Also that kind of under-cover spy information has not been what the SSP has been used for. Read the Wikipedia articles about Siebel Edmonds for an example of the modern abuses.
The State Secrets Privilege was abused from the start. The landmark case that established it via the Supreme Court, United States v. Reynolds, was used to cover up the military's negligence. The B-29 crash did not involve national security, but rather a poorly maintained aircraft. Fraud all around. The State Secrets Privilege should never have been made in the first place and should be removed from legal precedent.
To protect you from misuse by a third party we secured the crypto functions by a user-determined PIN code
There goes all that security. What is the point of trying to break a 128-bit session key if there is just a simple PIN code to break instead? Looks like someone should have read Bruce Schneier.
How does this benefit over current inclusion of User Space Linux? Does it allow other operating systems a la VMware? Is it platform-agnostic? Any info?
I prefer to reward speed over quality. But that is a flexible rule too.
Have you considered changing your personal policy to reward quality over speed? It would remove a lot of the criticisms about story submission choice, possibly including this whole many-submissions issue.
Thanks for that benchmark. It might be interesting to see a plot of size vs. compression time.
-molo
Re:If they can fix stuff at their end... that's co
on
Google Fixes IE Bug
·
· Score: 1
Yes. They are disabled.
-molo
Re:If they can fix stuff at their end... that's co
on
Google Fixes IE Bug
·
· Score: -1, Flamebait
WTF. I thought the whole point of google DESKTOP was that it didn't require any interface to the outside world to work! WHY was google desktop going out to google.com? Isn't the privacy question more important here?
Distribute all the shared libs you need, except for glibc. (BSD licensed, right?) Link all your binaries (including shared libs) against an older glibc version, and it will be forward-compatible with newer glibc versions, thanks to versioned symbols.
This pretty much guarantees compatibility across distributions. Just make sure the glibc you link against is old enough. Then just distribute binary tarballs and tell people only "glibc 2.2 or newer required" "glibc 2.3 or newer required" etc. It works pretty well.
Then, thanks to China's influence in the UN, the.tw TLD would disappear from the root servers. Reference similar bullshit about "Taiwan, province of China" and the fact that Taiwan has no UN seat.
What a mess. Screw the UN. (Screw ICANN and Verisign too, but really, screw the UN)
My corp just switched to a two-factor auth. Previously, things were based on the cisco VPN where the client had to have a certificate (but not an individual-per-client certificate). We then had to log in with our domain login and password.
Now we have switched to cisco VPN plus RSA software token. This is not any better. Now we have a certificate, rsa token, and then we enter a pin number, as short as 4 digits.
This has not improved security one bit, it has actually weakened it. If a laptop is stolen, the "piece you have" went with it. The software token doesn't provide any security over the vpn certificate. Then, the "piece you know", the PIN, is significantly weaker than the old piece you had to know, the domain password (which was a real password with moderately strict rules on complexity).
The whole thing is a counterproductive wankfest. Perhaps you can do it better, but this should be an example of what not to do.
FYI, Debian policy is to have a clear and useful man page for each executable it ships. This means that there are debian-authored man pages for packages that only ship info pages upstream, or even no man page from upstream.
This is for color lasers. The EFF tests to generate sample pages were done with postscript that gets fed directly to the printers. You might be able to hack the firmware, the encoded data gets added by either the postscript rasterizer or the actual bitmapped layout engine.
This is for color laser printers. I doubt there are 400 million of those in North America. The high-end printers that are likely to be used for attempts at counterfieting or high-volume printing of a political publication cost in the tens-of-thousands of dollars range.
That is what this is ostensibly about, tracking counterfeiters (US Treasury Department). But I'm sure the FBI or CIA can use it to track political dissidents.
Note the difference between clauses which only effect citizens and clauses which effect "persons" - non-citizens also. Equal protection applies to all persons. Unfortunately, many lawmakers forget this, and the courts have not enforced it as aggressively as I would hope.
I block ads with JunkBuster, but plan on moving to Privoxy soon. JunkBuster is showing its age (only support HTTP 1.0, etc.). I find adverts distracting and a waste of bandwidth. I've also started downloading TV shows that interest me so that I can watch them without the ads. Cuts down on viewing time by 20% or more.. and the quality is better than over-the-air analog.
Last year they had NO vehicles even make it out of the obstacle course.. and this year they had several vehicles actually complete the desert course?? What gives?
-molo
Re:Well, this has been coming for some time...
on
Nessus Closes Source
·
· Score: 1
So you've made a contribution to the Nessus code base? I assume you retain the copyright. They cannot take your GPL-contributed code and make it proprietary. How much other non-Tenable-copyrighted code is there that they are going to have to remove and replace?
Slashdot Mirror
You can know for sure. Here are the declassified documents:
f
Declassified case appendix which contains the allegedly sensitive documents, via Federation of American Scientists: http://www.fas.org/sgp/othergov/reynoldspetapp.pd
Also that kind of under-cover spy information has not been what the SSP has been used for. Read the Wikipedia articles about Siebel Edmonds for an example of the modern abuses.
-molo
The State Secrets Privilege was abused from the start. The landmark case that established it via the Supreme Court, United States v. Reynolds, was used to cover up the military's negligence. The B-29 crash did not involve national security, but rather a poorly maintained aircraft. Fraud all around. The State Secrets Privilege should never have been made in the first place and should be removed from legal precedent.
-molo
ah, sorry, I read that as "PIN is used to generate DH key".
-molo
Couldn't they have done an MRI while she was alive and found this? Or maybe a Functional MRI? I don't understand why this wasn't detected earlier.
-molo
To protect you from misuse by a third party we secured the crypto functions by a user-determined PIN code
There goes all that security. What is the point of trying to break a 128-bit session key if there is just a simple PIN code to break instead? Looks like someone should have read Bruce Schneier.
-molo
By that definition, Ceres, the largest and first discovered asteroid, is a planet. See: http://en.wikipedia.org/wiki/1_Ceres
-molo
The specs even show that it tops out at 16kHz. Pretty awful.
-molo
I think the philosophy you are espousing is called Libertarianism.
-molo
How does this benefit over current inclusion of User Space Linux? Does it allow other operating systems a la VMware? Is it platform-agnostic? Any info?
-molo
I prefer to reward speed over quality. But that is a flexible rule too.
Have you considered changing your personal policy to reward quality over speed? It would remove a lot of the criticisms about story submission choice, possibly including this whole many-submissions issue.
-molo
Thanks for that benchmark. It might be interesting to see a plot of size vs. compression time.
-molo
Yes. They are disabled.
-molo
WTF. I thought the whole point of google DESKTOP was that it didn't require any interface to the outside world to work! WHY was google desktop going out to google.com? Isn't the privacy question more important here?
-molo
Distribute all the shared libs you need, except for glibc. (BSD licensed, right?) Link all your binaries (including shared libs) against an older glibc version, and it will be forward-compatible with newer glibc versions, thanks to versioned symbols.
This pretty much guarantees compatibility across distributions. Just make sure the glibc you link against is old enough. Then just distribute binary tarballs and tell people only "glibc 2.2 or newer required" "glibc 2.3 or newer required" etc. It works pretty well.
-molo
Yes, what you are saying is misleading.
Linux ALSO beat Windows on: ABI call (437 vs 627) and 2-message ping-pong (5797 vs 6244). Its right there in your post. Read it.
-molo
Then, thanks to China's influence in the UN, the .tw TLD would disappear from the root servers. Reference similar bullshit about "Taiwan, province of China" and the fact that Taiwan has no UN seat.
What a mess. Screw the UN. (Screw ICANN and Verisign too, but really, screw the UN)
-molo
My corp just switched to a two-factor auth. Previously, things were based on the cisco VPN where the client had to have a certificate (but not an individual-per-client certificate). We then had to log in with our domain login and password.
Now we have switched to cisco VPN plus RSA software token. This is not any better. Now we have a certificate, rsa token, and then we enter a pin number, as short as 4 digits.
This has not improved security one bit, it has actually weakened it. If a laptop is stolen, the "piece you have" went with it. The software token doesn't provide any security over the vpn certificate. Then, the "piece you know", the PIN, is significantly weaker than the old piece you had to know, the domain password (which was a real password with moderately strict rules on complexity).
The whole thing is a counterproductive wankfest. Perhaps you can do it better, but this should be an example of what not to do.
-molo
FYI, Debian policy is to have a clear and useful man page for each executable it ships. This means that there are debian-authored man pages for packages that only ship info pages upstream, or even no man page from upstream.
-molo
This is for color lasers. The EFF tests to generate sample pages were done with postscript that gets fed directly to the printers. You might be able to hack the firmware, the encoded data gets added by either the postscript rasterizer or the actual bitmapped layout engine.
My bet is on the rasterizer.
-molo
This is for color laser printers. I doubt there are 400 million of those in North America. The high-end printers that are likely to be used for attempts at counterfieting or high-volume printing of a political publication cost in the tens-of-thousands of dollars range.
That is what this is ostensibly about, tracking counterfeiters (US Treasury Department). But I'm sure the FBI or CIA can use it to track political dissidents.
-molo
ordering a server that didn't come with a CD drive, DVD drive or video card? Puhhleeeze.
Serial console. You can mount a CD or DVD with NFS to a workstation. These are *servers* we're talking about here. Not workstations.
-molo
Note the difference between clauses which only effect citizens and clauses which effect "persons" - non-citizens also. Equal protection applies to all persons. Unfortunately, many lawmakers forget this, and the courts have not enforced it as aggressively as I would hope.
-molo
I block ads with JunkBuster, but plan on moving to Privoxy soon. JunkBuster is showing its age (only support HTTP 1.0, etc.). I find adverts distracting and a waste of bandwidth. I've also started downloading TV shows that interest me so that I can watch them without the ads. Cuts down on viewing time by 20% or more.. and the quality is better than over-the-air analog.
-molo
Last year they had NO vehicles even make it out of the obstacle course.. and this year they had several vehicles actually complete the desert course?? What gives?
-molo
So you've made a contribution to the Nessus code base? I assume you retain the copyright. They cannot take your GPL-contributed code and make it proprietary. How much other non-Tenable-copyrighted code is there that they are going to have to remove and replace?
-molo