* Posts by Charles 9

8994 posts • joined 10 Jun 2009

I was authorized to trash my employer's network, sysadmin tells court

Charles 9
Silver badge

Re: @Ellier ... This will impact others as well

Retrospective laws are specifically prohibited in the United States Constitution under Article I, Section 9 (which lists the kinds of laws Congress CANNOT pass, among them, "ex post facto" laws). To quote the relevant sentence: "No Bill of Attainder or ex post facto Law shall be passed."

0
0
Charles 9
Silver badge

Re: My $0.02 worth

Could still be nailed as negligence if holding devices for evidence is to be expected.

0
0
Charles 9
Silver badge

Re: This should be covered by a different clause in the contract

Except that destruction of other people's property, in general, is covered by statute. The authorization must be to specifically destroy something, such as by being part of a wrecking crew under contract.

That's where the appellate panel can nail him. Where is his specific and immediate authorization to destroy most of the company's records at that time?

0
0
Charles 9
Silver badge

Re: Malice is not authorised.

But people in the US are presumed innocent. Meaning there must be a specific, referrable Act that doesn't allow it for a man to be tried. That act is always cited when your charge is read.

Which Act covers general nonphysical malice against one's employer by means of authorized access?

0
0
Charles 9
Silver badge

Time can never be recovered so loss of time is always permanent. That's why even temporary damage can be charged.

0
0

Global IPv4 address drought: Seriously, we're done now. We're done

Charles 9
Silver badge

Re: Dear network geeks, IPv6 is crap because...

So a drive-by hack isn't a form of back-hack?

0
0
Charles 9
Silver badge

Re: "nat-has-nothing-to-do-with-security"

If you paranoia's that high then what you want isn't a NAT gateway but a proxy server. If you don't want end-to-end connectivitu, then don't go halfway and create a true barricade that denies by default BOTH WAYS unless you whitelist.

0
0
Charles 9
Silver badge

Re: Dear network geeks, IPv6 is crap because...

The term "back-hacking" is from Ghost in the Shell. It simply means running a hack in the reverse direction from the original connection (backwards, IOW, thus you're "hacking back"). If the original connection's still in place or is being otherwise remembered, a firewall exception is still in place, meaning you can piggyback on it to get through.

2
0
Charles 9
Silver badge

Re: Some of you guys worry me greatly.

And if you don't trust your ISP to properly configure the firewall yet lack the skills and/or resources to do it yourself?

1
0
Charles 9
Silver badge

Re: Dear network geeks, IPv6 is crap because...

"You should not be NATing at all on v6. It's true that 1:1 NAT is less terrible than masquerading, but it still involves rewriting addresses on packets. Just give your public addresses directly to your machines; I promise it's way less effort than NATing."

But also riskier since an outsider could sniff out the network topology by ID'ing a few machines, and without ephemeral outgoing addresses, machines can be back-hacked. That's why BOTH are now in the IPv6 spec, to protect against those prospects, both of which cropped up in the IPv4 Net. And neither of these can be easily blocked by the firewall, either (the former because all the info is gleaned from the outside, the latter because you're re-using an already-established connection).

2
0
Charles 9
Silver badge

Re: It's all Excel's fault

Still doesn't address the problem. Target device has a 128-bit IPv6 address. Source can only send 32-bit IPv4 addresses. It's like a native Frenchman trying to talk to a native German. Nothing in common, and you can't relay your way past the language barrier because IPv4 has no room for extensions that the (nonupgradeable) device can comprehend.

0
0
Charles 9
Silver badge

Re: IPv6 is fundamentally broken

"Apps on internal devices do not send IP addresses, they send to names."

Actually, ALL IP devices send to numbers. They MUST, as that's all the protocol recognizes. Names get sent to resolvers which return numbers for the app or device to use. But they can still break.

1
0
Charles 9
Silver badge

Re: Dear network geeks, IPv6 is crap because...

It does if you change things around, change providers, or move. Then you have to look everything up again.

0
2
Charles 9
Silver badge

Re: Dear network geeks, IPv6 is crap because...

"Eh, no. I just have to remember the "external" IP on the NAT box that gets me to the machine on the "inside"."

Unless you're trying to set it up, in which case you WILL need both internal and external addresses so that you can configure your gateways to reroute the connections.

0
2
Charles 9
Silver badge

Re: Dear network geeks, IPv6 is crap because...

"You should be getting enough address space to not need to NAT on v6"

The idea with NAT on IPv6 isn't to allow many machines to share one address (a one-to-many NAT) but to allow you to keep outsiders guessing about your network topology. NATs in IPv6 are meant to be one-to-one, taking advantage of the vast address space to scramble addresses in two ways.

One, outgoing connections get temporary IPv6 addresses, only good for those sessions. This helps prevent backtracking. Two, you can scramble the relations between external and internal IPs so that network snoops can't figure out hour your network is structured from the Internet-facing addresses listed. The Internet gurus don't mind one-to-one NAT because it preserves end-to-end connectivity (and thanks to the firewall that remains with IPv6, that connectivity remains yours to control or disable at your choice).

0
1

Tosh doubles 64-layer 3D flash chip capacity with a bit of TLC

Charles 9
Silver badge

Re: SSD benefits

Or they become more reliable long-term making them better for cold storage which is the case you're proposing. Then it's less a case of waiting for it to come up and more a case of making sure it comes up at all.

0
0
Charles 9
Silver badge

Re: Is the world ready for a 30TB Failure Domain?

Erasure coding has its place for large devices because larger transfers (inherent with larger disks) raise the risk of glitches: silent corruptions like double-bit-flips that manage to still pass on-the-fly checks like parity checking. With erasure codes in place, you can correct for those glitches.

Now, for whole device (ie. controller) failures, yes you need redundancy, but also recall that reconstruction is a function of time, and one thing SSDs have in spades over rust is transfer rate, especially when using 4x PCI Express. This greatly reduces the reconstruction time which in turn reduces the risk of a failure during the vulnerable reconstruction phase. Perhaps because of these faster times you can get away with just 2 backups when you would've needed 3 with rust. Besides, at some point you have to think enough is enough because if you get a major event that nails say FOUR of your devices at once (AND maybe even all your backups, including the offsite, think a major earthquake) you're into Act of God (aka Crap Happens) territory when all you can do is pray.

That's why I use BOTH strategies, though in a smaller capacity (because the data I'm backing up is less critical): two copies of each complete with PAR2 sets. The PAR2 files provide erasure codes to deal with glitches, while having the second copy (normally kept offline to reduce wear, and the two are rotated periodically) provides a failsafe in case one goes kaput.

0
0
Charles 9
Silver badge

Re: Impressive

If I read the article correctly, the 1TB drive comes from using 16 of the 512Gb chips in the unit, and that makes sense to me (8 bits to the byte, 2 halves to the whole).

0
0
Charles 9
Silver badge

Re: Cost/TB

Except I would think the price point for 30TB of ANY storage is going to probably limit it (at least for the short term) to enterprises who can actually afford them. After all, 6-8TB of rust runs about $200 externally, and these are likely shingled so are best for read-heavy jobs (a niche tech like QLC would be able to fill). So if they can do, say, 10TB for about $500 using more-general tech that lasts longer, then they'll be in a position to assault rust from the capacity end of the spectrum.

Though I should note that by that point, it would also be nice to have more-affordable access to some kind of longer-term backup tech on the consumer front, since at those capacities transfer glitches are more likely to crop up.

0
0
Charles 9
Silver badge

Re: Cost/TB

It wouldn't have to be comparable, just low enough that its premium can be justified to the buyer since solid-state drives do provide tremendous benefits. It's just that the premium at this point is still too high for most. I would say once it gets to double (or less) the price/capacity of rust, especially at large capacities (pretty much rust's last stand), then the sun will set for rust.

2
0

Pai, Pai, Mr American spy: FCC supremo rips up privacy protections for broadband punters

Charles 9
Silver badge

Re: VPN please

Bet your bottom dollar that's what the CIA are working on right now.

1
0

Facebook scoffed at $500m damages. Now Oculus faces nerd goggles injunction

Charles 9
Silver badge

Re: Lest you think Zenimax is just an East Texas bottom feeder

And for the record, Carmack and ZeniMax come together because ZeniMax also owns iD.

1
0
Charles 9
Silver badge

In a true volumetric display, you need to render ALL surfaces (because you'll be able to see the BACK). Plus not all surfaces are opaque.

0
0
Charles 9
Silver badge

3D display won't be truly eye-catching until it's volumetric, as in projecting out into open space such that you can walk around it. No fancy headgear, no need to be positioned just right. It just works with the Eyeball Mk I. That's what the public is really waiting for, but the technology to display voxels in open air isn't there yet, plus whatever data demands are being pushed with today's 4K screens are raised a whole order of magnitude with volumetric displays. Just a 1Kx1Kx1K volumetric display, 32 bits per voxel (you now MUST include the alpha element), updated 15 times a second will require 60GB (yes, gigaBYTES) of bandwidth to keep up.

5
2

Symbolic IO reveals tech bound to give server old guard the willies

Charles 9
Silver badge

Re: WTF?

Thirded. I didn't know the term off the top of my head, but I recognized the technique immediately. I also recall one of the caveats of the system, especially when it comes to modern content like compressed multimedia files. That being they're usually already compressed (SO much in fact that most files are lossy). So how do they expect to get more efficiency out of files that have been squeezed so hard as to bleed quality?

And as for the anti-theft features, one thing I wonder about GPS-based tech is what if someone exploits it in a DoS-style attack by employing something like a fake GPS transmitter. The IRIS has a self-destruct mechanism? What if some jerk found a way to pull off a premature trigger?

1
0

'First ever' SHA-1 hash collision calculated. All it took were five clever brains... and 6,610 years of processor time

Charles 9
Silver badge

Re: Newsworthy?

As another commenter noted (with citation), it's actually easier than you think. You're better off using one strong hash than multiple weaker ones (the paper notes that the end result will be at best as strong as your strongest but at worst as weak as your weakest).

1
0
Charles 9
Silver badge

Re: Any such proof of authenticity...

"No wonder, some older cultures didn't trust written "knowledge"."

But at the same time, it's hard for people like us to believe people once relied on other people's memory, which we now know has plenty of potential to get muddled and messed up, especially with age. And I haven't even touched on deliberate fabrications (eg. one lies, the other swears by it).

Seems you can't win either way.

0
0
Charles 9
Silver badge

Re: Surreptitiously

But if done right, hard to prove. You can create a "he said, she said" situation. And this can be of significance if the document involved is, say, a last will.

1
0
Charles 9
Silver badge

Re: Any such proof of authenticity...

Unless, of course, someone cracks the safe and then surreptitiously alters the contents...

1
1
Charles 9
Silver badge

Re: 9,223,372,036,854,775,808 sha1 calculations

"Still not much of an attack, IMO. Unless someone can arbitrarily set the difference to something meaningful, it only proves that its possible to overcome SHA-1. It's still really really REALLY improbable to produce a meaningful difference."

Sometimes, just a few characters can be enough to change the whole meaning of a document, such as the inclusion or exclusion of a single "not".

5
1
Charles 9
Silver badge

Re: Do we need to do anything about old content?

But isn't that what was demonstrated here just now? They copied the first document and then altered it to produce the same hash as the first one?

3
0
Charles 9
Silver badge

Re: 9,223,372,036,854,775,808 sha1 calculations

But if you can insert "not" AND just stash away the "KJ"BIUE_D H£(*ERNY£" in a garbage area, you're sorted.

What I want to know if this is more than a collision but a preimage attack (or more severely, a SECOND-preimage attack that found a collision with a specific target).

14
1

'At least I can walk away with my dignity' – Streetmap founder after Google lawsuit loss

Charles 9
Silver badge

A map is what you make of it. If you're out orienteering or whatever, then perhaps you'll want a map with OS's level of detail. OTOH, road maps tend to be terser with an emphasis on...well, roads. Guess what Google Maps are used for 9 times out of 10? Also, Google Maps does go the extra mile with things like traffic maps and other things that are only practical when collected in realtime.

0
0

Boffins exfiltrate data by blinking hard drives' LEDs

Charles 9
Silver badge

Re: air gap

Yes, how do you get data in and out of an airgapped system in the first place, especially if the data is not of the type to be easily grokked by the Eyeball Mk I. Otherwise, you've got yourself the equivalent of the PC in the ground: sure, you can't infect it, but you can't USE it, either.

1
0

Researchers offer simple scheme to stop the next Stuxnet

Charles 9
Silver badge

Re: Dangers of PLC firmware updates malware?

You infect the machine upon which the PLC code is written, hijack that code, then use low-level tricks to conceal this as the bad code is then passed on (can be via SneakerNet, so you CAN jump an air gap) to the PLC itself.

1
0

Your next PC is… your 'Droid? Remix unveils Continuum-killer

Charles 9
Silver badge

"And they were all capable of doing useful WORK."

Unless your definition of useful work is high-quality HD video encoding or 3D modeling work, in which case you're still gonna need more oomph.

0
0
Charles 9
Silver badge

I'll believe an Android phone can replace the desktop then it can do Crysis...3...at 60fps at full 1080p resolution or higher. THEN it'll have the oomph to replace my desktop.

1
0

Beeps, roots and leaves: Car-controlling Android apps create theft risk

Charles 9
Silver badge

Re: no car apps here

"That I strongly doubt. Yes, fobs can run out of battery but in my experience you tend to get at least a small warning where for a few days or weeks you have to press it a few times before it goes entirely. And yes, operating then with gloves can be a challenge."

I'm holding one for a Buick right now. Changed the battery twice and it STILL won't work, and I'm not paying $100 to get it replaced.

"Now I grant that water can block some frequencies used by key fobs, but frankly if the ice is that thick, you ain't even getting to the handle, forget about driving it today."

Way up north, driving in those kinds of conditions is considered de rigeur; you can't really call yourself a resident if you can't.

0
0

Connected car in the second-hand lot? Don't buy it if you're not hack-savvy

Charles 9
Silver badge

Re: Newer cars are far more dangerous...

You underestimate the perceived skill level of the average driver (as in they always rate themselves a 10 out of 10). Heck, some of them probably wouldn't be scared of a spike in the steering wheel. Besides, what if you crash WHILE switching gears?

0
0
Charles 9
Silver badge

Re: Factory reset - default passwords and security

Because it doesn't make them money. They don't make money in secondhand sales most of the time, and as for costs associated with lawsuits, they figure their lawyers will let them dodge most of them.

0
0

VPNs are so insecure you might as well wear a KICK ME sign

Charles 9
Silver badge

Re: "It's just that few ISPs support IPv6 natively"

Probably something like a 6to4 tunnel, which can be autoconfigured by a magic number address to who-knows-where.

0
0

A webcam is not so much a leering eye as the barrel of a gun

Charles 9
Silver badge

Re: What works, what doesn't?

They may HAVE admin rights, you know, to pwn your machine. This can give them the ability to install replacement drivers (which they may do anyway to make the camera lie about it being turned off).

0
0
Charles 9
Silver badge

Re: When squirrels were squirrels and men were men

"Any software (trojan or other) can easily re-enable your webcam and send as much video as it wants. Putting something in front of the lens removes that possibility."

Unless, of course, what you think is the lens isn't really the lens and it's much more insidiously concealed in a spot where tape isn't an option. And no, you can't cut the wires off the camera without potentially bricking the machine...

0
0
Charles 9
Silver badge

Re: Black tape for the mic?

But it's also easiest to detect, meaning your OS will probably keep bit ching at you. At least it's not yet to the point that killing spy gear bricks your machine.

0
0

Suffering ceepie-geepies! Do we need a new processor architecture?

Charles 9
Silver badge

Even when the situation is FAR from predictable or typical?

4
2
Charles 9
Silver badge

Yes, but it MIGHT be nice for it to consider that, with cars bumper-to-bumper on the one side blocking that exit, that it may be preferable to try to ram the guardrail on the other side or navigate the otherwise-illegal "emergency opening" in the median, even if it was never taught this before. Perhaps, as a last resort, intentionally put itself on its side to present less cross-section to the oncoming truck and focus the meat towards the median. IOW, to think outside the box and find a third option through which the driver may be better able to escape with his/her life.

0
2

Smash up your kid's Bluetooth-connected Cayla 'surveillance' doll, Germany urges parents

Charles 9
Silver badge

Re: Take it apart

"Better still, some enterprising hacker should figure out what makes it tick, and trace all the circuitry to see if its all just hype or not."

And once you find out that the device is equipped with suicide circuits such that defeating the telemetry bricks the device?

And then you find out they're standard equipement in all the devices you can find in the store and online these days?

0
0

Cattle that fail, not pets that purr – the future of servers

Charles 9
Silver badge

No, because we're considering beast-of-burden steer, not milking cows: whole other load of dung. Last I checked, team members aren't beasts of burden.

0
0

US anti-encryption law is so 'braindead' it will outlaw file compression

Charles 9
Silver badge

Re: @Robert Jenkins

Actually, they're still lossy. Because they're digital. The very process of ADC (which is needed to produce the bitstream) can be easily demonstrated to be lossy. Sure, a high-quality 24-bit 192KHz recording is not going to be THAT lossy, but it also won't capture every last harmonic or ultra-fine or ultra-high-frequency sound.

Take it even further, and you can claim that ALL recording is lossy because it involves a process in the analog world, and ANY process in the analog world can't be perfectly preserved.

0
0
Charles 9
Silver badge

Re: WTF?

I think it was "In the land of the blind, the one-eyed man is king." But the thing about election is that they suffer (like anything else communal in nature) from imbalance of knowledge. In fact, EVERY form of government is extremely prone to fatal corruption. Even democracy, which can be corrupted by fooling an uninformed electorate.

0
0

Forums