Well, cat breeds is an interesting topic, if you're into cats and the breeding of cats.
So is microprocessor architecture, but discussions on this are far and fewer in between. And there's less debate on them, since it'd mostly be just rehashing of old arguments.
Actually, nobody talks about cat breeds here either. Discussion tends to be Microsoft vs. Google vs. Apple, and less so Microsoft than the other two.
I wonder why this news never made/. If anything, it's incredibly noteworthy from both an architectural and a security standpoint.
Just imagine, hijack this process, and you have unrestricted access to all of the phone's capabilities. This would happen via the auto-update capability. And forget a malicious attacker, imagine a complacent mobile network operator pushing a malicious NSA update to targeted users. The cert doesn't have to be compromised because they'd just have Google sign their update.
Makes you wonder if the CIA didn't do it themselves just to push the rest of Western Europe along. Then some years down the line, after Assad's gone and the entire region's in turmoil, we're going to hear, "Whoops. That wasn't Assad who used the chemical weapon. It was some terrorist. Oh, and they might have been previously funded by the CIA."
I'm not a cryptographer, nor have I worked on TOR, so take the below with a grain of salt. I've only read the documentation and some of the discussions on TOR's weaknesses that brighter individuals than I have proposed and speculated upon.
The actual timing attack is not quite that simple, but I'm pretty certain you've got the jist of the matter. It works best if your traffic is consistent and does not vary (i.e., your traffic is mostly going to only a few destinations). As an attacker, you have a list of TOR relay nodes, and a list of TOR exit nodes. All you have to do is observe traffic out of a computer into a relay node, and follow it from there. A highly saturated relay node might be able to provide some level of safety through obscurity, but if the connection is routed over one that's used occasionally or rarely, then it's a matter of time before you can trace the connection to the endpoint. Because your traffic is consistent, the confidence level will rise over time. Now, put up some compromised relay nodes, and maybe some compromised exit nodes, and wait.
In fact, I wouldn't be surprised if that's how they brought down Freedom Hosting. Hidden services will take longer (7 hops instead of 4) to trace, but that hardly matters. When 95% of your server's traffic is coming from known TOR relays and only 5% is coming from normal IPs, then you know it's probably running a hidden service.
For dragnets, TOR is fairly useful as a measure to avoid being caught up in one. For high-profile, targeted attacks, you won't stand a chance. They can probably install some equipment right outside of your living space that will route all of your TOR traffic through fake nodes.
If the animal was so smart, it wouldn't be eating the dead stupid one. It would let its natural predator(s) eat it. Except smart natural predators are usually too smart to eat already-dead things.
If you think you're a better programmer than someone because of the high level language you've chosen rather than the types of problems you're able to solve and the quality of your solutions, then you've completely missed the point.
FTFY.
Your point only applies to comparisons between high level languages. And arguably, this may apply to a lesser degree between languages of different levels of abstraction.
Programming in assembly involves actually understanding what the processor is doing under the hood. Q.e.d. programmers comfortable with writing in assembly are better than solely high level programmers.
You can call it elitism when comparing a driver of a BMW and that of a Toyota, but it's not elitism to say that professional race car drivers are better than commuter drivers.
Funny how the justification for the program was all about the terrorists. Now, we find out that it wasn't just used for terrorists, pedophiles, and drug traffickers, but also for people the copyright lobby dislikes.
And yet, I find myself completely unsurprised. How long before all this surveillance infrastructure gets used against farmers standing up against Monstano, or generic drug makers, or individuals advocating for shorter copyright terms? How long before this gets used to stifle political dissent and free speech?
Soon, if it isn't already happening. Very, very soon.
Ya think? She's the biggest Democrat shill ever... She works as much for the political machine as any wannabe-powerful person working her way up the system would do. The fact that she's "made" it says everything about who she is and what she's doing.
It's not a coincidence that she attacks anonymity and privacy at around the same time the current administration is starting to clamp down on the same things. She's not a journalist, nor dedicated to journalism. She's a shill in journalist's clothing.
(Yeah, yeah, it's her site and she can do whatever the fuck she wants with it. But I think her followers should know just what kind of person they're following. They can choose to continue following her or to reject her afterwards. The most important thing is that they have this choice.)
Believe it or not, beggars make a lot of money. If they get a good spot or route, they'll make a ton more than most honest living. Think several hundred a day, no taxes. Of course, it's not easy to get or keep a good spot.
The ones who are truly in need don't beg. They just are. Though usually, they're also perfectly happy being.
The druggies and alcoholics who are homeless all got sent to Cali or down south. Winters are not as cold there.
False information? Where do you see false information in her announcement? Withheld information, certainly (and false in the sense of the truth, the whole truth, and nothing but the truth), but that's the nature of the gag order, to force people to withhold information from others.
Which makes me think that they will come for Slashdot next. If they haven't already that is.
I have to think that it has already come to this, that even now, here, our communications are being closely monitored. They're probably logging our IPs and tracing them back, the next step being to intimidate and bully those who dare speak openly about their unethical, unconstitutional activities.
I guess that's the difference between financially administering your own site and having corporate overlords administer it for you. You can shut your site down if you get a request to do something you don't deem ethical. Your corporate overlord however may just roll over and give them what they want.
Slashdot Mirror
Well, cat breeds is an interesting topic, if you're into cats and the breeding of cats.
So is microprocessor architecture, but discussions on this are far and fewer in between. And there's less debate on them, since it'd mostly be just rehashing of old arguments.
Actually, nobody talks about cat breeds here either. Discussion tends to be Microsoft vs. Google vs. Apple, and less so Microsoft than the other two.
I wonder why this news never made /. If anything, it's incredibly noteworthy from both an architectural and a security standpoint.
Just imagine, hijack this process, and you have unrestricted access to all of the phone's capabilities. This would happen via the auto-update capability. And forget a malicious attacker, imagine a complacent mobile network operator pushing a malicious NSA update to targeted users. The cert doesn't have to be compromised because they'd just have Google sign their update.
It'll be 'L' for LifeSavers.
Makes you wonder if the CIA didn't do it themselves just to push the rest of Western Europe along. Then some years down the line, after Assad's gone and the entire region's in turmoil, we're going to hear, "Whoops. That wasn't Assad who used the chemical weapon. It was some terrorist. Oh, and they might have been previously funded by the CIA."
What? We did it to Saddam and Iraq.
I'm not a cryptographer, nor have I worked on TOR, so take the below with a grain of salt. I've only read the documentation and some of the discussions on TOR's weaknesses that brighter individuals than I have proposed and speculated upon.
The actual timing attack is not quite that simple, but I'm pretty certain you've got the jist of the matter. It works best if your traffic is consistent and does not vary (i.e., your traffic is mostly going to only a few destinations). As an attacker, you have a list of TOR relay nodes, and a list of TOR exit nodes. All you have to do is observe traffic out of a computer into a relay node, and follow it from there. A highly saturated relay node might be able to provide some level of safety through obscurity, but if the connection is routed over one that's used occasionally or rarely, then it's a matter of time before you can trace the connection to the endpoint. Because your traffic is consistent, the confidence level will rise over time. Now, put up some compromised relay nodes, and maybe some compromised exit nodes, and wait.
In fact, I wouldn't be surprised if that's how they brought down Freedom Hosting. Hidden services will take longer (7 hops instead of 4) to trace, but that hardly matters. When 95% of your server's traffic is coming from known TOR relays and only 5% is coming from normal IPs, then you know it's probably running a hidden service.
For dragnets, TOR is fairly useful as a measure to avoid being caught up in one. For high-profile, targeted attacks, you won't stand a chance. They can probably install some equipment right outside of your living space that will route all of your TOR traffic through fake nodes.
it's like saying the janitor is "brilliant" for opening the door.
FTFY. The janitor's got all the keys, to every door, for every room. Beware the janitor. He sees everything. Scrubs got it right.
First time I saw the title, I read it as "Huge Crayon Discovered Under Greenland Ice"
The real miracle is how they managed to fit all 12 of them in one.
If the animal was so smart, it wouldn't be eating the dead stupid one. It would let its natural predator(s) eat it. Except smart natural predators are usually too smart to eat already-dead things.
It's popular to take a dump on Windows 8.
If you think you're a better programmer than someone because of the high level language you've chosen rather than the types of problems you're able to solve and the quality of your solutions, then you've completely missed the point.
FTFY.
Your point only applies to comparisons between high level languages. And arguably, this may apply to a lesser degree between languages of different levels of abstraction.
Programming in assembly involves actually understanding what the processor is doing under the hood. Q.e.d. programmers comfortable with writing in assembly are better than solely high level programmers.
You can call it elitism when comparing a driver of a BMW and that of a Toyota, but it's not elitism to say that professional race car drivers are better than commuter drivers.
It's like, a sort of Ctrl-Z for the dcument.
It was carrying all the personnel and equipment that didn't fit in the first helicopter with the president.
So...the dog?
Its 12 months now. In 2 days, it'll be 6 months. Another 2 days later, it'll be 1 week. A few days after that, it'll be 18 months.
Because as harsh as we are, we know better than to resort to ad homeniem attacks. There's so much more real material we can use...
Funny how the justification for the program was all about the terrorists. Now, we find out that it wasn't just used for terrorists, pedophiles, and drug traffickers, but also for people the copyright lobby dislikes.
And yet, I find myself completely unsurprised. How long before all this surveillance infrastructure gets used against farmers standing up against Monstano, or generic drug makers, or individuals advocating for shorter copyright terms? How long before this gets used to stifle political dissent and free speech?
Soon, if it isn't already happening. Very, very soon.
Uh... What have you been smoking?
Ya think? She's the biggest Democrat shill ever... She works as much for the political machine as any wannabe-powerful person working her way up the system would do. The fact that she's "made" it says everything about who she is and what she's doing.
It's not a coincidence that she attacks anonymity and privacy at around the same time the current administration is starting to clamp down on the same things. She's not a journalist, nor dedicated to journalism. She's a shill in journalist's clothing.
(Yeah, yeah, it's her site and she can do whatever the fuck she wants with it. But I think her followers should know just what kind of person they're following. They can choose to continue following her or to reject her afterwards. The most important thing is that they have this choice.)
Believe it or not, beggars make a lot of money. If they get a good spot or route, they'll make a ton more than most honest living. Think several hundred a day, no taxes. Of course, it's not easy to get or keep a good spot.
The ones who are truly in need don't beg. They just are. Though usually, they're also perfectly happy being.
The druggies and alcoholics who are homeless all got sent to Cali or down south. Winters are not as cold there.
Nah. You just wave your hand around and the app learns the apppropriate behavior based on your gestures. Unfortunately, Google did it first.
Now, if only they could have used this to redo Metro, it might actually be usable.
False information? Where do you see false information in her announcement? Withheld information, certainly (and false in the sense of the truth, the whole truth, and nothing but the truth), but that's the nature of the gag order, to force people to withhold information from others.
The situation is more analogous to if they were taking notes on everyone who walked by and putting them into one giant searchable database.
Which makes me think that they will come for Slashdot next. If they haven't already that is.
I have to think that it has already come to this, that even now, here, our communications are being closely monitored. They're probably logging our IPs and tracing them back, the next step being to intimidate and bully those who dare speak openly about their unethical, unconstitutional activities.
I guess that's the difference between financially administering your own site and having corporate overlords administer it for you. You can shut your site down if you get a request to do something you don't deem ethical. Your corporate overlord however may just roll over and give them what they want.
That's one long running joke. We sure fooled them!