could be compromised.
Also yeah, there's no way to do this without basically inconveniencing people...major pain in the ass - either do it right up front, or there's a lot more pain later.
you are correct, it does seem to be restricted in that way per the statement, I guess I misunderstood.
If they take it that far of "web browser and webapps only", it's just going to be a question of "how long before it's hacked", so it's not real security, as well as take a computer from being a computer to being a web browser. The phrase for that is: recipe for complete failure.
stopping getting around UAC style behavior is important, but not enough to go so far as to limit functionality.
Slashdot Mirror
wha?
lots of people have never bought apple/itunes products in the first place. Things such as buying mp3s, buying ebooks, buying things at set prices, buying video games at retail prices, these are things that most people who are fairly technically savvy have never dealt with and never will. For them, this is much ado about nothing. Also, this tech savvy crowd grows everyday.
hmm. lets see. the espionage claims? the terrorism training in sweden? how much else do you need?
HIPAA? HIPPA has nothing to do with FIPS. way to pull some stuff out your ass there. What's next? OSHA? UL? IBC? CE/EN?
just because you throw a name doesn't mean you have anything to show for it.
Lazy example 1 or how about lazy example 2.
Now shut the fuck up and stop trolling.
That was first couple results on google. No phone is secure. Storing anything company, corporate, etc is not going to be secure on any mobile device. Duh.
Youtube has nothing to do with how legitimate or not cracking is, if the first result for (device name)+(encryption cracking) shows up for every device in every search engine, which it does. If you're relying on youtube, maybe you should try checking out /b/ or any CEH website that shows the pitfalls of modern encryption done to governmental standards. Real encryption is higher grade than government allows.
just like US police,
they can write anything they want in the affidavit and the women can claim whatever they want. All of that fails to focus on that this was pushed by the US gov't and that the US gov't is very clearly to blame for trying to blow this out of proportion (and making the US look even worse). Really, interpol for this? a 200k pound bond for a $700 fine in sweden?
I'm amazed that we still see this being pushed around the globe even though it just highlights everything and creates that much more scrutiny.
gutless? you don't know shit.
try working with fips and you might know a ltitle more.
just because it isn't 100% doesn't mean you don't use it, it means you don't use it for anything critical.
how hard is this to understand?
hey, we've got something vulnerable, but let's put critical/valuable information on it. What can possibly go wrong?
try to learn about basic security and then get back to me bub. the first step is not the encryption on the device.
what are you talking about?
NIST is not a guarantee of security. It's just saying that you are compliant with a gov't standard required to sell products to the government.
even FIPS 140-3 is not foolproof.
Blackberry encryption is also a joke and has been compromised in every country in the world, in a variety of ways.
not at all.
if you join OIN now, they cannot sue you for any of these patents when they are acquired no matter what.
most big companies are already members, so whoopty do.
well, you can enjoy that all you want, but I'll take P2P DNS.
basically, they're saying that people who do a shitty job are going to fail faster, which is an overall good.
the people who do a good job are also going to succeed faster. So this means that brick and mortar shitstores like best buy will hopefully go out of business (and good riddance)
there's a reason less and less people watch the news on tv: they're not oblivious to the bias, the spin, and the misinformation on all sides.
whether people go to an unbiased site as a result or not of course, is up to the individual. But to trust republicans or democrats or libertarians or tea party folks is a huge mistake.
colbert report
duh! of course proxies are not guaranteed anonymity, but going through multiple ways of making yourself hard to identify can make it enough of a pain in the ass that while you can still be traced, it will be enough that government will not try to track it down.
Think of this like the RIAA cases: it's hard enough (and costly) enough for them to sue one person. It's been what, 5 years for jammie thomas now? Can you imagine that for hundreds of people? It's no different.
uh, because in a lot of legal stuff when it's not 100% certain they get people to hold off in the meantime until the decision is made?
It's called "a sound legal decision", even if you and I and most of the world know that modchipping isn't illegal. The idea is to prevent more harm in the possibility that something could be bad.
Meanwhile, the catch is that the legal system is slow as shit so it puts things in limbo for a long time. Not unlike how don't ask don't tell has been for what, 10 years?
while that is probably optimal for the police (and in violation of substantial rights worldwide), it's not even realistic - they will only find the dumbest folks who do not use proxies, vpn, etc.
well, the quantity of people is a debate I'm not even going to try to jump into.
in your experience, some people.
it's impossible to quantify how many people are ignorant or not, because having a viewpoint doesn't even tell you if people are ignorant or not.
bingo. I haven't used anything other than spamgourmet to register for things for years, and boy has it shown that amazon is pure fucking evil and full of spam.
meanwhile, you can send an outbound email from the spamgourmet domain if necessary for email confirmations, as well.
people (network execs) are afraid of finding out that nobody gives a shit about cnn, nbc, abc, etc and just wants sci fi and mtv.
most people don't try to close their eyes to the world, especially when the results of things like this do affect the IT/technology world.
if there's an email address linked, then expect that email address to be tested across hundreds of sites and then they can rainbow attack sites that validate your email address (it's easy enough to do).
Basically, signing up with a legitimate email address is a huge mistake.
if your username + password lets people guess on anything, they're going to try it on every site that exists to try to exploit it.
so actually, yes, this does matter if you didn't take the proper steps to make it hard to identify the email address/username/etc used in the original registration.
moreover, people only care if it's a good adaptation.
there have been plenty of horrible ones. House of the dead anyone?
uh, there is no such thing as the victims being outmatched on this.
this is roughly back to basics all over again - the people who are DDOS'ing don't need a central command location - that is easily mirrored anywhere in the world.
the people who are defending however, do need a centralized location.
meanwhile, calling this war, is just a blatant lack of understanding - this is more of a political statement than an act of a aggression - it is not harmless, but that is not the focus here.
If this were a war, it would be more about sneaking viruses onto servers and malware and things like that.
uh, actually, it was suspected that everyone who does the LOIC will be IP spoofing, and only the stupid chanop who got arrested actually didn't. It's true that doing it over tor would effectively ddos tor.
I mean why would you join something such as the LOIC without IP spoofing?
that's not even governmental, that's just general IT best practices - allowing remote media is basically just asking for vulnerabilities. There's a reason that there's always a way to disable it.
Meanwhile, it still won't stop things, just make em slightly less convenient to get out. Transfer to another device where remote is allowed and -> off we go!, or wireless, or bluetooth, or simple email - if it's networked, it could be compromised.
Also yeah, there's no way to do this without basically inconveniencing people...major pain in the ass - either do it right up front, or there's a lot more pain later.
you are correct, it does seem to be restricted in that way per the statement, I guess I misunderstood.
If they take it that far of "web browser and webapps only", it's just going to be a question of "how long before it's hacked", so it's not real security, as well as take a computer from being a computer to being a web browser. The phrase for that is: recipe for complete failure.
stopping getting around UAC style behavior is important, but not enough to go so far as to limit functionality.