assemblerhead’s Techdirt Profile

assemblerhead

About assemblerhead




assemblerhead’s Comments comment rss

  • Nov 6th, 2013 @ 9:47am

    Re: Mr. Lutz being MIA

    Good point about Lutz.

    He may need to be in "protective custody" at this point.

    Duffy might need to be thinking about "life insurance" as well.

  • Sep 11th, 2013 @ 6:25am

    (untitled comment)

    OpenSSL and IPsec are both broken. Neither standard has been audited, from what I understand.

    Using HTTPS in that context gives no security.

    Have they thought about GNU TLS v1.2 / DTLS 1.2?

    Both are LGPL v3+ Open Source projects. Heavily audited, and very portable.

  • Aug 29th, 2013 @ 12:45pm

    Re:

    If they had him as 'Root' for the ENTIRE server farm & all connected machines ... even all the remote sites ...

    This command would have caused a panic : ( As SuperUser)

    rm -Rf /

    All he would have had to do was shell script it ( Bash ) and propagate to all machines. The 'cron' service would serve as the trigger.

    That would also solve their "too much data" problem ...

  • Aug 24th, 2013 @ 9:20am

    Police State

    Mike,
    Some questions / concerns / thoughts I would like to express on the NSA / Police State mess. ( Yes, you can use this for a posting if you want :)

    I am going to list them in no particular order.

    I. Database Logging Disabled

    It seems that the NSA has disabled ALL logging on its collective database. ( The current leaks are of old log reports. )

    No logging of who is accessing.
    No logging of what is accessed.
    No logging of what is copied / modified / deleted.

    Why?

    No abuses logged / reported.
    No policy violations logged / reported.
    No evidence of illegal activity logged / reported.

    Result =

    Nothing for any "oversight" to act on.
    Untraceable industrial / commercial espionage.
    Blackmail activities, by the NSA and/or Contractors/Sub-contractors, undetectable.
    Espionage activities by other hostile nations intelligence services, accessing this NSA database, undetectable.
    Easily constructed "Frames" for Criminal Activity harder to defend against, for the falsely accused.


    Proof :

    The NSA has no idea what is in Edward Snowden's document cache.


    II. Low Security / Easy Access / No Access Controls

    From the released documents, the phrase "Five Eyes" refers to five countries involved in this Database.
    ( US, UK, Canada, New Zealand, Australia ) All five countries have full access, apparently.

    Do ??Allies?? really need the NSA to help them spy on US Citizens inside the United States? Why??

    Upwards of 2.1 million people have "Top Secret" clearance. One news report stated that 60% of those cleared are "Contractors" ( i.e. 1,260,000 )
    ( Not addressing staffing realities in the other four countries, US ONLY. )

    From the reports seen, background checks are not being done.
    How many of the unchecked are "hostile foreign intelligence operatives", taking the easy route to FULL ACCESS??

    Most of these are in "offsite facilities". How are they getting access remotely?

    TelNet? NetBIOS? an XTerm? Using "Windoze remote assistance / remote desktop"?
    ( Yes, I did not mention OpenSSH. That might be considered competent. )

    Or did they put this "distributed database" on the Web for access over the Internet?
    Is there a remote database client, with easy access preconfigured, floating around?
    ( Hostile foreign intelligence services would just LOVE this! The proverbial "wet dream" come true. )

    Question --

    How do we know that hostile foreign intelligence operatives have not already established FULL REAL TIME access to this database?

    Curious to see if anyone can give reasonable answers to these questions.

  • Aug 13th, 2013 @ 3:51pm

    Re: Re:

    Agreed.

    Another Open Source project along this line :

    https://gnunet.org/

    I suspect development may get more 'motivated'.

  • Aug 13th, 2013 @ 3:45pm

    They can NOT stop lying.

    Pathological lying was a pre-employment requirement to get the job.

    There is no successful treatment for this kind of disorder.

  • Aug 12th, 2013 @ 8:01am

    This is sanctionable activity.

    No person can make an informed decision without ALL the info.

    He should be sanctioned and removed from the "House Permanent Select Committee on Intelligence".

    Fool me once, shame on you.
    Fool me twice, shame on me.

    Don't trust him.
    No trust, at all.

  • Aug 12th, 2013 @ 6:03am

    Re: Re: Alternatively...

    You are right.

    Keep the Faith, Brother.

  • Aug 9th, 2013 @ 12:36pm

    What could go wrong?

    ( Warning : Sarcasm Alert! )

    Anyone think about those wonderful DMCA takedown systems used by ( MPAA / RIAA ) to name a few?

    Do they ever get anything wrong?
    Never a false accusation, right?
    Always target the right person, correct?
    Never once have ID'd content wrong, have they?
    So perfect that Error Correction was never implemented or needed.

    What could possibly go wrong?

  • Aug 9th, 2013 @ 8:31am

    Re: Re: Re: Re: Re:

    Wrong,

    The IRS CID group was directly notified of Prenda by a Federal Judge recommending investigation. And a ruling of fraud on the court. Not to mention the CID has a history of going after RICO violations / Mobsters.

    If not one branch or group in any branch of Federal Law Enforcement will even make a token comment on "considering an investigation", Prenda bought immunity. They just didn't have the money to buy every judge in the state and federal systems. ( And, yes, there are some who refuse to sell out.)

    Why do you think Prenda made the "President of the Bar Association" an unmentioned partner in Clair County, Illinois? Wouldn't have anything to do with an investigation by the "Illinois Bar Association" would it?

  • Aug 8th, 2013 @ 7:55am

    (untitled comment)

    @Josh in CharlotteNC

    It would be interesting to see the reaction of those who have purchased "immunity to prosecution" from the politicians. Especially those who paid for immunity to the IRS. Will they now have to "pay up" twice?

    And what about the "Congress Critters"? Having the IRS in a position to "take them to the cleaners" can't be comfortable for them.

    There might be a backlash for the US Gov on this...

  • Aug 3rd, 2013 @ 6:09am

    Never Used the Origin Service!

    I made the mistake of registering two EA tittles before the Origin service started.

    That registration was converted to an Origin Account without my permission. I have never logged on or into it.

    Because of what EA has done with requirements for OnLine DRM, I no longer ( Play / Buy ) EA's newer tittles.

    Will play the older ( OffLine / Single Player ) games on occasion.

    Now I am getting e-mails from the Origin service demanding that I update the contact info! No thanks, they can keep their spam.

    Kill the Servers?

    If they want to kill the servers, they need to release a "standalone" version of the game, or a ( Public / LAN Party ) type server program to the community. Or make the "standalone" version able to function as a replacement for EA's servers.

  • Jul 30th, 2013 @ 7:11am

    Re:

    It is becoming so clear...

    Everyone in that organization ( NSA ) is suffering from some form of a pathological disorder. And they are hiding this with the excessive secrecy.

    Dementia, Paranoia, Compulsive Lying, just for starts.
    ( How else could they see 'Traitors' everywhere? )

    We really need to get them away from the Nukes!

  • Jul 26th, 2013 @ 6:44am

    Bad Idea!!!

    And the frames for crimes not committed start at once.

    It is the ultimate in censorship as well. Messages sent in your name that you did not write. Context of messages you write changed to suit the US Gov.. Messages to you ( edited / deleted ) by the US Gov.

    Password to your OnLine Bank Account? Why do they need that? Making transfers in your name, in and out of your account?

    Time for a run on the banks. Keep it all cash, not in an account.

    ( Personal Opinion )
    There is a Megalomaniac in charge of "US National Security".

  • Jul 23rd, 2013 @ 7:17am

    (untitled comment)

    Are there any Internet Search Engines that are not Government run, or based ( in / on ) ( US Companies / Networks )?

    I read a posting saying DuckDuckGo used Bing as its back end. It runs or is hosted on Verizon virt servers inside the US. The server crypt key is RSA and never changes. Easy access for the NSA. Easy for the NSA to decrypt all of your searches.

  • Jun 14th, 2013 @ 1:26pm

    Blackmail?

    It is already taking place. Political Party vs. Political Party.

    Look at the IRS / Tea Party mess. One political party going after the other. Using the Federal Gov as a front man.

    The only thing Congress is fighting over is 'Targeting Control & Who is Pulling the Trigger.'

    J. Edgar Hoover / McCarthy Commission type governmental / bureau controls of politicians and public recreated?

    Congress is running straight into this with their eyes wide shut.

    Any data in those hands is Dangerous.

  • May 17th, 2013 @ 6:44pm

    Re:

    I once worked as a sysadmin. The joys of a Root type password in the wild. They are NOT thinking. There will be no way to change it once it becomes publicly known ... Complied in. No resets or changes at the endpoint possible. Update the software? Passwords and Protocols will be broken before they finish a nation wide update.

    The people that came up with this idea ... think that rotary phones are a newfangled idea that will never catch on.