Ask Slashdot: Does Your Employer Perform HTTPS MITM Attacks On Employees?
I wanna be a fly on the wall the day (and it will happen) when a large number of people's bank accounts are drained, and the banks say "it was you, you logged in with your credentials"... then latter on the people hit and/or the banks finally figure out "oh, it was all these employees of company X whose accounts got drained" ... THEN who is up sh*t creek?
ICANN Considers Using '127.0.53.53' To Tackle DNS Namespace Collisions
I have a big enough problem with my stupid browser deciding that when I type "blahblah" into the host bar that if it can't reach "http://blahblah:80/" that it should automatically default to "http://blahblah.com/" or google "blahblah" ... yeah, that's what I need, the internal hostnames leaked to google, thanks idiot browser developer.
Okay, it's good for grandma and everyone else using browsers. There should be a clear UI element that appears when this happens to allow me to disable it.
The Phone Dragnet That Caught the World's Top Drug Lord
They still need to store that massive list of crucial phone numbers somewhere, and also increase communication via other means in order to propogate the phone number changes.
The only thing burner phones is good for is not allowing the cops to easily pull your number from phone company records by name so as to put a trace on your phone.
Instead they have do do actual legwork to figure out what phone you're calling from, and depending on which opponents you are facing and whether they have "high priority" FBI/FSB van-full-of-technology-on-your-ass nearby watching the call metadata from ALL the calls to nearby towers...
Burner phones are also good for people whom the police do not know about nor whom they can physically find ... but that quickly breaks down as they hunt you down from the calls you make to numbers and people they do know about.
Mt. Gox Gone? Apparent Theft Shakes Bitcoin World
Shadowy japanese developer develops virtual currency.
Years latter japanese "virtual bank" dissolves with a third of a billion dollars missing.
The absolute best comparison would be that Eve Online bank whose founder closed shop and walked away with the ISK, or the Eve Online corporation whose director transferred all the assets and then dissolved it and walked away. Just the knowledge of those alone was enough to predict that this was inevetable with Bitcoin. I just cannot believe so many people were dumb enough to hand their virtual stuff lock stock and key to a virtual company.
If the "company" had been in Nigeria maybe they would have taken pause. But for some reason they think that "oh Japan, that's a modern country with some laws, obviously my untraceable currency will be safe with a company founded by some random nobody".
Former CIA/NSA Head: NSA Is "Infinitely" Weaker As a Result of Snowden's Leaks
> It will take years, if not decades, for us to return to the position that we had prior to his disclosures
ALL THE REST OF US believe that "the position" they "held" is and/or should be flat out ***king illegal. We think the morons passing laws that mangae to circumvent and directly violate key attributes of our democracies - are the traitors. It's getting damn close to the time when a "citizen's rights" shouldn't be bound by borders, and a governments "limitations on powers" shouldn't end at the borders nor be different outside the borders.
"Oh look, I'm outside of X, obviously no laws at all apply to me, fuck you and you and you."
Actually, that sounds exactly like the governmental state equivalent of "Freemen on the Land"!
Google To Block Local Chrome Extensions On Windows Starting In January
The adblock guys should package it as a local standalone proxy then.
Anonymous Clashes With D.C. Police During Million Mask March
Always remember boys and girls, if you've ever been arrested for anything (not convicted, just arrested) - it's very possible that you won't ever in your life be admitted to Canada as a visitor or tourist. And that may someday extend to the rest of the entire world as well.
Same goes in reverse for Canadians who might ever wish to see some of the spectacular natural parks and things in the US.
Bell Canada To Collect User Data For Advertising
Doesn't that blatantly violate the copyright of the websites who are serving that data?
Doesn't doubleclick have enough lawyers to blow Bell back to the stone age?
I specifically remember years ago, when someone tried to build a CLIENT SIDE application that allowed you and others to "comment on top of" a website as it was displayed in your browser, they got completely blown out of the water over this, because they were "defacing and modifying someone else's copyright'd content" -- and that wasn't even as clear as this, that was in your browser after it had been displayed, this is flat out interception of communication between me and a third party and MODIFICATION of said data.
It's just completely fucked up. Everyone needs to enable SSL on their websites, cpu and bandwidth be damned.
LinkedIn Agrees To Block Stalkers
Two separate times over a couple years I have gone into my linked-in profile and de-selected ALL the "email you this" and "email you that" options.
I kept getting email notifications for large numbers of things. (Yes, I waited 7+ days after each profile change.)
TWICE I've gone to their technical support staff. TWICE they've failed to figure out how to configure their systems to not send me e-mail notifications. The second time they flat out apologized for not being able to do it successfully, they were able to recognize that however their back end is configured and architected ... it's just impossible to do certain things.
Yeah, no, I'm not trusting private data to them.
Egyptian Security Forces Storm Pro-Morsi Camps Leaving Nearly 100 Dead
I should say, I'm commenting on the "only 1 out of 100's" aspect -- not on the "oust the gov" ala revolution.
Rather -- we haven't even begun to use the peaceful means out society provides to correct things and enact change. It sometimes REQUIRES us to become involved with the process.
( Dang it, when will slashdot let me edit a post? Get with the times man. )
Egyptian Security Forces Storm Pro-Morsi Camps Leaving Nearly 100 Dead
Yeah, there is a massive amount of historical evidence that people will "go with the crowd" and it's rare, really rare, to see someone sacrifice even a modecum of their ... time let alone personal safety/comfort, even if it's just theoretical acceptance of a risk ... to help defend what they think is important. It's too easy to come up with excuses to not act*.
- Things aren't too bad yet
- Other people are working on it
- I'll do something when the time is right
- Well it's not as important as I thought
- I'm not potentially sacrificing my career or even a small part of my liberty for this, simply "holding my opinion" is my contribution to "resisting".
- My contribution is too small to matter. No one will listen.
- Secret dark forces we cannot fight are arrayed against us**.
(*) And I'm Including myself here. I haven't written a letter to anyone yet about any of the serious things that have happened lately.
(**) A huge fraction of people are conspiracy theorists, and they ALWAYS pull this out of the hat when you ask them "omg that's horrible, what are you personally doing about it".)
As AOL Prepares To Downsize Patch, CEO Fires Employee During Meeting
> The late Donald Murray, a rifleman in WWII, wrote that the guys who were loudest before combat usually were the ones he could not rely on in a firefight.
Too many "Donald Murray's" in the world for google to find, got any references/links? Always love reading a good first person story from people like this.
Chrome's Insane Password Security Strategy
It is theatre. Even your non-techie friends can use google, which immediately leads to tools that can brute force the master password (http://securityxploded.com/firemaster.php), and without a doubt there are tools out there that will read the master password from running memory, and I'd expect that to appear in open/published tools like the above someday too.
The main problem with this theatre is that you and other people might be fooled into believing you are more secure than you are, and store things there that you should not.
The software developers are refusing to participate in this theatre in order to force you to recognize the actual reality of the situation.
If one person stores their bank credentials in their browser password database and looses their life savings, it's unacceptable.
Note -- Pidgin doesn't support a master password nor does it even obfuscate the stored passwords, the passwords are stored in a text file IN THE CLEAR, because they are making a conscious choice to explicitly point out to you that there is no actual security for 90% of the cases where you will be attacked. If someone can read your files and your user's system memory, they have you.
Administration Seeks To Make Unauthorized Streaming A Felony
SHHHHHHhhh, don't give them any ideas!
2099 to 2135 - Second Era of Known Space: Life-extending organ transplants are supplied by the organ banks, which are mainly supplied by the bodies of executed criminals. The enormous demand for organs has vastly increased use of the death penalty, to include even minor crimes.
Liberal Saudi Web Forum Founder Sentenced To 600 Lashes and 7 Years In Prison
I think he's using the past tense as in the DISTANT past, like 250 years ago on western sailing warships and the like, or back in the days of slavery.
Compared to my 1st computer's memory ...
Yes, this is a geek site. Here is some reading for you:
Not all techies are pedantic, and even if we were - OBVIOUSLY there are implied ranges. They might be fuzzy, but they're there.
State Photo-ID Databases Mined By Police
Is infinite and open access to information the core of "what's wrong" with society in 1984? Or is it the fact that the citizens have no control over their government, no freedom of speach, etc?
What's the technological difference between
- all citizens each day looking at photos of people wanted by the police for what we consider crimes, and calling the local detachment when we recognize someone
- a computer doing the above
- citizens calling the KGB because their neighbour said something snarky about the state
- a computer doing the above
> Brave New World
And I quote: "The vast majority of the population is unified under the World State, an eternally peaceful, stable global society in which goods and resources are plentiful (because the population is permanently limited to no more than two billion people) and everyone is happy."
I strongly object to warrantless wiretapping, and I definitely want tons of checks and balances, and I want my elected representatives to share my values.
That doesn't mean that "databases" are inherently bad, or can't help us create a more effective just society. Like all tools, it depends on how you use them. Ever read "The Golden Age" by John C. Wright, or any of the Polity novels by Neal Asher?
Small Company Wants to Make Encryption Key Management Into a Commodity (Video)
Afford, yes. Implement? PROPERLY?
I kid you not, 90% of general purpose software developers are not sharp enough to "touch" security related code or systems without leaving GAPING holes because they totally don't understand or misunderstand simple things.
They can write an if/else or a while loop, but other more advanced things ... just beyond them. And even the moderately smart senior personnel will accidentally leave something in a "prototype" state and accidentally ship it because of deadlines.
This is the security/encryption equivalent of a Barracuda anti-spam appliance. Yes, any smart sharp sysadmin with sufficient time allocated to the task can implement brilliant near-perfect spam filtering using open source products. LOTS of sysadmins a) aren't that smart: it won't be configured nearly as well as a company needs, and it'll fail frequently or do strange things because they disagree on how it should work, and b) they won't have sufficient man weeks allocated to it, and remember, the less sharp the person is, the more time they'll need and the more problems there will be.
WAY BETTER for an SMB* to simply drop cash on an "appliance". It's almost impossible for a Barracuda to do worse than your average overworked sysadmin.
I'm not a shill for the latter, it's simply the device the SMB I work for uses. And our sysadmin's aren't dumb. They're just not brilliant and they are, of course, overworked.
(*) Small and Medium Busuiness
Swedish Engineer's RC Plane Gets a Balloon Lift To Space
Perhaps. But 100km is a pretty arbitrary number. When I was growing up (and where I live everything was still in miles, especially anything written by or about the US space program), space was "100 miles" up. Funny how it's a neat round number like that.
He's above 99% of the atmosphere. That's good enough for me. "Edge" -- how do you define that? He's not IN space, certainly. I wouldn't compare it to a beach, a beach is only 10-100 feet wide. I'd make the argument that the "Edge" of space is a "beach" that's around 50km wide :)
Related question - what would make a good fundamental "minimum altitude" to say "space"?
50% odds of making one orbit (if you had sufficient tangential velocity at that altitude) without orbital decay? How much orbital decay? ALL orbits decay "a bit". 50% odds of making one orbit and being able to make a second orbit without touching the ground "underneath" your starting point?
And THEN on top of that, there's the fluctuating undulating atmosphere, that line is going to change day to day and year to year and place to place. Of course, if the tide rises and your boat is floating "closer to shore", you're still "on the ocean" :)
FAA Pushed To Review Ban On Electronics
I'm not assaulting a kid and stealing his property while on an airplane.
Yes, these are exactly what the kid would claim the moment he started a fistfight over his frickin property, on an airplane.
And there you'd sit, trying to defend your actions after the plane had returned to the ground and both you and the kid kicked off the airplane and banned from flying that airline ever again.