* Posts by Charles 9

11544 posts • joined 10 Jun 2009

Russia could chop vital undersea web cables, warns Brit military chief

Charles 9
Silver badge

Re: Our leaders are morons.

But no one can route around a complete break. Just as water can't flow around a crevasse.

0
0
Charles 9
Silver badge

Lube tends to be oily, and oil tends to be flammable.

0
0
Charles 9
Silver badge

Re: Cut off the UK?!?!

The point, though, is that if you're at THAT point, you can pretty much assume WW3 is imminent (and likely the end of the world as we know it, as WW3 implies MAD). In which case, you'll have other concerns.

0
0

We need to talk about mathematical backdoors in encryption algorithms

Charles 9
Silver badge

Re: Backdoors

But not necessarily at the top levels, unless you can prove otherwise.

0
1
Charles 9
Silver badge

Re: Layered encryption

Except the second 3DES step was a DEcryption precisely BECAUSE just encrypting three times introduced common-mode failures. And the reason for using 3DES was that technology of the time (90's) had DES built in but was not strong enough to do any better, so this was a stopgap that didn't require new hardware.

0
1
Charles 9
Silver badge

Re: turning it up to 11

Difficult to say, but based on what we know of chaining hashing algorithms, you may end up with a counterintuitive result of making it easier to crack your ciphertext rather than harder since most encryption works on similar fundamental principles that can result in common modes of exploitation. Even the one-time pad has its weaknesses. They could intercept your pad or determine where the ciphertext is being transmitted and mess with it to de-synchronize you.

9
1

5 reasons why America's Ctrl-Z on net neutrality rules is a GOOD thing

Charles 9
Silver badge

Re: Net Neutrality isn't needed

Most of the legal monopolies actually are a result of NATURAL monpolies, due to extreme infrastructure costs on account of geography. In many cases, it's a monopoly or nothing at all.

0
0
Charles 9
Silver badge

Check the ethnic distributions and median incomes of the worst of the lot. Two of the driving forces behind high crime are culture clashes and poverty-fed desperation.

0
0
Charles 9
Silver badge

"My bike doesn't have any seat belts either. They're not needed if you use your brains when you're driving."

Not even when (not if) you get blindsided by a reckless, speeding drunk driver?

You have to consider that safety features not only protect you from yourself but also from Stupid, who has a tendency to kill others in his/her wake.

2
1
Charles 9
Silver badge

"I'm personally a big fan of a Capitalist society with much less Federal regulation. I'll vote with my wallet thank you. With several ISPs to choose from, the one that provides the content I desire at the speeds I desire gets my $$s, and I don't give a flying fickle finger if they have a prettier blinken boxen than the other ISP."

And for those communities (and there are A LOT) where there's only ONE provider, meaning the ONLY alternative is to go without (and there's usually a good reason there's only one provider: namely, they got a sweetheart deal that was the ONLY way to get them to wire up the place at all)?

6
0
Charles 9
Silver badge

Re: Replying this far down...

"¹½ I remain extremely disappointed that nobody has called out <CTRL><Z> as being the background current process key-press rather than the Windozified "undo" with which everyone now associates it."

Don't blame Microsoft for that one. Command-Z on the Mac predated Windows.

3
0
Charles 9
Silver badge

Re: @dan1980

"The point is that, like telephone services and train services before them, the Internet infrastructure is an essential utility upon which a great deal of trade is predicated upon and without which the economy would suffer greatly."

Some would argue that the Internet isn't THAT essential yet. Essential means lack of service means you run a serious risk of DYING as a result. And for the telephone, that came when police and fire services were hooked to them, meaning you can call them in emergencies. Roads are essential because that's what the emergency services use to get to you. The Interstate Highway System was originally created to facilitate military transport during the Cold War. AFAIK, no Internet service operates in true life-or-death emergency capacity yet.

0
4
Charles 9
Silver badge

Re: Bring back charging per byte

You forget. People WILL pay for porn.

0
1
Charles 9
Silver badge

"If you don't like the service from your ISP get a different one, and if there isn't a different one you already had a potential abuse of monopoly issue which net neutrality legislation didn't much fix anyway."

Problem is, it tends to be hard to police monopolies when they're natural, and ISPs are utilities: an industry notorious for natural monopolies.

2
0
Charles 9
Silver badge

Re: list yer porn

Just ask for a Victoria's Secret or Fredrick's catalog.

"A free home-delivered catalog of women in their underwear. God Bless America!" - Jeff Foxworthy

2
0
Charles 9
Silver badge

"They invoiced their family afterwards."

Did they eat the cost if the condemned had no more family or if the rest of the family was on the block. too?

0
1
Charles 9
Silver badge

Re: The elephant in the room…

The problem behind the problem is geography. The US is very large with large areas of sparse population. They're considered money sinks, which means you either get ONE provider tempted by a sweetheart deal or NO provider because no one will otherwise touch that kind of setup.

0
1
Charles 9
Silver badge

Re: @dan1980

It's rather that Ford built the tollway and will let Ford vehicles through free whole charging exorbitant fees for any other make.

Think that's far fetched? Remember the Gilded Age when railroads owned mines and timber plots. Recall that Comcast owns NBC and Universal, that Sony owns Columbia and Tri-Star, that Disney is about to buy Fox.

9
0
Charles 9
Silver badge

Because some kids CAN'T learn, yet the parents (their only child and they can't try again) sue.

7
3
Charles 9
Silver badge

"They are way ahead of you on that front. In some totalitarian regimes they apparently made people pay for their own execution bullet."

And if the condemned was penniless...AND a handful to boot so they can't wait?

0
2
Charles 9
Silver badge

"By all means then, uninstall your seat belt, air bags, roll cage, etc. and get back to us."

And while you're at it, take out your horn and install a sharp spike in its place and let Date in sort 'em out. And if you happen to get rammer head on by a drunk ghost driver, we'll them's the breaks.

7
8
Charles 9
Silver badge

Re: The plan worked...

Aren't you forgetting the next step will be for ISPs to throttle all encrypted connections, regardless of the source (so no loopholes) unless you pay bookoo bucks?

13
1

IETF protects privacy and helps net neutrality with DNS over HTTPS

Charles 9
Silver badge

Re: Now this would be a great idea...

"Considering that in most countries where ISPs block DNSSEC or external DNS queries, they also likely break HTTPS, I don't think it's much of an advantage."

More and more sites are going HTTPS-ONLY, meaning you'd be shutting your people out of popular services like Facebook. Like I said, that's going to start raising complaints.

0
0
Charles 9
Silver badge

Re: Unwarranted optimism

But those DOH servers can ALSO be legitimate (not to mention POPULAR) web destinations such as Google and Facebook. Any ISP that tries to block Google and Facebook are likely to start getting complaints.

1
0
Charles 9
Silver badge

Re: This proves it...

"But in this case encryption of HTTP is now so prevalent that an ISP who tried blocking that would be out of business PDQ."

Not necessarily, if they're (a) working under a government mandate, meaning they're dead if they DON'T do it, or (b) ALL the ISPs are working in a cartel to ensure data harvesting.

0
0
Charles 9
Silver badge

Re: the devil is in the implementation

Except with an implementation like this, router makers can take control back from the ISPs by using the implementation and instead defaulting to the likes of OpenDNS confident the ISP can't hijack it back. That kind of approach would even protect the Stupid User.

9
1
Charles 9
Silver badge

Re: Now this would be a great idea...

"That's why the mantra is: Don't ever try and invent or write your own implementation as you're almost guaranteed to get it wrong."

But hasn't another mantra emerged, too? "Don't rely on other people's work because you can't be sure they got it right (or worse, were subverted without your knowledge)."

So basically, if you want something done right, you MUST do it yourself, only you practically CAN'T do it yourself because Encryption is HARD and most people can't handle it right. Does that mean we're basically screwed either way?

10
3
Charles 9
Silver badge

Re: This proves it...

You meant it TRIES to route around it. But, like with a crevasse, you eventually reach an impasse (and that impasse can come with ISPs blocking encryption wholesale at most levels).

7
0
Charles 9
Silver badge

Re: Now this would be a great idea...

The article itself notes that DNSSEC doesn't help if the ISP is willing to block DNSSEC at its level by port-checking (this is also how ISPs can enforce their own DNS even above self-chosen resolvers: by hijacking the port wholesale). The ONLY solution against such a determined adversary is to "piggyback" it on something the ISP can't block without complaints. Since the connection is encrypted, the ISP can't tell what the connection is calling (unless it's an enterprise-level secure proxy, in which case you were screwed before you started).

19
1

Shingled out: 14TB helium-filled Toshiba drive floats to market

Charles 9
Silver badge

Re: anecdotal evidence

Including Seagate? I've had more problems with Seagate drives myself (clicks of death and the like) while most of my WDs have kept chugging for the better part of five years plus. Just the same, I do keep mirrors.

0
0

Why bother cracking PCs? Spot o' malware on PLCs... Done. Industrial control network pwned

Charles 9
Silver badge

Re: airgapped?

"In the end, the weakest communications link is right here, typing on a keyboard."

So how does the DoD deal with it, given it's a real and proven problem (see Ed Snowden)?

0
0
Charles 9
Silver badge

Re: airgapped?

""infecting USB drives or laptops of third-party contractors who connect directly to the network for maintenance purposes." What a strange definition of 'airgapped'."

Well, how else can you update a system with mission-critical (or even legally-mandated) updates with code that's too complicated to hand-type (not to mention that method's error-prone). Frankly, if it has an input method, ANY input method, it can be pwned. Yet, without an update method, it can be pwned, too, due to stale code. Damned if you do, damned if you don't.

1
0

Berners-Lee, Woz, Cerf: Cancel flawed net neutrality vote

Charles 9
Silver badge

Re: Entirely the wrong model?

"The free market is a good thing provided monopolies are forbidden, healthy competition is fostered, excessive greed is punished and companies in general are reminded—forcibly when necessary—that with their rights come social responsibilities."

But sometimes monopolies are unavoidable. Thus we have the term natural monopolies, where the market won't tolerate more than one provider due to things like NIMBY concerns. Utilities happens to be one industry where monopolies tend to be natural because no one wants a second set of eyesore infrastructure in their neighborhood. Rural services is another one because of geography; there's simply no other way to reach out to a population that sparse without lots of expensive infrastructure, threatening the RoI picture.

Which means rural Internet access (a utility) suffers a double whammy, especially in a country as large as the United States. AFAIK, the only larger country with (arguably) better service is Canada (and again I emphasize, that's arguable given the complaints from Canadians about the likes of Rogers), and they have the edges of a heavily-skewed population distribution and a contiguous geography.

0
0
Charles 9
Silver badge

But if this keeps up, there may soon be a move to restrain ALL encrypted communications except under (expensive, meaning limited to businesses) sanctioned circumstances.

1
0
Charles 9
Silver badge

Re: everything collapsed because Title II

Title II in terms of telephone, but NOT in terms of Internet, unless you can prove otherwise.

1
0
Charles 9
Silver badge

Re: fake?

So you prefer nothing at all to half-measures? In other words, all or nothing in a world where the nothing is more more likely?

0
0
Charles 9
Silver badge

Re: What Internet?

And yet standards and protocols DO change over time, like HTTP winning out over Gopher and FTP fading into relative obscurity, and why Telnet in the clear isn't used anymore.

All that needs to happen is for this natural evolution to get co-opted in some usually subtle way. Another way is to simply shove the whole business aside through bullying and captive market tactics.

0
0
Charles 9
Silver badge

Re: Careful what you wish for.

In the US, a single First-Class stamp lets you mail up to one ounce from anywhere in the US to anywhere else. That includes Alaska, Hawaii, and territories like Guam. The package equivalent is Priority Mail, and if you use one of their flat-rate boxes, weight is no longer considered as long as it fits in the box without bulging. I believe it's been this way since the Post Office was first established soon after the US assumed independence, on the grounds, that communication is of such paramount importance as to not be subject to distance rating.

2
0
Charles 9
Silver badge

Re: Entirely the wrong model?

"I agree with you in principal, but I think you'd find that in the US there would be overwhelming resistance to the idea of a federally controlled Internet."

Then ask them which they'd prefer: a federally-controlled Internet or a privately-run Postal Service where executive whims affect the going letter rate?

3
0
Charles 9
Silver badge

Re: Entirely the wrong model?

"How many of you remember when first post arrived by breakfast, and second delivery was done by 2pm?"

Here's the big question, though. Who's willing to PAY for that level of service? That's the problem in the US, too, given it's vast and sparse land area. Wiring up between New York and Los Angeles is hard enough given thousands of miles over two mountain ranges, but at least you have some 15 million people between them to spread the costs. Try doing the same math in someplace hodunk like the middle of Wyoming. Most of these types of places are money sinks, which is why ISPs who hook up these towns insist on sweetheart deals or they'll walk. They're otherwise not worth wiring up.

3
0
Charles 9
Silver badge

Re: Entirely the wrong model?

Not to mention irksome to the taxpayer already under heavy burdens that can't be lightened without killing someone.

0
4
Charles 9
Silver badge

Doesn't that run afoul of the Sherman Anti-Trust Act, though, meaning it can create a law-versus-law situation?

0
0
Charles 9
Silver badge

That was more a case of picking your battles. Big content has enough control that they could make people abandon open Internet protocols, meaning they could make people abandon the World Wide Web by simply denying much-demanded content to the Web. Sir Berners-Lee can't force people to do anything, and as you have noticed with the likes of Facebook, Stupid has the power to outvote.

14
4
Charles 9
Silver badge

"Lets get real neutrality instead of the fake partially installed knock off neutrality we got by executive action."

Except you have to realize that the Congress in session now is stacked AGAINST neutrality on the grounds they prefer walled gardens. Trying to ask Congress to intervene in a case that currently runs in their interests is like the farmer asking the viper not to bite.

17
3

Security industry needs to be less trusting to get more secure

Charles 9
Silver badge

But that also means you now default to DTA Mode, meaning nothing gets done. So what now?

0
0
Charles 9
Silver badge

And based on experience, the problem is intractable. Any system that's available can be subverted, any form of integrity and trust can be betrayed, and it WILL happen according to the human condition (because people WILL cheat). Not to mention it's getting easier all the time. IOW, all three legs of the CIA triad are matchsticks.

IOW, is it time to wonder if the Internet is overrated?

0
0

Archive of 1.4 BEEELLION credentials in clear text found in dark web archive

Charles 9
Silver badge

Re: STOP. In the name of love.

""The assumption inherent in his article is that all users will have access to a password manager all of the time." You don't have a smartphone? You can run passwordsafe on that. Or you can use Google's smartlock in Chrome, https://get.google.com/smartlock/ . These methods have some drawbacks, but it's all better than the crappy horse stable thing."

Unless, of course, it's blacklisted by the corporate network as time-wasting (or not on the whitelist of places employees are allowed to go to conduct business on company time).

Of course, no local apps not approved by the IT department, so no password safes due to SPoF issues.

""Ultimately, Passwords should die. As a longer term strategy, we are moving to kill the use of passwords as the single authentication mechanism, and enforcing multi-factor authentication as the default everywhere.""

Until people start LOSING their second factors and so on. The first problem with passwords is that we have bad memories. The second problem with passwords is that they're also the best option we have. IOW, the best option is unacceptable, meaning we're basically screwed unless we take a few steps back and go back to human-on-human contact where everyone simply knew everyone else on sight.

PS. The first consideration of any security measure is taking the Stupid User into consideration.

1
1
Charles 9
Silver badge

Re: Such an enigma...

"Biometrics mean that a known individual is accessing the system (assuming no-one's used the old cutting-off-the-finger trick, or the old R.Austin Freeman 'Red Thumb' method for faking fingerprints, written in 1907)"

What about the Gummi Finger? Proven to work by the MythBusters, even.

5
0
Charles 9
Silver badge

Re: STOP. In the name of love.

But the trouble is, what if your memory is REALLY bad, such that "correcthorsebatterystaple" easily becomes "donkeyenginepaperclipwrong", AND you can't trust any computer for a password safe because they're all communal?

2
4
Charles 9
Silver badge

Re: Has an analysis of the types of accounts been done?

Trouble is, even cappy accounts can be leveraged in things like social engineering to wedge their way into more valuable accounts. Kinda like ignoring the "impenetrable" forest.

7
1

Forums

Biting the hand that feeds IT © 1998–2017