Do you have any more? The claim here seems to be that this is such a huge, pervasive problem that the situation must change. A single case isn't really going to do it. If your thinking is that government run facilities will be abuse, scandal, and corruption free, you are greatly mistaken. It would be easy enough to find any number of scandals over government run prisons. Where is the evidence of a systematic problem? So far this seems to be a philosophical issue in the main.
How are you supposed to find more when we are talking about judges and law enforcement itself? Who is going to investigate?
There are hackers, phishers, spammers, and other untrustworthy people on the internet. The FBI seems to have just realized that they can't prevent them from existing, and now tells us that we'll "never be secure", and people react. But this has always been the case offline as well. There are thieves, murderers, and con-artists, and we can never make them go away either, and as such, here too, we will never be secure.
That said, if you use common sense, encrypt your important data, don't click links in unsolicited emails, and use a password better than "12345", you'll already be enough of a pain to most "hackers" that they'll not bother, because next door, there's a guy who's got a plaintext full of banking passwords on his desktop with file sharing on.
There's a saying that if attacked by a hungry bear, you don't need to outrun the bear, just the other people at the campground. Same goes here.
But most hackers aren't the ones who the US government would have to use war powers against. The US government would have to use war powers to stop state sponsored hackers.
You can't really fight terrorism with bullets and bombs, just like you can't fight hackers with some "new" anti-virus program or whatever (at least not for long). But nobody wants to think like that. "If we kill enough of them, they'll stop" doesn't work with terrorists - they're roaches in the walls and you can't get them all without collateral damage or creating yet a different kind of roach. However, all we have are bullets and bombs. "If we build a good enough firewall, it'll stop them" is just a challenge to hackers. Nobody wants to hear "You must completely change how your computers work to have even a ghost of a chance." Instead, it's "How do I fix what I have now?" The answer "You can't" doesn't let you keep your job or make anyone any money.
The way to stop hackers is to create jobs. When there's fewer jobs there tends to be more hackers just like any other type of crime.
If we are talking about cyber warriors then we are talking about state sponsored hackers and this is actually a war effort because these state sponsored hackers aren't civilians.
An employee, who is allowed access to files/info, that they then are then copying/sharing/selling... Users who don't log out of their computers, or administrator who give users to much access to things they dont need to see. Is it hacking then the person has a sticky note with this months password on their monitor, or on their pull out keyboard if they think they are being sneaky.
Espionage yes but that still involves hackers usually.
These minimum sentences should not exist. It's bad enough that peoples lives can easily be ruined by hacking in general but it's even worse if they lose 2 years of their life. This would kill them professionally as they'd have no way to explain their gap in resume.
It's only a matter of time before hackers are treated like sex offenders, just wait and see.
The general population doesn't control the actions of agencies like the FBI. The FBI and agencies utilize the population for their own agenda or purposes or it targets them. They are fighting a war and nothing stands in their way of their objectives.
If they don't sell their exploit to NATO who should they sell them to? The FBI?
The FBI is part of NATO - it is an organization owned by the US government - which is part of NATO. The FBI is not an "alternative". North Korea, China, Al quaeda and organized crime are all "alternatives" to NATO though. The only ones to purchase such stuff are criminals and governments with enemies...
If they are only selling it to NATO governments and the FBI and US government are part of NATO then what is the problem? Isn't that what all the other contractors are doing anyway?
Why is this modded redundant? I am in ITSec yet am valued more for my knowledge about physical security and it's deep implications. Go ahead go take a look at a light primer: Locks, Safes, and Security by Marc Weber Tobias; then come back and say it is redundant.
But if you know about physical security then you know in most workplaces it barely exists. You've got to secure the entire electromagnetic spectrum, worry about biological attacks, chemical attacks, psychological, and social engineering attacks on top of the technical exploits, lock picking, etc.
These individuals in this company wouldn't be in the business they are in if they didn't have physical security of some sort. They have as little physical security as everyone else has, but perhaps they are aware of the fact that they aren't completely safe.
But you're right, if they aren't locked down like a fort someone will still their exploits and then sell them to their clients.
Espionage agencies are lawfully chartered. The activities they undertake in other countries are usually illegal in those countries, but so what, you do it to us, we do it to you, when you catch one of ours, we catch one of yours, trade, and back to business.
In the case of the french bombing a ship in new zealand that was illegal, even though New Zealand would be a "NATO Partner" in the parlance of TFA. Two of the agents were caught, and charged.
Of course had they got back to france (like the rest of the team) likely nothing would have happened to them, although with a more valuable ally like the UK that may not hold true. Countries act in their own interests, and if they're smart they are under no illusion about having any friends.
The reason people still remember the rainbow warrior incident is because it was a major scandal in france, and might not even have been legal in france. Depends on the agreements they had with New Zealand.
You're forgetting that spies don't get "traded', officers get traded back and forth and only the officers with official cover. Officers are spy handlers, the spies are the people who if caught get killed.
When you're extorting, don't get greedy. At some point it's cheaper to just get rid of you than to pay you.
So who is going to do the getting rid of? Google?
Also it's not extortion. Bug testing is Googles job not ours. Finally you have all these agencies that want to buy exploits so it's more like weapons trading but thats basically what the defense industry does anyway. I don't see how this would be extortion but selling missiles to a NATO country isn't?
100k per customer. Multiply by x, with x being everyone and anyone willing and able to join the cyber arms race.
Plus, those 100k are the admission ticket, not the ride fee. Actually getting informed about an exploit and how it works costs extra, and then you WISH it was just 100k...
If it's profitable to do things this way then this might be the beginning of a new industry.
I mean, aren't there laws against doing things like hacking into computers you don't own? Isn't this aiding in a crime? The last time I checked, even government agencies were obliged not to break laws.
Government agencies don't believe in any laws besides the law of might. If they want to do it they do it just as long as they have the force to get away with it.
And not just for their offices, but for their homes and the homes, schools and offices of their families, friends and anyone else they might care about.
It strikes me that these are people you don't want to try to play around with and that some might try to influence you to give a better deal to their side than another side, perhaps using things like pictures of your kids walking to school or your wife gardening.
There is no easy way for hackers to make money. You'll have to sell to the spies or you don't make money at all because the spies are the ones with the money to pay for security researchers.
As far as them trying to influence for a better deal or exclusive deal this much is obvious.
yes, because human lives are worth so much less than animals.....
Are they worth more? How is the value of a life determined?
Salaries and taxes.
Linux still wont do RevoDrive3 without hacks
on
Linux 3.3 Released
·
· Score: 1
I've managed to get it up and running (am using it now), but I cannot upgrade the kernel because it only works on one version of the 3x kernel. When are they going to include these drivers by default?
Then there's the video drivers which don't work well either.
Slashdot Mirror
Do you have any more? The claim here seems to be that this is such a huge, pervasive problem that the situation must change. A single case isn't really going to do it. If your thinking is that government run facilities will be abuse, scandal, and corruption free, you are greatly mistaken. It would be easy enough to find any number of scandals over government run prisons. Where is the evidence of a systematic problem? So far this seems to be a philosophical issue in the main.
How are you supposed to find more when we are talking about judges and law enforcement itself? Who is going to investigate?
There are hackers, phishers, spammers, and other untrustworthy people on the internet. The FBI seems to have just realized that they can't prevent them from existing, and now tells us that we'll "never be secure", and people react. But this has always been the case offline as well. There are thieves, murderers, and con-artists, and we can never make them go away either, and as such, here too, we will never be secure.
That said, if you use common sense, encrypt your important data, don't click links in unsolicited emails, and use a password better than "12345", you'll already be enough of a pain to most "hackers" that they'll not bother, because next door, there's a guy who's got a plaintext full of banking passwords on his desktop with file sharing on.
There's a saying that if attacked by a hungry bear, you don't need to outrun the bear, just the other people at the campground. Same goes here.
But most hackers aren't the ones who the US government would have to use war powers against. The US government would have to use war powers to stop state sponsored hackers.
You can't really fight terrorism with bullets and bombs, just like you can't fight hackers with some "new" anti-virus program or whatever (at least not for long). But nobody wants to think like that. "If we kill enough of them, they'll stop" doesn't work with terrorists - they're roaches in the walls and you can't get them all without collateral damage or creating yet a different kind of roach. However, all we have are bullets and bombs. "If we build a good enough firewall, it'll stop them" is just a challenge to hackers. Nobody wants to hear "You must completely change how your computers work to have even a ghost of a chance." Instead, it's "How do I fix what I have now?" The answer "You can't" doesn't let you keep your job or make anyone any money.
The way to stop hackers is to create jobs. When there's fewer jobs there tends to be more hackers just like any other type of crime.
If we are talking about cyber warriors then we are talking about state sponsored hackers and this is actually a war effort because these state sponsored hackers aren't civilians.
An employee, who is allowed access to files/info, that they then are then copying/sharing/selling...
Users who don't log out of their computers, or administrator who give users to much access to things they dont need to see.
Is it hacking then the person has a sticky note with this months password on their monitor, or on their pull out keyboard if they think they are being sneaky.
Espionage yes but that still involves hackers usually.
If corporations don't care about their own security why is it so important to the US government?
Our lives are at stake if some dumb corporation doesn't care about security. Some corporations are critical.
It's a war in the sense that hackers can put lives at stake and get people killed. Yes it's accurate to describe it as a war.
But I don't think teenage script kiddies are "cyber warriors".
It's always an epic battle. That is why it creates jobs because there a problems to be solved which aren't easy.
These minimum sentences should not exist. It's bad enough that peoples lives can easily be ruined by hacking in general but it's even worse if they lose 2 years of their life. This would kill them professionally as they'd have no way to explain their gap in resume.
It's only a matter of time before hackers are treated like sex offenders, just wait and see.
Minimum sentences as well as private prisons should be entirely unconstitutional.
These ideas are all traps put in place by corrupt lawmakers and special interest groups that benefit from for profit prisons. Don't get it twisted.
The general population doesn't control the actions of agencies like the FBI. The FBI and agencies utilize the population for their own agenda or purposes or it targets them. They are fighting a war and nothing stands in their way of their objectives.
What government respects human rights?
If they don't sell their exploit to NATO who should they sell them to? The FBI?
The FBI is part of NATO - it is an organization owned by the US government - which is part of NATO. The FBI is not an "alternative". North Korea, China, Al quaeda and organized crime are all "alternatives" to NATO though. The only ones to purchase such stuff are criminals and governments with enemies...
If they are only selling it to NATO governments and the FBI and US government are part of NATO then what is the problem? Isn't that what all the other contractors are doing anyway?
You make plenty of good points. You need to be modded up.
Why is this modded redundant? I am in ITSec yet am valued more for my knowledge about physical security and it's deep implications. Go ahead go take a look at a light primer: Locks, Safes, and Security by Marc Weber Tobias; then come back and say it is redundant.
But if you know about physical security then you know in most workplaces it barely exists. You've got to secure the entire electromagnetic spectrum, worry about biological attacks, chemical attacks, psychological, and social engineering attacks on top of the technical exploits, lock picking, etc.
These individuals in this company wouldn't be in the business they are in if they didn't have physical security of some sort. They have as little physical security as everyone else has, but perhaps they are aware of the fact that they aren't completely safe.
But you're right, if they aren't locked down like a fort someone will still their exploits and then sell them to their clients.
Espionage agencies are lawfully chartered. The activities they undertake in other countries are usually illegal in those countries, but so what, you do it to us, we do it to you, when you catch one of ours, we catch one of yours, trade, and back to business.
In the case of the french bombing a ship in new zealand that was illegal, even though New Zealand would be a "NATO Partner" in the parlance of TFA. Two of the agents were caught, and charged.
Of course had they got back to france (like the rest of the team) likely nothing would have happened to them, although with a more valuable ally like the UK that may not hold true. Countries act in their own interests, and if they're smart they are under no illusion about having any friends.
The reason people still remember the rainbow warrior incident is because it was a major scandal in france, and might not even have been legal in france. Depends on the agreements they had with New Zealand.
You're forgetting that spies don't get "traded', officers get traded back and forth and only the officers with official cover. Officers are spy handlers, the spies are the people who if caught get killed.
When you're extorting, don't get greedy. At some point it's cheaper to just get rid of you than to pay you.
So who is going to do the getting rid of? Google?
Also it's not extortion. Bug testing is Googles job not ours. Finally you have all these agencies that want to buy exploits so it's more like weapons trading but thats basically what the defense industry does anyway. I don't see how this would be extortion but selling missiles to a NATO country isn't?
100k per customer. Multiply by x, with x being everyone and anyone willing and able to join the cyber arms race.
Plus, those 100k are the admission ticket, not the ride fee. Actually getting informed about an exploit and how it works costs extra, and then you WISH it was just 100k...
If it's profitable to do things this way then this might be the beginning of a new industry.
Wow. That puts huge incentive on planting moles in projects with wide distribution simply for the aim of writing exploitable code.
Agencies probably already do that to save money having to pay these guys.
I mean, aren't there laws against doing things like hacking into computers you don't own? Isn't this aiding in a crime? The last time I checked, even government agencies were obliged not to break laws.
Government agencies don't believe in any laws besides the law of might. If they want to do it they do it just as long as they have the force to get away with it.
Even if they do only sell to NATO, NATO governments haven't exactly had a stellar history of respecting human rights in the past decade.
What government respects human rights?
If they don't sell their exploit to NATO who should they sell them to? The FBI?
And not just for their offices, but for their homes and the homes, schools and offices of their families, friends and anyone else they might care about.
It strikes me that these are people you don't want to try to play around with and that some might try to influence you to give a better deal to their side than another side, perhaps using things like pictures of your kids walking to school or your wife gardening.
There is no easy way for hackers to make money. You'll have to sell to the spies or you don't make money at all because the spies are the ones with the money to pay for security researchers.
As far as them trying to influence for a better deal or exclusive deal this much is obvious.
I admit it's good enough for one security researcher, or maybe 1.5, but it's not rich.
If we are talking about millions of dollars then we are talking rich.
Please. Nobody in the post-911 era believes that the government is refraining from spying on American citizens.
What a disgrace.
The NSA spies on all citizens American or foreign.
yes, because human lives are worth so much less than animals.....
Are they worth more?
How is the value of a life determined?
Salaries and taxes.
I've managed to get it up and running (am using it now), but I cannot upgrade the kernel because it only works on one version of the 3x kernel. When are they going to include these drivers by default?
Then there's the video drivers which don't work well either.