GSM has various encryption standards that are supposed to protect calls. But some are weak, and phones using stronger algorithms can be tricked into falling back to the weaker ones. With a fake tower you can probably turn it off completely.
The problem with encrypting cell conversations is many-fold: * Can you rely on the GSM encryption? * Can you trust third-party implementations? * Even if you run an encrypted VOIP app, can you trust the handset manufacturer? (e.g. not to allow the government to steal your keys from device memory via privileged access) * If you can trust the manufacturer, is your device security from nearby wireless attacks? There have been exploits for bluetooth and wifi stacks. * Can someone clone your phone? * Do you know through systems like CALEA and IP monitoring what details of your conversation will be private vs which will be public and whether that suits your needs? Data mining can probably reveal a lot about who knows who and sequences of events. * Instead of expending the effort to break your encryption isn't it easier for someone to bug places you frequently call from? * Can you trust the guy on the other end of the line to have been as careful as you have? If not, everything you've done to protect yourself is useless.
IMO if you have something you need to say to someone in secret a cell phone is a particularly bad way to go about it.
Re:IBM PCs compared extremely poorly with Amigas
on
The Amiga Turns 25
·
· Score: 5, Insightful
The sound blaster wasn't just bad because it was noisy. The Amiga could mix 4 sound channels in hardware, whereas all the early sound-blasters had only 1-2 channels and so the PC was mixing in software. That sounds trivial today, but churning through multiple samples with decent sample rates and bit depths on old CPUs took time. So while your PC was busy rendering audio, the Amiga was running your game/app code.
The design of the PCs of the time, compared to what you got out of the box with an Amiga really was pretty poor. Almost everything the Amiga's hardware could do in terms of sound and graphics would chew CPU time on the PC.
Re:IBM PCs compared extremely poorly with Amigas
on
The Amiga Turns 25
·
· Score: 1
Amiga had 32 color palette and actually, depending on what you needed to do, you could make even the older Amiga systems do 4096 color graphics using hold-and-modify and extra-half-brite mode would give you 64 colors (32 plus 32 half-brite shades):
Systems with AGA could have up to 256 color palette or 18-bit in HAM mode.
My A500+ would easily toast my top-of-the-line 386 in just about every aspect of computing life from gaming to desktop applications. Amiga games would have smooth parallax scrolling, multiple hardware sprites, 4 channels of sampled sound mixed in hardware, and they'd be fast and responsive. PC gaming by comparison was using a terrible mode system where you basically traded color palette against resolution and at higher resolutions most adapters performed so poorly that you'd see games that scrolled redrawing. The Workbench environment had full graphical file system browsing, a nice shell, a really smart preferences system, preemptive multitasking and all this ran along with your applications in 1MB or 0.5MB of memory depending on your system. Heck, even trying to compare Windows 3.1 on a 486 to Amiga OS was a joke. Windows in these days regularly blew up if you ran two apps at once and it's "folders" consisted of virtual entries in.ini files - not even a real file system.
I think only on the very old system ROMs you needed a bootstrap to boot from HD, though sadly back in the day I couldn't afford a HD:)
Personally I would not say that it was clear who was going to win when it came to PC vs Amiga. Amiga was very badly mismanaged towards the end. As it eventually became clear that Commodore was falling apart I was dismayed by what I faced in the PC world by comparison at the time.
LOL @ fair airline pricing schemes. These are the same airlines who will swing the price of a ticket through a range of hundreds of dollars depending on what day it is, even if they aren't close to selling out, and you're arguing over a $40 baggage fee?
I personally do not need being weighed in front of hundreds of passengers to be added to the list of ways my privacy is violated at airports, tyvm.
* Skype can provide records showing account creation, financial transaction and use of PSTN interconnections * Due to the way by which Skype works, Skype does NOT have any records of user “logins”, “log offs” or other general online/offline status * The Skype system is designed in such a way that voicemail is not centrally stored * Calls, IMs and other activities between Skype users do not create billing records
Everything there implies that if you want your communications to be private with respect to what can be provided in response to a subpeona then Skype isn't a bad platform. As to what can be intercepted obviously that is not covered because it's not relevant to that document.
I'm not. Copyright, if done right, is a valuable system, and I agree, the system could/should be fixed. As I said, I can't agree wholeheartedly with either side because the current system is entirely unfair but outright piracy isn't any kind of a solution.
The problem is that nobody is being successful in fixing the system. In fact, international IP law equality and one-upmanship is generally enforcing the worst systems everywhere.
Copyright exists to allow the creative to earn from their works while society benefits from them. In theory copyright is reasonable - if everyone could freely copy a work the instant it was produced much fewer people would spend their time producing new works. Yes, some people do it for fun, but many of the best works we have are by people who make a career out of it.
Here's the rub: Copyright has been abused to the point there is no fairness in the rights afforded the creator vs. the benefit to society. Originally there was legal recourse for some fairly reasonable number of years and then the work became public domain. Then copyright term was extended. Then it was extended again. And again. Today copyright law is an unfair contract. By adhering to copyright laws today you ask people to respect a creators exclusive rights on works such that a work will never become public domain during their lifetime. Perhaps even during their grandchildrens lifetime. Even worse than that, as terms are continually extended the contract between society and creators is retroactively modified, always in favor of creators, essentially stealing value from the public.
It's my opinion that in order for copyright to be held with any kind of respect by anyone then works must be guaranteed to come into the public domain within a reasonable timeframe, and I believe that must be well within the lifetime of a person who would value the work when it was first created - no more than 30 years at the outside. Various studies have shown the effective period to be much less than that.
If you're an artist and you want to benefit from a work your entire life do what the rest of us do - make some investments, set up a pension, go out and perform the damn thing. Stop trying to wield your effectively limitless copyright term against the public and stop allowing your various industry bodies to use them as a scare tactic - and that's really what copyright comes down to now in many cases. People adhere to these insanely unfair laws only because they're scared of what will happen if they don't, not because they understand the value proposition of copyright. If you want to claim otherwise agencies must stop these campaigns where they publicize their actions of suing thousands and thousands of individuals, and they must accept changes in the law which provide more reasonable terms.
I don't agree with the GP in that it's okay for everyone to pirate whatever they want, but neither can I support the ridiculous system copyright has become. Neither side of this argument has a strong leg to stand on. Unfortunately one has much more money and influence than the other.
.. is that this is part of an "austerity" budget aimed at cutting £1.3bn of debt, including public sector pay freezes and an increase in VAT to 20% among other measures. In light of that losing £40-50M in "promised" tax cuts (promised by Labour party, recently out of power) for the gaming industry isn't exactly the worst problem the British are facing. Sounds like one of the more sensible cuts in fact.
Thae fact that there are errors and vulnerabilities in web based tools just means that they were written by programmers who largely don't have peer code review
The fact that there are errors in these attack suites in particular is probably more because their purpose is to attack others with no expectation that counter-attacks are likely to happen, at least against these tools themselves.
I workd for a company that used a stripped down, harmless version of the sub7 trojan to deploy software
Funny you bring that up. Older versions used to have a hard coded master password that could be used to steal Sub7 systems, W32/Leaves took over systems that way.
The big problem with unsecured WiFi is that there's no accountability.
A big problem with unsecured WiFi is that typical home systems consider the LAN non-public and safer than the WAN, and a user who doesn't know enough to secure their WiFi doesn't know enough to understand this issue either.
The worst you're going to do is force BP to sell some oil to another company who will sell it to you through their stations playing a little arbitrage. You're going to be buying their oil no matter what.
What damage do you hope to do beyond the PR damage that's already done and whatever fines/suits the government and those impacted slap them with? And while you're boycotting BP, maybe it's worth remembering that if this hadn't been BP it probably would have been someone else.
I'm saying that web servers implicitly grant you the right to use the content as you see fit.
No, (unsecured) web servers implicitly give you access to the content. They do not say "Feel free to copy this onto your own servers, share it with others, or use it for any other purpose you like". There is a big difference between giving you access to content for personal viewing and licensing content for other purposes.
If you don't want a work you created completely out of your control you copyright it, then you pursue infringement processes against those who willfully violate your rights. How hard is this? It isn't, except the owners of this site allegedly took a huge chunk of the images accessible via the web and did not respect the rights of their creators at all.
Many people are not asking for "complete control". Lots are just asking for attribution. Others want more than that and that's their right. Regardless, what's reported to have happened here is very wrong on a large scale centered around one particular entity.
Maybe you won't be so all or nothing when one day a photo of your kids you uploaded to share with friends and family is used by some company to advertise a cause you disagree with, or some other work you created is used in a million dollar ad campaign without your permission and you don't get a penny. "But your honor, he himself said if it's online it's fair game!".
Do you religiously log out of every authenticated site you visit? What if one passes you through a page that puts your login token in a page URL at any point in time? What if your favorite social networking site, known for sharing your private data, suddenly learned of all the items you've been viewing on Amazon or all the news articles you've been reading?
What if you're in China and after browsing some sites you weren't supposed to you hit a government site and it pulled your history and that included some personally identifiable ID (like your facebook ID, or your MySpace URL, for example).
But there is also a very significant risk that unless you understand the problem well you will make yourself more uniquely identifiable. What if you fake the version of the browser you are running but it turns out that you miss faking certain extensions that shipped with that browser, or you fake some extensions in the agent string that weren't compatible with that browser, or you fake an OS version that browser didn't work with, or you fake a browser version that was short-lived due to an auto-update and you are the only one still running it, or something else the javascript can query wouldn't normally occur in the browser version you faked?
There's a long list of ways you could potentially put yourself into the very situation you think you're avoiding.
I am not going to weigh in on this argument because afaik the open movie project isn't about whether H.264 or Theora is better, but I do feel it's worth pointing out that for a fair comparison you need to know the data spent for equal quality, and I don't think you know that here.
Why would anyone purchase a creative commons movie?
I ordered the DVD because the Blender community has proven that they can successfully develop a product, tutorials and documentation that opens up the possibility for anyone to to create awesome digital media for very little to no cost versus solutions that typically cost hundreds to thousands of dollars. Ton has done an amazing job leading the Blender Foundation and pulling artists from around the world together to make these open movies, which not only give us all something nice to look at and bring attention to the project but drive a lot of the technical improvements in Blender itself. It's a pretty smart way to go about things but is no small feat and I think shows a lot of dedication and determinism. The Durian team have kept an excellent blog where you can follow their progress and it's pretty insightful and inspirational.
I'm very much behind supporting projects like this and although I'm no master Blender artist I wanted to support them and buying the DVD is a great way to do that. You know exactly what you're funding with your donation, and you even get a keepsake containing a lot of resources from the project that will help you learn Blender yourself if you chose to.
Slashdot Mirror
GSM has various encryption standards that are supposed to protect calls. But some are weak, and phones using stronger algorithms can be tricked into falling back to the weaker ones. With a fake tower you can probably turn it off completely.
The problem with encrypting cell conversations is many-fold:
* Can you rely on the GSM encryption?
* Can you trust third-party implementations?
* Even if you run an encrypted VOIP app, can you trust the handset manufacturer? (e.g. not to allow the government to steal your keys from device memory via privileged access)
* If you can trust the manufacturer, is your device security from nearby wireless attacks? There have been exploits for bluetooth and wifi stacks.
* Can someone clone your phone?
* Do you know through systems like CALEA and IP monitoring what details of your conversation will be private vs which will be public and whether that suits your needs? Data mining can probably reveal a lot about who knows who and sequences of events.
* Instead of expending the effort to break your encryption isn't it easier for someone to bug places you frequently call from?
* Can you trust the guy on the other end of the line to have been as careful as you have? If not, everything you've done to protect yourself is useless.
IMO if you have something you need to say to someone in secret a cell phone is a particularly bad way to go about it.
The sound blaster wasn't just bad because it was noisy. The Amiga could mix 4 sound channels in hardware, whereas all the early sound-blasters had only 1-2 channels and so the PC was mixing in software. That sounds trivial today, but churning through multiple samples with decent sample rates and bit depths on old CPUs took time. So while your PC was busy rendering audio, the Amiga was running your game/app code.
The design of the PCs of the time, compared to what you got out of the box with an Amiga really was pretty poor. Almost everything the Amiga's hardware could do in terms of sound and graphics would chew CPU time on the PC.
Amiga had 32 color palette and actually, depending on what you needed to do, you could make even the older Amiga systems do 4096 color graphics using hold-and-modify and extra-half-brite mode would give you 64 colors (32 plus 32 half-brite shades):
http://en.wikipedia.org/wiki/Hold-And-Modify
http://en.wikipedia.org/wiki/Extra_Half-Brite
Systems with AGA could have up to 256 color palette or 18-bit in HAM mode.
My A500+ would easily toast my top-of-the-line 386 in just about every aspect of computing life from gaming to desktop applications. Amiga games would have smooth parallax scrolling, multiple hardware sprites, 4 channels of sampled sound mixed in hardware, and they'd be fast and responsive. PC gaming by comparison was using a terrible mode system where you basically traded color palette against resolution and at higher resolutions most adapters performed so poorly that you'd see games that scrolled redrawing. The Workbench environment had full graphical file system browsing, a nice shell, a really smart preferences system, preemptive multitasking and all this ran along with your applications in 1MB or 0.5MB of memory depending on your system. Heck, even trying to compare Windows 3.1 on a 486 to Amiga OS was a joke. Windows in these days regularly blew up if you ran two apps at once and it's "folders" consisted of virtual entries in .ini files - not even a real file system.
I think only on the very old system ROMs you needed a bootstrap to boot from HD, though sadly back in the day I couldn't afford a HD :)
Personally I would not say that it was clear who was going to win when it came to PC vs Amiga. Amiga was very badly mismanaged towards the end. As it eventually became clear that Commodore was falling apart I was dismayed by what I faced in the PC world by comparison at the time.
LOL @ fair airline pricing schemes. These are the same airlines who will swing the price of a ticket through a range of hundreds of dollars depending on what day it is, even if they aren't close to selling out, and you're arguing over a $40 baggage fee?
I personally do not need being weighed in front of hundreds of passengers to be added to the list of ways my privacy is violated at airports, tyvm.
Don't you mean "Duplo??" ?
Cryptome hosts this 2007 document:
http://cryptome.org/isp-spy/skype-spy.pdf
* Skype can provide records showing account creation, financial transaction and use of PSTN interconnections
* Due to the way by which Skype works, Skype does NOT have any records of user “logins”, “log offs” or other general online/offline status
* The Skype system is designed in such a way that voicemail is not centrally stored
* Calls, IMs and other activities between Skype users do not create billing records
Everything there implies that if you want your communications to be private with respect to what can be provided in response to a subpeona then Skype isn't a bad platform. As to what can be intercepted obviously that is not covered because it's not relevant to that document.
iPhone: Giving AT&T more bars in more places.
All we need to do is make nuclear fusion work.
You are committing a false dichotomy.
I'm not. Copyright, if done right, is a valuable system, and I agree, the system could/should be fixed. As I said, I can't agree wholeheartedly with either side because the current system is entirely unfair but outright piracy isn't any kind of a solution.
The problem is that nobody is being successful in fixing the system. In fact, international IP law equality and one-upmanship is generally enforcing the worst systems everywhere.
Copyright exists to allow the creative to earn from their works while society benefits from them. In theory copyright is reasonable - if everyone could freely copy a work the instant it was produced much fewer people would spend their time producing new works. Yes, some people do it for fun, but many of the best works we have are by people who make a career out of it.
Here's the rub: Copyright has been abused to the point there is no fairness in the rights afforded the creator vs. the benefit to society. Originally there was legal recourse for some fairly reasonable number of years and then the work became public domain. Then copyright term was extended. Then it was extended again. And again. Today copyright law is an unfair contract. By adhering to copyright laws today you ask people to respect a creators exclusive rights on works such that a work will never become public domain during their lifetime. Perhaps even during their grandchildrens lifetime. Even worse than that, as terms are continually extended the contract between society and creators is retroactively modified, always in favor of creators, essentially stealing value from the public.
It's my opinion that in order for copyright to be held with any kind of respect by anyone then works must be guaranteed to come into the public domain within a reasonable timeframe, and I believe that must be well within the lifetime of a person who would value the work when it was first created - no more than 30 years at the outside. Various studies have shown the effective period to be much less than that.
If you're an artist and you want to benefit from a work your entire life do what the rest of us do - make some investments, set up a pension, go out and perform the damn thing. Stop trying to wield your effectively limitless copyright term against the public and stop allowing your various industry bodies to use them as a scare tactic - and that's really what copyright comes down to now in many cases. People adhere to these insanely unfair laws only because they're scared of what will happen if they don't, not because they understand the value proposition of copyright. If you want to claim otherwise agencies must stop these campaigns where they publicize their actions of suing thousands and thousands of individuals, and they must accept changes in the law which provide more reasonable terms.
I don't agree with the GP in that it's okay for everyone to pirate whatever they want, but neither can I support the ridiculous system copyright has become. Neither side of this argument has a strong leg to stand on. Unfortunately one has much more money and influence than the other.
iPhone DontTouch
.. is that this is part of an "austerity" budget aimed at cutting £1.3bn of debt, including public sector pay freezes and an increase in VAT to 20% among other measures. In light of that losing £40-50M in "promised" tax cuts (promised by Labour party, recently out of power) for the gaming industry isn't exactly the worst problem the British are facing. Sounds like one of the more sensible cuts in fact.
Thae fact that there are errors and vulnerabilities in web based tools just means that they were written by programmers who largely don't have peer code review
The fact that there are errors in these attack suites in particular is probably more because their purpose is to attack others with no expectation that counter-attacks are likely to happen, at least against these tools themselves.
I workd for a company that used a stripped down, harmless version of the sub7 trojan to deploy software
Funny you bring that up. Older versions used to have a hard coded master password that could be used to steal Sub7 systems, W32/Leaves took over systems that way.
Chatroulette and sports broadcasters all trying to filter out the horn on the same day?
The big problem with unsecured WiFi is that there's no accountability.
A big problem with unsecured WiFi is that typical home systems consider the LAN non-public and safer than the WAN, and a user who doesn't know enough to secure their WiFi doesn't know enough to understand this issue either.
Who is going to turn down cheap oil?
The worst you're going to do is force BP to sell some oil to another company who will sell it to you through their stations playing a little arbitrage. You're going to be buying their oil no matter what.
What damage do you hope to do beyond the PR damage that's already done and whatever fines/suits the government and those impacted slap them with? And while you're boycotting BP, maybe it's worth remembering that if this hadn't been BP it probably would have been someone else.
This story looks magnificent, I love the arrangement of the words and the punctuation! Hang on while I read it... ... meh...
"Malware on Hijacked Submarines, a New Trend?"
Talk about a double-take! Would have made for an interesting story, though :)
I'm saying that web servers implicitly grant you the right to use the content as you see fit.
No, (unsecured) web servers implicitly give you access to the content. They do not say "Feel free to copy this onto your own servers, share it with others, or use it for any other purpose you like". There is a big difference between giving you access to content for personal viewing and licensing content for other purposes.
Okay, now the opposite:
If you don't want a work you created completely out of your control you copyright it, then you pursue infringement processes against those who willfully violate your rights. How hard is this? It isn't, except the owners of this site allegedly took a huge chunk of the images accessible via the web and did not respect the rights of their creators at all.
Many people are not asking for "complete control". Lots are just asking for attribution. Others want more than that and that's their right. Regardless, what's reported to have happened here is very wrong on a large scale centered around one particular entity.
Maybe you won't be so all or nothing when one day a photo of your kids you uploaded to share with friends and family is used by some company to advertise a cause you disagree with, or some other work you created is used in a million dollar ad campaign without your permission and you don't get a penny. "But your honor, he himself said if it's online it's fair game!".
Imagine one company controlled this and PGP too. Oh wait...
There's a lot of eggs ending up in one basket here...
Do you religiously log out of every authenticated site you visit? What if one passes you through a page that puts your login token in a page URL at any point in time? What if your favorite social networking site, known for sharing your private data, suddenly learned of all the items you've been viewing on Amazon or all the news articles you've been reading?
What if you're in China and after browsing some sites you weren't supposed to you hit a government site and it pulled your history and that included some personally identifiable ID (like your facebook ID, or your MySpace URL, for example).
Maybe.
But there is also a very significant risk that unless you understand the problem well you will make yourself more uniquely identifiable. What if you fake the version of the browser you are running but it turns out that you miss faking certain extensions that shipped with that browser, or you fake some extensions in the agent string that weren't compatible with that browser, or you fake an OS version that browser didn't work with, or you fake a browser version that was short-lived due to an auto-update and you are the only one still running it, or something else the javascript can query wouldn't normally occur in the browser version you faked?
There's a long list of ways you could potentially put yourself into the very situation you think you're avoiding.
I am not going to weigh in on this argument because afaik the open movie project isn't about whether H.264 or Theora is better, but I do feel it's worth pointing out that for a fair comparison you need to know the data spent for equal quality, and I don't think you know that here.
Why would anyone purchase a creative commons movie?
I ordered the DVD because the Blender community has proven that they can successfully develop a product, tutorials and documentation that opens up the possibility for anyone to to create awesome digital media for very little to no cost versus solutions that typically cost hundreds to thousands of dollars. Ton has done an amazing job leading the Blender Foundation and pulling artists from around the world together to make these open movies, which not only give us all something nice to look at and bring attention to the project but drive a lot of the technical improvements in Blender itself. It's a pretty smart way to go about things but is no small feat and I think shows a lot of dedication and determinism. The Durian team have kept an excellent blog where you can follow their progress and it's pretty insightful and inspirational.
I'm very much behind supporting projects like this and although I'm no master Blender artist I wanted to support them and buying the DVD is a great way to do that. You know exactly what you're funding with your donation, and you even get a keepsake containing a lot of resources from the project that will help you learn Blender yourself if you chose to.
Rock on Durian team :)