984 posts • joined 4 Mar 2011
Even if they could be trusted to obey the law, what he's saying is totally unreasonable. "law enforcement needs to be able to take every legally available step". In other words, if it's legal, we must also make it possible. Would it be legal to remotely disable a suspected kidnapper's car? I'm sure it would. Therefore every car must have a remote killswitch.
What is this? I've never heard of it before. Nor can I find anything on the web to suggest it's a real organization. It sounds like something that was made up solely for the purpose of advancing the anti-privacy agenda.
Re: Separate Browsers
For even better protection, I don't use Facebook on a any browser or on any mobile device.
That would be a total disaster for bitcoin. But people have good reason to think it won't happen. Even worse, and possibly more likely since it's newer technology would be someone finding a way to break the epileptic curve encryption used to prove ownership of each address.
Re: My token of choice is bitcoin thanks.
I don't think Bitcoin is necessarily the answer, but it does offer something no other popular payment system has. It requires each transaction, including the amount and the payee to be digitally signed by the payer. It seems to me something similar is the ultimate goal we should be working towards for secure payment. There also needs to be a way to make sure a transaction signature can't be used twice. Bitcoins handles that with the blockchain, but it could also be done with either a random number that must be unique, or even a sequential number like checks (cheques) have. A time stamp or expiration date (again, like checks have) would also be a good idea. All of that should be cryptographically signed by the payer.
If eBay does away with the near obligation to use PayPal I will actually consider shopping there again.
You just want to see fanbois getting poisoned by their phones, don't you?
All I need to know:
If they have to coerce, trick or bribe people to use it, it must not be very tempting in its own right.
Re: Cheap rubber
Probably because it's actually expensive rubber. Cheap products are happy the leave the finish in ordinary plastic. But high end products use some kind of fancy rubber, which, I must admit, feels very nice to hold when it's new.
Re: Heat Shrink Tubinng
Or in keeping with the theme of this article, perhaps bondage tape would do the job.
Re: Damaged without authorization...
I was confused by that part as well. 18 U.S.C. § 1030(a)(5) relates leaks that could be "used to the injury of the United States, or to the advantage of any foreign nation", but what's this talk about damaged computers in five or more districts? They must have had something specific in mind when they wrote that, but I can't really make sense of it.
The only thing that comes to mind is perhaps they're talking about a botnet. But if so they're deliberately being very obscure about it.
I thought this was well known. I knew it anyway. I'm sure you could have simply got in touch with the Bitcoin Foundation to verify it rather than using this strange "allegation" phrasing.
Tor isn't a browser...
I'm guessing the source of the confusion is the difference between surfing through Tor and running a Tor exit node. Doing the latter on your home internet connection really isn't a great idea. I did it that for a while a long time ago, but thought better of it after getting my IP address banned on a whole bunch of sites.
That's what "temporarily allow all this page" is for. (Assuming you're using NoScript). Although it looks like you actually only need to allow one domain, albeit a big one: google.com
I'm afraid I don't understand the purpose of this. Is it just for use when you have access to an 802.11 network but no cellular (which seems like an unusual situation) or does it save you minutes if you have a non-unlimited voice plan? Or what?
You mean you have to PAY for the privilege of having your nude selfies stolen? I'd assumed that feature came free with the phone.
Re: I'm conflicted
I just looked at a list of file types it goes after, and mp3 doesn't seem to be on the list, but zip, rar and 7z are. So if you've happened to download something in one of those formats and left the packed file sitting around you could simply download it again to get your cleartext. Or maybe you emailed a big docx to someone recently. Chances are you can retrieve it from your mail server, or failing that ask the recipient to mail it back.
It does target a wide variety of files so I'd bet that the vast majority of people do have something on their disks in one of those formats which is duplicated elsewhere, even without making an intentional backup.
Re: "...from 91 angles."
Plus, if it has to be at an exact angle, even one of 91, the odds of it working are infinitesimal.
Best guess what that was supposed to mean is -45° to 45°, i.e. a 90° arc in the front. But maybe they're considering more than one axis (i.e. pitch and/or roll as well as yaw), in witch case it becomes totally mysterious again.
Re: Mothers maiden name ?
Not to mention many women don't change their names when they marry anymore. Or heaven forbid, your mother might never have married at all.
:Sigh: pa$$word, seriously?
That'll hold off the hackers for maybe 0.01 seconds, if you're lucky. What you need to do, for maximum security, is spell your password entirely with currency symbols:
I'm not impressed much by this response. Yeah technically Apple wasn't hacked, but allowing unlimited login attempts with no timeout is pretty indefensible for anything serious.
No, we call them burglarizationists.
Good. That's a horrible idea. Now I don't need to worry about encountering it on an Android phone.
What about it?
How about "Don't do that either". Does any more really need to be said.
Re: I see we're promoting the 'evil' bit
To be fair, it does mention use by human rights activists, which kind of says the same thing.
The manual control requirement is perfectly reasonable, but the insurance requirement is kind of ridiculous. Human-driven cars only need $35,000 worth of liability insurance. And you do have the option of putting up a bond for that amount instead (not that many people actually do). So I don't understand why the requirements need to be so much stricter. Surely it's already been proven that self-driving cars are not 143 times more dangerous!
Then we need a more democratic alternative to https certs. I just don't think it's reasonable to expect everyone to get https set under the current system.
Regular KeePass is open source too. As far as I can tell, KeePassX is just a fork that exists mainly for historical reasons.
So more bibles on eBay then?
Re: Slightly off-topic but
But to use the same argument, most users probably wouldn't notice if they suddenly found themselves on a completely insecure site. Shouldn't the browser throw up a series of scary looking dialog boxes every time you visit any http site? I mean to be honest I might look for the lock icon the first time I buy something on a new site (before entering CC details) but that's about the only time I think about it. I doubt I'd really notice if I somehow got sent to a perfect replica of Amazon only it was http.
Slightly off-topic but
It makes no sense to me that browsers treat a self-signed certificates as worse than no encryption at all. It still protects against passive eavesdropping, isn't that better than nothing?
It would be different because it'd be the first altcoin to be legal tender. Even outside Ecuador, that could be significant. It would be a foreign currency after all, rather than just some weird digital asset your government hasn't figured out how to handle yet. I can't say who specifically would want that or exactly in what situation, but I do think it would be enough to distinguish it from the others.
Unless they did make it a decentralized mineable cryptocurrency. If it had all the advantages of Bitcoin and official support from a government too I could definitely see that interesting some people.
I'd give you 0.00002 for it, if it really is as nice as you say, but Galvin Anderson won't let me. :(
Re: Missing a vitial point
I would argue it's intermediate in terms of snoopability between the two. Even cash is somewhat traceable due to the serial numbers, but generally pretty good. Of course it can only be used in person (or somewhat inadvisedly, by mail). Credit cards on the other hand are very convenient online but heavily regulated and closely tied to the cardholder's identity. The credit card industry is also controlled by just a few companies which makes it easy for governments to turn the screws and get whatever info they want.
Bitcoin is more traceable than cash since a complete record of transactions is available, but only by account number. You can't see that Mark paid Lisa, or Quanto LLC paid Bizmerf Inc, only that 1HiKJwUoK5eP4Rku9kFtwj2N7rXxGKRamN transfered money to 1NEjMXjPtuYRxKvyWtwKJpkkfZ2QhRCK1U. Plus, since it's decentralized* it's harder for governments to directly control.
*Kind of, this isn't as true as it was at one point.
Doesn't seem to work
I just went to gmail signup and it still allows only letters, numbers and _.
So do FON users get a separate IP address?
I noticed that. This is why I originally came to the mistaken conclusion that they were only showing the message when something had actually been removed. I googled one of the names from the lawsuits, got the message. Then I googled a some famous name (I forget who now), no message. I also tried "john doe", also no message.
While trying to figure out how they award celeb status I just noticed something else odd. If you put the name in quotes the message always shows up, even if it's "johnny depp" or "barack obama".
I was just thinking, you know what's ironic? They talk about protecting children, but this will only catch the lowest lever child porn users. Think about it, if someone is actually molesting a child and sharing the pics with their pedo pals, those pictures won't be in the database! The one guy who it would actually do some immediate good to arrest is the one who has the least to fear from this.
For all we know this picture WAS simple a naked child. Though obviously it had to be one that was reported and determined (by somebody) to be illegal in the past. "Child abuse images" is just the politically correct term for child pornography now, don't assume it actually means the pictures show abuse.
Re: I like it, but I just don't trust it (yet)
Didn't think of the magnetic field, but the vacuum test absolutely needs to be done. The possibility that it works by pushing against the air (whether by some exotic electromagnetic means or not) needs to be ruled out as soon as possible.
It's not rocket scie...oh.
Or is it? It sounds to me like the fact it isn't a rocket is precisely what's so amazing about it.
Isn't it ironic
that "1Password" looks like a classic example of a terrible password? (That would still pass the security requirements of most sites.) Only difference is you usually put the one on the other side.
Because 1. they love acronyms, and 2. it's specifically intended to be an antidote to that, so I assume they thought it made sense to name it in the same style.
It's sounds like he covered that to be honest. Obviously Netflix puts a different spin on it, but it really says the same thing. "ISPs can do this either by free peering with us at common Internet exchanges," but if that isn't nearby you'll have to pay for the link yourself "or can save even more transit costs by putting our free storage appliances in or near their network." i.e. host their power-hungry servers for free.
It's not too hard to imagine that neither option is very appealing for a small ISP.
So it's a bug in I2P but...
They claim it works on the on a default install with no configuration changes, but as of the last time I used Tails (admittedly several versions back) it didn't even start I2P automatically. I guess it's strictly true that launching a program is not a "configuration change", but if that's their game, it's more than a little dishonest to call this a vulnerability in Tails.
It's possible Tails has changed since I used it, or maybe there's some hook left for I2P that makes this attack work even when the main program isn't running, but I doubt it.
Re: Department of the Obvious....
Didn't they also handle UK's last census? Or was it some other merchant of death I'm thinking of?
Well, if you believe the theory that the scam are intentionally made unbelievable so as the weed out anyone the a lick of common sense right from the start...
Just speculating here, but it seems like the biggest concern for the university lawyers would be the claim that the presenters had actually unmasked illegal hidden services (if I understood the claims correctly). They would open themselves up to libel lawsuits if they reveal that information, and open themselves up to subpoenas if they don't. Publicly claiming that you know who runs Silk Road or <insert popular CP site> is just asking for trouble.
Assuming this is true and all, you can't blame them for setting their sights high, but there are other hidden services hosting things like political rants, legal porn Tor directories, and privacy guides. They could have proved the concept on one of these without risking anyone (guilty or innocent) getting hurt.
- +Comment Anti-Facebook Ello: Here's why we're still in beta. SPAMGASM!
- Analysis Windows 10: One for the suits, right Microsoft? Or so one THOUGHT
- Vid+Pics Microsoft WINDOWS 10: Seven ATE Nine. Or Eight did really
- Xbox hackers snared US ARMY APACHE GUNSHIP ware - Feds
- You dirty RAT! Hong Kong protesters infected by iOS, Android spyware