After months of debate, NASA has settled on plans for its next spaceship — a space shuttle hybrid that will fly twice in the next decade and cost $30 billion through 2021, according to senior administration officials and internal NASA documents.
Don't worry, I RTFA and it's just the rocket stack that is a shuttle hybrid. It's a space capsule on the top of the stack, not a space shuttle mounted like an IDIOT on the side.
I do need a brighter pointer for astronomy (easier aiming of telescopes and cameras, pointing objects out to others, etc) and 1000mW would be perfect for that (a nice bright clear beam even in low-dust conditions)
I have a 5mW basic cheap green laser pointer and it is MORE than bright enough. You don't need a 10 or 50 or 1000mW laser to point telescopes and cameras. The beam is clear enough, even before but especially after your eyes become attenuated to the dark!
TO READERS OF THIS STORY'S COMMENTS: If you want to read the real comments for this story, scroll 3/4 of the way down the page to skip that ridiculous "when is now in relativity" arguing that shows up in EVERY cosmology story on Slashdot. Seriously guys, shut up already.
I believe the CIA, Mossad, MI6, etc. are ALL using fraudulent SSL certs when they require it. However, there is no proof that these specific organizations are involved in the Diginotar mess. It's not good to throw around speculated information like it's the truth.
He's claiming persecution from a position of privilege, at least that's how I read it. This has nothing to do with women being in average not as strong as men.
He's claiming women are "persecuted". He isn't allowed to hold a viewpoint because of his "position of privilege" as a man?
I think he's pointing out sexism he perceives elsewhere. He's not saying males need more representation, but rather that our society at large is more surprised when a female accomplishes these tasks.
Also, a question for you: is it sexist to say that women aren't as strong as men or that women can't run as fast as men?
I thought that the original leak by Bradley Manning was a brave thing that he did, especially since the information he chose to leak was only low-level classified and unclassified information. He should be given a humanitarian award for his role in this.
I have to disagree with your first sentence. He thought he was anonymously submitting these documents to Wikileaks, and thought he was safely bragging to Lamo about it, since Lamo claimed to be acting in a journalistic capacity. Manning was a "trouble soldier" in his unit, the kind that doesn't get along with others and tends to cause problems and make bad decisions. It's my belief he acted simply out of spite and maybe some misguided thinking, using the opportunity that the newly rising Wikileaks presented.
Password entropy is not intuitive. This is my estimate of the entropy of the password. "ACollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay#"
Capital Letters at the start of every word: 1 bit
10 domain specific words in grammatical context: 6 bits each = 60 bits
Year in recent history: 7 bits
Random no-space or underscore between words: 9 bits
punctuation mark at the end: 4 bits
1+60+7+9+4 = 81 bits of entropy
2^81 / 1000 / 86400 / 365 =
7.6Ã--10^13 years to brute force @ 1000 guesses per second
Length trumps gibberish. It is not a bad pass-phrase.
With all that said, the extra verbal word, "Diplomatic" adds 10 bits of entropy, which is pretty much inconsequential. (6 for the word, 4 for position) It's a privacy lock, pretty much only good for keeping out the curious and people who stumble upon it.
You only know this now that you have seen the password... come on. Before a couple days ago you thought this password was a random 256-character sequence.
I propose that this "leak" was the planned outcome of an operation, probably by the US Army Counterintelligence Agency. This agency has documents that revealed their plan to cause this EXACT kind of exposure, to discredit and subvert WikiLeaks.
url:http://www.scribd.com/doc/28385794/Us-Intel-Wikileaks
I've got a better idea. Wikileaks has always been strongly in favor of the verbatim release of all valid documents submitted to them, with information only ever redacted to protect the submitter of the documents. They got a lot of bad press from innocents' identities being released and this apparently worried them, so they began redacting names of "innocents" from documents prior to release. This was a public relations move on Wikileaks' part, undertaken to prevent their image from being sullied. I think Wikileaks and Julian Assange intended from the very beginning for the diplomatic cables to be released in their entirety, and that they purposefully practiced ridiculously lax password security for their "insurance file". Come on, you're telling me that a serious computer "hacker" like Julian Assange, member of the CCC, couldn't prevent the release of the password to their insurance file? Anyone who even knows what GPG/PGP is already understands enough in general to practice simple security procedures.
Next, the Guardian was sued by Wikileaks over what amounted to the release of their insurance file password. Then, in less than a week, Wikileaks releases all the same documents themselves!? You may think "What's the harm if they're already out there released on the internet?" Well, Wikileaks shouldn't be offering these on their website for the same reason the U.S. State Department doesn't declassify and release all the cables that are already leaked to the news: it seriously limits their stance's credibility, especially true for an organization such as Wikileaks which is supposed to conduct themselves by certain lofty principles. Releasing the documents themselves is inconsistent with their supposed desire to protect informants' well-being.
I think Wikileaks and Julian Assange planned this from the very beginning for the cables, in order to remove themselves from blame because "those guys over there are the ones who released the password! They're the real leakers!" With so many people given the password, we can plainly see it was only a matter of time until this release happened.
The Guardian, New York Times, El País, Der Spiegel and Le Monde, who worked with WikiLeaks publishing carefully selected and redacted documents in December last year, issued a joint statement condemning the latest release.
"We deplore the decision of WikiLeaks to publish the unredacted state department cables, which may put sources at risk," it said.
"Our previous dealings with WikiLeaks were on the clear basis that we would only publish cables which had been subjected to a thorough joint editing and clearance process. We will continue to defend our previous collaborative publishing endeavour. We cannot defend the needless publication of the complete data – indeed, we are united in condemning it.
"The decision to publish by Julian Assange was his, and his alone."
And:
The newly published archive contains more than 1,000 cables identifying individual activists; several thousand labelled with a tag used by the US to mark sources it believes could be placed in danger; and more than 150 specifically mentioning whistleblowers.
Why would the U.S. put source-identifying information in a report? Typically, source information is handled with very, very strict controls on an exceptionally maintained need-to-know basis. In these cases, the information reported is of a nature that it could have only come from one or a handful of people in these foreign countries.
Killing someone is killing someone, whether 'lawfully' or not. Do you think it is right to kill someone because they embarrassed you? No? Then why should those in power be able to do so?
You shot a bank teller during a robbery. You're guilty of murder.
You shot an intruder in your house. You're guilty of murder.
You ran over a man crossing the freeway at night. You're guilty of murder.
They were thinking something along the lines of "the Guardian already gave the bad guys our secrets, so let's make sure the people at risk have a chance to look through the cables, see if they're mentioned, and take appropriate self-defensive measures, since we don't have the resources to approach them all privately."
I've got a better idea. Wikileaks has always been strongly in favor of the verbatim release of all valid documents submitted to them, with information only ever redacted to protect the submitter of the documents. They got a lot of bad press from innocents' identities being released and this apparently worried them, so they began redacting names of "innocents" from documents prior to release. This was a public relations move on Wikileaks' part, undertaken to prevent their image from being sullied. I think Wikileaks and Julian Assange intended from the very beginning for the diplomatic cables to be released in their entirety, and that they purposefully practiced ridiculously lax password security for their "insurance file". Come on, you're telling me that a serious computer "hacker" like Julian Assange, member of CCC, couldn't prevent the release of the password to their insurance file? Anyone who even knows what GPG/PGP is already understands enough in general to practice simple security procedures.
Next, the Guardian was sued by Wikileaks over what amounted to the release of their insurance file password. Then, in less than a week, Wikileaks releases all the same documents themselves!? You may think "What's the harm if they're already out there released on the internet?" Well, Wikileaks shouldn't be offering these on their website for the same reason the U.S. State Department doesn't declassify and release all the cables that are already leaked to the news: it seriously limits their stance's credibility, especially true for an organization such as Wikileaks which is supposed to conduct themselves by certain lofty principles. Releasing the documents themselves is inconsistent with their supposed desire to protect informants' well-being.
I think Wikileaks and Julian Assange planned this from the very beginning for the cables, in order to remove themselves from blame because "those guys over there are the ones who released the password! They're the real leakers!" With so many people given the password, we can plainly see it was only a matter of time. At least it's not as crazy as some of the other conspiracy theories people tend to put forth here on/.
Actually, IMHO, The US will probably have some of the "exposed/endangered" assassinated so as to make Assange responsible for their deaths! This way they get their extradition, their toy, and their public execution!
What a GREAT way to distract people and make Obama look like a "tough" guy!
Wow. I'm glad you aren't actually in charge of anything. Don't pretend for a second that you're not really talking about what you'd do in a position of power.
It is out of the realm of possibility because . . . it won't happen.
It has already happened once in the Solar Storm of 1859. We're not sitting around discussing how we'll survive when the sun begins fusing helium in 5 billion years, or when a nearby supernova goes off in a million years, or when the Andromeda Galaxy collides with our galaxy in roughly 3 billion years, or a hypothetical impact event that occurs only once every 50 million years. We're talking about a real, non-negligible chance of a large solar flare like was witnessed 150 years ago on their primitive telegraph instruments, one that would be absolutely, positively devastating were it to occur again in today's world at the same intensity witnessed before.
Because when the government wants to snoop on a site they of course doesn't want the site to be encrypted with SSL so in that case they simply send you a phony cert and sign it with their root CA so your browser accepts it (if we let governments be the root CA:s). Granted, there are probably some NSA undercover organization on all browsers root CA list today, but still.
It's doubtful that there are entire front CA companies in existence, but the CA sources are such high value resources that you can bet there are certainly hired agents who are paid to push mission-critical certs through.
Slashdot Mirror
Nice article, thanks for writing it! I only wish I could take part in a visit like that.
After months of debate, NASA has settled on plans for its next spaceship — a space shuttle hybrid that will fly twice in the next decade and cost $30 billion through 2021, according to senior administration officials and internal NASA documents.
Don't worry, I RTFA and it's just the rocket stack that is a shuttle hybrid. It's a space capsule on the top of the stack, not a space shuttle mounted like an IDIOT on the side.
I do need a brighter pointer for astronomy (easier aiming of telescopes and cameras, pointing objects out to others, etc) and 1000mW would be perfect for that (a nice bright clear beam even in low-dust conditions)
I have a 5mW basic cheap green laser pointer and it is MORE than bright enough. You don't need a 10 or 50 or 1000mW laser to point telescopes and cameras. The beam is clear enough, even before but especially after your eyes become attenuated to the dark!
TO READERS OF THIS STORY'S COMMENTS: If you want to read the real comments for this story, scroll 3/4 of the way down the page to skip that ridiculous "when is now in relativity" arguing that shows up in EVERY cosmology story on Slashdot. Seriously guys, shut up already.
I believe the CIA, Mossad, MI6, etc. are ALL using fraudulent SSL certs when they require it. However, there is no proof that these specific organizations are involved in the Diginotar mess. It's not good to throw around speculated information like it's the truth.
He's claiming persecution from a position of privilege, at least that's how I read it. This has nothing to do with women being in average not as strong as men.
He's claiming women are "persecuted". He isn't allowed to hold a viewpoint because of his "position of privilege" as a man?
And that extra question was unrelated.
Actually, I reread your comment this morning and I completely misunderstood it. We agree on everything, and thank you for your excellent analysis.
I think he's pointing out sexism he perceives elsewhere. He's not saying males need more representation, but rather that our society at large is more surprised when a female accomplishes these tasks.
Also, a question for you: is it sexist to say that women aren't as strong as men or that women can't run as fast as men?
I think you're a loony!
I thought that the original leak by Bradley Manning was a brave thing that he did, especially since the information he chose to leak was only low-level classified and unclassified information. He should be given a humanitarian award for his role in this.
I have to disagree with your first sentence. He thought he was anonymously submitting these documents to Wikileaks, and thought he was safely bragging to Lamo about it, since Lamo claimed to be acting in a journalistic capacity. Manning was a "trouble soldier" in his unit, the kind that doesn't get along with others and tends to cause problems and make bad decisions. It's my belief he acted simply out of spite and maybe some misguided thinking, using the opportunity that the newly rising Wikileaks presented.
http://xkcd.com/936/
Password entropy is not intuitive. This is my estimate of the entropy of the password. "ACollectionOfDiplomaticHistorySince_1966_ToThe_PresentDay#"
Capital Letters at the start of every word: 1 bit 10 domain specific words in grammatical context: 6 bits each = 60 bits Year in recent history: 7 bits Random no-space or underscore between words: 9 bits punctuation mark at the end: 4 bits
1+60+7+9+4 = 81 bits of entropy 2^81 / 1000 / 86400 / 365 = 7.6Ã--10^13 years to brute force @ 1000 guesses per second
Length trumps gibberish. It is not a bad pass-phrase.
With all that said, the extra verbal word, "Diplomatic" adds 10 bits of entropy, which is pretty much inconsequential. (6 for the word, 4 for position) It's a privacy lock, pretty much only good for keeping out the curious and people who stumble upon it.
You only know this now that you have seen the password... come on. Before a couple days ago you thought this password was a random 256-character sequence.
Which cable? Which country? I'd like to read this.
I propose that this "leak" was the planned outcome of an operation, probably by the US Army Counterintelligence Agency. This agency has documents that revealed their plan to cause this EXACT kind of exposure, to discredit and subvert WikiLeaks. url:http://www.scribd.com/doc/28385794/Us-Intel-Wikileaks
I've got a better idea. Wikileaks has always been strongly in favor of the verbatim release of all valid documents submitted to them, with information only ever redacted to protect the submitter of the documents. They got a lot of bad press from innocents' identities being released and this apparently worried them, so they began redacting names of "innocents" from documents prior to release. This was a public relations move on Wikileaks' part, undertaken to prevent their image from being sullied. I think Wikileaks and Julian Assange intended from the very beginning for the diplomatic cables to be released in their entirety, and that they purposefully practiced ridiculously lax password security for their "insurance file". Come on, you're telling me that a serious computer "hacker" like Julian Assange, member of the CCC, couldn't prevent the release of the password to their insurance file? Anyone who even knows what GPG/PGP is already understands enough in general to practice simple security procedures.
Next, the Guardian was sued by Wikileaks over what amounted to the release of their insurance file password. Then, in less than a week, Wikileaks releases all the same documents themselves!? You may think "What's the harm if they're already out there released on the internet?" Well, Wikileaks shouldn't be offering these on their website for the same reason the U.S. State Department doesn't declassify and release all the cables that are already leaked to the news: it seriously limits their stance's credibility, especially true for an organization such as Wikileaks which is supposed to conduct themselves by certain lofty principles. Releasing the documents themselves is inconsistent with their supposed desire to protect informants' well-being.
I think Wikileaks and Julian Assange planned this from the very beginning for the cables, in order to remove themselves from blame because "those guys over there are the ones who released the password! They're the real leakers!" With so many people given the password, we can plainly see it was only a matter of time until this release happened.
Okay, then we agree on everything except capital punishment afforded through proper judicial channels. :)
The Guardian, New York Times, El País, Der Spiegel and Le Monde, who worked with WikiLeaks publishing carefully selected and redacted documents in December last year, issued a joint statement condemning the latest release.
"We deplore the decision of WikiLeaks to publish the unredacted state department cables, which may put sources at risk," it said.
"Our previous dealings with WikiLeaks were on the clear basis that we would only publish cables which had been subjected to a thorough joint editing and clearance process. We will continue to defend our previous collaborative publishing endeavour. We cannot defend the needless publication of the complete data – indeed, we are united in condemning it.
"The decision to publish by Julian Assange was his, and his alone."
And:
The newly published archive contains more than 1,000 cables identifying individual activists; several thousand labelled with a tag used by the US to mark sources it believes could be placed in danger; and more than 150 specifically mentioning whistleblowers.
Why would the U.S. put source-identifying information in a report? Typically, source information is handled with very, very strict controls on an exceptionally maintained need-to-know basis. In these cases, the information reported is of a nature that it could have only come from one or a handful of people in these foreign countries.
Killing someone is killing someone, whether 'lawfully' or not. Do you think it is right to kill someone because they embarrassed you? No? Then why should those in power be able to do so?
You shot a bank teller during a robbery. You're guilty of murder.
...Or maybe it's not so black-and-white.
You shot an intruder in your house. You're guilty of murder.
You ran over a man crossing the freeway at night. You're guilty of murder.
Executing anyone is always an assassination, regardless of how you try to justify it.
You're welcome to your own point of view, as am I.
You're a nut. Why do you keep posting comments asking people why they won't reveal their real name, address, and phone number?
They were thinking something along the lines of "the Guardian already gave the bad guys our secrets, so let's make sure the people at risk have a chance to look through the cables, see if they're mentioned, and take appropriate self-defensive measures, since we don't have the resources to approach them all privately."
I've got a better idea. Wikileaks has always been strongly in favor of the verbatim release of all valid documents submitted to them, with information only ever redacted to protect the submitter of the documents. They got a lot of bad press from innocents' identities being released and this apparently worried them, so they began redacting names of "innocents" from documents prior to release. This was a public relations move on Wikileaks' part, undertaken to prevent their image from being sullied. I think Wikileaks and Julian Assange intended from the very beginning for the diplomatic cables to be released in their entirety, and that they purposefully practiced ridiculously lax password security for their "insurance file". Come on, you're telling me that a serious computer "hacker" like Julian Assange, member of CCC, couldn't prevent the release of the password to their insurance file? Anyone who even knows what GPG/PGP is already understands enough in general to practice simple security procedures.
/.
Next, the Guardian was sued by Wikileaks over what amounted to the release of their insurance file password. Then, in less than a week, Wikileaks releases all the same documents themselves!? You may think "What's the harm if they're already out there released on the internet?" Well, Wikileaks shouldn't be offering these on their website for the same reason the U.S. State Department doesn't declassify and release all the cables that are already leaked to the news: it seriously limits their stance's credibility, especially true for an organization such as Wikileaks which is supposed to conduct themselves by certain lofty principles. Releasing the documents themselves is inconsistent with their supposed desire to protect informants' well-being.
I think Wikileaks and Julian Assange planned this from the very beginning for the cables, in order to remove themselves from blame because "those guys over there are the ones who released the password! They're the real leakers!" With so many people given the password, we can plainly see it was only a matter of time. At least it's not as crazy as some of the other conspiracy theories people tend to put forth here on
Actually, IMHO, The US will probably have some of the "exposed/endangered" assassinated so as to make Assange responsible for their deaths! This way they get their extradition, their toy, and their public execution!
What a GREAT way to distract people and make Obama look like a "tough" guy!
Wow. I'm glad you aren't actually in charge of anything. Don't pretend for a second that you're not really talking about what you'd do in a position of power.
Wow, I knew that Indiana had two time zones, but I had no idea about the annoying history! Why are these last few counties even bothering?
They are probably part of larger centers of commerce in neighboring states, rather than in Indiana. I'd imagine there's good reasoning behind it.
Face it, your desperate attempt to get a cute acronym has just left you looking like a CLOD.
A very PROUD CLOD.
It is out of the realm of possibility because . . . it won't happen.
It has already happened once in the Solar Storm of 1859. We're not sitting around discussing how we'll survive when the sun begins fusing helium in 5 billion years, or when a nearby supernova goes off in a million years, or when the Andromeda Galaxy collides with our galaxy in roughly 3 billion years, or a hypothetical impact event that occurs only once every 50 million years. We're talking about a real, non-negligible chance of a large solar flare like was witnessed 150 years ago on their primitive telegraph instruments, one that would be absolutely, positively devastating were it to occur again in today's world at the same intensity witnessed before.
Thank you! Installing now!
Because when the government wants to snoop on a site they of course doesn't want the site to be encrypted with SSL so in that case they simply send you a phony cert and sign it with their root CA so your browser accepts it (if we let governments be the root CA:s). Granted, there are probably some NSA undercover organization on all browsers root CA list today, but still.
It's doubtful that there are entire front CA companies in existence, but the CA sources are such high value resources that you can bet there are certainly hired agents who are paid to push mission-critical certs through.