If there was one point that was made repeatedly at Defcon this year, it was that no matter how well you protect one layer, the other layers are vulnerable. Okay, so Intel is getting some of their wiz kids together to whip up a digital certificate. Swell. Now some 16 year old is going to set up a machine on the edge of some doctor's network and get their digital id (and it doesn't have to be a hospitol's network either, how many doctors do you think have cable modems or DSL - all of them; Okay, now how many do you think know anything about computer security... yeah, that's what I thought). Wonder who wants to buy a digital id of a doctor, with carte blanch to look at the national database.
Medical records are important. They can be used as a tool to extend not just one person's life, but the lives of many. However, what is the quality of that life if someone who is motivated enough can get to that information.
The solution? Keep the data of the person, on the person. I'd much rather prefer a little implant that contains the information. It's pretty secure, if someone is trying to get the information, you probably know about it (and if they are that close to you, getting that information out of the chip is probably the least of your concerns).
As far as the statistical value of collective records.... there are many ways to collect the data and still preserve the integrety of the privacy of the individual.
Unfortunately, the ramifications of this (and other) shows aired on MTV won't be realized for another 10 years or so.
Nobody reading this would for a second be fooled by the obvious folding, spindling, and multilation of reality that will inevitably be this program (key word here, more on that later). However, Johny 8-12 year old will accept it as the gospel truth. (MTV told me that Sprite tastes good... It does; MTV told me that Super Marios Brothers 20 comes out in a week... It did; MTV told me that evil hackers want to kill me and my family... They do). Ten years from now, little Johnny will be old enough to vote, and MTV will remind them to do so. Of course, the issues are complicated, however, Johnny knows who's good and who's bad, thanks to MTV.
Another case in point, on a recent "Your Rights" bit that they aired, they applauded turning public schools into high security virtual prison camps. They paraded some kids in front of the camera, and had them say (with blank stares of course) that they were glad that they were in uniforms, and that police were walking around in the halls with guns, and things are so much better now that there's a barbed wire fence around the campus.... Fortunately for Sony corp (I think they still own MTV, of course, didn't someone else buy them recently?), the current generation of kids don't know enough that anytime they hear a group of people with zero disagreeing opinions, that they are probably hearing nothing more than propaganda. Too bad there isn't a way to keep them in check... Or at least something close to honest...
I weep for the future. Do your kid a favor, kill their television.
The comment he made about the anti abortion site that told people the location of doctors willing to practise abortion is way off.
Just take that comment for what it was, for what the entire article was, a cheap attempt at emotionalism to sway public opinion. Hackers are like anti-abortionists who kill doctors... Hackers are evil because they smoked and it hurt me... Hackers are evil because... blah blah blah...
Do you think it's a coincidence that he made the comparison of hackers to two groups of people that the media have demonized (terrorists and smokers). I think, perhaps, it was an article written for another website (which shall remain nameless, because I don't want any lawyers to be sent after me, but if you know about Defcon, then you know who I'm referring to), because the readers of/. seem to have rejected it out of hand.
The theme of the conference, however illusive, was this: There are wizards in our midst -- some masters; some journeymen; some merely would-be apprentices. Many of these wizards, through their knowledge, can endanger or damage the rest of us. But there is no common ethical code among them; each makes up his own, or simply has none. It is unclear that any one of them is well-intentioned or even fully cognizant of the consequences of his actions.
Okay, I forgot the obvious comparison to wizards. Masters of arcane and dark arts. Makes deals with demons. Heck, I'm surprised that he was so gentle on this point. He could have just as easily said: All computer hackers worship Satan. Anyone who worships Satan will go to Hell. You don't want your children to go to hell, do you? (See also the political ad in the Gnomes episode of South Park).
But, worse that the attempt to slant public opinion, is the call for the end of individuality. We need a common ethic. One World, One Nation, One People (One Orgasm - the i-brator). Unfortunately, it's the quest for personal freedom which leads to people joining this sort of sub culture. Do what you want for no reason other than because you can, because in the physical world, some guy with a club and a gun, wearing a uniform, can walk up to you on the street, beat the crap out of you, and then lock you up in a prison, just as soon as look at you.
Some break in merely for the challenge; some target people or organizations they don't like; others trash systems at random just to prove they can. The public, which doesn't really understand how computer security works, mostly sticks its head in the sand and ignores the issue unless an intruder does serious damage.
Heh, corporate america sticks it's head in the sand instead of dealing with computer security... True. But, lets face it, they also stick their head in the sand for everything else (the machine's about to crash.... -Oh, is that a bad thing? the software that you have a month to turn out won't work and will destroy your credibility.... - Yes, we know. Mine is better.... - It doesn't matter)
Other than that, I thought the rest of the article was pretty pedestrain... Actually, the title was kind of witty (would have been wittier if it were: "Phear and L0phting in Las Vegas" or maybe "Ph3ar and (ip)Flooding in Las Vegas")
>>"NSAKEY" Gee, who's that for? Not the NSA, they're not that obvious.....
Of course, if everyone didn't take it seriously because they believed that it was "too obvious" and that it "couldn't be true," then it could be even more powerful than if it were kept secret.
Just a conspiracy nut theory... Personally after reading through all the commentary and articles it just seems to be a bit of sensationalism. The buffer overflow security flaws in IIS is a much larger security risk than this issue....
Slashdot Mirror
Speaking of Fight Club, did you notice that his power animal was a penguin? Methinks maybe it's a call to arms to use Linux to subvert the system.
If there was one point that was made repeatedly at Defcon this year, it was that no matter how well you protect one layer, the other layers are vulnerable. Okay, so Intel is getting some of their wiz kids together to whip up a digital certificate. Swell. Now some 16 year old is going to set up a machine on the edge of some doctor's network and get their digital id (and it doesn't have to be a hospitol's network either, how many doctors do you think have cable modems or DSL - all of them; Okay, now how many do you think know anything about computer security... yeah, that's what I thought). Wonder who wants to buy a digital id of a doctor, with carte blanch to look at the national database.
Medical records are important. They can be used as a tool to extend not just one person's life, but the lives of many. However, what is the quality of that life if someone who is motivated enough can get to that information.
The solution? Keep the data of the person, on the person. I'd much rather prefer a little implant that contains the information. It's pretty secure, if someone is trying to get the information, you probably know about it (and if they are that close to you, getting that information out of the chip is probably the least of your concerns).
As far as the statistical value of collective records.... there are many ways to collect the data and still preserve the integrety of the privacy of the individual.
Unfortunately, the ramifications of this (and other) shows aired on MTV won't be realized for another 10 years or so.
Nobody reading this would for a second be fooled by the obvious folding, spindling, and multilation of reality that will inevitably be this program (key word here, more on that later). However, Johny 8-12 year old will accept it as the gospel truth. (MTV told me that Sprite tastes good... It does; MTV told me that Super Marios Brothers 20 comes out in a week... It did; MTV told me that evil hackers want to kill me and my family... They do). Ten years from now, little Johnny will be old enough to vote, and MTV will remind them to do so. Of course, the issues are complicated, however, Johnny knows who's good and who's bad, thanks to MTV.
Another case in point, on a recent "Your Rights" bit that they aired, they applauded turning public schools into high security virtual prison camps. They paraded some kids in front of the camera, and had them say (with blank stares of course) that they were glad that they were in uniforms, and that police were walking around in the halls with guns, and things are so much better now that there's a barbed wire fence around the campus.... Fortunately for Sony corp (I think they still own MTV, of course, didn't someone else buy them recently?), the current generation of kids don't know enough that anytime they hear a group of people with zero disagreeing opinions, that they are probably hearing nothing more than propaganda. Too bad there isn't a way to keep them in check... Or at least something close to honest...
I weep for the future. Do your kid a favor, kill their television.
The comment he made about the anti abortion site that told people the location of doctors willing to practise abortion is way off.
/. seem to have rejected it out of hand.
Just take that comment for what it was, for what the entire article was, a cheap attempt at emotionalism to sway public opinion. Hackers are like anti-abortionists who kill doctors... Hackers are evil because they smoked and it hurt me... Hackers are evil because... blah blah blah...
Do you think it's a coincidence that he made the comparison of hackers to two groups of people that the media have demonized (terrorists and smokers). I think, perhaps, it was an article written for another website (which shall remain nameless, because I don't want any lawyers to be sent after me, but if you know about Defcon, then you know who I'm referring to), because the readers of
The theme of the conference, however illusive, was this: There are wizards in our midst -- some masters; some journeymen; some merely would-be apprentices. Many of these wizards, through their knowledge, can endanger or damage the rest of us. But there is no common ethical code among them; each makes up his own, or simply has none. It is unclear that any one of them is well-intentioned or even fully cognizant of the consequences of his actions.
Okay, I forgot the obvious comparison to wizards. Masters of arcane and dark arts. Makes deals with demons. Heck, I'm surprised that he was so gentle on this point. He could have just as easily said: All computer hackers worship Satan. Anyone who worships Satan will go to Hell. You don't want your children to go to hell, do you? (See also the political ad in the Gnomes episode of South Park).
But, worse that the attempt to slant public opinion, is the call for the end of individuality. We need a common ethic. One World, One Nation, One People (One Orgasm - the i-brator). Unfortunately, it's the quest for personal freedom which leads to people joining this sort of sub culture. Do what you want for no reason other than because you can, because in the physical world, some guy with a club and a gun, wearing a uniform, can walk up to you on the street, beat the crap out of you, and then lock you up in a prison, just as soon as look at you.
Some break in merely for the challenge; some target people or organizations they don't like; others trash systems at random just to prove they can. The public, which doesn't really understand how computer security works, mostly sticks its head in the sand and ignores the issue unless an intruder does serious damage.
Heh, corporate america sticks it's head in the sand instead of dealing with computer security... True. But, lets face it, they also stick their head in the sand for everything else (the machine's about to crash.... -Oh, is that a bad thing? the software that you have a month to turn out won't work and will destroy your credibility.... - Yes, we know. Mine is better.... - It doesn't matter)
Other than that, I thought the rest of the article was pretty pedestrain... Actually, the title was kind of witty (would have been wittier if it were: "Phear and L0phting in Las Vegas" or maybe "Ph3ar and (ip)Flooding in Las Vegas")
>>"NSAKEY" Gee, who's that for? Not the NSA, they're not that obvious.....
Of course, if everyone didn't take it seriously because they believed that it was "too obvious" and that it "couldn't be true," then it could be even more powerful than if it were kept secret.
Just a conspiracy nut theory... Personally after reading through all the commentary and articles it just seems to be a bit of sensationalism. The buffer overflow security flaws in IIS is a much larger security risk than this issue....