Slashdot Mirror


User: AHuxley

AHuxley's activity in the archive.

Stories
0
Comments
11,974
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,974

  1. They create a list of the last people who sold a set of numbers for a small fee to "someone" a year ago for cash?
    Every EU transaction at some level is now with a registered informant?
    Don't risk a spend or buy transaction in the EU? A digital currency seems more vital than ever :)

  2. The device range is tested, tuned, looked for, amplified by another device to just outside the building.
    Collection is then just a local device away e.g. UK spied on Russians with fake rock http://www.bbc.com/news/world-... "contained electronic equipment and had been used by British diplomats to receive and transmit information".
    Thats how the range problem is never an issue. The real trick is getting nations, people, groups to use and trust leaky fully imported wireless devices.

  3. Re:Can we ever really know? on 'DNC Hacker' Unmasked: He Really Works for Russia, Researchers Say (thedailybeast.com) · · Score: 1

    A lot of ex staff, former staff are floating around will skill sets from their days with spoofing systems like QUANTUMSQUIRREL
    https://theintercept.com/document/2014/03/12/nsa-gchqs-quantumtheory-hacking-tactics/ i.e. become any ip range globally.
    Re "A good hacker wouldn't be found at all, and a really good hacker would cover their own tracks and leave a trail that makes it look like it came from" All the West is presenting to the media is existing traces of expected files, data sizes, IP addresses, timezones, code, a VPN service.. that any other interested nations experts could ensure got used and then left to be found by experts to mask their own access. Attribution due to expected tools used is great cover.
    Changes to how US tax payers support and funding NATO, other 5 eye nations could have induced a new version of the classic British Security Coordination https://en.wikipedia.org/wiki/... or any other advanced NATO nation could have attempted the same.
    Most smarter nations would just use a very local front group, cult to ensure a domestic trail that ends with a left or right feel to the classic insider or person with local insight if they work on political actions in another nation. No trial back. A domestic issue, the press gets the results.

  4. Re:the phone may not always be in possession phone on NIST Prepares To Ban SMS-Based Two-Factor Authentication (softpedia.com) · · Score: 1

    Biometrics is just another big lump of code down a network that a brand hopes the consumer's hardware created and that no other party has, can recreate, or become, capture and use.
    Still the same networks, a consumer OS that is wide open, a few extra trusted chips sold to anyone and some data set created by a user of interest.
    A better way is for real world use would be https://en.wikipedia.org/wiki/...
    The change seems to be that the old idea was the that phone would be a text device that gets a message from a cell tower.
    The phone is now the device requesting and using both messages on the same device or the via same network.
    More data via a well understood biometric chip is just another set of data to capture, but for the user something they think is safer.
    Once such data is captured, is been traded or sold, a user is left with few ways to just alter or create their own trusted, unique future access.

  5. Re:Tor's fatal flaw on Researchers Discover 110 Snooping Tor Nodes (helpnetsecurity.com) · · Score: 1

    Recall the origins and past funding of Onion routing https://en.wikipedia.org/wiki/... i.e. US needed a system that would allow US backed and funded dissidents globally to network for color revolutions https://en.wikipedia.org/wiki/... and other long term political NGO work.
    5 eye nations did not seem to be very upset with its spread and use with systems like Tempora https://en.wikipedia.org/wiki/.... Federal funding at a police level in the US to track users goes from success to success even on low budgets per case.
    For Onion routing to work well a lot of consumers need to be using the networks to hide the few "dissidents" globally.
    Given all the low cost police work that makes it to court, tracking users is now less hard work. Collect it all is now in the hands of anyone or nation or cult or faith or brand with a limited federal police budget.

  6. Re:So is the bottom line... on Researchers Discover 110 Snooping Tor Nodes (helpnetsecurity.com) · · Score: 1

    AC "The program marks and tracks the IP addresses of those who search for 'tails' or 'Amnesiac Incognito Live System' along with 'linux', ' USB ',' CD ', 'secure desktop', ' IRC ', 'truecrypt' or ' tor '." as in collects details on all who look for such tools.
    More at "NSA targets the privacy-conscious" (03.07.14) https://daserste.ndr.de/panora...
    with "Merely searching the web for the privacy-enhancing software tools outlined in the XKeyscore rules causes the NSA to mark and track the IP address of the person doing the search."

  7. Re " They are circumventing Constitutional rights with this type of behaviour"
    Different groups have tried. http://arstechnica.com/tech-po...
    Vast domestic spying by the NSA, CIA and other 5 eye nations as helpers should have all been fixed with the https://en.wikipedia.org/wiki/... back in the 1970's.

    Color of law, rubber stamp courts for international collection are now been presented as useful for domestic spying.
    Also remember that vast amounts of US private sector staff looking over their own hardware and software do not seem to even know what the US gov is installing.
    Or generations are happy to help the US gov. Or mass collection is presented as a sub set of hardware via other domestic agencies with limited court paper work.
    Data has to be decrypted for the "ads" and other sorting, backups and at that point the US gov collects all or demands access. Companies help or do not have the networking skills to understand the gov collect it all access to their own networks.
    Long term different US state and federal officials want their own domestic and international version of XKeyscore https://en.wikipedia.org/wiki/....
    Tracking the origin and destination of any internet usage without any court order to build on domestic parallel construction. Less need to request the NSA via a Fusion centre https://en.wikipedia.org/wiki/..., just go direct to all real time and short term US domestic networking logs.
    For that different levels of the US gov need the same plain text access as the NSA to big US brands over decades with no domestic legal limits or any oversight.
    Big brands have to consider the PR of been seen to be protecting their consumers rights or help design ever more US gov bandwidth deeper into their own networks.

  8. Re:Don't travel to US. on Homeland Security Border Agents Can Seize Your Phone (cnn.com) · · Score: 1

    Yes AC, thats a great idea, travel thin server :) The other risk is that the demand for email accounts, social media access is expanded to a request to access any work or private cloud service used.

  9. Re:Don't travel to US. on Homeland Security Border Agents Can Seize Your Phone (cnn.com) · · Score: 1

    +1 for "So now I travel with a burner phone and an old netbook. No big loss if they are confiscated."
    In different nations passwords will be "requested", email, web 2.0 accounts can be requested to be looked at, searched.
    Make sure any device is new with only work related software, work contacts, apps, docs or have new hardware just for been looked at.
    In the many hours waiting for an interview expect a duplicator to be used and deep search of the hardware:
    All contacts will be kept, facial recognition on any images, any gps data extracted, comparison of all files found to domestic and international databases, the drive will be scanned for accounts and contacts, passwords, any OS kept web use, quality data recovery software will look for any removed data, detection of any hidden encrypted volumes.

  10. Re:Sandboxing? on Apple Patches Stagefright-Like Bug In IOS (fortune.com) · · Score: 1

    It would be interesting thought for DRM and an OS. Remove the DRM and the quality "image" with code is used in the unprotected copy as its part of the new free file. The free copy is then opened and OS and code access to the wider OS is granted to phone home.

    As for why, maybe the OS likes a format thats well understood to ensure a set look and feel over desktop, apps, phones.
    A more lossy format might change over different hardware and software. With a push for publish once from any device, some image files might have layout options that are more useful and have been created from a TIFF.
    Photography support for an image as captured. Applications might like to edit a full color image, not just a created jpeg or other format. i.e. a RAW format export to full size, color "unprocessed" TIFF that can then be worked on with hardware, software and full OS support.

  11. Re:So even without the conductive layer . . . on Police 3D-Printed A Murder Victim's Finger To Unlock His Phone (theverge.com) · · Score: 1

    AC given how hair, cloth, clothing, chemical testing and other emerging evidence has been rushed to produce a positive or matching result by expert "crime" labs over the decades in many nations, don't expect too much from a fancy city or state or federal "DNA" report or expert reading a report back under oath..
    Who will be the only DNA "expert" in that city, state or nation? How well are their gov labs run? Who inspects their methods? A trusted gov worker with a huge case load just counter signs their own "matched" results to save time or for some other reason?
    Outside labs with real experts that a legal team can trust are expensive. Remove all funding during a trail to ensure no further or outside tests can be done and only the prosecutor can present their experts.
    The result that legal teams now need to be aware of is a greater range of phones can be accessed, updated, logs and dates corrected and "found" files presented in court.
    Just as in the past with testing, matching or lab results a secure phone could exit the chain of evidience for a few hours and return altered thanks to easy access to ensure conviction or cover for parallel construction.

  12. Re:How smart is Snowden, exactly? on Edward Snowden's New Research Aims To Keep Smartphones From Betraying Their Owners (theintercept.com) · · Score: 1

    The past work of any whistleblower can be understood as in who hired (e.g. CIA), who contracted (e.g. NSA), positions offered in what foreign nations, amount of information of interest to the USA in that nation. i.e. more of an outpost nation that could be seen as low level test or needed skills for complex work at a hub of international diplomacy and politics... say a location like Switzerland.
    Do average staff members get a placement e.g. a US fly over state site and then get tested/trusted with international work with a more entry level support role in a nation with less of a work flow i.e. diplomatic cover to ensure the software and hardware support needed on site or a job in the US..
    It also reflects to what the US gov did or did not seek as a stringent background report for promotion or even the ability to see and submit an application. In depth, in person interviews with everyone up and down the history of an applicant vs a state and federal "digital" search for a newer lesser clearance for some levels of gov work.
    Also note that the State dept will allow "other agency" staff posted by the US gov to present very simple cover stories to other nations, the press, their friends as far as any diplomatic role/work goes. The life story will be searchable and have a depth of detail re online images, education, gov work before any posting.
    The trust and skill set needed for the workload and the "other agency" that gave the top clearance usually shows the skill levels needed.

  13. It really depends on the world view of the data flow.
    The NSA, Australia, Canada, NZ and GCHQ get the origin, destination, number and content of the call via their shared collection sites globally.
    The call will get the same amount of interest as any call. If the caller recipient of the call or any of their contacts ( a few hops i.e. friends of friends) are listed as been of interest, even more value will be placed on collecting that communication.
    That occurs on the national and international pipes and is not passible to avoid that kind of shared collection globally on any consumer telco account.
    The next step down is a city, state, local gov or NGO working "with" a gov or local gov buying contractor software to push down on a phone or run as a trusted installed application to turn on the mic, cam or upload a generated log file.
    That access and changes would be more detectable to the user given the need to run as an application layer and interact with the users hardware..
    Cant escape the NSA and GCHQ collect it all.
    Can find out if a log file is been created, uploaded or the cam, mic is getting turned on by pushed down installed software.

  14. Re:Run your own webserver and use any web-browser on Skype Finalizes Its Move To the Cloud; To Kill Older Clients -- Remains Tight Lipped About Privacy (arstechnica.com) · · Score: 1

    Yes that will be the future. People, brands, groups, nations will just use couriers with a jet set network. Takes a few days but its one time pad secure.
    Big US brands that help 5 nations mil/govs on all data flowing will be trusted with gamers chat and for making expected free international calls.
    If US designed networking products are seen to be trusted in the open, it will be for pushing complex disinformation.
    Encryption will be more diverse and creative.

  15. Re:it didnt work for the soviets, it wont work for on Google: Government Requests For User Data Hit All-Time High In Second Half Of 2015 (zdnet.com) · · Score: 1

    What a brand can report in public based on its own internal numbers might not be the all that "public".
    Other methods, NSL can sway any data reporting. What Country Monitors Communications the Most: U.S., U.K., Canada, or Australia? (July 18 2012)
    http://www.slate.com/blogs/fut...
    ..."it is being replaced by more covert, unaccounted forms of surveillance. Favored methods may include social media monitoring or, as National Security Agency whistle-blowers in the United States have alleged, dragnet interception systems that function outside the law."
    ..."as a single interception request may sometimes include dozens of individual targets."
    ...."with a single communications data order garnering information on hundreds, even thousands, of individuals"

  16. Re:it didnt work for the soviets, it wont work for on Google: Government Requests For User Data Hit All-Time High In Second Half Of 2015 (zdnet.com) · · Score: 1

    It depends how a nation counts a request for data, per case or per person per call, per ip, per gov request per person, per phone tap or account with many other linked users been collected under the same one "users" roving court request.
    A per case count request can hide huge amounts of data been collected on many people over a few years.
    Other nations could count each ip, email, call as data accessed and as a request for data.
    Using such per case reporting methods a "democracy" can get its vast court ready domestic surveillance collection to look very legal and as a small ratio to any user population per year..
    The other trick is to track all metadata under color of law by working with providers and only then report select legal police intercepts that get to the open court stage.
    Requests by any security related agencies may also not make lists in some nations. So the court related access numbers can be worked per case to look great while all national metadata is been requested.

  17. Re:it didnt work for the soviets, it wont work for on Google: Government Requests For User Data Hit All-Time High In Second Half Of 2015 (zdnet.com) · · Score: 1

    Re 'The soviet attempt to quell unpatriotic behaviour in mass surveillance was only moderately successful in doing anything more than converting droves of citizens against the cause of the state."
    The East European police forces and counter surveillance teams in the 1970-80's faced interesting issues and demands.
    If they uncovered a plot by CIA, MI6 and other US funded pro democracy NGO's, more would have been expected from them again by their own govs and the Soviet Union.
    Better just to keep looking at everyone, all the time over the years and create a lot of paperwork. A push for a public show in open court would end the expected budget, over time, better to keep working on open cases.
    To be seen by the worlds press as having another Western supported "author" or "academic" arrested was also not useful long term.
    Mil informants reporting on police informants, fake protest groups been set up to lure in Western diplomats, spies and funding just created more data on more people, usually other long term gov informants.
    The West is now falling for the same big data collection trap. Too much data, no emerging AI, database product or trusted mil/gov humans can sort it all in time or over time if the interesting people are not using the networks. The interesting people just don't use networks as expected or as the contractors predicted they would based on their 1980's, 1990's projections and hardware upgrades. Bloggers, the press, random end users clog up expensive collection results with their ip's, deep searches, blogs, forums, chats, web 2.0, and gps data.

    The West seems to have few issues with any VPN product or now onion routing usage and never really mentions them as a service to be blocked. More of a total collection trap :)

  18. Ireland was the test in the 1960-90's. The UK collected every domestic phone call and all calls in and out. The data was then used to track US sympathisers, funding and support networks.
    The data was never needed to be used in UK courts as it was acted on in other direct ways by the UK gov/mil. The fun part is now this the gov can collect the any bulk data that gets sorted by site accessed, credit card, ip, user details, isp and legally go to court with its logs and findings. Just protesting or questioning any gov or mil policy can always be construed as a serious crime to be tracked.
    No safeguards in the 1980's, none now.
    What is a 'Serious Crime'? Anything seen at any level by anyone, reported to an official who then has database access ... i.e. a digital search for any reason.
    Its a great idea for mil/gov contractor job creation if the people the UK is looking for can be expected to always use computers, talk a lot on phones.... and always stay digitally trackable.
    More funding to public/private sector mass digital collection jobs might make contractors happy but could have been better spent on tracking real people rather than just hoping all the people of interest use digital networks all the time.

  19. Re:What is the bandwidth? on Malware Can Use Fan Noise To Steal Data From Air-Gapped Systems (helpnetsecurity.com) · · Score: 1

    Enough to get the users name, pw, search terms, full project name out.
    A lot of complex work starts the day with a log in and an internal keyword search, folder names, database location.
    Not every cleared staff member is typing in a book chapter of data as part of their normal work load.

  20. The color of law logic that a private sector service provider, site ads, the site and other tracking services all know about the browsing habits per site with some log retention. Even the consumer OS creators are getting in on the helping to shop/search better aspect.
    Why not just let the federal gov in too?
    In the past an easy to get a rubber stamp court document was given to the provider or telco and a log was kept from that point on. National tracking over varied accounts, fake names, fake accounts, cash paid for devices in the hands of the same user was not a legal issue. RICO like laws covered any unexpected new users. Why the need for any change?
    One aspect is the federal gov cannot trust its own courts, private telcos, providers staff and need to go direct to a computer. A digital sneak and peek with no court oversight or formal requests. No trusted workers seeing lists of tracked ip ranges or accounts set for days, weeks or months of federal surveillance that result in years of work been undone in hours with a call, flight out to a nation with no extradition.
    Parallel construction could now be court presentable by default as too many long term cases got lost due to trust issues after legal requests to the courts, telco, provider, networking sectors. Too many dual citizens, cults, criminals, trusted people with cash flow issues, multi national staff now sit in front of very sensitive databases around the world and can get the message out ... just in time. The UK faced that issue in the 1980-90's and could not clear up the court/telco/police staffing issues and could not never admit the cases lost over years. Complex telco work was handed back to the clandestine services and the data was safer again until time of arrest.

  21. Re:Does Windows 10 still seem safe to you? on Federal Court: The Fourth Amendment Does Not Protect Your Home Computer (eff.org) · · Score: 1

    Re 'This brings dragnet spying to a whole new level."
    Think of it as new, unexpected per site malware that most consumer AV would not see. A new signed part of the OS floating into the OS would not be an issue....
    If a safer OS is needed, find a file system thats more unique, less common or bespoke OS thats more obscure. Use a VPN on a router for the entire network with a fallback setting that will not allow the service providers IP to be exposed.
    That would a least stop site from injecting gov tracking code down into the most common and expected visiting OS.
    Very advanced browsers can also be requested by lots of site code to give back many very unique details.
    Another very easy method would be to set up gov front companies to spread as many https, http, flash ads as possible on 'tech' sites warning about gov tracking stories.
    Collect up 10's of unique data points per visit, per user and a real ip. The same very unique computer settings could show up anytime.

  22. Re:Why do you need an ISP at all, then? on Municipal Fiber Network Will Let Customers Switch ISPs In Seconds (arstechnica.com) · · Score: 1

    Not all providers have the same quality access to the rest of the nation or peering options to the rest of the world.
    Packing too many users into shared, virtual best effort peering deals per state or city is one reason to select a better provider.
    A better provider might actually have invested in their own real backhaul deals to offer much needed fast accessed other parts of the nation to totally avoid shared slow local commercial networks.
    Capitalism and freedom to pay for and select a provider can be a great way to a improve networking experience from a longer list of providers.
    Some people may select low cost options that have poor pings, long waits for support and cheap random virtual low quality peering deals.
    Other providers might have better networking options that get data to a user in a more distant state along a well thought out network they have ability to select or control over.
    ie some monopoly or duopoly network providers just dont see a need to make a local network investment and have way too may paying users trapped on their old low quality local networks.
    ie a municipal internet provider still has to connect to a long list of fast "internet" providers that connect to the rest of the nation at some local hub. Networking deals offered by such providers is varied in price and ability to offer a good service to all users on average during time of peek bandwidth demand..

  23. Re:What do they look like? on FBI Says Utility Pole Surveillance Cam Locations Must Be Kept Secret (arstechnica.com) · · Score: 1

    With the correct design and a bit of thinking they could have got decades of effortless parallel construction but would have had to shared details with local utility workers...
    Guess the case load needed hardware to be in place not long term well thought out quality.
    Or so many are now been placed that funding for hidden quality nationally was not an option per year.

  24. Selective service (draft) may soon not just be a paper form that gets filled out by some people every generation. One easy simple way to get every generation with a digital photo on federal file is to ask for a photo ID to be presented for that file to be fully and correctly created.
    Its hard for anyone given expected law changes to escape not been on such as file as they would be on other databases but not that federal call up list during later years of education, work, domestic travel or in other state of federal databases.
    Any person wanting exemption during a later call up event (war or some new legal aspect of federal "conscription") for any reason (faith, further education, medical, conscientious objector) would have to be on file with photo ID in a federal database for any consideration.

    Lack of any Selective Service file becomes a very simple per face internal passport for everyone. Hard to change a face or keep away for handing over photo ID, avoid all shared public private sector state and federal CCTV capture. A very simple "look up" would show if a person was on file or not.

  25. Re a passport or photo ID... Its getting hard or more expensive to pay out per month for the ability of not having photo ID at some point in getting work or needed account creation at a city and state level.
    To cash a low wage from a job with no photo ID takes a percentage of a lower wage every month.
    Needing a real bank account to pay wages in is getting more accepted or needed under state of federal regulations, new applications might need a photo ID, getting past an interview might need more photo ID. That basic on site work photo database ID gets shared with federal gov, more security or background information required for an offer of advancement or just keeping an entry level job due to new state or federal regulations.
    What was once sighted photo ID is now getting to be scanned ID shared with state and federal databases.
    Random requests for chat downs on public transport with a camera pointed at every passenger, chat downs near public transport hubs, sharing of public and private CCTV networks covering all faces walking past 24/7 in many city areas or in smaller towns. The federal facial databases of every driver and passenger near international boarder crossing areas along all main roads in that state.

    Facial recognition could be requested by local on site private sector security contractors or police via fusion centre support after an event or chat down.
    Its now just more easy and simple to collect all faces as images in a security network package as sold for any and all later sorting of people passing a building, location, mil or gov sensitive area or city location. Why wait for a security contractor to notice something when its cheaper for every face can be kept and shared with the federal gov?

    The other aspect is that of the "first amendment audit" with people staying on public land with a video camera and been approached by local police, federal officials or private sector security on public land for a "chat down" after been seen with a "camera". The resulting fun conversation about been confronted on public land is then posted on social media.
    Mil, gov, federal sites, local gov officials are building shared databases to track such people and give them no new funny chat down comments or to track back their vehicle or any local supporters with a second camera, secondary zoom or video in the area.