Mod parent up. Theaetetus has the right idea. When a cop is performing his or her duty, they are enacting the will of their superiors (-all- the way up the chain)...not their own. They must be held to account when they step outside the law.
I do. 99% of all people have a seriously misguided concept of trust. Companies and citizens alike cannot maintain an allegiance to any person because they must bend to the will of law enforcement (notice I did not say 'law') and judicial commands (yes, it actually says "commands" in a subpoena).
If law enforcement officers successfully beg a judge, they can order any person or company to do anything they want (like spying on you, becoming an agent of the state). It's as simple as that. Do -not- trust anyone. If they have been subverted, you will not know until it is too late...Ladar Levison wanted nothing but to maintain Lavabit -- his own business predicated on security/secrecy (when it came out that he handed over SSL keys to authorities, no matter the reason, his business would crumble). The (federal) state compelled its demise under threat of -perpetual- imprisonment and fine, and so it fell.
Having said all that, even a non-NIST entity cannot be trusted. If a non-NIST crypto protocol contains any weaknesses, whether intentional or not, assuredly the NSA will obtain or discover it.
The law says that contracts can't permit unlawful acts -- no matter what, under any circumstance...I'm not sure why we all accept this behaviour. That being said, and if this spying is now legal because a) it's not a human doing it, and b) it's "agreed upon" by two of the parties involved (ignoring third parties of course!), why not use computers/robots to everything corporations want to do but aren't permitted to do by law?
People have a reasonable expectation of privacy in their electronic communication. It's -called- "mail" for crying out loud...mail is one of the most protected forms of communication! The programmers who programmed the scanning engine, and all the way up the chain, should be charged with wiretapping. Just because they use a proxy to conduct their dirty work doesn't mean it's now magically legal.
I used 7 a little bit, 9 Advanced, and 10. I developed on 9 Advanced...variable watches and script debugging helped a LOT...so I could at least nail a problem down when FMP interpreted the code improperly.
FMP needs to eliminate the need for a mouse driven script manager. Maybe they could provide an option for beginners to use it...but let use real devs use a text editor.
From 2000 to present (thankfully, not so much in the present). My client isn't really interested in paying for a long development cycle, so the only way I could get away from FMP was to introduce them to the idea of VB6 (this was a while ago, now) with SQL Express...It worked, and now I have to look forward to the day when I get to port the code to VS2008 or 2012...joy. (I still don't know why MS would get rid of control arrays, and itemdata on combo boxes)
Oh gawd, this is causing flashbacks of FileMaker Pro programming...I want to poke my eyes out with rusty daggers, and cut my right hand off with a drill press...
(For those who have had the pleasure of never being forced to "code" in FileMaker, it's a "database" programming environment similar to, say, MS Access in that it's a self-contained relational DBMS; however, adding "code" is done by using your mouse, with relatively few control structures. It's not free-form coding, it's predefined lines in a listbox where the "programmer" can add conditions to IF or LOOP blocks, iterative lines might not work sometimes, etc. Kludge City. All this designed for a 17" monitor with disproportionately-sized dialog controls. Imagine all the fun you can have!)
Shocking! Researcher discovers hitting submit on the login page of Gmail actually TRANFERS ALL YOUR CREDENTIALS to Google.
Hey asshole, pay attention. The issue here isn't that a first or second party is getting the password, it's that the third party is...the third party doesn't need it at all. Let me spell it out for you: This would be similar to Mozilla, Microsoft, or Apple transmitting your password to themselves just because you are using their browser.
Indeed, this is how it has always worked on BlackBerry devices, so I'm not quite sure why this is news. Anyone who didn't already understand this simply doesn't have any technical imagination.
Ok, maybe you are technically savvy enough to install/configure software yourself...but most users aren't. Good luck to them getting Adobe to understand their environment beyond "format and call us back" when something goes wrong and the thing won't install.
IBM did something similar years ago (circa 2003) when they opened IBM branded stores (they demanded customer lists from authorized resellers, who had to fork them over to keep their authorized status)...IBM sold directly to the public and all the customers of resellers, in effect eliminating the reseller channel. What happened? Resellers boycotted, and IBM did a quick about-face due to a massive drop in sales when they realized that they weren't selling as much new stuff and spare parts (people call their computer guy when stuff goes sideways, and this is a pretty big segment), and had very crappy expertise in the field and when handling the public. Major manufacturers reeeaaallly want the margins on retail sales, but they also reeeeaaally don't want to deal with the public (with exception of Apple). Ever had to deal with a major manufacturer before? I have. It sucks. It's SO depressing knowing that I'm basically on my own. Most do whatever they can to spend $0 on support and disclaim responsibility (even though selling direct gives them the margin to pay for this support. Assholes). There's a reason why we have retail centres...these places are populated with the people that can best handle the (local) population. We need them.
Good luck Adobe, but I predict they will try it, fail, and go back to the "buy it" or "rent it" choice.
CentOS 5.0 release: April 2007
CentOS 6.0 release: July 2012
CentOS 5.9 release: January 2013...wait, what?
Did I miss something?
At least they're not cutting off update support for an older version...that's kinda nice to see...I don't think many people were waiting on the edge of their seat for it though...
(I use CentOS exclusively on my hosting servers/as guest OSes and think it's great)
The government has the right to do, whatever its elected officials decide to do, and is not deemed unconstitutional. I believe its called democracy, or in otherwords 'the social contract', which makes you a lawless teabagger.
WRONG. GOD DAMN WRONG. YOU are the reason the government has been able to incrementally erode our natural born rights. Let me ask you something. If the government decides you have to report your whereabouts every day, or else you go to jail, I bet you'll do that too, right? No questions asked, "I'ma lay on my back for the greater good because I was told to"...
You are a shill of the -worst type-. Worst motherfuckin type! Read a history book, like, ever? Look up, yes, the Nazi takeover in Germany. The communist takeover in Russia, China, East Europe...that is a motherfuckin terrible way to live...under the boot of one guy who is simply obeyed because...what...he "has the right"? Ok, so let's say the government says that the constitution doesn't apply to you...or certain people anymore...then what?
Oh...they already did that... Give yourself a round of applause...go ahead...thank yourself for it. You deserve the praise. Don't be shy.
And the funny thing is that you won't save your loved ones...or even yourself...it's the motherfuckin "teabaggers"...the libertarians...the guys and girls that stand up for motherfuckin LIBERTY that are fighting for YOUR motherfucking rights, too. Fighting so you have a right to be a douche all day long.
Seriously, this is a revelation? Not to mention the only person "angered" was some douchey MP that likely has investments in social networks and online advertisers. Why else would she promote using real information? She (Goodman) is actually claiming that using false information promotes crime. Gawd.
Anyway, I was intelligent enough to refuse to provide real personal information to BBSes (all local public network for the neophytes out there...never mind the Internet...a global public network) since I started online in the early 1990's...and I was very young (under 13). If someone provides enough information to a social site to permit a theft of identity...they deserve it.
Perpetual naivete is ignorance, and widespread ignorance is social decay (how ironic)...for which I have little sympathy.
This is the problem with government. It is forcing an agenda upon us. THAT is what lobbying is all about, and what the constitution is supposed to protect us against. When 'we the people' don't get a chance to provide input on a decision in ballot or wallet form.
Clearly you've made up your mind based on something someone told you at a very young age. No amount of discussion is going to budge your pro-vax mentality, but stop for a moment. 30 years ago I would have believed that vaccination was a little bit more about public health than what it is today. You do know that the authorities want to administer Gardasil to boys, right? The flu shot contains mercury (it's good for your baby, "they" say)? They are also recommending lithium be added to drinking water, as well.
Don't be afraid to re-evaluate your beliefs from time to time. Culture, attitudes, environment...life...changes, and so should you.
Why? Everything he/she said is true. Just because you don't believe it or believe that it doesn't happen "to anyone" does not make the OP crazy or an idiot. The OP is informed and is attempting to share knowledge. I don't understand why you (or anyone else) wouldn't appreciate that enough at least to refrain from disrespecting him/her. Obviously you don't have a clue as to how espionage works, or the fact that it even occurs on a daily basis. You'd likely be similarly in disbelieve to hear the monolithic amount of information China has collected on every aspect of North American life.
I don't think you have a full appreciation for the situation. If the attacker believes/knows that the victims are armed, it's reasonable to believe that the attacker will choose not to attack due to the fact that the attack could be answered by his/her own death. Most attackers know that most populations are unarmed, therefore an attack can be executed with relative impunity.
I'm willing to bet (just because I don't have any links to proof) that home invasions in the deep south either a) don't happen, or b) result in the invader's death and that the same in 'anti-arms' areas results in the opposite.
There was a mass shooting at a community barbecue in Toronto this passed weekend. 2 people killed, 23+ people shot/injured. If, say, 3 of the 50+ (could have been 100+) people that were present were lawfully armed (it's illegal for non-LEOs to carry in Canada), I believe the death toll and number injured would have been much lower...if the incident would have happened at all.
If the number of armed 'victims' out numbers the attackers, there's little chance of success. No one ever robbed a gun show or a police station.
The thing is, there's no way to 'untrust' those protocols. With my GSM example, A5/0 is classed as an 'encryption level', but in fact is in-the-clear. With TLS, and a man-in-the-middle attack, there's no way to know if the MITM has renegotiated the encryption to be in-the-clear. There's no way to turn off support for in-the-clear. The worry about SSH is that with older crypto protocols, a weakness may be found, and that protocol will still exist in all versions off SSH. If the attacker/MITM can force a reneg of the protocol to use the compromised version, then it's as good as not using encryption at all. None of the above offer an option to disable all older protocols. This is a problem in my and the AC's eyes.
It could be that you mean to say "just use another program that supports only fresh crypto"...that is a viable option, but less attractive to one who has used SSH and finds its features very useful.
Slashdot Mirror
Mod parent up. Theaetetus has the right idea. When a cop is performing his or her duty, they are enacting the will of their superiors (-all- the way up the chain)...not their own. They must be held to account when they step outside the law.
If law enforcement officers successfully beg a judge, they can order any person or company to do anything they want (like spying on you, becoming an agent of the state). It's as simple as that. Do -not- trust anyone. If they have been subverted, you will not know until it is too late...Ladar Levison wanted nothing but to maintain Lavabit -- his own business predicated on security/secrecy (when it came out that he handed over SSL keys to authorities, no matter the reason, his business would crumble). The (federal) state compelled its demise under threat of -perpetual- imprisonment and fine, and so it fell.
Having said all that, even a non-NIST entity cannot be trusted. If a non-NIST crypto protocol contains any weaknesses, whether intentional or not, assuredly the NSA will obtain or discover it.
Taiwan cares a fuck about what is going on inside of mainland china.
What does that even mean? Maybe you meant "doesn't give" instead of "cares", or maybe "cares a fuck load"?
Anyway, try reading your crap before posting so at least one other person can understand what you are trying to say.
The law says that contracts can't permit unlawful acts -- no matter what, under any circumstance...I'm not sure why we all accept this behaviour. That being said, and if this spying is now legal because a) it's not a human doing it, and b) it's "agreed upon" by two of the parties involved (ignoring third parties of course!), why not use computers/robots to everything corporations want to do but aren't permitted to do by law?
People have a reasonable expectation of privacy in their electronic communication. It's -called- "mail" for crying out loud...mail is one of the most protected forms of communication! The programmers who programmed the scanning engine, and all the way up the chain, should be charged with wiretapping. Just because they use a proxy to conduct their dirty work doesn't mean it's now magically legal.
I used 7 a little bit, 9 Advanced, and 10. I developed on 9 Advanced...variable watches and script debugging helped a LOT...so I could at least nail a problem down when FMP interpreted the code improperly.
FMP needs to eliminate the need for a mouse driven script manager. Maybe they could provide an option for beginners to use it...but let use real devs use a text editor.
From 2000 to present (thankfully, not so much in the present). My client isn't really interested in paying for a long development cycle, so the only way I could get away from FMP was to introduce them to the idea of VB6 (this was a while ago, now) with SQL Express...It worked, and now I have to look forward to the day when I get to port the code to VS2008 or 2012...joy. (I still don't know why MS would get rid of control arrays, and itemdata on combo boxes)
You said "bomb"! Arrest him!
Oh gawd, this is causing flashbacks of FileMaker Pro programming...I want to poke my eyes out with rusty daggers, and cut my right hand off with a drill press...
(For those who have had the pleasure of never being forced to "code" in FileMaker, it's a "database" programming environment similar to, say, MS Access in that it's a self-contained relational DBMS; however, adding "code" is done by using your mouse, with relatively few control structures. It's not free-form coding, it's predefined lines in a listbox where the "programmer" can add conditions to IF or LOOP blocks, iterative lines might not work sometimes, etc. Kludge City. All this designed for a 17" monitor with disproportionately-sized dialog controls. Imagine all the fun you can have!)
Next news on slashdot:
Shocking! Researcher discovers hitting submit on the login page of Gmail actually TRANFERS ALL YOUR CREDENTIALS to Google.
Hey asshole, pay attention. The issue here isn't that a first or second party is getting the password, it's that the third party is...the third party doesn't need it at all. Let me spell it out for you: This would be similar to Mozilla, Microsoft, or Apple transmitting your password to themselves just because you are using their browser.
Indeed, this is how it has always worked on BlackBerry devices, so I'm not quite sure why this is news. Anyone who didn't already understand this simply doesn't have any technical imagination.
Ok, maybe you are technically savvy enough to install/configure software yourself...but most users aren't. Good luck to them getting Adobe to understand their environment beyond "format and call us back" when something goes wrong and the thing won't install.
IBM did something similar years ago (circa 2003) when they opened IBM branded stores (they demanded customer lists from authorized resellers, who had to fork them over to keep their authorized status)...IBM sold directly to the public and all the customers of resellers, in effect eliminating the reseller channel. What happened? Resellers boycotted, and IBM did a quick about-face due to a massive drop in sales when they realized that they weren't selling as much new stuff and spare parts (people call their computer guy when stuff goes sideways, and this is a pretty big segment), and had very crappy expertise in the field and when handling the public. Major manufacturers reeeaaallly want the margins on retail sales, but they also reeeeaaally don't want to deal with the public (with exception of Apple). Ever had to deal with a major manufacturer before? I have. It sucks. It's SO depressing knowing that I'm basically on my own. Most do whatever they can to spend $0 on support and disclaim responsibility (even though selling direct gives them the margin to pay for this support. Assholes). There's a reason why we have retail centres...these places are populated with the people that can best handle the (local) population. We need them.
Good luck Adobe, but I predict they will try it, fail, and go back to the "buy it" or "rent it" choice.
You know those little squiggly red lines under words you type? I think they're trying to tell you something.
No, no, that's the name of the OS.
CentOS 5.0 release: April 2007
CentOS 6.0 release: July 2012
CentOS 5.9 release: January 2013...wait, what?
Did I miss something?
At least they're not cutting off update support for an older version...that's kinda nice to see...I don't think many people were waiting on the edge of their seat for it though...
(I use CentOS exclusively on my hosting servers/as guest OSes and think it's great)
The government has the right to do, whatever its elected officials decide to do, and is not deemed unconstitutional. I believe its called democracy, or in otherwords 'the social contract', which makes you a lawless teabagger.
WRONG. GOD DAMN WRONG. YOU are the reason the government has been able to incrementally erode our natural born rights. Let me ask you something. If the government decides you have to report your whereabouts every day, or else you go to jail, I bet you'll do that too, right? No questions asked, "I'ma lay on my back for the greater good because I was told to"...
You are a shill of the -worst type-. Worst motherfuckin type! Read a history book, like, ever? Look up, yes, the Nazi takeover in Germany. The communist takeover in Russia, China, East Europe...that is a motherfuckin terrible way to live...under the boot of one guy who is simply obeyed because...what...he "has the right"? Ok, so let's say the government says that the constitution doesn't apply to you...or certain people anymore...then what?
Oh...they already did that... Give yourself a round of applause...go ahead...thank yourself for it. You deserve the praise. Don't be shy.
And the funny thing is that you won't save your loved ones...or even yourself...it's the motherfuckin "teabaggers"...the libertarians...the guys and girls that stand up for motherfuckin LIBERTY that are fighting for YOUR motherfucking rights, too. Fighting so you have a right to be a douche all day long.
(no, Bitcoin isn't credible as it's just too hard for 90% of people)
The people that are on usenet should be savvy enough to a) have already heard of BitCoin, and b) know how to use it.
I can't believe that 90% of their users are newbz.
Seriously, this is a revelation? Not to mention the only person "angered" was some douchey MP that likely has investments in social networks and online advertisers. Why else would she promote using real information? She (Goodman) is actually claiming that using false information promotes crime. Gawd.
Anyway, I was intelligent enough to refuse to provide real personal information to BBSes (all local public network for the neophytes out there...never mind the Internet...a global public network) since I started online in the early 1990's...and I was very young (under 13). If someone provides enough information to a social site to permit a theft of identity...they deserve it.
Perpetual naivete is ignorance, and widespread ignorance is social decay (how ironic)...for which I have little sympathy.
Sometimes one simply can't cast a vote with one's wallet. How many dollars did you choose not to spend on Halliburton's supply of rotten food to the troops?
This is the problem with government. It is forcing an agenda upon us. THAT is what lobbying is all about, and what the constitution is supposed to protect us against. When 'we the people' don't get a chance to provide input on a decision in ballot or wallet form.
Holy shit! You had the opportunity to engineer a motor that ran on spiced ham, and you...hold on a second, someone's sayin' something to me...
Ohhh, nevermind.
Clearly you've made up your mind based on something someone told you at a very young age. No amount of discussion is going to budge your pro-vax mentality, but stop for a moment. 30 years ago I would have believed that vaccination was a little bit more about public health than what it is today. You do know that the authorities want to administer Gardasil to boys, right? The flu shot contains mercury (it's good for your baby, "they" say)? They are also recommending lithium be added to drinking water, as well.
Don't be afraid to re-evaluate your beliefs from time to time. Culture, attitudes, environment...life...changes, and so should you.
Why? Everything he/she said is true. Just because you don't believe it or believe that it doesn't happen "to anyone" does not make the OP crazy or an idiot. The OP is informed and is attempting to share knowledge. I don't understand why you (or anyone else) wouldn't appreciate that enough at least to refrain from disrespecting him/her. Obviously you don't have a clue as to how espionage works, or the fact that it even occurs on a daily basis. You'd likely be similarly in disbelieve to hear the monolithic amount of information China has collected on every aspect of North American life.
So who lost on that deal, exactly? That wasn't childish, that was tactical.
+1
People are getting what they deserve...too bad I'm getting what they deserve too.
So there is no proof of it being in the wild and was only found on a website for analyzing files. So how exactly were they wrong?
Where do you think the "suspicious files" come from?
I don't think you have a full appreciation for the situation. If the attacker believes/knows that the victims are armed, it's reasonable to believe that the attacker will choose not to attack due to the fact that the attack could be answered by his/her own death. Most attackers know that most populations are unarmed, therefore an attack can be executed with relative impunity.
I'm willing to bet (just because I don't have any links to proof) that home invasions in the deep south either a) don't happen, or b) result in the invader's death and that the same in 'anti-arms' areas results in the opposite.
There was a mass shooting at a community barbecue in Toronto this passed weekend. 2 people killed, 23+ people shot/injured. If, say, 3 of the 50+ (could have been 100+) people that were present were lawfully armed (it's illegal for non-LEOs to carry in Canada), I believe the death toll and number injured would have been much lower...if the incident would have happened at all.
If the number of armed 'victims' out numbers the attackers, there's little chance of success. No one ever robbed a gun show or a police station.
Does this mean that he now knows what a false positive feels like?
The thing is, there's no way to 'untrust' those protocols. With my GSM example, A5/0 is classed as an 'encryption level', but in fact is in-the-clear. With TLS, and a man-in-the-middle attack, there's no way to know if the MITM has renegotiated the encryption to be in-the-clear. There's no way to turn off support for in-the-clear. The worry about SSH is that with older crypto protocols, a weakness may be found, and that protocol will still exist in all versions off SSH. If the attacker/MITM can force a reneg of the protocol to use the compromised version, then it's as good as not using encryption at all. None of the above offer an option to disable all older protocols. This is a problem in my and the AC's eyes.
It could be that you mean to say "just use another program that supports only fresh crypto"...that is a viable option, but less attractive to one who has used SSH and finds its features very useful.