Somewhere at Keurig, there is a lead engineer who returned to his desk after lunch and found his chair, phone, computer, desk drawers, and coffee mug all covered in tape.
I was kinda hoping that he and his fellow workers would return to find sales tags on their phones, chairs, desks, computer, and coffee mugs and friendly security guards to usher them out of the building. Along with the three letter executives, which were removed by the stockholders who aren't very amused about the anti-consumer, greedy douchbaggery that they tried.
It is due to how people react to what you do, what you have, what you believe.
Look no further than teachers being fired from work due to what they choose to place (or what others choose to place) on their Facebook pages. Stuff that is outside of work, that has absolutely no impact what-so-ever on work, and in many cases is really nobody elses' business.
When we, as a society, have to worry about how someone, anyone, may mistake, confuse, or react to what we consciously (or what others consciously) place in the public or semi-private forum, we've all lost. It isn't about taking responsibility for your actions, it is about taking responsibility for that what the most dense, most intellectually challenged, and/or most willing to jump to illogical conclusions based on limited evidence among us may possibly infer by it.
Exactly! I'd gladly pay that if it's the price for the cable companies losing the ability to screw me over.
They're still screwing you over...just not in such a shady way (or an even more shady way by tacking on a fee, calling it a government tax, and then pocketing it themselves as the phone companies have done for ages with their universal service, E911 and other faux government fees that turn out to just be hidden profit lines.)
I'd much rather see the local loop become infrastructure that anyone can compete on, allowing businesses or government to lay the fiber infrastructure if they want, cutting out the cable/telecommunications company as the monopoly abuser.
Why bother? They don't need to present the drugs or guns to anyone, so they can simply say they found some during their inspection and put you in jail.
They aren't law enforcement...even if they claim to be. In order to get you for something like this, they are going to have to involve law enforcement and law enforcement is going to want drugs or bombs in order to prosecute you.
That way, they don't actually have to keep guns and drugs on-hand.
That is not the point. The point is to turn you into an unwitting mule. TSA on one end of the line puts a sizeable amount of drugs into your luggage, and then the TSA at the other end removes the drugs. If it gets discovered, you are the one holding the bag...not them.
Like "Tijuana car remodels" (where they borrow your car in Tijuana, pull it apart and add drugs to various places, and then return it before you know it is missing,) you get nabbed by the police when the drugs are found, and if not, they steal your car once you get north of the border and take the drugs...you are the perfect mule because you have no clue that something is amiss.
The company the TSA contracts to is called Covenant?? Really? Wow. Aside from the many layers of irony in that name, it sounds like a religious outfit. Very creepy.
Covenant Aviation Security. They have an email address and phone number for their lost and found, but no mail address and nobody seems to want to provide one. Also, there was a CAS NOI in the bag, but it wasn't stamped...despite their claim, and TSA's requirement, to hand stamp CAS NOIs.
Also, this is a good time to point out yet again that the TSA contracting this stuff out is a terrible idea.
The *ONLY* way to fix this is to outlaw TSA, or any contracted agency, from inspecting any article without the person who owns that article present, along with cameras and preferably several screeners present. TSA claimed, at the time that I filed the report, that they inspect so many bags this would be impossible. Yet every other country I've been to does it.
Meanwhile, some other hapless traveler is missing a camera (and everything in it).
Luckily, they pulled the chip out of the camera before packing it in their bags. The chip was missing from the camera.
According to the TSA agent I lodged a complaint report with, the airline probably covered the loss of the camera with insurance, but the TSA agent wouldn't give me an address to send the camera to in order to return it (or put it in their lost and found,) and the airline said they didn't want anything in their lost and found that was found in my luggage...only if I found it on the plane or in the airport. Covenant, the company that TSA contracts with in SFO, said they had no interest in me returning the camera to them either and that I should just keep it (probably the most unethical response I had ever heard from a security company.)
Since it's the TSA's tape, I'm sure they could re-open and re-seal it as many times as they want.
Nope...it is the foreign government's tape (or other tamper resistant device.) TSA doesn't apply tape. They rip it off and don't re-apply it after they rip it off. I know when they do it because it is missing.
If I remember correctly, airport 'security' is reviewed checkin of people and baggage that is then 'secured'/inspected/tamper-free.
Certainly true in foreign countries that care about Security (including the places I've been to: Japan, Germany, France and Bahrain.) Not true in the US. In these countries, your bag is examined (if it needs to, or randomly) in your presence, and then sealed using tamper-resistant tape or other restraints, and sent on its way to the plane. In the US, TSA can examine the bag without you or working cameras present, and you can only use a lock which they can open and tamper-seals from other countries are broken/removed.
If we followed the same system everyone else uses, TSA or airline employees wouldn't have the capability to steal from luggage without it being easily discovered, which I believe is why TSA doesn't want to implement this.
Well, as the story says, "... you know it's pretty easy to put stuff in as well."
Having had a camera (without a sim card) added to my luggage in San Fransisco International Airport, I can confirm that it is easy to have crap added to the bag. When I reported it, and just wanted an address to send back the camera, the TSA blamed it on the foreign inspectors (I was coming from Japan) and then on the contractors, and then finally on me, instead of accepting the blame and providing an address to send the camera. The Japanese version of TSA opened my bag and inspected it with me present, and there was no camera there. They then sealed the bag and it went on board the plane sealed. When it got to San Fransisco, it was still sealed with a tamper-proof seal. I went through customs with the bag still sealed. When it was dropped off at TSA, the seal was broken and the contents of the bag examined, in a secluded room while I was not present. When I got home, the seal was broken, a "we inspected your bag and added stuff to it without your permission" form was included as well as the camera.
TSA's only solution was to ask the contractors who run their system in San Fransisco to review the camera for evidence, but according to the contractor, none of the cameras were working when my bag was inspected, so no evidence. I asked them how they could hope to stop drugs or bombs from being added to the bag, and they said they would never do that. And yet, they added a camera to my bag.
I believe one of the TSA inspectors took that camera from another bag, got caught by a supervisor, and quickly added it to my bag to hide the theft of the camera, but that is only speculation since TSA doesn't examine bags in the presence of the owner, and doesn't have working cameras in the inspection areas.
NVidia Shield has a locked bootloader...be careful, there be sea-serpents there.
Luckily, it can be easily unlocked, but the NVidia Shield is just as vulnerable to this type of activity, since NVidia can release an update that locks it/disables the ability to unlock the bootloader.
I wish they would make it illegal for companies to sell products with back-doors/"security systems" to allow the company to break the system or disable functionality remotely after selling the product to you. Locked bootloaders offer no user protection/capabilities beyond enforcing the companies control over your products. Like DRM, locked/encrypted bootloaders are defective by design.
The Kindle will never receive an update, given what I read here it was a wise decision to terminate it's internet abilities. I don't hack stuff but then there is no guarantee what they may decide to limit in the future.
As an owner of a ASUS Transformer tf101 (8* Serial #,) I will never purchase a locked bootloader/firmware system ever again, regardless to whether I can disable the phone-home capabilities. My ASUS Transformer is dead, and has been for some time, but my unlocked Samsung and B&N Tablet are both working, long after the companies behind them gave up on the product and no longer support them.
It isn't what the company that builds them does with the product while they support them...it is what they do once the product is no longer supported and they want to motivate you to purchase a new one. ASUS's memory flash chips some-how failed pretty much the same time they decided to pull the plug on support, and while it may be entirely a coincidence, I have a hard time believing that is true given my experience with other non-locked devices continuing to work long after the company no longer supported them.
Or wait 5min to an hour and it will be on a torrent site.
I kinda figured that by now, those who were really into the show were watching the East Coast feed (whether legally through Satellite or via torrent.) My sister watches the east coast feed via Satellite. Me, I couldn't care less (I'd rather play L4D2.)
if you think computer security is expensive you should look at the costs of not having it.
I'm not of that opinion, though it is certainly valid.
There is a lot of security that is stupidly expensive and absolutely worthless (i.e. TSA) and those should be removed or replaced with better security that is also cheaper. There is a lot of security that is cheap and absolutely necessary, like installing security patches on a regular basis. If you think computer security is expensive, you should look at what you have, determine if it is necessary and worth the risk of not having it, and go from there.
You should never make any decision on anything, security or otherwise, solely based on the cost alone. After all, Sony did replace their security/networking staff with cheaper ones, that brought with them the lack of experience and understanding of basic security/administration principles. Many of the machines compromised did not have the latest security patches...pretty basic system administration 101 type stuff.
IT's called Steam. It's relatively unobtrusive, it's easy to use, it's convenient, and it has incredible sales.
Steam *is* the best DRM out there. If I had to give an award for the best DRM, Steam would take it. But then I'd pull it right back since Steam allows distributors to package their own, far more crappy DRM along-side Steam. I am tired of buying a game only to find SecureROM has been installed! SecureROM just doesn't work with virtualized platforms. It will trigger its "this is a pirated copy" routines when I run it on a VM, and that is pretty much how I roll now unless the game is supported on Linux. I don't want to set up a dual-boot or a dedicated Windows box just to play a game.
But it's still a DRM schema. I don't like that fact,m but I still use it because it's less painful than the other DRM schema out there.
Steam is at most a good distribution platform (though, my cable company would argue with that, since I have to download full versions of the software and full updates from each machine I use...there isn't really a good solid method of mirroring the software/updates so that when I download them to one system, it propagates the changes locally so as to not waste bandwidth. A P2P model for Steam distribution is really needed.
it would be utterly naive to believe the US Government will not target this new CA with court orders.
It is only vulnerable if it is within the jurisdiction of the US government. I wonder if putting the CA on a small satellite or in international waters would make it less vulnerable to court orders (though, at that point, physical security would likely be more of an issue, since they can just blow it up.)
Maybe the answer is to adopt more of a Skipjack approach to CAs, where multiple CAs are involved in generating new certificates, and no single CA can generate a certificate from a CSR. That way, if one CA is compromised, the keys to the castle aren't completely lost. Will mean a lot more infrastructure costs...
Oh, talk about the richest karma in this hack. Sony put out a rootkit getting in to all sorts of places as people played their music off purchased CDs. The irony is indeed delicious.
I was soaking in the karma schadenfreude when Sony Entertainment of America laid off their network and security staff six months before PSN got hacked because they were too expensive. A friend of mine laid off six months before was asked by Sony to come back and help them fix PSN after it got hacked, and he told them to take a long walk off a short pier.
This is just icing on the cake I am already choking on.
Which greatly limits access to the public. Joe sixpack probably doesn't have $2000 to donate for a yearly membership. He probably doesn't have the $4 to afford to rent the document either, what good that will do for him.
If they had a system up where you could get read only access to the entire document without having to know someone or kiss someone's ring, it would be somewhat helpful just for a researcher to even see if the document is something worth buying, but for the public, this is as John said...a very, very tiny step forward that doesn't help the public at all (but might make it a little easier for researchers who know people who have access that can send them links to documents.)