Slashdot Mirror


User: AHuxley

AHuxley's activity in the archive.

Stories
0
Comments
11,974
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,974

  1. Re:you want security? on Hackers Leak List of FBI Employees (vice.com) · · Score: 1

    East Germany did that to ensure it could get its staff names quickly on a computer. The CIA walked out with the computer files.
    Before that the East Germans did have a good paper file system. Split all names, projects and details on paper files in different vaults. Get senior officials to sign over the paperwork if the full records had to be connected. No one person could ever walk out to the West with all details on one set of files.

    The issue now seems to be plain text files existing on different computer systems that are now connected or have been upgraded by contractors as part of a cloud.
    Air gapped and lots of encryption as policy?

  2. Re: This is a bad idea. on Twitter Launches Trust and Safety Council To Help Put End To Trolling (thestack.com) · · Score: 2

    Yes the look and feel will be like any web 2.0 site under some theocracy, despotic monarchy, military dictatorship, fascist or communist government.
    Most nations have their own safe sites in their own languages that have a role for locals. Why join another big site to be tracked, reported on and corrected?
    Group think sets in and a very chilling system after posting with ip's tracked, user banned and facing chat downs.

    Good news for any new or older social media site in the USA that can promote and protect freedom of speech and freedom after speech.

  3. Re:Price Parity - Market Factors on NAND Flash Density Surpasses HDDs', But Price Is Still a Sticking Point (computerworld.com) · · Score: 1

    The unit price will stay the same but the amount of data will just go up.
    What was 60 or 100gb will grow to 500gb or 1tb for the same few hundred $ as the basic product range.
    More storage but no getting 60gb for this years very very, low price.

  4. Re:This is so sad on Hackers Leak DHS Staff Directory, Claim FBI Is Next (csoonline.com) · · Score: 1

    This shows a lack of encryption. Expect the same for backdoors, trapdoors mil grade support hardware used in a domestic setting.
    Every team is been watched and tested.
    Why would any gov just allow sensitive files to be created, exist in plain text and be left just facing the open internet?
    Every level of the US gov seems to have upgraded to computers at some time. Not much thought went into just connecting the same very secure, isolated systems to the internet and then getting a no bid cloud upgrade.

    The same contractors will now offer to clean up, rent security systems back over the same networks they had to look after.

    Long term expect a lot of gov staff to get a gov chat down by undercover random foreigners with heavy accents, diplomats, press with "questions", new friends making an offer.
    It will all be a gov trap with offers of cash, holidays, tools and methods.
    All gov workers will have to report such contact in detail and as quickly as possible.
    Any material been lost and talked about in the press can be used as a cover for a huge loyalty test. The attempt to turn its own workers first and often.
    For that the theatrics of how a hidden gov worker was found has to be made public. Then the honey traps, new friends, chat downs can start at every city, state and federal level.
    Who will respond and who will report what and how quickly.

  5. Re:On paper, this is a good decision on India Blocks Facebook's Free Basics Internet Service (thestack.com) · · Score: 1

    Re "But I can't help but wonder in practice if it won't leave a lot of poor people with no internet access at all."
    Would anyone at a national level really knowingly advise to gift any of its users directly to another nations clandestine services?
    One company that has a brand to sell as a network is not the internet.

  6. Re: I AM KEVIN BACON! on Facebook Knocks "Six Degrees of Separation" Down a Few Notches (i-programmer.info) · · Score: 4, Interesting

    Yes the hops part was always interesting.
    "Three degrees of separation: breaking down the NSA's 'hops' surveillance method" ( 29 October 2013)
    http://www.theguardian.com/wor...
    You may already be a winner in NSA’s “three-degrees” surveillance sweepstakes! (Jul 19, 2013 )
    http://arstechnica.com/informa...
    Australia is even trying it with images.
    Facial recognition: Privacy advocates raise concern over 'creepy' system Government says will enhance national security (10 Sep 2015)
    http://www.abc.net.au/news/201...

    The number of hops the security forces and mil felt comfortable connecting under collect it all fits with the ~3 hop news :)

  7. Know the limits of any OS on Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers (voat.co) · · Score: 2

    Only use Microsoft to play computer games on. Keep that AV updated and use real OS's for other tasks.

  8. Re:What I don't understand... on Intel Says Chips To Become Slower But More Energy Efficient (thestack.com) · · Score: 1

    Generational investors dont like money left on the table. The trapped consumers are used to paying a set amount for any CPU "chip" with the branding, why drop prices?
    This is great news for any disruptive new products. If all the brand can now sell is slow and offer energy savings.

  9. Re:WTF happened? on UK Wants Authority To Serve Warrants In U.S. (usatoday.com) · · Score: 1

    The UK wants its stolen land returned and back tax. It took them a while and they did it politically but they are back. Welcome into the Commonwealth.
    Leave your hard won freedoms at the door and get ready for some MI5/6 and GCHQ advisors looking deep into all US files.
    A bit like what the UK asked for over the issue of US support for Ireland flowing from the US in the 1960-90's.
    This time its all very legal and the UK expects the full and happy cooperation of all US bureaucrats.

  10. Cant reauthorize illegality on Marco Rubio Wants To Permanently Extend NSA Mass Surveillance (nationaljournal.com) · · Score: 2

    The Fourth Amendment still needs that warrant.
    Pushing the Foreign Intelligence Surveillance Act into a domestic setting is not legal.
    Just as the Church Committee https://en.wikipedia.org/wiki/... found back in the mid 1970's
    Using one finding, act, transit authority, policy, directive, annex authority, special procedures, executive order does not allow any US court to use color of law to get around the Fourth Amendment.
    The US and others collected all with projects like BLARNEY, FAIRVIEW, PERFECTSTORM, STORMBREW, STELLARWIND, PRISM,.
    Does collect it all work?
    It works well to enrich contractors, offers great over time and lucrative new roles for the private sector. Renting the network collection tools as no bid contracts is also great for profits.

  11. Re:Expect a lot of people to be approached on Former DoE Employee Ensnared By Secret-Selling Sting Pleads Guilty (washingtonpost.com) · · Score: 1

    Report every approach by anyone for any reason while at work and after work :)
    Thats going to be some big new databases to spend on and look after filled by the millions of contractors, mil and gov workers.
    The the over time for the gov chat down teams that have to go out nationally and internationally to work on ex staff and former staff.
    A whole new bureaucracy, set of contractors and funding. How many team members per person of interest? 2 at a min for a buddy system and to confirm? 6 for technical support in shifts? Support and costs for longer international contacts. Language skills, accents, hair cuts, fashion, local transport...
    How many people will need contacting?
    Number of Security Clearances Soars (Sep.20, 2011 )
    https://fas.org/blogs/secrecy/...
    'In 2009, the Government Accountability Office had told Congress that about 2.4 million people held clearances " Some of the past numbers are also given around the 1983 and 1993 around a 3-4 million count having some form of "clearances".

  12. Expect a lot of people to be approached on Former DoE Employee Ensnared By Secret-Selling Sting Pleads Guilty (washingtonpost.com) · · Score: 1

    Expect teams to approach a lot of people who have just left or have changed jobs from work with a security clearance.
    A preemptive chat down to see how a person responds when contacted by a stranger, press, authors, peace activist, historians, random charming foreigner, fake diplomat with heavy accent or just a "new" "friend" in the area.
    Holidays or travel really seem to get a person of interest to the top of a watch list.
    When in another nation be careful of a honey trap or the friendly stranger approach. A few different teams will have that on record and will play that approach back in full.
    Report any such contact as you would have when working with notes, events, logs any other details as quickly as possible as required. Always make a big fuss, contact law enforcement who have the ability to work with such reports, your gov, mil, company or contractor's security teams.

    The main thrust of such efforts is to induce a fear that every approach by member of the press, authors, peace activist, historians is always gov team.
    Very chilling for any academics, authors or press looking for comment, background or context.
    Freedom of the press and freedom of association is now replaced by reporting every call, email, talk over decades by millions of workers and contractors.
    By default a huge number of unofficial informants ready to report on any emerging press story.

  13. Some ideas on Ask Slashdot: How Can We Improve Slashdot? · · Score: 1

    Just going back over what many have said. The login and moderation system is fine. Keep AC's the way they are.
    Add https.
    Ensure any link is clear, green links on a green gui might need some thought.
    Watch for efforts by the security services eg:
    "GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware"
    http://news.slashdot.org/story...
    Other than that slashdot is doing great, the wider community seems to be able to moderate the more direct sock puppets and other junk posts.
    Ensure slashdot keeps working over all emerging OS's, platforms and is still usable by all people with an interest.

  14. Re:Suggestions. on Ask Slashdot: How Can We Improve Slashdot? · · Score: 1

    That +1 by default for AC's is just going to keep a flood of AC's trying their luck at pushing out some message, ad's, trying to be a better sock puppet backed by some funding.
    Learn to log in and have something to say, users will then add to the conversation.

  15. Send in more suspicious activity reports? on EU Proposes End of Anonymity For Bitcoin and Prepaid Card Users (thestack.com) · · Score: 1

    How low in $ amounts can a "Suspicious activity report" https://en.wikipedia.org/wiki/... go?
    Even with very advanced tracking, small populations and reconciling every account, nothing seems to stop, find, track or block or slow the activities of interest to law enforcement.
    Are the interesting accounts are so large in amount and so numerous in banking products that all gov fines can be seen as a fraction of the cost of doing business?
    Will people showing photo ID to import a few books online really help?
    The other method is just work of mouth within cults, faith groups, business and other secretive banking communities going back generations.
    The only way for the EU to break that is with security services using human intelligence assets creating long term relationships with banks and communities over decades. Flood areas with lots of informants, attempt to turn every released prisoner before they move back into their communities.

    The line about 'The sources of funding of the operatives in the EU are largely unknown" shows the EU is just using contractor based US methods of signals intelligence hoping a bank or electronic account is in use and the hidden digital data is just waiting on the networks with weak US supplied encryption.
    Great for the contractors bank accounts and no bid over time, renting "security" services to the EU but not much use trying to find accounts that dont exist.
    The "be funded by the travellers themselves" shows hidden human support networks that do not show up in digital sweeps by nations who have contractors and officials who can only think in terms of tools to map digital bank accounts.
    The other issues is the total lack of any ID system in the EU and lack of any visa system in and out. So many unknown people are just wondering around with fake, no or some random non EU nations ID's with cash and never have contact with any gov.

    If a person is in a nation and not a tourist, who are they and what are they doing? Why are they even in that country? Track the "cash" that flows per person. Where did the cash serial number last get entered into the legal banking system? Are the serial numbers very old? New? Brand new? Where did the no ID person get the "cash" from to "exchange"? What bank or company was the last trackable location of that cash? Work back and find the "funders" that are handing cash out that ends up in the hands of interesting people. Another nations gov banks?
    Want cash to exchange and no national photo ID? No cash out until a person is fully documented. Get CCTV images of all people even entering to exchange cash but then back away if asked for ID. Share that face EU wide and with international police forces. Use undercover teams to get photographs of anyone changing cash on the streets or looking to exchange cash. Use criminals that have been turned informant to set up massive fake cash exchange networks. They will bend in with their community skills and can get a lot of gossip and images of all people seeking their unique services at competitive rates.

  16. The herd of humans on Harvard: No, Crypto Isn't Making the FBI Go Dark · · Score: 2

    At some point a person will be invited onto vast networked applications, clouds or other sharing or web 2.0 platform.
    Given the need to profit from users interactions the need to "reach out" will be the security forces way in.
    Encryption will not offer privacy on services, hardware and devices designed to track users habits.

    Privacy cannot be created if every movement is been logged.
    A journalist found to be sitting next to a whistleblower for 20 mins. Both having their cell phones on is not safe if they take notes on paper and have the phone powered (battery sealed in by design).

    Encryption that is weak by design or an OS that is created with gov approved trap doors and back doors is not encryption, just an expensive keylogger.
    Watch for the honey trap and any new best friends if using encryption and understanding its limitations on any network.

    If your a company or brand, fly in your staff, talk face to face in a vault, use all paper files. Any data on a connected server is in the public or a billing system thats used globally. Keep new projects and all readable data away from networks. Buying junk turn key encryption or cloud products from nations that allow designers to share your data with their gov, mil, other nations is not the best idea.
    Understand the positive and negative pressure a mil or gov will place on a supplier of encryption, cloud or other computer products for domestic or export use.

    Leadership in some brands will even weaken their products or collect all or allow a gov/mil in.
    Re the "bulk surveillance" and "targeted surveillance"
    Encryption without privacy is just a location to send gov or mil bespoke malware down to.
    Privacy with junk encryption is a plaintext message.

  17. Turn it off, select devices with care on Ask Slashdot: How Do I Reduce Information Leakage From My Personal Devices? · · Score: 1

    If a smart TV has ethernet and wifi, never use it. Use the USB or that data connections to "sneaker net" any files to the device.
    Buy a camera thats a camera and not a networked database device with a good lens. Select the images you like and upload them later or from an OS.
    Sort the images on a computer and select only the images you want to share. Understand that any free cloud, hosting, advertizing network or OS uploads will have all images examined for facial recognition, for images of interest of the security services, NGO's and police.
    Facial recognition: Privacy advocates raise concern over 'creepy' system Government says will enhance national security (10 Sep 2015)
    http://www.abc.net.au/news/201...
    Stop uploading your information to turn key, free services supplied by advertizing brands.

    Understand what Microsoft, Apple and Google do and offer to profit from you and your use of their products and services.
    Securing against cloud and networked products is not a good idea. They have your data just by using their products.
    Use MS or Apple OS for a limited set of applications. Play games on MS, enjoy media on Apple. Anything more interesting and keep it to an OS that you understand and know will not "phone home" or use cloud AV on every file.

    The need for a device that can live stream video is useful, ensure that that device is only used for that. If lost or taken, all that is lost is that device and not other data sets, files, contacts.

  18. Re:Nondisclosure agreements on ACLU Sues Anaheim Police For Public Records On Cell Phone Surveillance (scpr.org) · · Score: 1

    NDA vs discovery in an open court for a skilled legal team?
    Offer a letter that has a very good deal early on? No more lawyer asking questions in open court.
    Ensure no funds can be found or accessed to get a good private legal team and needed local experts. Offer other legal services that have less funds to legally trace a case back to its origins.

  19. Re:Hack Back Attack AUTHORIZED! on Air Force Firewall Now Designated a Weapons System (gazette.com) · · Score: 1

    Yes all that cyber cash is starting to spread wide and deep.
    The back part has been on the books for a while now.

    "U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show" (August 30, 2013)
    https://www.washingtonpost.com...
    under GENIE for "“.. covert implants,” sophisticated malware transmitted .."

    For first time, US military says it would use offensive cyberweapons (Mar 14, 2013)
    http://arstechnica.com/securit...
    "This is an offensive team"

  20. Re:Lack of replacements? on Satellite Failure Behind GPS Timing Anomaly (itnews.com.au) · · Score: 1

    Re 'we just afford to can't replace them"
    "GPS upgrade set to launch on replacement mission" (February 20, 2014)
    http://www.usatoday.com/story/...
    ""We have a lot of satellites that are well past their design life,""
    " "We're trying to prevent any sort of outage and (have) some backup capability on orbit.""
    ""We've really gotten remarkable performance out of them, but they are aging, and there are some components that simply wear out," s"
    "US Air Force Launches New GPS Satellite" (February 21, 2014)
    http://www.space.com/24767-gps...
    "In this particular case, the satellite we are replacing is over 16 years old and its design life was 7.5 years."

  21. Re:Open to Questions on Slashdot and SourceForge Sold, Now Under New Management (bizx.info) · · Score: 1

    Thanks for the opportunity to ask a question.
    Was their ever any more news on this slashdot related topic:
    "GCHQ Created Spoofed LinkedIn and Slashdot Sites To Serve Malware"
    http://news.slashdot.org/story...

  22. Nation-sponsored campaign? on Attackers Use Microsoft Office To Push BlackEnergy Malware (csoonline.com) · · Score: 1

    If any nation is using an imported, outdated consumer OS for its critical infrastructure something is strange.
    Open networks that face the internet, commercial OS's and older applications should be replaced with more robust solutions.

    Re "... deployed in NATO countries, and more broadly across the European Union" Would an older vulnerability that might not exist or be updated even be of interest to an advanced nation-sponsored effort?
    The penetration products offered to nations are new, fancy and work on the most modern OS without been found or noticed. AV fails to detect them during their useful operation.
    Other products have been crafted to only go after very bespoke systems and evade traditional logs, tracking, AV or firewalls eg Equation Group.
    The software used by nations is modern and always works ie not hoping to guess that all systems are not updated and access will be lucky.
    What nation would risk all on old code that is of no use and will quickly be discovered hoping for an application or OS version will align with their access?
    Nations can afford to win using the best code that is mission ready that no other party has seen as it is bespoke no matter what new upgrades or commercial security products are in place.
    The "constantly changing attack vectors" is not new. An old consumer OS left open the internet is not a national energy policy.
    Having industrial networks facing the internet is not a great idea.

  23. Freedom of speech meets the world? on A Customer-Driven Business Model For Twitter (jeffreifman.com) · · Score: 3, Insightful

    Its hard to contain or spin changes to terms and conditions on users to fit global standards for jurisdictions that have no freedoms.
    Users have a lot of traditional computing services for "work" or other than work activities to keep communications bland.
    A walled garden is great for a set of users with the same views who have to live under their theocracy, monarchy, court systems or repressive governments.
    The more a brand been about about open, free communications hopes to shape, contain, report, track freedom of speech, the harder it gets to attract interesting, creative people.

    Once the tend setters feel they are been herded into something chilling they will move on. The herd of users will follow to more free platforms that respect their views and thoughts.

    So what can future web 2.0 and social media creators learn?
    If you start your company in the USA, allow freedom of speech and let users speak their minds. The rest of the world can opt to join in or not.
    Users globally already have their own free gov sanctioned web 2.0 sites that are full of tracked accounts swapping everyday content.
    Once a brand clamps down on freedom of speech, can the user base from nations with no freedoms be a useful long term user base?
    Sell the amazing role of freedom of speech to the world, trying to keep censors happy just makes users look for any better platform.
    Also open the platform to other people and OS's. Having your brand all over brands hardware and software is a plus.
    As for profit, good to have that in place to that during the design stage, ready to go, not as a new project years later.

  24. Re:I thought Mark Klein was the whistleblower on 12 Years Later, Warrantless Wiretaps Whistleblower Facing Misconduct Charges (usnews.com) · · Score: 1

    It was more on the domestic, warrantless use of mass collection of U.S. residents.
    Paper work was been created to give cover to staff asking questions but it was not from a court ie just an authority.
    ie it was a lot of news about how the domestic paperwork was been created to cover for domestic, warrantless collection.
    The authorizing of warrantless surveillance of American citizens was the issue and how deep, far the program went.

    Thats why the US had its FISA court, the F been for "Foreign" that made warrantless surveillance of American citizens not legal after what was slowly uncovered in the mid 1970's
    The Church Committee https://en.wikipedia.org/wiki/... tried to look at the domestic role of the NSA and CIA back in 1975.
    After that warrantless collect it all on US was not to be legal and a real court order was needed per person of interest. The later use of any wide "authority" was not from a court.

    The Room 641A news also helped the US press understand how data was collected and where. US domestic networks.

    Stellar Wind or Stellarwind https://en.wikipedia.org/wiki/....
    also see MUSCULAR (surveillance program) for the UK options https://en.wikipedia.org/wiki/...

    "Behind the legal fight over NSA’s “Stellar Wind” surveillance (Dec 17, 2008)
    http://arstechnica.com/tech-po...

  25. Re:All this just to ensure ... on 12 Years Later, Warrantless Wiretaps Whistleblower Facing Misconduct Charges (usnews.com) · · Score: 1

    The US is now back to the full tyranny of the UK legal system that the US Constitution was to protect from.
    Speak out in public about the US government and the US government will take the tools of your trade away from you.

    Very chilling for any future whistleblowers who stay in or try to use the US legal system.
    No more freedom after speech, to access the press.