I work for an organization that is heavily involved in electronic discovery processing for large corporations, law firms and the United States government.
Email threading, and duplication detection / dedupe are standard tasks that are performed on a daily basis on huge datasets. (As part of the Processing phase of the EDRM model.)
It is not at all unfeasible that the FBI could have used standard, off the shelf software to identify duplicates and generate an exception report for all 'new' emails that were not in the previously collected datasets.
Do any of you guys remember one of the original Defcon's, where Dan Farmer (I think?) was talking about hiding payloads in the white space of DNS packets?
This quote from the article made me think about that.
"Earlier this month, the group of computer scientists passed the logs to Paul Vixie. In the world of DNS experts, there’s no higher authority. Vixie wrote central strands of the DNS code that makes the internet work.
---->After studying the logs, he concluded, “The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.” Put differently, the logs suggested that Trump and Alfa had configured something like a digital hotline connecting the two entities, shutting out the rest of the world, and designed to obscure its own existence. ---------
In other news, this has been another election cycle brought to you by the folks masquerading as the NYSE, NASDAQ, SWIFT and their associated manifestations.
WW3 will be along shortly. Don't fret whoever gets elected. The script has already been written at least a few chapters past November.
I have an X55 and it lasted for about a year's worth of playing Elite Dangerous before one of the hats on the stick went out.
The RMA process was smooth and they replaced both the throttle and stick. I thought that they made a mistake, but a week later one of the hats on the throttle went out. I guess that they were being proactive.
And if you doubt vote fraud, why did they stop doing exit polling once it because obvious that the exit polls were so far off from the machine results that the only logical explanation for the discrepancies is vote fraud?
I think the "low cost of living" is relative to San Francisco, New York, and Los Angeles. The author of this article specifically left San Francisco, which seems to me to be the absolute worst in terms of cost of living.
People from San Francisco are 'screwing up' property markets all over the country. I am in the process of relocating my family to the Portland, Oregon area. The environment is similar to what you described with your cousin. Everything is going for over asking price. There are usually half a dozen or more offers on a property within 3 days of it going on the market.
I asked my realtor what was driving the costs up and she told me that it is, "All of the tech people moving out of the Bay Area."
The company I work for has a small office (~35 people) in Denver. The entire office is dedicated to data analytics and does a lot of work with massive structured and unstructured data sets.
The company also has a smaller office in Boulder, but from what I understand that office is focused primarily on the energy market.
Careful with the Nexus. A friend of mine got a Nexus 5 and had major sim card issues. The phone would just lose connection with the sim and he would have to reboot. Apparently it is / was a known issue with that series of Nexus phones.
I had my previous Motorola Droid Razr for years and toward the end of its life put Cynaogen on it. It was an entirely new phone at that point and the only reason I upgraded to the Samsung S5 was because I had a free upgrade.
The S5 is starting to slow down and become unresponsive because of the amount of crapware that Verizon loads onto the phone. I am going to take the plunge and try to root it, though from what I am reading now that it is running Lollipop, it might be a bit tricky. Have any of you downgraded to Kitkat from the most recent version of Lollipop and successfully rooted a Verizon S5?
Given the hardware specs of the current phone, along with wifi and LTE, I could see myself using this phone for years and years to come if I can get replacement batteries for it.
If I ever do have to buy a new phone, I will not buy it from a carrier. There are too many strings attached. Wireless carriers should be like ISPs. We only need them to give us connectivity.
We are already in WW3. "They" are just waiting until after the election to break the bad news to everyone who is not yet getting their information from sources other than major news outlets.
The irksome thing about the whole situation is that it could be avoided. The money (read production capacity and labor hours) that will be spent on weapons to kill each other could easily be diverted into infrastructure projects like energy, agriculture, sanitation and transportation. There is no reason, other than the status quo and those in charge who want to maintain their grip on power, that the "Third World" cannot enjoy a significantly better quality of life over the next two generations than their ancestors have ever known.
For at least the last decade, people have been half heartedly making the occasional comments about unionizing the IT workforce.
I hope that the EmblemHealth employees are successful. It is tough to compete in a global economy, but IT is one of the few professions where there is a serious shortage of qualified talent. If the qualified talent refuses to train their replacements, then those replacements are worthless.
Of course, over the next few years a good portion of the sysadmin skill set is going to be automated so this is very much too little, too late. When you have a team of half a dozen people who can manage thousands or tens of thousands of VMs in AWS or Azure, those 100+ person IT departments start looking bloated.
Also putting pressure on the traditional IT skill set is the continuing downward pressure on hardware costs, BYOD and VDI. There is no need to have a legion of desktop monkeys doing end user support when an organization can rapidly re-deploy hardware and shift applications in real time via virtualized desktops.
As more and more application vendors outsource their support functions and take on the support burden as part of the yearly maintenance cost, the need for in house IT staff will continue to shrink.
There is a lot of M&A activity in the healthcare field right now, and a couple of key vendors are bubbling up to the top of the pile. Within a decade I think we are going to see standardization around a couple of SaaS type platforms. Given all of the data breaches that are going on, individual hospitals and healthcare organizations cannot continue to eat the risk of storing all of that data in house.
Since you like FPS and the UT engine, you might consider checking out Insurgency. I just started playing it about a month ago and I really enjoy it. The game is fairly 'realistic' in that you cannot hit much of anything unless you aim down the sights, and it only takes a couple of bullets to kill someone. The learning curve is pretty steep until you figure out the maps, but once you get a handle on them it is a lot of fun.
I mention it because it is slower paced than UT and the other twitch based FPS games, and they are also in the process of converting over to the Unreal 4 engine.
I think I peaked at Q3 and into CS1.1 / 1.2. I was very competitive at Q3, to the point where I beat Fatal1ty on pub DM servers from time to time. (https://en.wikipedia.org/wiki/Johnathan_Wendel)
They did a similar setup in China, but for a different reason. The Chinese government wanted one of their service providers to have access to everything. Same separation of ownership, completely different outcome.
I have to admit that I did not play Zork until well after it was new. I do remember the Tandy computers though. They were the Radio Shack PCs. I seem to remember that they had similar hardware specs as other PCs at the time, but came with their own version of DOS.
I played Wolfenstein on a 286, so I'll share my lawn with you. I did play multi-player Doom though. But that barely qualified as 3D. For me, Quake was real 3D because you had the Y-axis to work with.
Let me get this straight. When you have more devices available to service read or write requests, the time that it takes to service the request goes down.
What next? Are we going to be told that RAID5 gives better read performance than a single drive too?
Like you said, you are already on the list. The only people who are going to bother to generate fake traffic are the same people who want to hide / obfuscate their behavior with said fake traffic.
The only way to do it would be create applications that people can run, and convince enough people to run them. Sort of like SETI @Home or similar. You would want to get people to run the apps on their phones as well.
The only realistic way that I see to do this in the current environment is via some sort of malware. Infect people and take 5% of their bandwidth to generate a whole slew of fake traffic. Even by doing this I do not think that it would take long for the surveillance providers to tune their filters to account for the noise that you were generating.
I hate to be pessimistic, but this battle has already been lost. We are on the other side. The only way to deal with it is to know what your rights are and defend them at all costs. You have to stand up and say, "Yes, I did X. So what? Prosecute me. Put me in front of a jury of my peers and convict me for it."
This aligns with the one system that I was involved in setting up. A former client of mine was running (and probably still runs as far as I know) a couple of power plants in Central California. The control systems were built by Honeywell. For a small, single turbine plant there were 5 servers. 2 masters, 2 slaves / reporting servers and 1 witness.
Both masters, 1 slave and the witness server were on a private network without internet access. 1 slave was in the DMZ with a uni-directional connection from the secondary master that wrote out reporting data. There was a VPN connection (over satellite because the plants were out in the middle of no where farm country) back to the company's main office. The VPN connected the company office to the DMZ and the reporting server so that people in the main office could see the output of the plant.
Nothing in the setup allowed settings to be changed over the internet. Everything within the plant was run on a dedicated IP network that was air gaped from the internet. The only server that was connected to the firewall was the slave / reporting server. It had 2 NICs. So I suppose in fantasy crazy TV land, someone could have hacked the firewall, hopped into the DMZ, compromised the slave and jumped into the control server where they would have been able to... do nothing, because it was the redundant server that would only have been active if the primary failed.
Keep in mind I set that network up in 2005 for a small, single turbine power plant that generated power by burning green waste (yard trimmings, etc.) I think it is reasonable to assume that 'real' power plants that power thousands of homes and businesses are at least as secure. In my situation, Honeywell told me how to do it. I did not make it up. The vendor had the solution, I was just there to handle the network and VPN.
Back in the late 1980s or maybe early 1990s (I was a kid at the time), OMSI (https://www.omsi.edu/) had a film that showed a large number of nuclear tests in the Pacific ocean. It was about an hour long and most of it was silent. It was primarily all in black and white. It lacked any sort of narration. It was just bomb after bomb after bomb after bomb...
It would be great to see it again now that I am older and able to appreciate it more.
This right here. Back in the day, and by that I mean the 1990s, you had a whole channel to yourself when you made a call. At the time, we bitched about call quality and dropped calls, but looking back on it, it was pretty good. The biggest hassle was only getting one side of the conversation. Either you could hear them, or they could hear you. But if you got a good connection, and stayed stationary / on the same cell site, you were good to go. Moving between sites got kind of dicey. Ah, memories... Can you imagine that? Driving down the freeway was like playing Russian Roulette with your phone conversation. You never knew when you were going to hit an over loaded site and lose your call.
I offer some perspective on how DMCA Safe Harbor is used outside of the ISP realm.
The organization that I work for maintains DMCA Safe Harbor status. We are a legal technology service provider, which in English means that we collect data involved in litigation and process it so that it can be entered into evidence as part of a legal proceeding. We have Safe Harbor protection in case we happen to collect copyrighted media during the course of doing forensics collections on systems that we do not own. In order to maintain our status, we have to take reasonable measures to ensure that we are not facilitating copyright infringement. What that means in practice is the security team monitors the network to make sure that people are not running bitTorrent, hosting FTP sites or otherwise actively sharing copyrighted content.
We have never once been served with a take down notice or had to remove content from our systems.
Regarding the article and the DMCA, it seems to me that all Cox has to do is provide subscriber information. It is up to the content holders to go after the individual infringers and make them remove the content from their systems, one lawsuit at a time. Cox and the ISPs are simply providing transit services. They are not actually hosting the content and do not own the systems hosting the content. While I applaud Cox for trying to shield their customers from frivolous lawsuits, I think they are being stupid here. We all know that the large majority of bitTorrent traffic is piracy. If the pirates are too cheap / stupid to spend $10 a month on a VPN or proxy service to obfuscate their connections, they deserve to go down.
Slashdot Mirror
I work for an organization that is heavily involved in electronic discovery processing for large corporations, law firms and the United States government.
Email threading, and duplication detection / dedupe are standard tasks that are performed on a daily basis on huge datasets. (As part of the Processing phase of the EDRM model.)
It is not at all unfeasible that the FBI could have used standard, off the shelf software to identify duplicates and generate an exception report for all 'new' emails that were not in the previously collected datasets.
https://en.wikipedia.org/wiki/...
That could very well be it. It was almost 20 years ago that I sat in on the presentation.
Thanks for the reminder / clarification.
I am intrigued by your ideas, and would like to subscribe to your newsletter.
Do any of you guys remember one of the original Defcon's, where Dan Farmer (I think?) was talking about hiding payloads in the white space of DNS packets?
This quote from the article made me think about that.
"Earlier this month, the group of computer scientists passed the logs to Paul Vixie. In the world of DNS experts, there’s no higher authority. Vixie wrote central strands of the DNS code that makes the internet work.
---->After studying the logs, he concluded, “The parties were communicating in a secretive fashion. The operative word is secretive. This is more akin to what criminal syndicates do if they are putting together a project.” Put differently, the logs suggested that Trump and Alfa had configured something like a digital hotline connecting the two entities, shutting out the rest of the world, and designed to obscure its own existence. ---------
Trump DDoS's you?
In other news, this has been another election cycle brought to you by the folks masquerading as the NYSE, NASDAQ, SWIFT and their associated manifestations.
WW3 will be along shortly. Don't fret whoever gets elected. The script has already been written at least a few chapters past November.
Stay focused on the Russians.
Pay no attention to the actual content of the emails.
Pay no attention to the Clinton Foundation.
Pay no attention to the media running their stories past the campaign before their editors.
Pay no attention to the...
I have an X55 and it lasted for about a year's worth of playing Elite Dangerous before one of the hats on the stick went out.
The RMA process was smooth and they replaced both the throttle and stick. I thought that they made a mistake, but a week later one of the hats on the throttle went out. I guess that they were being proactive.
And if you doubt vote fraud, why did they stop doing exit polling once it because obvious that the exit polls were so far off from the machine results that the only logical explanation for the discrepancies is vote fraud?
I think the "low cost of living" is relative to San Francisco, New York, and Los Angeles. The author of this article specifically left San Francisco, which seems to me to be the absolute worst in terms of cost of living.
People from San Francisco are 'screwing up' property markets all over the country. I am in the process of relocating my family to the Portland, Oregon area. The environment is similar to what you described with your cousin. Everything is going for over asking price. There are usually half a dozen or more offers on a property within 3 days of it going on the market.
I asked my realtor what was driving the costs up and she told me that it is, "All of the tech people moving out of the Bay Area."
The company I work for has a small office (~35 people) in Denver. The entire office is dedicated to data analytics and does a lot of work with massive structured and unstructured data sets.
The company also has a smaller office in Boulder, but from what I understand that office is focused primarily on the energy market.
Careful with the Nexus. A friend of mine got a Nexus 5 and had major sim card issues. The phone would just lose connection with the sim and he would have to reboot. Apparently it is / was a known issue with that series of Nexus phones.
I had my previous Motorola Droid Razr for years and toward the end of its life put Cynaogen on it. It was an entirely new phone at that point and the only reason I upgraded to the Samsung S5 was because I had a free upgrade.
The S5 is starting to slow down and become unresponsive because of the amount of crapware that Verizon loads onto the phone. I am going to take the plunge and try to root it, though from what I am reading now that it is running Lollipop, it might be a bit tricky. Have any of you downgraded to Kitkat from the most recent version of Lollipop and successfully rooted a Verizon S5?
Given the hardware specs of the current phone, along with wifi and LTE, I could see myself using this phone for years and years to come if I can get replacement batteries for it.
If I ever do have to buy a new phone, I will not buy it from a carrier. There are too many strings attached. Wireless carriers should be like ISPs. We only need them to give us connectivity.
We are already in WW3. "They" are just waiting until after the election to break the bad news to everyone who is not yet getting their information from sources other than major news outlets.
The irksome thing about the whole situation is that it could be avoided. The money (read production capacity and labor hours) that will be spent on weapons to kill each other could easily be diverted into infrastructure projects like energy, agriculture, sanitation and transportation. There is no reason, other than the status quo and those in charge who want to maintain their grip on power, that the "Third World" cannot enjoy a significantly better quality of life over the next two generations than their ancestors have ever known.
For at least the last decade, people have been half heartedly making the occasional comments about unionizing the IT workforce.
I hope that the EmblemHealth employees are successful. It is tough to compete in a global economy, but IT is one of the few professions where there is a serious shortage of qualified talent. If the qualified talent refuses to train their replacements, then those replacements are worthless.
Of course, over the next few years a good portion of the sysadmin skill set is going to be automated so this is very much too little, too late. When you have a team of half a dozen people who can manage thousands or tens of thousands of VMs in AWS or Azure, those 100+ person IT departments start looking bloated.
Also putting pressure on the traditional IT skill set is the continuing downward pressure on hardware costs, BYOD and VDI. There is no need to have a legion of desktop monkeys doing end user support when an organization can rapidly re-deploy hardware and shift applications in real time via virtualized desktops.
As more and more application vendors outsource their support functions and take on the support burden as part of the yearly maintenance cost, the need for in house IT staff will continue to shrink.
There is a lot of M&A activity in the healthcare field right now, and a couple of key vendors are bubbling up to the top of the pile. Within a decade I think we are going to see standardization around a couple of SaaS type platforms. Given all of the data breaches that are going on, individual hospitals and healthcare organizations cannot continue to eat the risk of storing all of that data in house.
Since you like FPS and the UT engine, you might consider checking out Insurgency. I just started playing it about a month ago and I really enjoy it. The game is fairly 'realistic' in that you cannot hit much of anything unless you aim down the sights, and it only takes a couple of bullets to kill someone. The learning curve is pretty steep until you figure out the maps, but once you get a handle on them it is a lot of fun.
I mention it because it is slower paced than UT and the other twitch based FPS games, and they are also in the process of converting over to the Unreal 4 engine.
http://www.pcgamer.com/insurge...
I think I peaked at Q3 and into CS1.1 / 1.2. I was very competitive at Q3, to the point where I beat Fatal1ty on pub DM servers from time to time. (https://en.wikipedia.org/wiki/Johnathan_Wendel)
They did a similar setup in China, but for a different reason. The Chinese government wanted one of their service providers to have access to everything. Same separation of ownership, completely different outcome.
I have to admit that I did not play Zork until well after it was new. I do remember the Tandy computers though. They were the Radio Shack PCs. I seem to remember that they had similar hardware specs as other PCs at the time, but came with their own version of DOS.
I played Wolfenstein on a 286, so I'll share my lawn with you. I did play multi-player Doom though. But that barely qualified as 3D. For me, Quake was real 3D because you had the Y-axis to work with.
UT? Newbie. I was honing my railgun skills playing Quake on an IPX LAN.
Get off my lawn.
Let me get this straight. When you have more devices available to service read or write requests, the time that it takes to service the request goes down.
What next? Are we going to be told that RAID5 gives better read performance than a single drive too?
Like you said, you are already on the list. The only people who are going to bother to generate fake traffic are the same people who want to hide / obfuscate their behavior with said fake traffic.
The only way to do it would be create applications that people can run, and convince enough people to run them. Sort of like SETI @Home or similar. You would want to get people to run the apps on their phones as well.
The only realistic way that I see to do this in the current environment is via some sort of malware. Infect people and take 5% of their bandwidth to generate a whole slew of fake traffic. Even by doing this I do not think that it would take long for the surveillance providers to tune their filters to account for the noise that you were generating.
I hate to be pessimistic, but this battle has already been lost. We are on the other side. The only way to deal with it is to know what your rights are and defend them at all costs. You have to stand up and say, "Yes, I did X. So what? Prosecute me. Put me in front of a jury of my peers and convict me for it."
This aligns with the one system that I was involved in setting up. A former client of mine was running (and probably still runs as far as I know) a couple of power plants in Central California. The control systems were built by Honeywell. For a small, single turbine plant there were 5 servers. 2 masters, 2 slaves / reporting servers and 1 witness.
Both masters, 1 slave and the witness server were on a private network without internet access. 1 slave was in the DMZ with a uni-directional connection from the secondary master that wrote out reporting data. There was a VPN connection (over satellite because the plants were out in the middle of no where farm country) back to the company's main office. The VPN connected the company office to the DMZ and the reporting server so that people in the main office could see the output of the plant.
Nothing in the setup allowed settings to be changed over the internet. Everything within the plant was run on a dedicated IP network that was air gaped from the internet. The only server that was connected to the firewall was the slave / reporting server. It had 2 NICs. So I suppose in fantasy crazy TV land, someone could have hacked the firewall, hopped into the DMZ, compromised the slave and jumped into the control server where they would have been able to... do nothing, because it was the redundant server that would only have been active if the primary failed.
Keep in mind I set that network up in 2005 for a small, single turbine power plant that generated power by burning green waste (yard trimmings, etc.) I think it is reasonable to assume that 'real' power plants that power thousands of homes and businesses are at least as secure. In my situation, Honeywell told me how to do it. I did not make it up. The vendor had the solution, I was just there to handle the network and VPN.
Back in the late 1980s or maybe early 1990s (I was a kid at the time), OMSI (https://www.omsi.edu/) had a film that showed a large number of nuclear tests in the Pacific ocean. It was about an hour long and most of it was silent. It was primarily all in black and white. It lacked any sort of narration. It was just bomb after bomb after bomb after bomb...
It would be great to see it again now that I am older and able to appreciate it more.
This right here. Back in the day, and by that I mean the 1990s, you had a whole channel to yourself when you made a call. At the time, we bitched about call quality and dropped calls, but looking back on it, it was pretty good. The biggest hassle was only getting one side of the conversation. Either you could hear them, or they could hear you. But if you got a good connection, and stayed stationary / on the same cell site, you were good to go. Moving between sites got kind of dicey. Ah, memories... Can you imagine that? Driving down the freeway was like playing Russian Roulette with your phone conversation. You never knew when you were going to hit an over loaded site and lose your call.
I offer some perspective on how DMCA Safe Harbor is used outside of the ISP realm.
The organization that I work for maintains DMCA Safe Harbor status. We are a legal technology service provider, which in English means that we collect data involved in litigation and process it so that it can be entered into evidence as part of a legal proceeding. We have Safe Harbor protection in case we happen to collect copyrighted media during the course of doing forensics collections on systems that we do not own. In order to maintain our status, we have to take reasonable measures to ensure that we are not facilitating copyright infringement. What that means in practice is the security team monitors the network to make sure that people are not running bitTorrent, hosting FTP sites or otherwise actively sharing copyrighted content.
We have never once been served with a take down notice or had to remove content from our systems.
Regarding the article and the DMCA, it seems to me that all Cox has to do is provide subscriber information. It is up to the content holders to go after the individual infringers and make them remove the content from their systems, one lawsuit at a time. Cox and the ISPs are simply providing transit services. They are not actually hosting the content and do not own the systems hosting the content. While I applaud Cox for trying to shield their customers from frivolous lawsuits, I think they are being stupid here. We all know that the large majority of bitTorrent traffic is piracy. If the pirates are too cheap / stupid to spend $10 a month on a VPN or proxy service to obfuscate their connections, they deserve to go down.