The system mentioned is not a drm, it's a code obfuscation system that makes sure that the steam (or whatever) drm stays in and cannot be just easily removed.
One important detail. This gut is not a spammer. He's a scammer. For this kind of attack to work you need very targeted emails tailored to the recipient. (I'm having problems calling the receiver victims. you do not need encryption to protect yourself just a working brain. I get a crazy email from my boss, the first thing that happens is that I need clarification, and surprise surprise is obvious that one asks via a different channel for clarification.)
Yes and no. The better people in the industry continue to learn, every day.
Actually, my current team lead expects us to learn all the time, and is completely willing to take the hit in longer ticket handling times. OTOH, my current boss is an outlier in my experience in this industry.
Finally, we do not consider executable binaries that are obfuscated
to hinder reverse engineering. While simple systems,
such as packers [2] or encryption stubs that merely restore the
original executable binary into memory during execution may
be analyzed by simply recovering the unpacked or decrypted
executable binary from memory, more complex approaches are
becoming increasingly commonplace, particularly in malware.
So, there are numerous issues here:
1.) getting the samples for training (e.g. the authors already mention this as a problem) => github and friends distribute source code, and it's not necessarily trivial to get the compiler and options right to recreate the correct binary.
2.) If you would for example profile me online, you'd learn from code repositories that I know python, and you might from post interfere that I know other languages. My Python repositories will not help you identify my binaries build in C.
3.) And worst, the code where this deanonymization would be most useful, e.g. malware, is very hard to handle, as it's usually obfuscated to the max. Worse malware has been known to mutate itself on replication to avoid leaving a signature for virus scanners.
Then the community can sue the guilty gits responsible (police officers, school officials,...) to reclaim the expenses. Ideally in a way that the millions are not dischargable in their bankruptcy proceedings.
Learning handicapped people (e.g. officials) need some strong examples to learn anything.
It's not about social media. It's about the age of consent for data processing. Basically before you reach that age your parents have to consent for you in privacy related things. Which is technically not a bad thing IMHO.
So considering that that the us government uses nowadays mammy commercial products of the shelf itself; Considering that other governments control access to potentially as big or bigger markets than the US one ->
Are they happy with the Chinese/Russians also reading the communications of the US government?
And they are using commercial regular stuff. By design (to save money and make certain projects even feasible) or mistake (do I need to say Clinton ' email).
Also consider that practically all the hardware for these new communications is produced outside the states. Where other governments can insist on back doors (when it quacks... call it by it's proper name).
E.g. the German privacy watchdog has currently issued a ruling that Google Mail is a communication service and needs to provide "an automatic interface for lawful interception". If the courts let that stand (something quite realistic) and Google not being able to prove to legal standards if an account is "German", that might mean that they'll need to allow to intercept traffic on all accounts.
Great that the FBI gives governments the inspiration to what they should require from companies (including US ones).
Here around all publicly accessible private space are covered by traffic law. Only your private yard that is open only to you is not covered.
(That regulation seems to be a couple of decades old, on old properties you can see signs telling that traffic law applies on this parking lot, but these signs are clearly dying out.)
Subject should read: House votes to extend Patriot Act, and changes some cosmetics when it comes to telephone meta data collection.
1.) Without the act, the Patriot Act, which is what allows the intelligence agencies and LE to collect way to much data, would be again illegal and/or practically much harder. The Freedom Act extends the Patriot Act so the agencies can continue legally to collect the data heaps.
2.) So, the data will be stored at the provider, and they need a court order. And FISA is known to reject at least one request per year (well, most of the years, one cannot be so hostile to our protectors, right), and has never allowed unspecific over broad warrants to be issued, right?
You do realize that subsidies have not been controlled by EU members, but by the EU as such? So the fact that Sweden socialist (which is a label that one could argue about), is irrelevant to the amount of subsidies?
Exactly, adding coverage requirements to licenses makes for a great motivator.
E.g. that leads to an arrogant expectation, that your mobile just works. Does not matter if you are in the city, or in some remote valley in the mountains.
Another brutal way to go at it is simply not allowing deployment of LTE in urban environments before the countryside does not have enough coverage.
At least, in Europe, coverage of at least 95% or more of the population are standard for licensing requirements even for mobile operators. Don't fulfill, and your billions in licensing fees go away and you loose your right to operate the network.
Nothing wrong in this, beyond that the operators don't like it.
Actually, the telcos in Europa are preparing to roll out G.fast, which makes telcos again competive with Cable. (In this case the telcos are quite happy to upgrade, they have not been competive for a couple of years, actually, I'm on my second "free" bandwidth upgrade from by cable company that were not triggered by telco competition)
Hint, streaming is meant to be streaming. There is no point in downloading data much faster than what your viewing application can use up, per time period. Especially as it's unclear if the user will be watching that stream in 30s anymore. No point maxing out the connection, especially as it might steal needed bandwidth from another connection.
On the other hand, 4mbit/s downstream would be locally budget mobile internet. 25 mbit/s is a budget landline connectivity product.
Because the closed source shops prefer not to discuss these issues. And have you've seen our new glossy product folder, our lowpaid code monkeys^H^H^H^H^H^H^H^H^H^H^H^Hsuperb software development gurus don't make mistakes. No sorry, for whatever reason the legal department does not allows us to give you any warranty on our software.
Well, you do realize that AWS DOES offer instances for GPU calculations. Still much slower than dedicated hardware, but basically it's free (as in stolen).
Slashdot Mirror
As long as one cannot print out the image as a QR code ;)
The system mentioned is not a drm, it's a code obfuscation system that makes sure that the steam (or whatever) drm stays in and cannot be just easily removed.
One important detail. This gut is not a spammer. He's a scammer. For this kind of attack to work you need very targeted emails tailored to the recipient. (I'm having problems calling the receiver victims. you do not need encryption to protect yourself just a working brain. I get a crazy email from my boss, the first thing that happens is that I need clarification, and surprise surprise is obvious that one asks via a different channel for clarification.)
The difference is that NSL can be used to acquire existing data, but not to force someone to design broken systems.
Yes and no. The better people in the industry continue to learn, every day.
Actually, my current team lead expects us to learn all the time, and is completely willing to take the hit in longer ticket handling times.
OTOH, my current boss is an outlier in my experience in this industry.
Important part:
Finally, we do not consider executable binaries that are obfuscated
to hinder reverse engineering. While simple systems,
such as packers [2] or encryption stubs that merely restore the
original executable binary into memory during execution may
be analyzed by simply recovering the unpacked or decrypted
executable binary from memory, more complex approaches are
becoming increasingly commonplace, particularly in malware.
So, there are numerous issues here:
1.) getting the samples for training (e.g. the authors already mention this as a problem) => github and friends distribute source code, and it's not necessarily trivial to get the compiler and options right to recreate the correct binary.
2.) If you would for example profile me online, you'd learn from code repositories that I know python, and you might from post interfere that I know other languages. My Python repositories will not help you identify my binaries build in C.
3.) And worst, the code where this deanonymization would be most useful, e.g. malware, is very hard to handle, as it's usually obfuscated to the max. Worse malware has been known to mutate itself on replication to avoid leaving a signature for virus scanners.
Anyway, nice ML paper. ;)
Well, Oracle is not to blame.
The landlord is to blame if they used illegal means to evict the renters.
If the eviction was legal, well, you do have a problem with the local laws then, wouldn't you say?
Then the community can sue the guilty gits responsible (police officers, school officials, ...) to reclaim the expenses. Ideally in a way that the millions are not dischargable in their bankruptcy proceedings.
Learning handicapped people (e.g. officials) need some strong examples to learn anything.
Lawyer up, and be nice to the county, e.g. sue the school board and the police only for $100 million each.
The stupid officials will only learn to handle things like this with common sense after a number of crippling court rulings.
It's not about social media. It's about the age of consent for data processing. Basically before you reach that age your parents have to consent for you in privacy related things. Which is technically not a bad thing IMHO.
So considering that that the us government uses nowadays mammy commercial products of the shelf itself;
Considering that other governments control access to potentially as big or bigger markets than the US one ->
Are they happy with the Chinese/Russians also reading the communications of the US government?
And they are using commercial regular stuff. By design (to save money and make certain projects even feasible) or mistake (do I need to say Clinton ' email).
Also consider that practically all the hardware for these new communications is produced outside the states. Where other governments can insist on back doors (when it quacks ... call it by it's proper name).
E.g. the German privacy watchdog has currently issued a ruling that Google Mail is a communication service and needs to provide "an automatic interface for lawful interception". If the courts let that stand (something quite realistic) and Google not being able to prove to legal standards if an account is "German", that might mean that they'll need to allow to intercept traffic on all accounts.
Great that the FBI gives governments the inspiration to what they should require from companies (including US ones).
Well that depends on jurisdiction I'd say.
Here around all publicly accessible private space are covered by traffic law. Only your private yard that is open only to you is not covered.
(That regulation seems to be a couple of decades old, on old properties you can see signs telling that traffic law applies on this parking lot, but these signs are clearly dying out.)
Or illegal to be explode like in Germany and Austria.
Well could it be that police has been described as acting like an occupation force in many places in the USA?
Subject should read: House votes to extend Patriot Act, and changes some cosmetics when it comes to telephone meta data collection.
1.) Without the act, the Patriot Act, which is what allows the intelligence agencies and LE to collect way to much data, would be again illegal and/or practically much harder. The Freedom Act extends the Patriot Act so the agencies can continue legally to collect the data heaps.
2.) So, the data will be stored at the provider, and they need a court order. And FISA is known to reject at least one request per year (well, most of the years, one cannot be so hostile to our protectors, right), and has never allowed unspecific over broad warrants to be issued, right?
Yeah, much more thinly populated space. I guess that helps the telcos greatly.
You do realize that subsidies have not been controlled by EU members, but by the EU as such? So the fact that Sweden socialist (which is a label that one could argue about), is irrelevant to the amount of subsidies?
Exactly, adding coverage requirements to licenses makes for a great motivator.
E.g. that leads to an arrogant expectation, that your mobile just works. Does not matter if you are in the city, or in some remote valley in the mountains.
Another brutal way to go at it is simply not allowing deployment of LTE in urban environments before the countryside does not have enough coverage.
Well, they did manage to get POTS to everywhere.
At least, in Europe, coverage of at least 95% or more of the population are standard for licensing requirements even for mobile operators. Don't fulfill, and your billions in licensing fees go away and you loose your right to operate the network.
Nothing wrong in this, beyond that the operators don't like it.
Yeah, 25Mbps is kind like a landline for welfare recipients ;)
Actually, the telcos in Europa are preparing to roll out G.fast, which makes telcos again competive with Cable.
(In this case the telcos are quite happy to upgrade, they have not been competive for a couple of years, actually, I'm on my second "free" bandwidth upgrade from by cable company that were not triggered by telco competition)
http://arstechnica.com/informa...
Hint, streaming is meant to be streaming. There is no point in downloading data much faster than what your viewing application can use up, per time period.
Especially as it's unclear if the user will be watching that stream in 30s anymore. No point maxing out the connection, especially as it might steal needed bandwidth from another connection.
On the other hand, 4mbit/s downstream would be locally budget mobile internet. 25 mbit/s is a budget landline connectivity product.
Worse, did not the delegate commit Theft of Service by using a WLAN they were not authorized to?
Because the closed source shops prefer not to discuss these issues. And have you've seen our new glossy product folder, our lowpaid code monkeys^H^H^H^H^H^H^H^H^H^H^H^Hsuperb software development gurus don't make mistakes. No sorry, for whatever reason the legal department does not allows us to give you any warranty on our software.
Well, you do realize that AWS DOES offer instances for GPU calculations. Still much slower than dedicated hardware, but basically it's free (as in stolen).