It all depends on what they do with the randomness from other computers I guess. For instance one of the simplest things they could do is have several computers generate random numbers of the same size and XOR them together. In that scenario, the worst an attacker can do is not help any. Even if they hand you 000000000000000 or the like, combining that with your own number won't make it any worse.
1472 posts • joined 4 Mar 2011
So basically the BBC exists to keep the TV license fee going, rather than the other way around?
"From HMD we can expect a range of Android phones and tablets."
Makes me long for a simpler time
Remember when ads were just little bumper-sticker shaped images at the top or bottom of the page? People complained about those too, but as long as they didn't flash bright colors or impersonate windows pop-ups I never minded much. It would be nice if we could go back to when those were all we had to deal with.
Re: One time pad
Obviously you would need some system to make sure the keys are only used once. To start with, the cards you hand out would have to be unique (while you keep a copy of each). Each would contain two separate blocks of key data, one for sending and one for receiving.
It still might not be super practical, but the basic idea is sound, say 4GB is good for an awful lot of emails.
Well done team! But it seems like these emergency software modes on spacecraft have a record of doing more harm than good. Maybe I just don't remember it, but have you ever read a story where it says "foocraft suffered a bar failure, but fortunately it when into emergency mode enabling us to resume contact and continue its mission"? As far as I can recall it's always "foocraft is stuck in barmode for some reason and we're trying to get it running again."
Re: I'm surprised that the wolves are doing well
Both can be true, though. It may simply mean that humans are worse than cancer.
My understanding is that he feared they would be able to figure out what he had done fairly quickly, and hoped going public would offer him some measure of safety. I don't know if that was a good move, but I can understand the reasoning. With the benefit of hindsight, I guess I'd have to say he probably should have delayed the reveal a bit longer,
Re: dats beautiful
That wouldn't be an entirely bad thing, think of the fun that could be had by changing what it points to.
As the judge who made this ruling pointed out, a 19-year veteran FBI agent ought to know what he's doing when he requests a warrant too. He didn't come right out and say so, but it sounds as if he suspects they knew what they were doing wasn't on on the up and up.
Judicial rulings can make surprisingly entertaining reading in a bland sort of way. Especially the polite, indirect ways they go about telling the losing party that they're basically idiots. I even learned a new word, "improvident" (which it would be to extend the Good Faith exceptions to completely invalid warrants.)
On a more serious note, I do have a certain amount of sympathy for the government's argument that there needs to be some way to obtain a warrant against a computer hiding behind Tor, but it doesn't sound like they made their best attempt here, not going to the right kind of judge. And in any case, they are bound by law as it stands, not what it should be, just like the rest of us.
Re: sidebar of shame
I thought everyone called it that.
Re: A pedant writes...
As far as I'm aware, it's illegal to jam cellular signals, but not to physically block them. If they wanted to build a Faraday cage around the theater, I don't think anything's stopping them.
OK, I'm inclined to think it's just stupid, not evil
It seems to me the only change to make this a reasonable (not necessarily good, but reasonable) law is insert "if possible", at the end of the requirement for companies to turn over data. Since it does contain the provision that no particular design can be required or prohibited , in practice all it really means is "If you leave the door open, let us use it". As currently written, all a company would have to do to "comply" with this law, while still offering strong end-to-end encryption is say "Alright, 'appropriate technical assistance' coming right up. We're going to build the world's biggest super computer farm to crack this key for you... but you're paying, right?"
I donno, by tying it into facebook, they will no doubt feel obliged to protect their clean image... err the clean image they believe they have, but at the same time, there's definitely a market for that kind of thing. An obvious solution would be to sell the gadgets but let third parties handle the porn, but that kind of freedom doesn't exactly seem to be in style right now. It'll be interesting to see how it plays out.
Re: Twiiter on the blockchain
There's Bitmessage too, though as of last time I checked, that looked kind of rudimentary.
Are you by any chance using some kind of software that pre-fetches pages? If so I guess it's conceivable it automatically visited RebootMyModem.net for you.
I'm not sure what's supposed to be sinister about offering children more privacy online, I'd have thought that was a desirable thing. Clearly they shouldn't have left up a forgotten page that returned unfiltered results, but that's fixed now, and I doubt if many kids have a "fuzzer" handy, so no harm done. As far as the results on the intended search page, it looks like they're doing pretty good. I entered a few obscure terms that could have yielded nude results and the "worst" thing I was able to find was some classical art.
Re: The other problem
It's already fixed. It says so at the end of the article, and my check confirms that address just sends you back to the front page now.
Re: That sentence
Not enough details, but given this was a "dark web" business, it's entirely possible he doesn't even know who most of his clients were.
Re: Is anyone from MIT reading this?
They picked the wrong time to go to Flash. Not that the previous choice, Java was so great either, but at least there are other legitimate geeky reasons for having that one installed.
Re: Well, time to zap the blight
About the only thing (save the occasionally amusing flash game or animation) that anyone has used it for in the last 5 years is video, and it's finally obsolete for that too. You might still rarely come across a site needs it for video, but essentially all major sites support HTML video now. In short, it's time.
Re: So dark net is no longer dark
Tor Browser is "specialized software", sure, but so is Firefox... It's just kind of a dumb claim. They're trying to make it sound mysterious without really saying anything. And yes, I would imagine onion.to has blacklisted any super illegal sites they are aware of, though I'm not dumb enough to go poking around to find out for sure.
Ah trusted, but Trust is hard to come by. It may be one of the scarcest commodities of all.
It's actually the App version of Tor. Runs on Android, appropriately enough.
On the one hand, this law sucks, on the other hand I have problems with big corporations trying to push democratically elected governments around. Just recently Georgia's governor vetoed a religious-freedom bill* under similar pressure. But goodness knows this kind of corporate bullying it goes on all the time, although much less publicly, and that sucks too.
*This one would have protected people's right not to make cakes they don't agree with. While many might put the two laws in the category, from my libertarian perspective they aren't the same at all.
Re: 16 square meter?
16 cubic meters. That's actually significantly smaller in practice. The Japanese aren't that short.
That's the Hippocratic Oath your thinking of...
Google's motto was "don't be evil."
This should be memorialized as THE classic security blunder. I can just imagine whoever did this thinking, or perhaps even saying out loud, "It's just blinking lights, no need to worry about security on this bit..."
More to the point, IMO, they tampered with his computer, which is now being used as evidence. How can they get away with not revealing what they did to it?
I just hope they're careful not to let the dormant cyber pathogen out.
Re: Admin password
I believe there actually is a feature for something like that, and given the phone belonged to Syed's employer (local government no less) they could easily have been using it. Unfortunately, they simply hadn't bothered to set it up.
Interesting way to slip a study on phenotype and intelligence under the radar without being called racist,
I never have, but I assume that's because I don't have a twitter account.
Well, to be honest I try to keep my face off the 'net entirely.
Re: authority vs liberty
Authoritarian, absolutely, but I'm not sure where you get "right wing" from. Both wings have their authoritarian streak (communism ring a bell?). And it's frustrating as hell sometimes. While I lean towards the left on most social issues, but I think liberty is the more important goal overall, but it often seems like people are too caught up in the left/right fight to even think about it.
No matter which way you spin it, it's the same tired old story. How about doing a balanced article next time.
Re: Even Windows 7 has sometimes weird UI behaviour
Ctrl+Alt+Arrow-Keys I bet. Great for pranks.
Oh good, they fixed the headline. That was bothering me.
(It previously said "Microsoft did Nazi see that coming")
Re: Happy now ?
Much safer? No. A little safer? Yes. The thing that worried me about the whole thing, is that if they could lean on Apple to help, it could become a routine procedure. "Hey Tim, we've got another cart of phones to unlock." Whereas I'm sure this Israeli forensic company's services don't come cheap, so they're not going to unlock every phone they get off somebody caught with an ounce of weed or whatever.
I have no problem with them bringing heavy hacking tools and extracting data from the phones of real terrorists like Syed. I just don't want it to be so easy they can do it for no good reason.
Re: At first glance this seems to light
Doesn't sound like they actually got him for any sex crimes. If he supposedly received sexually explicit photographs of minors, I'm not sure why he wasn't charged with that. Maybe it was just part of the plea deal.
Unless I'm mistaken and "sextortion" is an actual crime. I'm thinking it just counted as regular extortion.
Re: Identifiying the real problems
Maybe Nokia, they started with rubber boots after all.
Re: If comedian Bill Maher had read this story --
That doesn't solve the problem though, as mentioned in a previous post, USB sex toys could contain malware just as easily as anything else.
Re: Guvmint Work
I don't think this one even relies on being automatically run. It sounds like it uses a Trojan application, something the user would launch on purpose. Although I'm not real use why you'd be running applications from a USB drive on a supposedly secure system.
Re: I goes to the internet
Although it definitely sounds like something state actors would be doing, I wouldn't rule out for-profit industrial espionage either.
Re: format before any use...
I don't know if such a thing exists, but I suppose you could have some kind of special USB hub that only lets certain classes of device connect. A simpler idea, would be to use SD cards (and a single, trustworthy reader) instead of USB drives. I assume it would be much harder to reprogram those to do anything besides store files. Although the SD format does have some kind of seldom-used DRM feature, so who knows what kind of weird stuff could be lurking in there.
Perhaps calling the police didn't seem like an entirely risk-free option either. After all the files were found on company computers. Isn't it possible the police are going to show up and say "we better take all this kit back to the station, no telling where else he may have stashed files." And then through no fault of their own, the company is up the creek.
Kevin, the python developer seems to be shown at work... or at least he's doing something with a python, I'm not certain he's developing it.
My guess (without having read any of the details, mind you) is that they set up unrealistically favorable conditions in their lab. So they have a proof of concept, but it doesn't mean they're equipped to pull it off on a real target.