So if their system is too complex to obey the law....the short version of what they said is "We built a system without regard to the law" and "We broke the law". Thank you for the confession. Now its time to start dismantling and prosecuting thanks.
Yes and no. Aside from being ineffective in serious situations, the groin is also rather ridiculously easy to defend. Anyone who has spent any time at martial arts is quite familiar with adjusting their stance to reduce the targets they present to an opponent (even if they haven't necessarily thought about it in those terms yet)
Move your knee, turn your hips, its very easy to defend. In classes I can think of times we practiced attacking the instep, the knee, the core body/live, the throat, the face, the tmj, various joint locks against elbows and wrists.... never once the groin.
I understand the argument, I don't understand why you would leave your door open in the first place. I 10k a week, 30k a year on stolen items....and you didn't think to install a $10 door lock? shit spring for the $30 one at that point.
And worst they didn't even need to spring for the lock. All they needed to do was choose anything OTHER than the example in the manual. Seriously, anything other than say "password" would be better. The word "donkey" would be better. "KeepOut" would be many times better than that even.
This isn't even a password that needs to be "open on the internet" secure....it needs to be "some guy standing there in public fiddling with it" secure. It needs to be like, your kid sister wouldn't guess it in 10 tries secure. Seriously "DoNotTouch" would be more than enough.
Having access to a manual shouldn't provide access to the machine if it has been configured properly. Any passwords in the manual should sure as shit not work after the machine is installed and open to the public.
It may be fair to say these kids are not really much of hackers....but if that is the case then there are a few things the ATM designers or bank administrators (or both) are not either.
> If you are concerned about your privacy giving these tools to the public is just a bad idea. Sure the black hat > argument, if we break in then they will have to fix it and make it more secure..
I think you believe your own straw man.
What is being assaulted here is the relative bubble the NSA operates in. You see, if the NSA develops a tool, that is them. Its tradecraft, its keeping us safe, its under control. They have it, we have no proof anyone else does. No "real" problem...just an "academic" problem of us whiny people complaining about "rights".
However, when someone produces it and shows how easy it is, its no longer the NSA in a vacuume, its anybody with a few bucks. `The thing is....this isn't special. If you really, truely want these devices, you can, for the most part, build them yourself with time. That is true now, it was true a few years ago.
The only real difference is how plausible the deniability is when someone claims that its hard or it requires sophistication to some huge level. It isn't true, its not been true for a while, and it is high time to dispel that myth.
Fact is, the risk is already out there. We already see specialized hardware attacks on ATMs. We have already seen "evil maid" attacks on laptops of Poker players: http://securitywatch.pcmag.com...
I don't think informing people with concrete examples of the real threats and popping the bubble around the NSA is really a bad thing. The "bad guys" of whatever flavor you imagine, already have these tools and no qualms about using them.
Perhaps, but I have also run into people who have actually expressed the idea that they have no need to really learn how to fight or defend themselves because they know how to kick a guy in the nuts and if it ever comes down to it, they will do that and run.
In truth, they may be right, but only because its unlikely they will need to do it, not because its a particularly effective technique.
> why would that feature suddenly become selected for by the opposite sex?
who says all selection is driven by female choice? You are leaving no room for choice being driven by availability. Females can only choose from amongst the males who lived long enough to mate; and even then "choice" isn't always the right word when choosing a suitor may mean he needs to fight with the one who is already claiming you and fighting all commers.
And the violence one is protected from need not even be particularly sex related. Anything that causes thinner skinned males to die before procreation at a higher rate than thicker skulled ones will do it. It would provide protection from other strikes like say... someone picking up a rock or a stick and using it as a weapon....which....I hear humans are particularly good at and want to do, perhaps our direct ancestors had such predlicictions as well?
I was reading an article of someone who was investigating an old legal myth (I think it was the "rule of thumb") and one of the amusing side notes in the article was that while its very true there are scarce few examples of any husband being charged with a crime for beating his wife (and no evidence of such a "rule of thumb") there was one thing that did stand out from the criminal records: The number of brothers charged with beating their sister's husbands.
Not necessarily true. First a hit to the testicles is not fatal and secondly not that likely to induce infertility....you do have two of them. If a few rounds of rochambeau would do it, our species would have died out long ago. In fact, as far as I can tell, no male who grew up with a little sister or brother would be able to procreate.
Secondly, the pain, while large compared to many, is nothing that can't be overcome by the adrenalin levels present during a real fight. A lot less men are going to be dropped to the ground in crippling pain should you kick them in the nads during a battle than, say.... if you ran up behind them on the street. (after the adrenalin wears off is another story)
Thats not to say don't ever kick a man in the nads during a fight, it might work and shit, sometimes you gotta hit what is open... I wouldn't expect to you should learn that and rely on it as your unstoppable finishing move technique though.
OTOH hits to the face can do a lot of hard to repair damage. Even with all this armor I have heard of people having their orbital collapsed with one punch....still look at some of those other ape skulls and realize theirs are a lot more exposed, thinner, and less well reinforced.
Frankly, I would put an ape up against a human in a fight any day on raw stength and speed, but, I bet a human boxer still wins a singificant enough portion of the time just with a devsatating first punch to the face.
There was a guy in NH who was arrested for selling a pound of pot. The informant who was used to trap him? A heroin dealer. They wanted to throw the book at him over it too because he refused to be their informant inside a peaceful activist group.
Send a heroin dealer to catch a pot dealer...amazing.
Depends on why the snitch is snitching. When a snitch snitches because he got in over his head and crime got real, thats one thing. When a robber whose accomplice murders someone "snitches", well thats hardly the most common case anyway.
However, this is something else. This is a guy who got caught snitching on his crew and even helping to trap them, not because he was morally outraged, but only to save his own hide. I have no respect for that sort of thing. He did what he did and he got caught... turning on his former comrads? Ruin them and theirs to save him and his? There is nothing defensible about that.
A guy I know was working on a solution to this a few years back, but it just kind of stagnated and died after the initial specifications. Called it the "Passive privacy system".
Basically a PPS enabled emailer would transparently generate gpg keys on first use, with no password, and advertise them in headers. If you begin a conversation with someone else who supports it but whose key you don't have, then it uses a header based conversation to exchange keys and starts encrypting all messages within a couple of emails.
Then....if a user decides later that they actually care, they can always generate new keys and/or add passwords to protect their keys.... but that becomes an added level of security on top of a rather strong base level.
So just to summarize, it sounds like you are saying is whether or not it would help would actually depend on what specific equipment firefighters have on hand; and possibly what the situation dictates, so it helps, but isn't really enough.
Which brings up the question.... does this make sense? I always thought the problem with cars being next to hydrants was clearance. By moving the car 3 feet away from the hydrant, it seems like clearance issues are gone and the worst of it would be that the hose needs to drape over a hood.
Is it still an issue or just a matter of "that was always the rule so we go with it"? I think only a firefighter could really answer that.
Everybody is different. Shit I did coke a couple of times and didn't even like it that much. I mean, I could see why people liked it, I could very much see how people get into trouble with it. In fact, I think that old drug war propaganda "I do coke so I can work longer hours, so I can make more money, so I can buy more coke" was one of the better descriptions of the trap that exists there.
Pot, I love pot....I know people who don't; and I don't mean the "I never used drugs so I am an expert" folks, shit, I don't even hang out with them. No I mean people who smoked it, some a few times, some for a while, and who decided they didn't like it.
Some people do MDMA and are depressed for days after, I have done it a couple of times, and I had the opposite, I was absolutely glowing for days after.
Pretty sure I have done meth too, when I bought some "MDMA" and it didn't have any of its proper effects, but kept me up all night... based on the speedy feeling pretty sure thats what it was.... never had any desire to do it again, was actually pretty annoyed at the whole situation....some people love that shit.
In short everybody has different body chemistry and different desires. Its not the drug, its the interaction between the drug and individual where the details (and thus the devil) lie.
Honestly, I think its that he kept active and kept working on things that excited and interested him.
If you understand the basics of what the human mind does, matching patterns and re-wiring itself to respond to them better, if you have seen the research on dementia and alzheimers and the evidence that novel environments that keep the mind active and experiencing new things can mean drastic differences....
Is it really any surprise that when comparing a person who has mostly spent the last 30 years watching TV isn't in as good a place in terms of energy or mental capacity as someone who kept working, kept experiencing new things, and kept interacting with people?
A friend of mine called me up and told me he was presenting a talk at MIT so we went. It was amazing to see a nearly 80 year old man bouncing around. He is the same age as my Grandmother, yet he had more energy and was more with it than she was at 60.
It was a really great talk; I could watch him talk about his "dirty pictures" all day long.
> The constitution permits and protects a great many anti-social activities, yet I don't believe the founding fathers > were attempting to promote anti-social behavior. They simply recognized that to fully protect beneficial behavior > there was a need to make the safeguard as wide as possible.
But nobody needs the right to obey. The right to do as you are told has never been questioned or challenged. None have ever been threatened with loss of liberty for doing what his neighbor considered decent and appropriate.
These are rights only in the most simple and navel gazing sense. Rights can only protect the activities that others find objectionable. No other yard stick matters a lick.
I believe the confusion here is over the interpretation of "Let them take arms", which you seem to interpret as "let the government disarm people". Whereas, I, and I believe GP, thought "them" refered to the people, as in "let the people take arms". (notice "take arms" or "take up arms" is a common phrase for engaging in fighting)
That makes more sense to me in context... as he seems to be extolling the virtue of occasional civil war.
I was thinking that myself as I typed a response to a previous comment but, I canceled it because I realized something.....few other scenarios make sense.
If their signing keys were compromised, they could issue revocations, they could announce it. They would be foolish not to. If they just wanted to end the project, why such an off the wall announcement? Why release a decrypt only version?
These actions together make no sense unless they have some reason that they cannot talk about. There are not a lot of reasons that I can think of that they would be unable to disclose some information, like their real reason for stopping or what real vulnerabilities may or may not be out there.
It is really hard to find much else that fits here. Maybe not an NSL but some sort of goverment action with a gag order attached. What else could they not talk about unless it involved their own misdeeds? However, if they had backdoored trucrypt in some way (and no passing a security audit doesn't mean they didn't do it)....why release a decrypt-only now? Why not just, end the project and call it a good run? It doesn't add up, criminals don't clean up the messes they leave behind, not when it doesn't actually cover their tracks in any way.
No this stinks and there are not too many reasons I can think of for it to smell like that. Not proof but, I think suspicion is warranted. I have seen a lot of projects end a lot of different ways, from pissy developer infighting to lack of funds to life issues taking over. This doesn't look like any of them. This isn't how long running projects usually end.
And that is the whole point of the Canary, by its most sudden and peculiar death, you know its time for people to begin walking calmly to the exits of the mine shaft.
You just made me want to post my huge old CRT on craigslist as a "featuring revolutionary outward curve technology that minimizes reflections compared to either flat panels or inward curved screens."
Oh exactly. As far as I can tell, unless you did something really heinous, for petty crime, drug crime, etc, the whole point of punishment is to make people who can afford to pay up. I have a particular friend.... you want to know how stupid the drug war is now....get this.
He was arrested in AZ; but lives near me on the east coast. He could afford a lawyer, he could afford to pay fines and fees. His entire court procedure was done...over the phone. He got probation.
What was he caught with? Was it a few joints? Was it an oz of weed? No....he was driving a rental car with 70 lbs of weed in the trunk. 70 lbs of weed...and he got probation and did it all over the phone through his lawyer.
Don't get me wrong, I don't even think he deserves to have been arrested for flowers but, doesn't it really say something when they can offer probation and fines to someone for 70 lbs but still say with a straight face that its a serious issue? Sure is a serious issue....if you can't pay for the process they say is due.
Slashdot Mirror
So if their system is too complex to obey the law....the short version of what they said is "We built a system without regard to the law" and "We broke the law". Thank you for the confession. Now its time to start dismantling and prosecuting thanks.
Yes and no. Aside from being ineffective in serious situations, the groin is also rather ridiculously easy to defend. Anyone who has spent any time at martial arts is quite familiar with adjusting their stance to reduce the targets they present to an opponent (even if they haven't necessarily thought about it in those terms yet)
Move your knee, turn your hips, its very easy to defend. In classes I can think of times we practiced attacking the instep, the knee, the core body/live, the throat, the face, the tmj, various joint locks against elbows and wrists.... never once the groin.
Too low value/easy to defend.
I understand the argument, I don't understand why you would leave your door open in the first place. I 10k a week, 30k a year on stolen items....and you didn't think to install a $10 door lock? shit spring for the $30 one at that point.
And worst they didn't even need to spring for the lock. All they needed to do was choose anything OTHER than the example in the manual. Seriously, anything other than say "password" would be better. The word "donkey" would be better. "KeepOut" would be many times better than that even.
This isn't even a password that needs to be "open on the internet" secure....it needs to be "some guy standing there in public fiddling with it" secure. It needs to be like, your kid sister wouldn't guess it in 10 tries secure. Seriously "DoNotTouch" would be more than enough.
A better question is: This is secured.....how?
Having access to a manual shouldn't provide access to the machine if it has been configured properly. Any passwords in the manual should sure as shit not work after the machine is installed and open to the public.
It may be fair to say these kids are not really much of hackers....but if that is the case then there are a few things the ATM designers or bank administrators (or both) are not either.
> If you are concerned about your privacy giving these tools to the public is just a bad idea. Sure the black hat
> argument, if we break in then they will have to fix it and make it more secure..
I think you believe your own straw man.
What is being assaulted here is the relative bubble the NSA operates in. You see, if the NSA develops a tool, that is them. Its tradecraft, its keeping us safe, its under control. They have it, we have no proof anyone else does. No "real" problem...just an "academic" problem of us whiny people complaining about "rights".
However, when someone produces it and shows how easy it is, its no longer the NSA in a vacuume, its anybody with a few bucks. `The thing is....this isn't special. If you really, truely want these devices, you can, for the most part, build them yourself with time. That is true now, it was true a few years ago.
The only real difference is how plausible the deniability is when someone claims that its hard or it requires sophistication to some huge level. It isn't true, its not been true for a while, and it is high time to dispel that myth.
Fact is, the risk is already out there. We already see specialized hardware attacks on ATMs. We have already seen "evil maid" attacks on laptops of Poker players: http://securitywatch.pcmag.com...
I don't think informing people with concrete examples of the real threats and popping the bubble around the NSA is really a bad thing. The "bad guys" of whatever flavor you imagine, already have these tools and no qualms about using them.
Perhaps, but I have also run into people who have actually expressed the idea that they have no need to really learn how to fight or defend themselves because they know how to kick a guy in the nuts and if it ever comes down to it, they will do that and run.
In truth, they may be right, but only because its unlikely they will need to do it, not because its a particularly effective technique.
> why would that feature suddenly become selected for by the opposite sex?
who says all selection is driven by female choice? You are leaving no room for choice being driven by availability. Females can only choose from amongst the males who lived long enough to mate; and even then "choice" isn't always the right word when choosing a suitor may mean he needs to fight with the one who is already claiming you and fighting all commers.
And the violence one is protected from need not even be particularly sex related. Anything that causes thinner skinned males to die before procreation at a higher rate than thicker skulled ones will do it. It would provide protection from other strikes like say... someone picking up a rock or a stick and using it as a weapon....which....I hear humans are particularly good at and want to do, perhaps our direct ancestors had such predlicictions as well?
Sure they did, brothers and fathers.
I was reading an article of someone who was investigating an old legal myth (I think it was the "rule of thumb") and one of the amusing side notes in the article was that while its very true there are scarce few examples of any husband being charged with a crime for beating his wife (and no evidence of such a "rule of thumb") there was one thing that did stand out from the criminal records: The number of brothers charged with beating their sister's husbands.
Not necessarily true. First a hit to the testicles is not fatal and secondly not that likely to induce infertility....you do have two of them. If a few rounds of rochambeau would do it, our species would have died out long ago. In fact, as far as I can tell, no male who grew up with a little sister or brother would be able to procreate.
Secondly, the pain, while large compared to many, is nothing that can't be overcome by the adrenalin levels present during a real fight. A lot less men are going to be dropped to the ground in crippling pain should you kick them in the nads during a battle than, say.... if you ran up behind them on the street. (after the adrenalin wears off is another story)
Thats not to say don't ever kick a man in the nads during a fight, it might work and shit, sometimes you gotta hit what is open... I wouldn't expect to you should learn that and rely on it as your unstoppable finishing move technique though.
OTOH hits to the face can do a lot of hard to repair damage. Even with all this armor I have heard of people having their orbital collapsed with one punch....still look at some of those other ape skulls and realize theirs are a lot more exposed, thinner, and less well reinforced.
Frankly, I would put an ape up against a human in a fight any day on raw stength and speed, but, I bet a human boxer still wins a singificant enough portion of the time just with a devsatating first punch to the face.
There was a guy in NH who was arrested for selling a pound of pot. The informant who was used to trap him? A heroin dealer. They wanted to throw the book at him over it too because he refused to be their informant inside a peaceful activist group.
Send a heroin dealer to catch a pot dealer...amazing.
Depends on why the snitch is snitching. When a snitch snitches because he got in over his head and crime got real, thats one thing. When a robber whose accomplice murders someone "snitches", well thats hardly the most common case anyway.
However, this is something else. This is a guy who got caught snitching on his crew and even helping to trap them, not because he was morally outraged, but only to save his own hide. I have no respect for that sort of thing. He did what he did and he got caught... turning on his former comrads? Ruin them and theirs to save him and his? There is nothing defensible about that.
A guy I know was working on a solution to this a few years back, but it just kind of stagnated and died after the initial specifications. Called it the "Passive privacy system".
Basically a PPS enabled emailer would transparently generate gpg keys on first use, with no password, and advertise them in headers. If you begin a conversation with someone else who supports it but whose key you don't have, then it uses a header based conversation to exchange keys and starts encrypting all messages within a couple of emails.
Then....if a user decides later that they actually care, they can always generate new keys and/or add passwords to protect their keys.... but that becomes an added level of security on top of a rather strong base level.
So just to summarize, it sounds like you are saying is whether or not it would help would actually depend on what specific equipment firefighters have on hand; and possibly what the situation dictates, so it helps, but isn't really enough.
Good point....they don't actually do anything all that useful or needed.
Which brings up the question.... does this make sense? I always thought the problem with cars being next to hydrants was clearance. By moving the car 3 feet away from the hydrant, it seems like clearance issues are gone and the worst of it would be that the hose needs to drape over a hood.
Is it still an issue or just a matter of "that was always the rule so we go with it"? I think only a firefighter could really answer that.
Everybody is different. Shit I did coke a couple of times and didn't even like it that much. I mean, I could see why people liked it, I could very much see how people get into trouble with it. In fact, I think that old drug war propaganda "I do coke so I can work longer hours, so I can make more money, so I can buy more coke" was one of the better descriptions of the trap that exists there.
Pot, I love pot....I know people who don't; and I don't mean the "I never used drugs so I am an expert" folks, shit, I don't even hang out with them. No I mean people who smoked it, some a few times, some for a while, and who decided they didn't like it.
Some people do MDMA and are depressed for days after, I have done it a couple of times, and I had the opposite, I was absolutely glowing for days after.
Pretty sure I have done meth too, when I bought some "MDMA" and it didn't have any of its proper effects, but kept me up all night... based on the speedy feeling pretty sure thats what it was.... never had any desire to do it again, was actually pretty annoyed at the whole situation....some people love that shit.
In short everybody has different body chemistry and different desires. Its not the drug, its the interaction between the drug and individual where the details (and thus the devil) lie.
> I'd love to know his secret.
Honestly, I think its that he kept active and kept working on things that excited and interested him.
If you understand the basics of what the human mind does, matching patterns and re-wiring itself to respond to them better, if you have seen the research on dementia and alzheimers and the evidence that novel environments that keep the mind active and experiencing new things can mean drastic differences....
Is it really any surprise that when comparing a person who has mostly spent the last 30 years watching TV isn't in as good a place in terms of energy or mental capacity as someone who kept working, kept experiencing new things, and kept interacting with people?
A friend of mine called me up and told me he was presenting a talk at MIT so we went. It was amazing to see a nearly 80 year old man bouncing around. He is the same age as my Grandmother, yet he had more energy and was more with it than she was at 60.
It was a really great talk; I could watch him talk about his "dirty pictures" all day long.
Very sad day but, it had to come someday.
> The constitution permits and protects a great many anti-social activities, yet I don't believe the founding fathers
> were attempting to promote anti-social behavior. They simply recognized that to fully protect beneficial behavior
> there was a need to make the safeguard as wide as possible.
But nobody needs the right to obey. The right to do as you are told has never been questioned or challenged. None have ever been threatened with loss of liberty for doing what his neighbor considered decent and appropriate.
These are rights only in the most simple and navel gazing sense. Rights can only protect the activities that others find objectionable. No other yard stick matters a lick.
I believe the confusion here is over the interpretation of "Let them take arms", which you seem to interpret as "let the government disarm people". Whereas, I, and I believe GP, thought "them" refered to the people, as in "let the people take arms". (notice "take arms" or "take up arms" is a common phrase for engaging in fighting)
That makes more sense to me in context... as he seems to be extolling the virtue of occasional civil war.
I was thinking that myself as I typed a response to a previous comment but, I canceled it because I realized something.....few other scenarios make sense.
If their signing keys were compromised, they could issue revocations, they could announce it. They would be foolish not to. If they just wanted to end the project, why such an off the wall announcement? Why release a decrypt only version?
These actions together make no sense unless they have some reason that they cannot talk about. There are not a lot of reasons that I can think of that they would be unable to disclose some information, like their real reason for stopping or what real vulnerabilities may or may not be out there.
It is really hard to find much else that fits here. Maybe not an NSL but some sort of goverment action with a gag order attached. What else could they not talk about unless it involved their own misdeeds? However, if they had backdoored trucrypt in some way (and no passing a security audit doesn't mean they didn't do it)....why release a decrypt-only now? Why not just, end the project and call it a good run? It doesn't add up, criminals don't clean up the messes they leave behind, not when it doesn't actually cover their tracks in any way.
No this stinks and there are not too many reasons I can think of for it to smell like that. Not proof but, I think suspicion is warranted. I have seen a lot of projects end a lot of different ways, from pissy developer infighting to lack of funds to life issues taking over. This doesn't look like any of them. This isn't how long running projects usually end.
And that is the whole point of the Canary, by its most sudden and peculiar death, you know its time for people to begin walking calmly to the exits of the mine shaft.
Splitters!
(would slashdot make Brian Himself wait this long to his submit?)
Perhaps larger people are more likely to sleep with a large TV on in their bedroom?
You just made me want to post my huge old CRT on craigslist as a "featuring revolutionary outward curve technology that minimizes reflections compared to either flat panels or inward curved screens."
Oh exactly. As far as I can tell, unless you did something really heinous, for petty crime, drug crime, etc, the whole point of punishment is to make people who can afford to pay up. I have a particular friend.... you want to know how stupid the drug war is now....get this.
He was arrested in AZ; but lives near me on the east coast. He could afford a lawyer, he could afford to pay fines and fees. His entire court procedure was done...over the phone. He got probation.
What was he caught with? Was it a few joints? Was it an oz of weed? No....he was driving a rental car with 70 lbs of weed in the trunk. 70 lbs of weed...and he got probation and did it all over the phone through his lawyer.
Don't get me wrong, I don't even think he deserves to have been arrested for flowers but, doesn't it really say something when they can offer probation and fines to someone for 70 lbs but still say with a straight face that its a serious issue? Sure is a serious issue....if you can't pay for the process they say is due.