Slashdot Mirror


User: AHuxley

AHuxley's activity in the archive.

Stories
0
Comments
11,974
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 11,974

  1. Re:the cloud is dead on Lockbox Aims To NSA-Proof the Cloud · · Score: 1

    They have the cooperation of the average users OS, its code and plain text input. Forms of onetime pads, PGP and other amazing encryption has always been an issue. The solution was Tempest, later weak/cheap global standards and now plain text as entered.

  2. Re:the cloud is dead on Lockbox Aims To NSA-Proof the Cloud · · Score: 1

    Yes they have your tame mainstream OS/cell OS and every hardware "keystroke" before encryption and any needed knowledge of the OS.
    Also recall many nations have sent their officer class to the US. They will recall the best years of their lives while working in the telco/security sectors...
    Then comes the "just this once" telco/OS favour ....
    Close allies or cold war friendships - or a nations law enforcement - its not your cloud.

  3. Re:And? on Lockbox Aims To NSA-Proof the Cloud · · Score: 1

    Or a NSL to add in another server?

  4. Re:If they want you on Lockbox Aims To NSA-Proof the Cloud · · Score: 1

    In the old days a gov would go after the coders, hardware makers, publishers or even create a 'trusted' front company.
    The big telco and computer brands handed over clear text making life much more easy but old methods are still waiting for anyone.

  5. Re:Welcome to the 21st Century on US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet · · Score: 1

    http://www.youtube.com/thejuicemedia (via http://thejuicemedia.com/ has a display in video form :
    WHISTLEBLOWER - feat. Edward Snowden:
    http://www.youtube.com/watch?v=hnMPQmIPibE
    French, Portuguese, German, Czech, Hebrew, Russian, Serbian, Dutch, Spanish, Japanese, Turkish lyrics translations are listed too :)

  6. Around the world on US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet · · Score: 1

    Cheap dual ethernet motherboards see a jump in sales as whitebox testing units are constructed.
    A fast new cleanroom OS is loaded and deep packetsniffing code is carefully crafted.
    When the boss is home and clerical staff have packed up for the day...
    Ex staff and trusted colleagues load up their B2B and B2P machines with exciting new dual use orders from exotic locations.
    Will they see a hint of "routers, switches and firewalls from multiple product vendor lines" trying to “harvest” their efforts and phone home?

  7. Re:I'm girding for the blowback on US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet · · Score: 1

    Low cost, fast, new crypto hardware and later software was always very suspect from the 1970's on.
    Enigma gave the clandestine services a taste of near realtime information.
    Why would a top system admin or cryptographer not warn of past (1970-90's) insights into state sponsored network issues?
    The good news for all in the "defend my networks" community is great new books on gap or air wall and good code. Way beyond a chapter of trusted brands or code that 'just works' that the author wrote or likes.

  8. Re:How soon before /. is taken down? on US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet · · Score: 1

    If we the posters dont have US/UK clearances and are just commenting on press stories that are not behind paywalls..... its just a thought crime for now.

  9. Re:Serious question for the Linux community on US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet · · Score: 1

    Everything you connect Linux to is by default compromised. Every packet you send, every search term, every line of code you add or correct.
    So in theory and practice the code is safe. The first telco exchange/tower/branded box you connect is not.
    The hardware and software used to help Linux as part of a much larger setting maybe junk as the routers, switches and firewalls from multiple product vendor lines comment notes.
    You also have the hint of "“harvest” communications and tunnel into other connected networks" - why is this outgoing data not making any admin at that skill level sit up and start thinking?
    So the big threat may not be good quality code inspected my a few bright people world wide but the flexibility/power/cast savings/cooling offered by brand name devices on or off site that are the way in and out.
    The world needs smarter admins watching more of their kit beyond just the uptime and consumer needs.
    A work environment may have very long term guests that have total control over systems.

  10. Re:Now, for the other angle, is this treason? on US Mounted 231 Offensive Cyber-operations In 2011, Runs Worldwide Botnet · · Score: 1

    Historic information filling in the back story to this years cyber comments has consequences....
    http://blogs.fas.org/secrecy/2013/08/cyber-offense/
    “We believe our [cyber] offense is the best in the world,” - Gen. Keith B. Alexander, director of the National Security Agency and Commander of U.S. Cyber Command.
    Lets go down the list cold:
    A mission count, the citation needed for the aggressive aspect and the words GENIE and TURBINE.
    More people will understand terms like Tailored Access Operations (TAO).
    More firms will be careful about their shopping for routers, switches and firewalls from US product lines. That would be nothing new after 30 years of crypto warnings of useless hardware and software been sold world wide from 'trusted' brands.
    The harvest aspect is fun ins scope and costing, how is the US getting all that data back without skilled admins at some point working out what their expensive systems are doing :)
    The use of sites more within to the US (Georgia, Texas, Colorado) may point to more domestic operations - also not really new.
    Overlapping missions notes will be very interesting to US legal teams and law reform groups.
    So over all a few new names, terms and a hint that some hardware and software encryption is mostly expensive junk- something books and magazines noted many years ago.

  11. Re:Read the damn background on Feds Seek Prison For Man Who Taught How To Beat a Polygraph · · Score: 1

    The problem is many in the USA are working in the "teaching people", publishing, faith or related groups.
    Their legal teams and friends may see this as the start of a colour of law chilling effect.
    Will they be next, on a list, questioned or be subjected to entrapment just for "teaching someone" or publishing.

  12. Re:employers use polygraph tests? on Feds Seek Prison For Man Who Taught How To Beat a Polygraph · · Score: 1

    The point can be understood from the UK and UK perspective.
    When the UK faced a huge flow of information to the Soviet Union the US liked to show its ability to protect its interests.
    One method was the lie detector test used by the ~CIA from 1948 onwards.
    By 1951 all US crypto experts faced the polygraph exam.
    The sale, education, maintenance and use became part of US culture. The UK feared losing very skilled individuals over one test. The UK was very aware of the fact any Soviet agent who could pass falsely would be confirmed as safe year after year.
    In the early/mid 1980's the UK found the machines to be useless. 200 MI5 staff where tested, 37% failed - the press got the results.
    The UK did an amazing and very smart thing - they understood the inaccurate side of the testing, how it would result in good staff losses and very bad staff moving further up the ranks. The UK did not really 'tell' the US about the tests and did not go on with more polygraph work in the late 1980's.
    The NSA was hoping anxiety would trip many people up with basic mind tricks, pre and post test questions and ever more tests.
    ie 'scare the hell out of people"

  13. Re: What good is tor on Feds Seek Prison For Man Who Taught How To Beat a Polygraph · · Score: 1

    The mentioned govs dont really have global reach into US telcos by default.

  14. Re:What good is tor on Feds Seek Prison For Man Who Taught How To Beat a Polygraph · · Score: 1

    Tor was well commented on in the late 2000. The mentioned "global passive attack" was well understood. The use of academics using many exit nodes was also noted.
    The ability of code to track people during the past years was also in the press.

  15. Re:Alternative solution on Microsoft and Google Challenge US Government Gag Orders · · Score: 1

    Today's Fun Article was commenting on a version of the "first break the gag order, then wait for government attacking in court, and then defend" mentioned in the "Alternative solution".
    The defence team did bring up aspects of the NSA's domestic surveillance program.
    You also have a mention of FBI, CIA, and .... DEA - something that seems to be news in 2013.
    You can read more at http://cryptome.org/mayer-016.pdf eg
    "... May 11, 2006, that the NSA has engaged in a continuing program of intelligence gathering directed against U.S. telephone subscribers of ...."
    The Total Information Awareness program is also mentioned and issues that surround warrant or subpoena needs and the United States telephone network. http://en.wikipedia.org/wiki/MAINWAY may make interesting reading too. (Warning: link may contain classified data: ensure unclassified work computer is clean)

  16. Re:.com is still king on Dotless Domain Names Prohibited, ICANN Tells Google · · Score: 1

    The fun part is .com is now understood to be .nsa.
    Will other cute words just be part of the same legal and cryptographic trap?

  17. Re:Too little, too late... on Microsoft and Google Challenge US Government Gag Orders · · Score: 1

    The audio, video, text trust in US encryption is gone. Global trust is the brands is gone. People will love the products but at a 'free' joke like level.
    The data "in" will be spread over a few more distant groups and what the NSA can get will be more difficult.
    People can expect to be hunted down 'before' 'during' and 'after' a protest organised via the US "brands" products.
    The "before" part was always a bit of a mystery. Now cameras and legal staff will be waiting.

  18. Re:Who will buy it ? on Microsoft and Google Challenge US Government Gag Orders · · Score: 1

    The same people with US trust funds, scholarships, shares, pensions and telco/hardware/software/web 2.0 political connections.
    Their parents or they bought into or made millions at a staff or contractor or software level from the big US brands.
    They need to believe that the encryption IS safe, the product sold world wide IS safe, the ads ARE lucrative, that the brand, logo and "coded in the USA' IS a global winner.
    Not that their pension/shares/job/resume/are contracting for/blog about/sockpuppet for a US gov wired ENIGMA box and the rest of the world just found out.

  19. Re:Maybe on Microsoft and Google Challenge US Government Gag Orders · · Score: 1

    The US gov knows what you did last IPO. What was a great moment in capitalism might just get 'reviewed' years later by an understaffed, underfunded, legally powerless gov entity.
    For the first time ever they might have amazing funding, smart staff, real subpoenas, global extradition support and strangely US press backing.

  20. Re:Alternative solution on Microsoft and Google Challenge US Government Gag Orders · · Score: 1

    A telco tried that http://www.businessinsider.com.au/the-story-of-joseph-nacchio-and-the-nsa-2013-6
    US federal courts are very tame, mix in a legal team that might need a security clearance and its a hard defend.

  21. Re:Thank you Edward Snowden on Microsoft and Google Challenge US Government Gag Orders · · Score: 1

    Yes a nice internal "telco" like splitter at the clear text adversing plain text end.
    Nobody would have ever known. The sockpuppets on Slashdot could have posted citation needed for years.
    The internal legal teams would have been unaware, the staff just seeing 'contractors' at another door outside their pay grade.
    Why did the big brands in the USA risk all? What made then roll over vs the trust as global .com brands?

  22. Re:Democracy doomed? on UK High Court Gives OK To Investigation of Data Siezed From David Miranda · · Score: 1

    The UK has a lot of legal experts who will love a day in court over this or talk at length in to press as to why and how why where shut out.
    The UK press has faced this style of cold war intrusion before and has the cash, legal skills and PR to mount a good defence on any more UK/US gov legal efforts.
    Add in historians, publishers, bloggers - its a powerful mix to fight off per case in the web 2.0 age.
    The ability of anyone in the UK to still seek news/truth on the topics 'outside' the UK makes any rulings a legal mess.
    "Banned in the UK" "MI5 is watching this site" "Forbidden to many US/UK gov workers: non fiction content posted below" might become a nice joke on many a news site outside the UK.
    Legally the UK is entering that ~1960-80 East European legal zone - the gov so needs more control but as you said so need to be seen as lawful and democratic.
    In the end the UK press wins or the gov faces a very short internal legal victory. Years of reminders about its fancy new "laws" in the global press, computer games, plays, tv, radio, web 2.0, books...poems..puppets, lyrics.... people win contests, big international prizes ... UK law becomes a global joke.

  23. Re:It's an old old tatic to play for time on UK High Court Gives OK To Investigation of Data Siezed From David Miranda · · Score: 1

    Very true, this keeps everybody who has a role well in the loop and online, waiting to see what will happen.
    Overtime the GCHQ and NSA hope someone will get very sloppy and they can 'recover' more hardware in over parts of the world.
    Law reform experts and the UK press will also be kept very busy trying to understand any new colour of law efforts that slide "Irish" era laws over their daily work.

  24. Re:Doesn't matter. Only option. on Neil deGrasse Tyson Says Private Business Will Not Open the Space Frontier · · Score: 1

    Yes the US private sector is going to have to re invent what Germans taught the USA years ago but long term it will be great.
    More real local jobs again, real science, real data and real costs.
    Groups, institutions and companies world wide will have more options and see missions they could never afford been launched.
    As the tech gets cheaper more companies will be able to enter the market too.
    No more slowing a science or an imaging project due to politics, an epic boondoggle or hidden costs :)

  25. iCloud Keychain on Inside OS X Mavericks · · Score: 1

    page 2 has some interesting directions for iCloud Keychain.
    "...online, shared between your devices and backed up by a meaty encryption system"
    Will all that 256-bit AES encryption system to outlast a NSL (http://en.wikipedia.org/wiki/National_security_letter) like effort or will it be a form of one time, one way only online system?