What exactly is Wikileaks doing that all these other media organizations aren't also doing?
No one gave Wikileaks a security clearance; they are incapable of leaking anything. They are merely publishing information that was leaked by someone else. So how are all these attacks on Wikileaks' right to publish justified vs. those of the NY Times or the Associated Press?
Where does this notion about them not having a security clearance making them immune to prosecution come from? It doesn't matter if anyone at Wikileaks has/had a security clearance. The dissemination of classified US Defense information is STILL ILLEGAL under US law. Please see Sections 793, 794, 798, Title 18, United States Code.
It can't but if at some point in the future you want to get a job which requires any kind of clearance they can refuse it based on whatever they feel like. Including the fact that someone accessed wikileaks or read the ny times from your home IP address.
True. It does come down to the person doing your background check. They don't have access to things like your ISP logs, but they are quite capable of checking facebook. Maybe if the guy has plenty of time (they don't) and a bit of skill he might even figure out your slashdot user id. Most of the background check is just plain gum-shoe work like talking to your neighbors and verifying your references and credentials.
How about the Classified Information Non-Disclosure agreement which you have to sign to get a clearance? http://www.archives.gov/isoo/security-forms/sf312.pdf All of the laws referenced in the agreement, apply regardless of whether you have a clearance or if you even sign the agreement.
How can it apply to you if you haven't signed or even heard about the agreement?
Seems like a secret law.
You missed the point. Did you even bother to look at it? This agreement highlights the laws that you are subject to. Most of which are US Code that apply to everyone in the US..
No they want the courts to recognize pictures taken with a camera using XXX digital security without question. Much in the same manner that courts have set a precedence of blindly believing radar guns to be infallible (when we know scientifically that they are not).
For verification you need a private key + a public key. The public key is a hash of the photograph itself. The private key is known only to Canon. The private key absolutely must exist on the camera in order for it to generate a signature of the photo (generated from hash + public key).
For verification all the Canon software needs to do is perform the same operation the camera would have: combine a hash of the photo with the private key and generate a signature. If the two signatures match, the photo is verified.
You're rambling, and it's a bit obvious you don't understand how PKI works. Verification does NOT require the private key. You need the public key, and the public key of any root or intermediate certs used to create the certificate in the camera.
NOT LEGAL. Its in the printed newspaper = automatic clearance. Any more crap directives like this and watch all those new ROTC's in the last decade be shut down. A new academic expulsion on DOD will be initiated.
How about the Classified Information Non-Disclosure agreement which you have to sign to get a clearance? http://www.archives.gov/isoo/security-forms/sf312.pdf All of the laws referenced in the agreement, apply regardless of whether you have a clearance or if you even sign the agreement.
They can still throw you in jail for disclosing classified information, even if that information has been leaked to the public. That's part of the paperwork you signed when you got the clearance and when they out-briefed you.
They blew it entirely if every camera has the same signing certificate as well. What they should have is a root CA, and intermediate CA which issues certificates to each camera based on their serial number. This would also imply the certificate is not part of the software but perhaps burned into an eeprom on the camera . Then the signed photos "bogus or not" would have the serial number of the camera. To forge the photo and have it appear to come from a particuler camera still may not be that difficult, but a single compromise doesn't compromise the integrity of the entire system.
No it doesn't. From the description in the article Apple has something much more sophisticated. It apparently is smart enough to know where the individuals are sitting and makes accommodations for that. Rather than requiring an individual to sit in a particular place like all the other systems like this do. If they've managed to pull that off, I'll have to be the first one to tip my hat to their innovation. And I'm rare to do that as they're usually more evolutionary than revolutionary. But this would be a significant step forward in the technology.
It's only a patent, an idea, at this point. They haven't a clue about actually doing it yet.
You'd think they have no standing though. If they are suing on the grounds you describe, the injured party would be the client who bought the $20 book.
...and lost their case due to the bad advice. This isn't the case here as people are winning by using this advice.
I wonder if there is some subtle psychological reasoning behind painting the NASA X-34 white and the military X-37B a shining Darth Vader helmet black....
No psychological reason. The radar absorbing material is naturally black. Painting it white would be pointless.
No it's not meant for the SSD drive interface. It would be pretty silly to run fiber inside the chassis.
As for existing harddrive interfaces, the transfer rates of current high-end SSDs are getting pretty close to the limits of SATA2/SATA-300. SAS is the next generation and can support up to 6-gigabit.
Light Peak is still in its infancy and useless as there are no devices to connect to it yet. Why pay more for something that should be standard now, and something that it's going to be useful until he laptop is well past its prime?
There were no devices* to connect to the USB port when the iMac was announced.
*Well, there was like five cameras.
The USB spec was written in 1994 and already coming into wide adoption at the time the iMac came out in 1998. There were hundreds of USB products on the market already. Whether those devices had suitable drivers for Apple was a completely different story. At the time, Apple was only interested in USB as a replacement for the ADB.
We can credit Apple with dorking up the spec and using proprietary connector though (the apple keyboard connectors were keyed so they'd only connect to an Apple).
I think Apple is doing this more for bragging rights than anything else. At best it will go the way of Firewire, which is technically superior in many ways but saw very low adoption in the market. Don't forget that Intel is interested in licensing this technology. It might very well go the route of RDIMMS and get dropped as a technology since vendors didn't want to pay Intel.
It's hard to see why "taking away the choice between a traditional hard drive and SSD" would be innovation. Why would it be innovation that something is baseline rather than only fitted on certain models?
I wouldn't call it innovation either, but a design choice. It does give better speed, albeit typically lower capacities. They might even go proprietary on the SSD and not use the standard form factor for an SSD drive or include it on the mainboard, allowing them to gain real estate within the chassis. Imho, that would be a mistake, but then again how many MacBook owners actually upgrade components instead of buying a who new unit?
Not sure why you got modded informative since the original poster and your "me-too" are both wrong . RFC 3390 is an extension to RFC2581. RFC 3390 says you MAY use an IW of up to 4 segments. If you don't use this option, you fall under RFC2581 which says the IW MUST be less than or equal to 2 segments.
So Apple is finally catching up with SSDs in laptops. Light Peak is still in its infancy and useless as there are no devices to connect to it yet. Why pay more for something that should be standard now, and something that it's going to be useful until he laptop is well past its prime?
Dell did offer Redhat on consumer level machines for a very short while. They were limited in options and generally within $50 of buying the version with Windows XP installed.
Dell still offers Linux or no-OS on their high-end servers. I just went to Dell and configured a R810 server. OS options are no-os, SUSe, RedHat, Citrix Xen Server, or various flavors of MS Server 2008
The underlying problem here is that win32k.sys fails to do a sanity check on an untrusted registry value. I'm not sure if it's a buffer overflow attack or something different. In this case, a user registry key that specifies fonts for End-User-Defined-Character. I'm sure there are lots of other user registry keys that could be exploited in this manner. Used to be the screensaver ran as the system and you could simply set the registry key to point to a file of your choosing and it would run under the system context.
Of course, it's not like Linux has ever had issues with daemons getting hacked by incorrectly trusting input from user-land config files.
The solution is to make computers with Linux already installed available. Unfortunately configuration of Linux is quirky and poorly documented, slowing adoption.
Dell tried that and sales were so bad, that they stopped doing it for the consumer level computers. You can still get a no-OS option servers.
I've heard some of the commentary. In expectation, they diverted traffic, and the news reports says it didn't do anything. And we, of course, believe it.
Me, I plan on making my voice heard through my congressperson.
That said my other plan is this - if I have to fly in the future, I plan on wearing nothing but spandex. This way, there is NO question as to what is in my pockets.
Make sure you stuff a sock down there. It might be amusing to get the pat-down and see if they make a big deal about your "junk".
Like these guys fly commercial anyway? It's only gay Senators from Idaho that fly commercial so they can access that special bathroom at the far end of the airport.
Slashdot Mirror
What exactly is Wikileaks doing that all these other media organizations aren't also doing?
No one gave Wikileaks a security clearance; they are incapable of leaking anything. They are merely publishing information that was leaked by someone else. So how are all these attacks on Wikileaks' right to publish justified vs. those of the NY Times or the Associated Press?
Where does this notion about them not having a security clearance making them immune to prosecution come from? It doesn't matter if anyone at Wikileaks has/had a security clearance. The dissemination of classified US Defense information is STILL ILLEGAL under US law. Please see Sections 793, 794, 798, Title 18, United States Code.
http://codes.lp.findlaw.com/uscode/18/I/37/798
http://codes.lp.findlaw.com/uscode/18/I/37/794
http://codes.lp.findlaw.com/uscode/18/I/37/793
It can't but if at some point in the future you want to get a job which requires any kind of clearance they can refuse it based on whatever they feel like. Including the fact that someone accessed wikileaks or read the ny times from your home IP address.
True. It does come down to the person doing your background check. They don't have access to things like your ISP logs, but they are quite capable of checking facebook. Maybe if the guy has plenty of time (they don't) and a bit of skill he might even figure out your slashdot user id. Most of the background check is just plain gum-shoe work like talking to your neighbors and verifying your references and credentials.
How about the Classified Information Non-Disclosure agreement which you have to sign to get a clearance?
http://www.archives.gov/isoo/security-forms/sf312.pdf All of the laws referenced in the agreement, apply regardless of whether you have a clearance or if you even sign the agreement.
How can it apply to you if you haven't signed or even heard about the agreement?
Seems like a secret law.
You missed the point. Did you even bother to look at it? This agreement highlights the laws that you are subject to. Most of which are US Code that apply to everyone in the US..
No they want the courts to recognize pictures taken with a camera using XXX digital security without question. Much in the same manner that courts have set a precedence of blindly believing radar guns to be infallible (when we know scientifically that they are not).
For verification you need a private key + a public key. The public key is a hash of the photograph itself. The private key is known only to Canon. The private key absolutely must exist on the camera in order for it to generate a signature of the photo (generated from hash + public key).
For verification all the Canon software needs to do is perform the same operation the camera would have: combine a hash of the photo with the private key and generate a signature. If the two signatures match, the photo is verified.
You're rambling, and it's a bit obvious you don't understand how PKI works. Verification does NOT require the private key. You need the public key, and the public key of any root or intermediate certs used to create the certificate in the camera.
NOT LEGAL. Its in the printed newspaper = automatic clearance. Any more crap directives like this and watch all those new ROTC's in the last decade be shut down. A new academic expulsion on DOD will be initiated.
Yes it is legal. If you want a list of laws, they are all referenced in http://www.archives.gov/isoo/security-forms/sf312.pdf.
How about the Classified Information Non-Disclosure agreement which you have to sign to get a clearance?
http://www.archives.gov/isoo/security-forms/sf312.pdf All of the laws referenced in the agreement, apply regardless of whether you have a clearance or if you even sign the agreement.
They can still throw you in jail for disclosing classified information, even if that information has been leaked to the public. That's part of the paperwork you signed when you got the clearance and when they out-briefed you.
They blew it entirely if every camera has the same signing certificate as well. What they should have is a root CA, and intermediate CA which issues certificates to each camera based on their serial number. This would also imply the certificate is not part of the software but perhaps burned into an eeprom on the camera . Then the signed photos "bogus or not" would have the serial number of the camera. To forge the photo and have it appear to come from a particuler camera still may not be that difficult, but a single compromise doesn't compromise the integrity of the entire system.
Like I'm really going to open up an untrusted PDF file. In other news "Virus destroys computers, open up attached exe for demonstration...."
No it doesn't. From the description in the article Apple has something much more sophisticated. It apparently is smart enough to know where the individuals are sitting and makes accommodations for that. Rather than requiring an individual to sit in a particular place like all the other systems like this do. If they've managed to pull that off, I'll have to be the first one to tip my hat to their innovation. And I'm rare to do that as they're usually more evolutionary than revolutionary. But this would be a significant step forward in the technology.
It's only a patent, an idea, at this point. They haven't a clue about actually doing it yet.
You'd think they have no standing though. If they are suing on the grounds you describe, the injured party would be the client who bought the $20 book.
...and lost their case due to the bad advice. This isn't the case here as people are winning by using this advice.
I wonder if there is some subtle psychological reasoning behind painting the NASA X-34 white and the military X-37B a shining Darth Vader helmet black....
No psychological reason. The radar absorbing material is naturally black. Painting it white would be pointless.
No it's not meant for the SSD drive interface. It would be pretty silly to run fiber inside the chassis.
As for existing harddrive interfaces, the transfer rates of current high-end SSDs are getting pretty close to the limits of SATA2/SATA-300. SAS is the next generation and can support up to 6-gigabit.
There were no devices* to connect to the USB port when the iMac was announced.
*Well, there was like five cameras.
The USB spec was written in 1994 and already coming into wide adoption at the time the iMac came out in 1998. There were hundreds of USB products on the market already. Whether those devices had suitable drivers for Apple was a completely different story. At the time, Apple was only interested in USB as a replacement for the ADB.
We can credit Apple with dorking up the spec and using proprietary connector though (the apple keyboard connectors were keyed so they'd only connect to an Apple).
LightPeak in this case isn't even a finalized standard. Unlike USB, there is no consortium of manufacturers promising to products products that use it. http://simple.wikipedia.org/wiki/Universal_Serial_Bus.
I think Apple is doing this more for bragging rights than anything else. At best it will go the way of Firewire, which is technically superior in many ways but saw very low adoption in the market. Don't forget that Intel is interested in licensing this technology. It might very well go the route of RDIMMS and get dropped as a technology since vendors didn't want to pay Intel.
It's hard to see why "taking away the choice between a traditional hard drive and SSD" would be innovation. Why would it be innovation that something is baseline rather than only fitted on certain models?
I wouldn't call it innovation either, but a design choice. It does give better speed, albeit typically lower capacities. They might even go proprietary on the SSD and not use the standard form factor for an SSD drive or include it on the mainboard, allowing them to gain real estate within the chassis. Imho, that would be a mistake, but then again how many MacBook owners actually upgrade components instead of buying a who new unit?
Learn how to use Google man!
http://www.rfc-editor.org/rfc/rfc3390.txt [rfc-editor.org]
http://www.rfc-editor.org/rfc/rfc2581.txt [rfc-editor.org]
Not sure why you got modded informative since the original poster and your "me-too" are both wrong . RFC 3390 is an extension to RFC2581. RFC 3390 says you MAY use an IW of up to 4 segments. If you don't use this option, you fall under RFC2581 which says the IW MUST be less than or equal to 2 segments.
http://www.rfc-editor.org/rfc/rfc3390.txt
http://www.rfc-editor.org/rfc/rfc2581.txt
So Apple is finally catching up with SSDs in laptops. Light Peak is still in its infancy and useless as there are no devices to connect to it yet. Why pay more for something that should be standard now, and something that it's going to be useful until he laptop is well past its prime?
Also, a press release stating this same thing I just told you.
http://news.cnet.com/Dell-offers-new-Red-Hat-Linux/2110-1016_3-276048.html
Dell did offer Redhat on consumer level machines for a very short while. They were limited in options and generally within $50 of buying the version with Windows XP installed.
Dell still offers Linux or no-OS on their high-end servers. I just went to Dell and configured a R810 server. OS options are no-os, SUSe, RedHat, Citrix Xen Server, or various flavors of MS Server 2008
http://configure.us.dell.com/dellstore/config.aspx?c=us&cs=555&l=en&oc=MLB1284&s=biz
The underlying problem here is that win32k.sys fails to do a sanity check on an untrusted registry value. I'm not sure if it's a buffer overflow attack or something different. In this case, a user registry key that specifies fonts for End-User-Defined-Character. I'm sure there are lots of other user registry keys that could be exploited in this manner. Used to be the screensaver ran as the system and you could simply set the registry key to point to a file of your choosing and it would run under the system context.
Of course, it's not like Linux has ever had issues with daemons getting hacked by incorrectly trusting input from user-land config files.
The solution is to make computers with Linux already installed available. Unfortunately configuration of Linux is quirky and poorly documented, slowing adoption.
Dell tried that and sales were so bad, that they stopped doing it for the consumer level computers. You can still get a no-OS option servers.
I've heard some of the commentary. In expectation, they diverted traffic, and the news reports says it didn't do anything. And we, of course, believe it.
Me, I plan on making my voice heard through my congressperson.
That said my other plan is this - if I have to fly in the future, I plan on wearing nothing but spandex. This way, there is NO question as to what is in my pockets.
Make sure you stuff a sock down there. It might be amusing to get the pat-down and see if they make a big deal about your "junk".
Like these guys fly commercial anyway? It's only gay Senators from Idaho that fly commercial so they can access that special bathroom at the far end of the airport.