Slashdot Mirror


User: AHuxley

AHuxley's activity in the archive.

Stories
0
Comments
11,974
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,974

  1. Re:Am I missing something? on Former Yahoo CEO Marissa Mayer Apologizes For Data Breach, Blames Russians (reuters.com) · · Score: 1

    If it was a movie with a fictional plot?
    The state-sponsored agents presented to be USA law enforcement, walked on site to upgrade their state-sponsored clone of the US PRISM systems in a different room?
    https://en.wikipedia.org/wiki/...
    Another nation has their own "Room 641A" all over the USA https://en.wikipedia.org/wiki/... ?
    They had nice suits, a real looking badge, knew the code words, the secret handshake and had a real looking gov letter.

  2. Staff are guided by an invisible hand when they hire years of security experts?
    An invisible hand ensures PRISM got in and was not detected?
    https://en.wikipedia.org/wiki/...

  3. Re:First Russia, Now China. What Next? on China Spreads Propaganda to U.S. on Facebook, a Platform it Bans at Home (nytimes.com) · · Score: 1

    AC the UK could be back in the USA setting up a new cyber version of its British Security Co-ordination, BSC.
    https://en.wikipedia.org/wiki/...
    A UK cyber version of the "Near East Broadcasting Station" for the USA?
    https://en.wikipedia.org/wiki/...

  4. Re:Oh hell no on Should Private Companies Be Allowed To Hit Back At Hackers? (vice.com) · · Score: 1

    If a fictional cyber movie script was been written?
    A lone individual with skills sits between two nations.
    Private sector staff with contacts in the their respective govs/mil watch as a flood of packets move in and out of the a set ip.
    Is it a staging server or a real person in real time using a powerful home computer?
    Private sector hack back is attempted.
    Support is requested from state, federal gov cyber services in both nations as the hack backs start.
    Finally the security services are asked for their "hack back" support...
    Two governments spin up their very best cyber network utilization target selection (NUTS) and end up with national level mutually assured disconnection.

  5. What does the "private company" expect to find in 2017?
    An ISP ip connected to one user and their own desktop computer downloading files in real time?

    An interesting person is going to use a staging server with a fast connection and the secure storage to compress, sort, decode, look, compress encrypt the files gathered.
    The files will then be passed onto a fourth party and become harder for a later investigation to connect back to any sites, people, ISP, ip.

    The days of a 56k modem, a desktop computer, a user risking their own ip to enter and download from some protected network are over.
    Any smart person able to enter a site would be able to do so commanding a third party computer to do the networking for them.

    That ip looking around some protected network is going to be some other random nations fast "networked" university account, private sector, random ISP account that got taken over for some time..
    Reach out and mess with that other nation and their systems in a world of "hacking back"?
    That other nations ISP, university, private sector will try and hunt down the "been hacked" event...
    Just two big internet pipes pushing packets with the interesting person moving to a new server to try again.
    The mythical 56K modem on an exact ip direct to a persons home with their computer is not part of this decades of cyber security thinking.
    The "hack back" might work for a stolen laptop with owner installed software that broadcasts it new location.
    Turn on the mic and cam? But thats for a well understood stolen computer on a new network.
    Not some random computer network that looks like it is doing "things" due to "ip".
    If consumer grade malware had a set 'encrypted" ip expected to stay secure for its command and control that was discovered?
    That might be a more isolated computer system that could be looked at.
    The idea that anyone with skills looking deep into secure network did not use a staging server or any other distant network to cover their activities would not be the best random ip to go looking around in.
    Work with other nations, experts, networks, don't just reach out to a long list of ip's in real time.

  6. Re:News that Matters on Afghanistan Clarifies It Will Not Block WhatsApp, Telegram (reuters.com) · · Score: 1

    Consider the security and clandestine service confidence in allowing "encrypted" services to be used in an area of the world the security services of many nations are very are interested in.

  7. Re:what is the reason you own Smart TV? on Ask Slashdot: Should I Allow A 'Smart TV' To Connect To The Internet? · · Score: 1

    Just for HD and the need for HDMI. The "smart" networking connection ability was included.
    Never connected it to ethernet. No wifi.

  8. Re:What kind of question is this? on Ask Slashdot: Should I Allow A 'Smart TV' To Connect To The Internet? · · Score: 2

    People recall "Smart TV ... phones home with user’s viewing habits, USB file names" (11/20/2013)
    https://arstechnica.com/inform...

  9. Re:Nope. on Ask Slashdot: Should I Allow A 'Smart TV' To Connect To The Internet? · · Score: 1

    Put the video clip on usb, play from a usb stick. Sneaker net. No need to allow your smart tv to collect on what files are been watched.

  10. Re:What happened to the alternatives? on Mozilla Might Distrust Dutch Government Certs Over 'False Keys' (bleepingcomputer.com) · · Score: 1

    Re "Why has there been no interest in supporting these alternatives that eliminate the possibility of ... bogus ...?"
    The same reason why decades ago the world trusted the Data Encryption Standard.
    Why the internet generation did not block/find/expose/stop/publish about/detect the gov/mil with PRISM https://en.wikipedia.org/wiki/...
    The world wants a GUI and and easy internet from site the site.
    The 5 eye gov/mil wants access to all consumer grade crypto to collect it all.
    I hope this kind of gov decryption starts a new way of thinking about browser use and security for people not in the EU but who could be collected on by a random EU gov/mil due to a "trusted" browser globally.
    Even some chart of unexpected/new cert use? If a not average gov cert gets used a lot more when a gov or police "activate" it?

  11. Re:Does it make sense to trust any govt key? on Mozilla Might Distrust Dutch Government Certs Over 'False Keys' (bleepingcomputer.com) · · Score: 1

    An encryption watch setting that shows if more than average use, requests, networking suddenly starts with .gov encryption?
    Some sort of extension in FF that tells a user any gov cert is been used on a non .gov/mil site more than expected?
    A question that asks a user if they are in the EU and/or expect to communicate a lot with EU governments?
    If a third party is tracking encrypted .com. net and .org sites with the user and the user never visited an EU nations .gov site?

  12. No on Are You OK With Google Reading Your Data? (infoworld.com) · · Score: 1

    No....
    What starts as an offer of AV?
    Then just for the worst files of interest to the police?
    Then SJW suggestions and language corrections?

    Stay away from the cloud and having your documents content examined by strangers.

  13. Re:No cyber, no other nations? on The Fourth US Navy Collision of the Year Was Ultimately Caused By UI Confusion (arstechnica.com) · · Score: 1

    Commercial airlines found the funding and human performance professionals to work out what helps with their crews decades ago.

  14. Re:No cyber, no other nations? on The Fourth US Navy Collision of the Year Was Ultimately Caused By UI Confusion (arstechnica.com) · · Score: 1

    Any well funded navy should have enough experts to study most of the more common crew issues by 2010.
    Human issues should have been studied and finally understood in the 1970-90's.
    Lack of sleep, needed skills, GUI design is not some unexpected new science that needs a few more decades to get ready....
    Is it budget cuts so the number of crew at any time with skills has been reduced?
    The GUI and systems are now too complex given budget reductions to the time to learn and understand the tasks?
    The crews do not get enough study time with complex systems?
    Sleep?
    Something unique to the US navy and for how long it works its crew over more hours?
    Are fewer people with less skills taking on more complex tasks with less sleep?
    Most nations would have worked out in the 1950-70's that complex new systems need new methods to get a fully professional crew ready.
    Then studied how humans on average work with tasks, GUI over time and what happens with less sleep.
    Add more expert crew for shorter shifts if performance issues got found. Ensure crew with skills get the sleep they need.

  15. No cyber, no other nations? on The Fourth US Navy Collision of the Year Was Ultimately Caused By UI Confusion (arstechnica.com) · · Score: 4, Insightful

    Just design, humans, contractors and internal gov/mil policy.
    Who would have expected not having a good design and testing that design with crews would have been an issue?
    How to do a "navy".
    1. Your crews have to have skills. Find the best people to work in your navy. Give them the wages, support and education they need.
    2. Read up on how other winning nations did the "navy" design over the many, many years.
    Saying a ship is new or a different "design" is no excuse.
    The UK built its Dreadnought https://en.wikipedia.org/wiki/... having to consider new designs and new ideas. The new parts got made with skill and people worked very hard to get the new design ready.
    Any unexpected issues got corrected by real engineers and top experts before they became an issue for the navy.

    Find the experts, test things a lot, have good crews and ensure the skill sets are ready.

  16. Re:Why is this news? on Russia Hackers Had Targets Worldwide, Beyond US Election (apnews.com) · · Score: 1

    People on the US elite coast still wonder why people all over the USA voted the way they did.
    That a candidate that can give a good speech that people enjoy would win states.
    If a person wants to win a US election have a policy thats well accepted, a person who can actually give good speeches. Someone who can talk in a positive way about the USA.

    Have some energy, charm and the ability to travel all around the different parts of the USA. Talk to lots of real people and win the needed states.
    Staying in the elite coastal states, talking down to and lecturing the rest of the USA would not seem to be a way to win.

  17. Re:They have done well on Russia Hackers Had Targets Worldwide, Beyond US Election (apnews.com) · · Score: 2

    People voted to exit the EU. Welcome to real democracy.

  18. Re:Spain on Russia Hackers Had Targets Worldwide, Beyond US Election (apnews.com) · · Score: 2

    People wanting independence and freedom is now not good?

  19. Long term keep your data away from any deep file "inspecting" cloud product.
    If you have the bandwidth to upload, you can share with your collaborators and colleagues as needed.
    Too many checksums, SJW, AV efforts trying to look into your data with cloud services.

    Keep your data sets, ideas, tech, optimisations, language use secure from been searched, sorted and questioned.

    If a server product is needed find a real hosting company with real hardware that can offer a fully self encrypted service.

  20. Re:Why? on CIA Releases 321GB of Bin Laden's Digital Library (arstechnica.com) · · Score: 3, Insightful

    Re: "Why would they do this?" AC

    To track the ip of everyone who looks.
    An easy way to collect the locations of interested bloggers, the media, press, journalists, independent journalists, students, historians.
    Recall
    "NSA likely targets anybody who's 'Tor-curious'"
    https://www.cnet.com/g00/news/...
    ".. selection rules that potentially add to an NSA watch list anybody who has not only used, but visited online privacy-protection tools .."

    Re "malware". The security services get the ip, the actual ip behind most of the consumer grade VPN products used by people looking the site.
    Cooking gov, mil grade malware into the files is just going to push out quality gov malware onto a lot of people who might have very good anti virus.
    Better to sort the ip lists of people who looked and then push malware down to the interesting people. Less for the better quality AV products to find globally.
    Push too much malware out and it gets detected. The results also have to be understood by gov/mil/contractors in real time.

    Malware tends to be held back for interesting people. Everyone gets tracked. 4 hops of their connections, friends get reviewed.
    Lots of friends in the elite north east of the USA? Interesting they looked, but not that interesting.

    Lots of friends and connections globally? Human review. Appropriate malware considered for the system found, AV the person updated for, type of person.

  21. Re: "hot bag" syndrome AC
    "Keep your laptop from waking up in your travel bag" (Dec 21, 2016)
    http://www.zdnet.com/article/w...

  22. The failure of the UK can be found in decades of spending on experiments.
    The first was the overspend on the Skynet military communications satellite https://en.wikipedia.org/wiki/...
    In the end the UK had to buy into imported US tech and was using US systems. After trying to buy into and recreate it own domestic version of most of what the USA mil had done.
    The UK mil, industrial and education complex had to suffer budget cuts to pay back for all the spending on Skynet.
    The second bright idea was the Computer Literacy Project https://en.wikipedia.org/wiki/...
    Trying to place a new computer into average schools so very average students could use a computer.
    Great for schools and teachers but that removed focus on advanced computing at the university level.
    With decades of UK funding lost to both the mil and education, the US moved on with funding its best students and was able to fully fund its best academics.
    The UK spent its funding on other projects and now wonders why its best academics decades later don't have the support they need.

    The USA had the correct idea. Give very average students text books, calculators. Offer some computers to the best students. See how they test in math, get the best of the best to well funded US universities.
    Spend more on the students who can show they can study.
    The UK spent its funding on mil projects, very average students and new computers. The average students did not do great. The needed university funding was lost for a generation.
    The best conditions and wages also got set aside for the GCHQ after all the 1950-70's poor working condition issues. Good wages was seen as a one way to ensure gov/mil workers and later contractors did not get attracted by offers to spy for other nations.
    That was more funding removed from academics and lost to much better working conditions for the security services.
    Other nations just poured their funds into their best academics and top universities after testing their students to ensure they could "study".
    The UK spent its funding on trying to get average students to understand computers.
    Years later that generational change in funding has its results. Average students recall they had to copy code from a book into a computer.
    The best students recall their funding been reduced and now look to other nations that really can support the best academics with the best wages.
    Take your genius to more supportive nations like the US and enjoy full funding and real freedom.

  23. Re:21st century fascism on Russia's Anti-VPN Law Goes Into Effect (theregister.co.uk) · · Score: 1

    Re "The US and UK of course don't block VPNs, because they don't need to - most VPNs are US based and the NSA can zap 'em with a national security letter if it needs to spy on them. "

    In the West a person can think they have freedom but their VPN use can be well understood by the security services with efforts like TURMOIL, APEX, POISENNUT GALLANTWAVE, VALIANTSURF, MALIBU.

    Inside the NSA's War on Internet Security (Dec 28, 2014)
    http://www.spiegel.de/internat...

  24. Re: Can iOS users turn off this categorizing? on Apple Uses Machine Learning To Chronicle All the Bra Pics On Your iPhone (vice.com) · · Score: 1

    Its all ok, its "anonymized" :) Then monetized...

  25. Not about searching for on Google Has a New Plan for China (and It's Not About Search) (bloomberg.com) · · Score: 1

    Tiananmen Square, 1989 https://en.wikipedia.org/wiki/...
    89 student movement, 89 student strike, 89 people's movement.. all the people topple communism, impose martial law, Tiananmen Mothers movement, Victoria Park, Operation Yellowbird https://en.wikipedia.org/wiki/.....
    A search engine that fails to search :)