As the article explains: To us in the security community, none of the individual pieces raise an eyebrow. We know USB is an infection vector. We know BIOS/UEFI can be compromised. We know that when it hits the firmware, extraction isn't as easy as a dd anymore. We know communication via power cable and audio is possible - the last shouldn't really surprise anyone as it's been just earlier this year that audio was discussed as an alternative to NFC, because it doesn't require new hardware (every smartphone already has speakers and microphones).
And after Stuxnet and Flame, we know that some of the really advanced malware that we've been talking about at conferences is not only possible, but real.
Still, finding all of this in one package is fascinating, and if it really is 3 years old, I don't want to know what the current version looks like.
I know Dragos personally. He's not the guy to run an April Fools in October, and he's got too much reputation to lose to bullshit everyone for a few minutes of fame.
It's a good concept, but it is based in the US, which means that a) it'll run into the same issues again and b) nobody outside and few inside the US will trust it.
What they need are partners in other jurisdictions. At least one in Europe and one in Asia. A carefully designed corporate structure can delay any legal attacks for long enough for at least one of the nodes to inform its users and shift them towards a node not under attack.
Why do we geeks always think the solution must be technical? Social and legal protocols are equally important, and can solve many problems that are much more difficult to solve by technology.
Take a page out of the book of megacorporations. Set up a mother company in a country with all the laws you need and make the operation the legal property of that, so that you can deflect any legal attacks by claiming your local subsidary doesn't have the legal authority nor the passwords required to do what you want them to do, but you will be happy to forward it to the mother company - which is in a jurisdiction where the gag order doesn't apply.
Get a lawyer on board who can figure these things out. There are plenty of lawyers interested in this kind of stuff. And if you need contacts in Europe, send me a mail. I kind of miss the good feeling I had back when I was running an anonymous remailer.
It's complicated because the insurance industry is complicated. It's complicated because we didn't have the political will to simply go for Medicare for all.
No, it's complicated because someone profits from it being complicated.
In fact, lots of people profit from that. The insurance companies because they can weasel out of many insurance cases due to loopholes, exceptions and formalisms. Lawyers who get to fight those cases through in courts. Lots of staff who works on writing, updating, filing, stamping and generally administrating the whole mess. Brokers who tell you what you need because it's a labyrinth no normal person understands. I probably forgot a lot of people.
It's the same with the tax laws. Every exception and additional law has the stated intent of making the tax laws more "fair". In reality, it only makes more complicated. In the end, those who can pay a professional to do their taxes for them get to use most of the loopholes while those who can't, don't.
Do you guys honestly think, for one second, that you can hide from these guys if they really want you? Any of you?
The qualifier is "if they really want you".
You can't hide from the NSA unless you're a government entity yourself. If I were to head the Iran nuclear program, I'd give it a try.
However, you can hide from the NSA dragnet, because it's not targetting you specifically. So if you use any of the big e-mail providers, you can be 100% certain that a backup copy of all your e-mails exists somewhere in an NSA database. But if you run your own mailserver, the mails that you exchange over encrypted channels with someone else who also does that have a chance of not being caught by the net, not because they couldn't, but because the world is huge and even the vast NSA resources are limited.
The problem with the submitters concept is that as long as you roll your own, you can slip through the net (but never count on it, it's a probability like all things in IT security). But as soon as someone sets up a "secure hosting provider", he'll become a target. And the bigger it gets, the higher the chance that the NSA will expand some resources to penetrate it.
So it's not a viable business concept, and thus it doesn't exist. Of course, someone will make the claims, because scam is always a viable business concept.
Name one other country with a political party who is so hellbent on reality distortion to do such silly things with tax payer money?
China under Mao.
Every country has its crazy times. It's not a positive thing, but it's not unique to the USA, except that due to technology and society (China was much more closed-up about what was going on) we know a lot more about this case then all the others.
I do, however, agree that the inmates are running the asylum.
You completely ignored the rest of my comment, which puts down your argument. Buggy-whip makers were put out of business by technological progress. Amazon hasn't invented any new technology. Their innovation is on the business side, and business innovations almost always shift costs around, as I explained.
Maybe you can buy a few books less, but in exchange some workers can actually feed their families and also buy books. Ask the minimum wage temp workers in Amazons warehouses if they'd rather work in an old-style bookstore for two or three times the wage.
Unless you come up with a new technology or a new method of doing business, there are very few ways to actually provide the same service for less money - but what you can do is distribute costs differently. You can pay your workers less and be cheaper for the customers. Or you can save on health and safety, again workers will pay the price when something happens. Or you can do the usual corporate trickery to avoid paying taxes, so the general public pays the money you save (because someone else has to pay the taxes you don't). I could go on.
Amazon has done some cool things, especially when it comes to making next-day delivery the norm instead of a week or two. But they aren't a white knight.
You have capitalism and free market theory confused. They have things in common, but they aren't the same.
Capitalism will always tend towards monopoly, because capitalism is about profit and monopoly rent is where the real profits are.
For the free market, a monopoly is a death spell.
But you can have a free market without capitalism, and capitalism withou a free market. It just happens that the synergies between them are such that you generally meet them together. But they don't have to, and that's why capitalists trying to abolish the free market in favour of private monopoly profits isn't a contradiction.
And it's just circular logic to say that fewer guns is safer, except where lots of guns is also safe...
You missed the important part: It's not necessarily how many guns there are, but how they are dealt with.
I might believe that, if gun control attempts in the USA didn't consistently have the OPPOSITE effect in a large way. Crime rates go UP under gun bans, and go DOWN under relaxed concealed carry laws.
Again: What time-frame are you looking at?
I live in a country that has very strict gun laws, and has had them for 60+ years. It's almost impossible to get a gun here, and getting a permit even more so. There are also very, very few gun-related crimes. And no, it's like like there'd be a stabbing every day. I also live in a major city. If something happens with a gun involved, that's major headlines, simply because it's so rare.
But legitimate senders have trouble getting past spam filters too, that's why they need "deliverability services".
I call bullshit on that one. I used to work for a company with about a million customers. Spam filters were never anyones concern, the reason external partners come up for delivery is that you need mail servers tuned to handling high-volume messages like that with all the greylisting and delays and bounces.
If you have trouble getting past spam filters, then I maintain the reason is most likely that you are too close to actually being a spammer. Might not be the customer side (i.e. they may all have signed up with you), but the content of your message. Thank the spammers for ruining that, instead of giving them money to teach you how to escalate the battle to the next level.
From all you describe it seems you are genuine. Nevertheless, listening to spammers is the worst thing you could've done. That's like complaining about the park being closed at night - and asking a burglar for advise.
All your links seem to be about the USA, which is a very limited dataset.
World-wide, countries with fewer guns tend to have a lot fewer gun-related deaths, even if you remove accidents from the equation.
Some countries with lots of guns and high safety are that way because they keep their guns locked away - Switzerland, for example.
Why is the US a bad dataset? Because if you make guns illegal now, then for some time, maybe a decade or two, it will be true that criminals have guns (because they don't hand theirs in) while regular citizens don't (because they do).
But you need to think long-term, and when guns are difficult to get in general, most criminals won't have them, either. That's why you can't just outlaw them today and think everything will be fine, you need to come up with a transition plan.
Glad to see you are willing to re-examine your position.
Your original post lacks numbers. I sent out 35,000 mails recently, to people who had signed up with one of my online services, and had absolutely no trouble with any anti-spam filters except that delivery took a while for sites who throttle you.
Unless you're doing several times that volume, you must be doing something horribly, horribly wrong. And asking spammers for advise is to me a good indication of what's wrong. These fucking assholes make a living out of destroying our means of communication for profit. To me, even talking to one would make we want to take a long shower afterwards. I'd rather take relationship advise from a prostitute than e-mail advise from a spammer.
Why? Because all their hints are aimed at exploiting, abusing and circumventing systems that are in place exclusively because of and in order to combat - them. So taking up their tricks for yourself might buy you a solution today - at the price of being blacklisted even more aggressively tomorrow, when the anti-spam people have figured out the tricks.
If you go to bed with criminals, don't complain when you're arrested with them.
Your a moron who has no clue. He isn't a spammer. He's sending emails to people who requested them!!!!
Show me one spammer on this planet who isn't claiming the same thing.
Rule #1: Spammers lie.
That's not to say there aren't some who believe their own lies. I'm not passing judgement, which is why I told him to re-examine his assumptions. If I were sure he's intentionally spamming, I'd have told him to drop dead.
True, if you only print a page or two a month, laser is probably too expensive.
I print in batches. Nothing for a month or two, and then a hundred pages. I figure most people are more or less that way, though maybe it's 10 pages for them instead of 100. Still, when the amount of ink you use to clean the printer nozzles is higher than the ink you actually use printing, something's wrong.
Slashdot Mirror
https://en.wikipedia.org/wiki/Power_line_communication
actually... I do want to know.
Funny how a figure of speech sometimes means the opposite of what you really mean.
As the article explains: To us in the security community, none of the individual pieces raise an eyebrow. We know USB is an infection vector. We know BIOS/UEFI can be compromised. We know that when it hits the firmware, extraction isn't as easy as a dd anymore. We know communication via power cable and audio is possible - the last shouldn't really surprise anyone as it's been just earlier this year that audio was discussed as an alternative to NFC, because it doesn't require new hardware (every smartphone already has speakers and microphones).
And after Stuxnet and Flame, we know that some of the really advanced malware that we've been talking about at conferences is not only possible, but real.
Still, finding all of this in one package is fascinating, and if it really is 3 years old, I don't want to know what the current version looks like.
I know Dragos personally. He's not the guy to run an April Fools in October, and he's got too much reputation to lose to bullshit everyone for a few minutes of fame.
It's a good concept, but it is based in the US, which means that a) it'll run into the same issues again and b) nobody outside and few inside the US will trust it.
What they need are partners in other jurisdictions. At least one in Europe and one in Asia. A carefully designed corporate structure can delay any legal attacks for long enough for at least one of the nodes to inform its users and shift them towards a node not under attack.
Why do we geeks always think the solution must be technical? Social and legal protocols are equally important, and can solve many problems that are much more difficult to solve by technology.
Take a page out of the book of megacorporations. Set up a mother company in a country with all the laws you need and make the operation the legal property of that, so that you can deflect any legal attacks by claiming your local subsidary doesn't have the legal authority nor the passwords required to do what you want them to do, but you will be happy to forward it to the mother company - which is in a jurisdiction where the gag order doesn't apply.
Get a lawyer on board who can figure these things out. There are plenty of lawyers interested in this kind of stuff. And if you need contacts in Europe, send me a mail. I kind of miss the good feeling I had back when I was running an anonymous remailer.
So don't host it at home, you have shitty bandwidth in most cases anyways.
I pay about the price of a meal in an average restaurant per month in hosting fees for my web, mail and everything else server in a hosting center.
Oh and With european hosting company.
Those percentages are certainly lower than what they were when the US put a man on the moon.
Show me the numbers, because I doubt it.
It's complicated because the insurance industry is complicated. It's complicated because we didn't have the political will to simply go for Medicare for all.
No, it's complicated because someone profits from it being complicated.
In fact, lots of people profit from that. The insurance companies because they can weasel out of many insurance cases due to loopholes, exceptions and formalisms. Lawyers who get to fight those cases through in courts. Lots of staff who works on writing, updating, filing, stamping and generally administrating the whole mess. Brokers who tell you what you need because it's a labyrinth no normal person understands. I probably forgot a lot of people.
It's the same with the tax laws. Every exception and additional law has the stated intent of making the tax laws more "fair". In reality, it only makes more complicated. In the end, those who can pay a professional to do their taxes for them get to use most of the loopholes while those who can't, don't.
Do you guys honestly think, for one second, that you can hide from these guys if they really want you? Any of you?
The qualifier is "if they really want you".
You can't hide from the NSA unless you're a government entity yourself. If I were to head the Iran nuclear program, I'd give it a try.
However, you can hide from the NSA dragnet, because it's not targetting you specifically.
So if you use any of the big e-mail providers, you can be 100% certain that a backup copy of all your e-mails exists somewhere in an NSA database. But if you run your own mailserver, the mails that you exchange over encrypted channels with someone else who also does that have a chance of not being caught by the net, not because they couldn't, but because the world is huge and even the vast NSA resources are limited.
The problem with the submitters concept is that as long as you roll your own, you can slip through the net (but never count on it, it's a probability like all things in IT security). But as soon as someone sets up a "secure hosting provider", he'll become a target. And the bigger it gets, the higher the chance that the NSA will expand some resources to penetrate it.
So it's not a viable business concept, and thus it doesn't exist. Of course, someone will make the claims, because scam is always a viable business concept.
52% of Republicans believe in creationism in a recent Gallup poll, as opposed to 34% of Democrats (still shocking).
This is what really changed: You've become a country of idiots, morons, fools and imbeciles.
If the USA had had that attitude towards rocket science, it would still try to put a man on the moon, today.
Name one other country with a political party who is so hellbent on reality distortion to do such silly things with tax payer money?
China under Mao.
Every country has its crazy times. It's not a positive thing, but it's not unique to the USA, except that due to technology and society (China was much more closed-up about what was going on) we know a lot more about this case then all the others.
I do, however, agree that the inmates are running the asylum.
You completely ignored the rest of my comment, which puts down your argument. Buggy-whip makers were put out of business by technological progress. Amazon hasn't invented any new technology. Their innovation is on the business side, and business innovations almost always shift costs around, as I explained.
Maybe you can buy a few books less, but in exchange some workers can actually feed their families and also buy books. Ask the minimum wage temp workers in Amazons warehouses if they'd rather work in an old-style bookstore for two or three times the wage.
Unless you come up with a new technology or a new method of doing business, there are very few ways to actually provide the same service for less money - but what you can do is distribute costs differently. You can pay your workers less and be cheaper for the customers. Or you can save on health and safety, again workers will pay the price when something happens. Or you can do the usual corporate trickery to avoid paying taxes, so the general public pays the money you save (because someone else has to pay the taxes you don't). I could go on.
Amazon has done some cool things, especially when it comes to making next-day delivery the norm instead of a week or two. But they aren't a white knight.
You have capitalism and free market theory confused. They have things in common, but they aren't the same.
Capitalism will always tend towards monopoly, because capitalism is about profit and monopoly rent is where the real profits are.
For the free market, a monopoly is a death spell.
But you can have a free market without capitalism, and capitalism withou a free market. It just happens that the synergies between them are such that you generally meet them together. But they don't have to, and that's why capitalists trying to abolish the free market in favour of private monopoly profits isn't a contradiction.
Uh, did you check the timeframe on that article? It's talking about decades of trend, not just a few years of recent changes.
And it's just circular logic to say that fewer guns is safer, except where lots of guns is also safe...
You missed the important part: It's not necessarily how many guns there are, but how they are dealt with.
I might believe that, if gun control attempts in the USA didn't consistently have the OPPOSITE effect in a large way. Crime rates go UP under gun bans, and go DOWN under relaxed concealed carry laws.
Again: What time-frame are you looking at?
I live in a country that has very strict gun laws, and has had them for 60+ years. It's almost impossible to get a gun here, and getting a permit even more so. There are also very, very few gun-related crimes. And no, it's like like there'd be a stabbing every day. I also live in a major city. If something happens with a gun involved, that's major headlines, simply because it's so rare.
Also, to counter your evidence:
http://articles.latimes.com/2013/may/07/local/la-me-guns-crime-20130508
That's an... interesting way to increase your friend count. Don't tell Zuckerberg.
But legitimate senders have trouble getting past spam filters too, that's why they need "deliverability services".
I call bullshit on that one. I used to work for a company with about a million customers. Spam filters were never anyones concern, the reason external partners come up for delivery is that you need mail servers tuned to handling high-volume messages like that with all the greylisting and delays and bounces.
If you have trouble getting past spam filters, then I maintain the reason is most likely that you are too close to actually being a spammer. Might not be the customer side (i.e. they may all have signed up with you), but the content of your message. Thank the spammers for ruining that, instead of giving them money to teach you how to escalate the battle to the next level.
From all you describe it seems you are genuine. Nevertheless, listening to spammers is the worst thing you could've done. That's like complaining about the park being closed at night - and asking a burglar for advise.
All your links seem to be about the USA, which is a very limited dataset.
World-wide, countries with fewer guns tend to have a lot fewer gun-related deaths, even if you remove accidents from the equation.
Some countries with lots of guns and high safety are that way because they keep their guns locked away - Switzerland, for example.
Why is the US a bad dataset? Because if you make guns illegal now, then for some time, maybe a decade or two, it will be true that criminals have guns (because they don't hand theirs in) while regular citizens don't (because they do).
But you need to think long-term, and when guns are difficult to get in general, most criminals won't have them, either. That's why you can't just outlaw them today and think everything will be fine, you need to come up with a transition plan.
it can be considered an act of war.
This.
Lots of people here are so used to their regular levels of paranoia that they don't get the gravity of these actions anymore.
With you on that one all the way.
Glad to see you are willing to re-examine your position.
Your original post lacks numbers. I sent out 35,000 mails recently, to people who had signed up with one of my online services, and had absolutely no trouble with any anti-spam filters except that delivery took a while for sites who throttle you.
Unless you're doing several times that volume, you must be doing something horribly, horribly wrong. And asking spammers for advise is to me a good indication of what's wrong. These fucking assholes make a living out of destroying our means of communication for profit. To me, even talking to one would make we want to take a long shower afterwards. I'd rather take relationship advise from a prostitute than e-mail advise from a spammer.
Why? Because all their hints are aimed at exploiting, abusing and circumventing systems that are in place exclusively because of and in order to combat - them. So taking up their tricks for yourself might buy you a solution today - at the price of being blacklisted even more aggressively tomorrow, when the anti-spam people have figured out the tricks.
If you go to bed with criminals, don't complain when you're arrested with them.
That's the weirdest thing I got this year, especially because I never had a MySpace account in my life and always avoided it like the plague.
Your a moron who has no clue. He isn't a spammer. He's sending emails to people who requested them!!!!
Show me one spammer on this planet who isn't claiming the same thing.
Rule #1: Spammers lie.
That's not to say there aren't some who believe their own lies. I'm not passing judgement, which is why I told him to re-examine his assumptions. If I were sure he's intentionally spamming, I'd have told him to drop dead.
True, if you only print a page or two a month, laser is probably too expensive.
I print in batches. Nothing for a month or two, and then a hundred pages. I figure most people are more or less that way, though maybe it's 10 pages for them instead of 100. Still, when the amount of ink you use to clean the printer nozzles is higher than the ink you actually use printing, something's wrong.