but they tend not to screw with cryptography which is allowed to be on the GSA schedule when embodied in communications equipment for sale to the U.S.Military.
So the NSA did not screw with Dual_EC_DRBG in the NIST standard? Or is it just that any hardware which implements Dual_EC_DRBG is going to be rejected without explanation when it is submitted for FIPS 140 certification?
I count 22 stories today (friday). At most 4 are NSA, and that's stretching it (epic browser isn't more about commercial trackers than government and Iran/Syria interception is only speculatively nsa). So ~15% NSA stories really isn't that overwhelming.
Or, maybe it was Martin who got close enough to Zimmerman? There is at least as much evidence supporting that conclusion as there is yours.
IF there is, than what is it? You were so bold and confident until I started digging in to your citation. What you have shown me is that your beliefs are based on a ridiculously lop-sided reading of the evidence not "at least as much" not even close, it is practically religious in how much it appears to simply be based on faith.
All that means is that Martin said that Zimmerman was following him
Right, he says zimmerman is following him and then shortly thereafter asks zimmerman why he's following him. Obviously Zimmerman was just standing around his truck minding his own business at that point and had not come up close enough to Martin for Jenteal to hear Martin's speech over the phone. He was probably just using a megaphone is all.
You stretch the limits of credulity to do exactly what you accused me of in your first post. With you it's always the benefit of the doubt for Zimmerman but not for Martin.
She did not actually see George Zimmerman follow Trayvon Martin
Ah, so when she reports Martin saying: 'That N-word is still following me now,'"
That actually means Martin was lying to her since she didn't actually see Zimmerman following him. He was totally working her in order to cover his plot to sneak up on Martin and beat him to a pulp. How foolish of me to not to see that.
Not so useful for things like talking to undercover agents in the field. Yes, the government does have some dedicated infrastructure that serves very specific purposes, but it doesn't have the flexibility to cover all areas which is where Silent Circle seems to have found its niche.
There is no 100% guarantee when you are faced with billion dollar budgets, what I am saying is that Silent Circle has thought things through and are taking one reasonable approach and being closed source does not negate that.
This was covered by someone else in the thread above. TL;DR "But then they also have to persuade all the users to adopt that [new NSA modified] fork. " - i.e. not going to happen.
Your TL;DR is as long as his post which is nothing more than a bald-faced assertion. It isn't anywhere as simple as that - every part of that risk that closed source has is the same this scenario. They NSL the company and force it to put a non-obvious weakness into their code as part of a much larger refresh and nobody even notices.
Do you really think the NSA or any big govermental agency serious about security buys binaries from Silent Circle and never sees the full source code?
Yes, they absolutely do buy binaries without source. I know someone with personal experience of such a program buying custom binary libraries from RSA - RSA didn't let anyone near the source and she was in the position to see the source herself if RSA had.
The only part of what happened that Jeantel knew is what she heard said.
Got it, the only part of her testimony that counts is the part that can exonerates Zimmerman, any other parts are just her being biased against Zimmerman - but not so biased as to just leave out the stuff that exonerate him. We are so lucky that she was honest enough to only lie a little bit.
How do we know that the NSA does not buy 10K worth a licenses - hardly a blip on their budget - just to shelve and never use them.
Because Silent Circle has support contracts that involve interacting with the actual users. The big money is always in the support contracts.
. Silent Circle could easily continue to sell their services to the US and UK government AND fully open source the code. Why dont they? More $$$ instead of more security, more likely
If they open-sourced it, then the NSA gets the opportunity to pervert the public release while building a secure release for the government customers who need the product - thus eliminating the one piece of leverage that Silent Circle can use to keep the NSA from weakening their software.
That's wonderful. There is NO evidence that George Zimmerman ever confronted Trayvon Martin and some evidence that suggests that Trayvon Martin confronted George Zimmerman (including the testimony of Rachel Jeantel).
Jeantel testified that as he neared the home of his father's girlfriend, Martin tried to lose Zimmerman.
"And then he said, 'That N-word is still following me now,'" said Jeantel. "I asked him how the man looked like. He just told me the man looked 'creepy.' 'Creepy, white' -- excuse my language -- 'cracker. Creepy [expletive] cracker."
Jeantel says she heard Martin talking to Zimmerman in the background of the call.
"He said, 'Why are you following me for?' And I heard a hard-breathing man say, 'What you doing around here?'" said Jeantel.
Right there in the testimony you cited she notes Zimmerman following Martin and gets close to him while breathing heavily. If he Zimmerman had simply been standing around his car, he wouldn't have been out of breath.
BTW, random-bolding doesn't say what you think its says about the strength of your argument.
Peer review is no panacea. I'm not going to argue against open-source, but open-source is at significant risk too. You can't pull an _NSAKEY but with the resources available to the NSA it is no big feat to weaken an implementation in a non-obvious way.
Silent Circle's approach is that they sell their software to the US and UK government. If the NSA were to require them to install a secret backdoor then the NSA would be compromising the security of all of their government customers because they don't sell two different versions of their software, it is the same for all customers.
He recommend Silent Circle right after saying "the NSA also works with security product vendors to ensure that commercial encryption products are broken in secret ways that only it knows about. "
Do you know who founded and remains a principal of Silent Circle? Phil fucking Zimmermann. This is the guy who wrote and released PGP because he feared the NSA would get away with forcing everyone to use their back-doored skipjack clipper chip. He was subsequently harassed with a criminal investigation. If there is one guy that you can trust not to knuckle under to the NSA, it is Phil Zimmermann.
In fact, Silent Circle just withdrew their Silent Mail product because they feared that the NSA would force them to backdoor it in the near future. They canceled a product line rather than risk it being compromised.
Right, some random.org without any actual standing.
No, USAonWatch is managed by the National Sherrif's Association and organizes roughly 20.000 neighborhood watch programs. They have been around for 40 years. There is pretty much no one else in the "business" of organizing neighborhood watch programs.
He WAS on the neighborhood watch in an area which had suffered a rash of break ins. Come on, this was widely reported.
Anyone who knows anything about Neighborhood Watch programs knows that the absolute, number 1 rule is do not confront someone that looks suspicious, call the police, but do not attempt to confront them. Number 2 rule? Do not carry a gun.
"Members should never confront suspicious persons..."
"It should be emphasized to members that they do not possess police powers and they shall not carry weapons..." Neighborhood Watch Manual
The fact that Zimmerman was a part of the local Neighborhood Watch means that he had explicit training on how to behave in this sort of situation and he directly went against them. That's more than simply being ignorant, he willfully went against he advice he had been given. Then there is the part where the 911 operator also told him not to follow Martin. Ignoring all of that and going after Martin are the actions of a cowboy looking for trouble rather than someone levelheaded and trying to minimize trouble.
I've been fortunate enough that I no longer need anything the credit reporting agencies can influence - their record keeping is 100% downside for me even (especially) when it is accurate. I recognize that is not the case for most people. But that doesn't detract from my point that [i]everyone[/i] should have a choice about what is now dual-use information.
How is it providing them any information? A credit report requires only name, address, and SSN,
Because I may have moved to a new address.
And providing a new or wrong address causes the report to not come back, because it doesn't match their records.
No, giving them your most current address causes them to update their records with that information. I actually did it once about 5 years ago to see how it worked.
Updating the credit agency's records that way isn't entirely a one-sided benefit for them.
My fixing their records for them because they aren't accountable enough to get it right on their own is a a really big stretch of what constitutes a benefit to me.
Besides, if I cared about that, then I should have that choice untethered to anything else. Personally, I'd rather their records be full of disinformation about me.
You mistake my use of sarcasm quotes. Yes, the law mandates the report, but their lobbyists got to help write the law to make it ok to collect that information which has a dual use of updating your credit report. Since it is dual use, it ain't really free.
And in order to see the data they have about me, I have to give them my name, home address, last four digits of my SSN? Seriously?
That's about what the credit reporting agencies want from you in order to get your "free" yearly copy of your credit report. I always thought it was particularly convenient for them too.
Mitt Romney gave $4 million to charity in one year - 1/3rd of his income.
Giving money to your own social clubs like the mormon church and its affiliates like Brigham Young University, or the George W Bush Library, or the private school where 5 of his kids attended isn't charity, it's tax-deductible self-interest. Naked quid pro quo.
Before I posted I went and read up on his tax returns, just to make sure that my assumption of self-interest was true. That he hadn't made a liar out of me and my cynicism by really giving the bulk of his donations to organizations that would not benefit himself in one way or another. In the process I found out some interesting "character" related points:
1) His 2010 tax return showed only 11% of his income went to non-profit deductions. The mormon church directly gets 10% straight off the bat as tithing, leaving 1% for everything else. In fact, his own 20-year summary shows he averaged less than 12.6% until the 30% spike in 2011 brought the average up to just under 13.5%. Why such an outlier in 2011 when he had roughly half the income that he did in 2010? Seems to me that once he won the party primary his donations went up.
2) In 2011 he did not claim the maximum allowed tax deductions for his donations. He only claimed a deduction for $2.25 of the $4 million that was eligible. Why would he do that? Well, the guy who runs Romney's family trust said it helped to keep his campaign promise of paying at least 13% in income tax every year. Here's my question, now that he lost the election, did he go back and file an amended return to claim the entire $4M? We will probably never know, maybe a real man of character would not. A real republican would be happy to over-pay his taxes without a complaint, right?
My source for those two points is this article at The Blaze - I figured I'd go with a conservative news source to give Romney the benefit of the doubt in the reporting.
OP was quoting Andy Rubin at Google explaining why android is "open" and ios is not. The point being that 3 years later, Andrdoid doesn't really qualify as open by Google's own definition.
Google is slowly morphing into just another proprietary software corp - my feeling is that it is because of management changes where the new guys think that because google is now the biggest fish in the pond that there really isn't any point in trying to make the pond bigger, they probably feel threatened by the chance of enabling competitors.
In reality, it's easy to imagine being generous when you don't have much to give.
Bingo. Being rich insulates you from understanding hardship, the most generous people are generally the ones who can least afford it because they experience some level of poverty on a daily basis.
Slashdot Mirror
but they tend not to screw with cryptography which is allowed to be on the GSA schedule when embodied in communications equipment for sale to the U.S.Military.
So the NSA did not screw with Dual_EC_DRBG in the NIST standard? Or is it just that any hardware which implements Dual_EC_DRBG is going to be rejected without explanation when it is submitted for FIPS 140 certification?
I would like our current laws to be enforced.
As John Oliver said on the Daily Show when these stories started to break:
"Mr. President, no one is saying you broke any laws, we're just saying it's a little bit weird you didn't have to."
All it is these days is NSA, NSA, NSA.
I count 22 stories today (friday). At most 4 are NSA, and that's stretching it (epic browser isn't more about commercial trackers than government and Iran/Syria interception is only speculatively nsa). So ~15% NSA stories really isn't that overwhelming.
Or, maybe it was Martin who got close enough to Zimmerman? There is at least as much evidence supporting that conclusion as there is yours.
IF there is, than what is it? You were so bold and confident until I started digging in to your citation. What you have shown me is that your beliefs are based on a ridiculously lop-sided reading of the evidence not "at least as much" not even close, it is practically religious in how much it appears to simply be based on faith.
All that means is that Martin said that Zimmerman was following him
Right, he says zimmerman is following him and then shortly thereafter asks zimmerman why he's following him. Obviously Zimmerman was just standing around his truck minding his own business at that point and had not come up close enough to Martin for Jenteal to hear Martin's speech over the phone. He was probably just using a megaphone is all.
You stretch the limits of credulity to do exactly what you accused me of in your first post. With you it's always the benefit of the doubt for Zimmerman but not for Martin.
She did not actually see George Zimmerman follow Trayvon Martin
Ah, so when she reports Martin saying: 'That N-word is still following me now,'"
That actually means Martin was lying to her since she didn't actually see Zimmerman following him. He was totally working her in order to cover his plot to sneak up on Martin and beat him to a pulp. How foolish of me to not to see that.
> SIPRNet
Not so useful for things like talking to undercover agents in the field. Yes, the government does have some dedicated infrastructure that serves very specific purposes, but it doesn't have the flexibility to cover all areas which is where Silent Circle seems to have found its niche.
There is no 100% guarantee when you are faced with billion dollar budgets, what I am saying is that Silent Circle has thought things through and are taking one reasonable approach and being closed source does not negate that.
This was covered by someone else in the thread above. TL;DR "But then they also have to persuade all the users to adopt that [new NSA modified] fork. " - i.e. not going to happen.
Your TL;DR is as long as his post which is nothing more than a bald-faced assertion. It isn't anywhere as simple as that - every part of that risk that closed source has is the same this scenario. They NSL the company and force it to put a non-obvious weakness into their code as part of a much larger refresh and nobody even notices.
Do you really think the NSA or any big govermental agency serious about security buys binaries from Silent Circle and never sees the full source code?
Yes, they absolutely do buy binaries without source. I know someone with personal experience of such a program buying custom binary libraries from RSA - RSA didn't let anyone near the source and she was in the position to see the source herself if RSA had.
The only part of what happened that Jeantel knew is what she heard said.
Got it, the only part of her testimony that counts is the part that can exonerates Zimmerman, any other parts are just her being biased against Zimmerman - but not so biased as to just leave out the stuff that exonerate him. We are so lucky that she was honest enough to only lie a little bit.
Your sweet baby Tray Tray got away. He then came back
The very next line of her testimony suggests otherwise, just read that link:
Jeantel also said she heard a bump from Martin's headset hitting something and "wet grass sounds."
"I start hearing a little bit of Trayvon saying, 'Get off, get off!'" said Jeantel.
Thanks for doing this by the way, you guys are making me actually double-check my impressions and you are the ones proving to me that you are wrong.
How do we know that the NSA does not buy 10K worth a licenses - hardly a blip on their budget - just to shelve and never use them.
Because Silent Circle has support contracts that involve interacting with the actual users. The big money is always in the support contracts.
. Silent Circle could easily continue to sell their services to the US and UK government AND fully open source the code. Why dont they? More $$$ instead of more security, more likely
If they open-sourced it, then the NSA gets the opportunity to pervert the public release while building a secure release for the government customers who need the product - thus eliminating the one piece of leverage that Silent Circle can use to keep the NSA from weakening their software.
That's wonderful. There is NO evidence that George Zimmerman ever confronted Trayvon Martin and some evidence that suggests that Trayvon Martin confronted George Zimmerman (including the testimony of Rachel Jeantel).
Jeantel testified that as he neared the home of his father's girlfriend, Martin tried to lose Zimmerman.
"And then he said, 'That N-word is still following me now,'" said Jeantel. "I asked him how the man looked like. He just told me the man looked 'creepy.' 'Creepy, white' -- excuse my language -- 'cracker. Creepy [expletive] cracker."
Jeantel says she heard Martin talking to Zimmerman in the background of the call.
"He said, 'Why are you following me for?' And I heard a hard-breathing man say, 'What you doing around here?'" said Jeantel.
http://www.cnn.com/2013/06/26/justice/zimmerman-trial
Right there in the testimony you cited she notes Zimmerman following Martin and gets close to him while breathing heavily. If he Zimmerman had simply been standing around his car, he wouldn't have been out of breath.
BTW, random-bolding doesn't say what you think its says about the strength of your argument.
You've bought the false narrative. GZ didn't "follow" or "stalk" TM at any time. Scroll back up for a good writeup on what actually happened.
Zimmerman himself said he was following Martin while on the call to 911. Here is the quote from the transcript:
Dispatcher: Are you following him?
Zimmerman: Yeah
Dispatcher: Ok, we don't need you to do that.
https://s3.amazonaws.com/s3.documentcloud.org/documents/326700/full-transcript-zimmerman.pdf
Zimmerman was in his car, he got out, Martin didn't pull him out.
Peer review is no panacea. I'm not going to argue against open-source, but open-source is at significant risk too. You can't pull an _NSAKEY but with the resources available to the NSA it is no big feat to weaken an implementation in a non-obvious way.
Silent Circle's approach is that they sell their software to the US and UK government. If the NSA were to require them to install a secret backdoor then the NSA would be compromising the security of all of their government customers because they don't sell two different versions of their software, it is the same for all customers.
He recommend Silent Circle right after saying "the NSA also works with security product vendors to ensure that commercial encryption products are broken in secret ways that only it knows about. "
Do you know who founded and remains a principal of Silent Circle? Phil fucking Zimmermann. This is the guy who wrote and released PGP because he feared the NSA would get away with forcing everyone to use their back-doored skipjack clipper chip. He was subsequently harassed with a criminal investigation. If there is one guy that you can trust not to knuckle under to the NSA, it is Phil Zimmermann.
In fact, Silent Circle just withdrew their Silent Mail product because they feared that the NSA would force them to backdoor it in the near future. They canceled a product line rather than risk it being compromised.
Right, some random .org without any actual standing.
No, USAonWatch is managed by the National Sherrif's Association and organizes roughly 20.000 neighborhood watch programs. They have been around for 40 years. There is pretty much no one else in the "business" of organizing neighborhood watch programs.
He WAS on the neighborhood watch in an area which had suffered a rash of break ins. Come on, this was widely reported.
Anyone who knows anything about Neighborhood Watch programs knows that the absolute, number 1 rule is do not confront someone that looks suspicious, call the police, but do not attempt to confront them. Number 2 rule? Do not carry a gun.
"Members should never confront suspicious persons..."
"It should be emphasized to members that they do not possess police powers and they shall not carry weapons..."
Neighborhood Watch Manual
The fact that Zimmerman was a part of the local Neighborhood Watch means that he had explicit training on how to behave in this sort of situation and he directly went against them. That's more than simply being ignorant, he willfully went against he advice he had been given. Then there is the part where the 911 operator also told him not to follow Martin. Ignoring all of that and going after Martin are the actions of a cowboy looking for trouble rather than someone levelheaded and trying to minimize trouble.
I've been fortunate enough that I no longer need anything the credit reporting agencies can influence - their record keeping is 100% downside for me even (especially) when it is accurate. I recognize that is not the case for most people. But that doesn't detract from my point that [i]everyone[/i] should have a choice about what is now dual-use information.
How is it providing them any information? A credit report requires only name, address, and SSN,
Because I may have moved to a new address.
And providing a new or wrong address causes the report to not come back, because it doesn't match their records.
No, giving them your most current address causes them to update their records with that information. I actually did it once about 5 years ago to see how it worked.
Updating the credit agency's records that way isn't entirely a one-sided benefit for them.
My fixing their records for them because they aren't accountable enough to get it right on their own is a a really big stretch of what constitutes a benefit to me.
Besides, if I cared about that, then I should have that choice untethered to anything else. Personally, I'd rather their records be full of disinformation about me.
You mistake my use of sarcasm quotes. Yes, the law mandates the report, but their lobbyists got to help write the law to make it ok to collect that information which has a dual use of updating your credit report. Since it is dual use, it ain't really free.
And in order to see the data they have about me, I have to give them my name, home address, last four digits of my SSN? Seriously?
That's about what the credit reporting agencies want from you in order to get your "free" yearly copy of your credit report. I always thought it was particularly convenient for them too.
Mitt Romney gave $4 million to charity in one year - 1/3rd of his income.
Giving money to your own social clubs like the mormon church and its affiliates like Brigham Young University, or the George W Bush Library, or the private school where 5 of his kids attended isn't charity, it's tax-deductible self-interest. Naked quid pro quo.
Before I posted I went and read up on his tax returns, just to make sure that my assumption of self-interest was true. That he hadn't made a liar out of me and my cynicism by really giving the bulk of his donations to organizations that would not benefit himself in one way or another. In the process I found out some interesting "character" related points:
1) His 2010 tax return showed only 11% of his income went to non-profit deductions. The mormon church directly gets 10% straight off the bat as tithing, leaving 1% for everything else. In fact, his own 20-year summary shows he averaged less than 12.6% until the 30% spike in 2011 brought the average up to just under 13.5%. Why such an outlier in 2011 when he had roughly half the income that he did in 2010? Seems to me that once he won the party primary his donations went up.
2) In 2011 he did not claim the maximum allowed tax deductions for his donations. He only claimed a deduction for $2.25 of the $4 million that was eligible. Why would he do that? Well, the guy who runs Romney's family trust said it helped to keep his campaign promise of paying at least 13% in income tax every year. Here's my question, now that he lost the election, did he go back and file an amended return to claim the entire $4M? We will probably never know, maybe a real man of character would not. A real republican would be happy to over-pay his taxes without a complaint, right?
My source for those two points is this article at The Blaze - I figured I'd go with a conservative news source to give Romney the benefit of the doubt in the reporting.
OP was quoting Andy Rubin at Google explaining why android is "open" and ios is not. The point being that 3 years later, Andrdoid doesn't really qualify as open by Google's own definition.
Google is slowly morphing into just another proprietary software corp - my feeling is that it is because of management changes where the new guys think that because google is now the biggest fish in the pond that there really isn't any point in trying to make the pond bigger, they probably feel threatened by the chance of enabling competitors.
In reality, it's easy to imagine being generous when you don't have much to give.
Bingo. Being rich insulates you from understanding hardship, the most generous people are generally the ones who can least afford it because they experience some level of poverty on a daily basis.