That's "Ich bin kein Charlie"
Education is your friend
2711 publicly visible posts • joined 22 Jun 2009
Actually there IS money on the line, but lives? I doubt it. Certainly not those of bloggers or isolated whistleblowers, who would be EXTREMELY unlikely to buy their own domain for such mundane activities. Real-world examples show that they use established blogging or micro-blogging structures and other foreign-based services, which often retain a LOT more information than whois, going as far as requesting scanned ID, proof of residence and/or bank statements, especially when they think your name sounds funny.
On the other hand, setting up a domain is quite similar to setting up a brick-and-mortar business, and to do business you usually need to be registered, and the registration details are made available to the public; on the internet that's whois's role, that's basic customer protection, and it's not perfect but it kinda works. I don't think there should be a legal duty on the registrar to check that all this info is accurate, but contact info at a bare minimum, should be. There's no additional work in that: it's the info that the registrar uses for domain renewal etc, so they already know it to be accurate.
It helps a great deal to alert domain owners of the ungodly ammount of spam gushing out of their backhole for example.
I also, where possible, track stand at lights because it allows me to move away quicker and make more progress which is the advantage of cycling in town in the first place.
Running traffic lights and stops would also allow you to move quicker and make more progress, I fail to see how it can be a justification for what is, in effect, dangerous behaviour.
The sooner they ban headphones on the road the better,
In most places they fall foul of the "keep aware of your surroundings" rule. It is rarely acted upon by the cops, though I remember that Montreal's city police started dishing out heavy fines to cyclists sporting headgear when I was there a couple years back. I heard a lot of my colleagues bitch about how unfair it was that they were fined as the motorists were a danger to them, not the opposite. Idiots.
Generally, the light changes from Red to Yellow, then to Green, right?
In a lot of places it's directly red -> green.
But I agree with you on the basics: a VERY important rule for road safety is to make your intentions unambiguous to your fellows road users. The track stand is the exact opposite of that, and that's why the GoogleMobile was confused. Going... not going. Going... not going. Repeat ad libitum .
The annoying part is that it is a major part of the hipster cyclist's mating parade apparently, together with hand-free riding at speed in the traffic, so all the cool kids are doing it (and by all the cool kids I really mean all the 30-somethings in suit pants and sneakers)
In some places, "foot on the ground" is what makes the stop; for example on my (gas-powered) bike I know I'generally safe from a fine if I put the foot on the ground at a stop, even if I did not completely stop the bike. There's no rule for (human-powered) bikes, but I'm pretty sure that's one of the things they taught us at school on the road safety initiation courses: when you stop, you put your foot to the ground, no exception. It's a bit like starting on first gear in a car: there's no law preventing you from revving the engine up and starting in second gear, but very few people would consider it sane. I don't know why so many cyclists insist that whatever they do is fine because there is no explicit law against it. The other day I barely avoided a cyclist who ran a red light on a low visibility intersection, almost trashing myself in the process. When I objected he answered that it would have been "hard" to pick momentum back up if he had stopped and that it was up to me to keep control on my vehicle at all times. Apparently he genuinely thought "pedalling is hard" is a valid reason to shit all over road rules.
Note that I am routinely more annoyed by careless car drivers than by careless cyclists though.
Interesting question, but irrelevant here. What I think the article calls a "tourist tax", at least in Paris, is the so called "inhabitant tax" that every person living in France pays to the loacal authority; you pay it yearly for the housing where you are domiciliated for tax purpose, and you pay it daily in hotels, campsites etc. It's supposed to cover water treatment, garbage collection, etc...
That's for Paris, I don't know about Barcelona, but I suspect the very same (with the addition of the fact that Barcelona doesn't want more tourists apparently; they should start giving them the same service as in Paris, that should help!)
As stated on his website:
Thanks to the program 4YEO you can send emails, fully encrypted, secure in the knowledge that only you and the recipient can read its contents. Even if the email is intercepted, it will not be deciphered as it has not been deciphered the message of the Second World War.
Foolproof.
Especially reading this from the contest rules: " If none of the messages coincide with the original text, the notary proved by a certificate indicating the number of proposals received, and the fact that nobody has been able to solve it."
For now I'm trying to decipher the English version of the website. I'm making progress but I am still having trouble with pieces like "Contestants also achieve decipher it and explain how encrypted, remain in reserve, in case the first contestant gather together one of the two requirements to be declared the winner."
I think one of the encryption techniques used in that 4YEO software may be Google Translate...
Now, hearing how he plans to use a text encryption technique to create "a software for encrypting phone calls", as stated o the main page, could be interesting. Or amusing.
You seem to be focussing solely on the computing power part... that's only the last step. You're also assuming a working quantum computer that would have "makes everything possible" specs... when we don't know what to expect from one, and when we know for a fact that the US don't have a working quantum computer, of any specs, to begin with. The proof? You can't get one from Alibaba.
Also, keep in mind that technology can only protect you so much:
https://xkcd.com/538/
Knowing that you need to register an account to post and/or view stuff on Twitter, Facebook, LinkedIn, Reddit, Skype, Myspace or whatever the current "compete with your friends" app-of-the-month is, and they all keep helpful tabs on who is connected to whom and who viewed whose profile...
Crucially, we're talking about the kind of people who detain and deport tourists for making Vegas party jokes on twitter there. That big data center in Utah is probably just using the quantum computers to run very advanced Twitter-parsing routines...
Well, you'd have to have a direct tap into every client device's Internet connection, and into every exit node's Internet connection; definitely not trivial.
Then assuming you had collected all this data, you'd have to store it and then cross correlate any and all of the former with any and all of the latter, with a 10-minutes moving window for each correlation... in real time!
All in all that'd require quite a few hundred targetted -and agile- taps in "hostile" territory, pipes and servers able to move and store in real time what would basically be your country's traffic plus the entire world's TOR exit traffic, and then quite a few "huge black project data center" worth of computing power. In other words: unless the NSA has secret ALIEN TECHNOLOGY FROM OUTER SPACE there's still some hope.
Of course, as previously mentionned, if you manage to selectively target a few individuals of interest then it's entirely feasible (if not easy). But then it's no longer really blanket surveillance. TOR does not claim to be able to thwart nation-state-backed targetted spying (it does make it harder though). For that you could setup a friend-to-friend network -possibly within TOR- or a TOR hidden service (which is basically the same only made a tad more vulnerable by the need for a centralized server).
Or you could use a decidedly asynchronous system, not really compatible with Web-browsing. Usenet could perhaps do, there are a couple PGP-encrypted relays to Usenet, e.g. mixnym, but I don't really know if their security has been checked. In any case you could always post PGP-encrypted messages to the relevant group yourself, if done well only the intended recipient can tell what is inside or who is the intended recipient.
(in addition to the "patterning" discussed earlier, keep in mind that the timing of your connections will often leak a lot about where you live and what you do for a living, for example)
Five Eyes and other Big-Brother-wannabes are trying to set up a critical mass of TOR exit nodes (likely through shills) so that they can pick up enough end-to-end traffic to make connections?
First you'll notice that the claim in the tweet referredt to TOR hidden services, no exit node involved in these, but fair enough, I'm game.
Protectiong against end-to-end attacks is not an aim of TOR. Anyone watching both the user's traffick to TOR and the exit node can, with timing correlations, determine that this user connected to that external ressource. However, this is rather computationally intensive compared to just watching packet streams at a big Net node and registering "to" and "from" IPs; it requires close monitoring and matching of both specific connections, something that is at present almost impossible to automatize on a large scale, notably because the vulnerable path between the user and the TOR network is typically short, and the TOR route changes every 10 minutes or so (which would disrupt timing attacks), with a lot of exit nodes in diplomatically adverse regions of the world. i.e. it works if you have a warrant against an individual target AND a way to direct traffic to exit nodes under your control. Not impossible, but you'd have to be an identified target to worry about that, it's certainly no "routine surveillance" as I intended to mean it.
What about improvements in browser fingerprinting attacks that can help make correlations even when all the traffic is encrypted (and TOR can't use a lot of padding due to latency issues)
The padding is irrelevant to browser fingerprinting. It is always possible to come up with new techniques to create a user's "virtual fingerprint". Info leaked, actively or passively, by the browser are a part of it; writing/typing patterns are another. That is not a TOR vulnerability, but the guys at the TOR project do offer advice to mitigate this. It was always advised that you used a different browser for TOR and non-TOR traffic, partly to make it more difficult to match your TOR fingerprint to your non-anonymous clearnet one. A step further, and available for a while now, the TOR bundle should help a great deal in making your traffic look just like that of any other Bundle user.
The other "patterning" issues remains; it is up to you to use different writing styles if you wish. As for the typing patterns, you could always hook up a Dvorak USB keyboard for your TOR session should you feel this is a problem, that should disrupt your pattern enough!
I wonder how many non-TOR-based "malicious traffic events" have taken place in the same period.
As per the security of the network, it would take more than a tweet to convince me that TOR is not one of the best solutions to date, to the problem it strives to adress (routine all-encompassing surveillance).
Uber is all about undercutting established businesses (not necessarily a bad thing per se ).
When this is done by dodging safety regulations (transport licence, insurance, vehicle safety) and income taxes, as is Uber's business model, well...
Also, when it comes to "moving" (i.e. traffic fluidity), Brussels is quite clearly one of the European capitals that least needs improvement (among those I've driven through, obviously). Mayhaps second to Helsinki (Helsinki's official pitch to lure foreigners is "we don't have traffic jams": they have huge billboards stating so in and around the airport :D)
That, and also trusting Windows to free up space automagically was probably not the brightest move, especially in that case. On old boxen (even relatively well-managed ones), this leads to disaster more often than not.
I can understand the state of mind that led to the decision, though.
In a world of £50 tablets capable of most basic computing requirements,
Except, of course, for anything useful. It will also last for a wonderful 5 years (if you protect it well), because no physical keyboard and no clamshell device, erm, well, if your "computing requirements" are Facebook, Twitter and the occasional tablet-oriented game, in a clean and safe environment, yes; otherwise, no.
I think the screen is upgradeable to increase its performances. Presumably you can do LOGO in CGA but you are likely to want a better display as you grow older (even if for no other reason than that you can afford it), so a swappable display may allow you to keep that machine for a little while longer instead of getting a MBP. Oh who am I kidding.
Arguably socket-swappable processors could be good (if not better), although I don't see that working for different architectures.
The Pi tends to be underpowered in media playback last I checked, especially at 1080p
Really? Perhaps it's your setup, I don't seem to have any problem with the one hooked up to my beamer, and it's only a 2nd-gen (the 2-USB, 512M RAM one). Hard to imagine performances degraded with newer models.
Seems like a waste of money to me. A Raspberry Pi will do while setting you back only $25.
As a desktop replacement, why not, although the need for peripherals probably means that you'll be better off building cheap bottom-of-the line PCs for roughly the same price (with a "home directory on USB stick" solution if need be). These can be maintained and upgraded, too, unlike the sticks which will be dead once any one of the components -including connectors- craps itself.
" Mac, windows, or windows lite will be your choices."
You're being a bit unfair. GNU/Linux is way more modular than the BSDs, so while you're right about Red Hat and a lot of the crowd, it's still possible to build a no-nonsense Gnu/Linux system that avoids the "windows-lite" crap. I've got 5 such systems at home. There are several ways to do it, the "out-of-the-box" approach would be Devuan, but for the more fiddle-oriented / control freaks among us distros like Slackware or Gentoo are build-as-you-go.
Ironically the only system I have at home that uses systemd is the media center SD card for my Pi, because I got the lazies.
whois gives
"Registrant Name: c/o WHOIStrustee.com Limited
Registrant Organization: Registrant of abc.wtf
Registrant Street: Suite 3686, 24b Moorefield Road
Registrant City: Johnsonville
Registrant State/Province: Wellington
Registrant Postal Code: 6037
Registrant Country: NZ"
which doesn't really look like MS... more like an obfuscation service.
... as she's just done supervising the deployment of a new integrated management "solution" based on Receiver. Fortunately she's in the health public sector so they had to upgrade some machines from W98 to XP to make it work; W10 doesn't seem likely before next decade.
(the correct reaction to spam is to report it to the upstream provider)
The fact that reports to abuse@mail.upstream.provider is ignored 90% of the time doesn't help with that. The remaining 10 % comprised such helpful responses as "forwarding the full message with headers is not enough, please send it as an attachment to that adress which rejects emails with attachments" doesn't help either.
A few years ago I interrupted an attempted burglary by coming back home early; I then installed a motion-detector camera , connected it to my raspberry pi and got it to send me images. If I hadn't had my raspberry pi at the time I would have bought one of the slightly more expensive 'net-enabled cameras to do the same; these were still massively cheaper than the solutions presented here, and I expect their price hasn't gone up.
Adobe Flash... pretty sure it serves a useful purpose, somewhere, for someone. Come to think of it, for me it does serve a purpose. It spares me from seing the most useless parts of the terwebz. I just see a "Flash is a small install from Adobe, please click 'yes' to install it in order to view this slideshow of domesticated felines" which is definitely an improvement over the intended content.
I do wget a few .flv clips that I play in mplayer, from time to time, though.
I suppose I could get thousands of datapoints going one way or another using virtual machines and custom-made images. What I'm talking about here is live images (and live/install images) which by definition are supposed to be generic, and also the main use case for Admin/penetration distros such as GRML or Kali. Only systemd doesn't do generic. It may work in compile-everytime situations such as Gentoo install (and even then, I'd bet your 400 points are 390 virt and 10 phys at most).
Problem is, an admin/hack/penetration distro ain't no good if you cannot just slide the CD (or plug the stick) in any machine and boot from that, with full hardware recognition. That's something systemd just can't do, in my experience.a
The Kali project switched to systemd, which means it will not boot properly on almost any portable machine and create problem on some desktops and servers as well. Kali's forums are already full of threads reporting major problems, and I'm not surprised, as I've tried myself some systemd-based images (Debian and GRML) all of them failed on litterally every laptop I tried (6, from 10-yo to this year's model) and caused major problems on most older (older than 5 years) desktop hardware, too.
(note that all the hardware mentionned in this post now runs Devuan without a hitch).
Clamshell and physical keyboards are good. I would buy this. Then again, I might be impaired; my impairement being a profound dislike of:
-clumsy touch keyboards
-screens that suddently lose half the display size to a clumsy touch keyboard
-smudge all over the display from the use of the aforementionned.
And then there's pocket dialling.
Things are bad enough without you making things up (or is it bad translation?). The French version crudely reads "by browsing this site you allow 3rd-party cookies as needed for video presentations", with a box labelled "OK, accept all" (in green) and another labelled "tune to your needs" (in gray). The "tune" link allows you to opt out of the 3rd-party cookie setting, which are from DaylyMotion and YouTube (explicitly stated, individually tunable).
On my cursory check 10 s ago no cookie was set at all (I did not check the "OK, accept all" button, obviously).
I'd say they're pretty much following their own rules, unless I missed something.
"too intrusive for mobile" and "we trust our users yada yadda" is just marketspeak for "we can't be arsed".Let's forget we're on a tech site and pretend you don't know any better; one good way to comply with the law would be:
-check for the REGACCEPTCOOKIES cookie; if present, proceed without any banner or warning;
-if absent, present the user with a tick-box (in any form: dedicated page, another bit of JS crap, whatever). If box is ticked, set REGACCEPTCOOKIES cookie (and then some);
-if box is not ticked, present the user with whatever you feel you can do without setting cookies. Heh, that may even be a blank page with "tick the box, dummy" in the center; not nice, but legal.
-job done
Intrusive? Maybe on the first connection. Much less intrusive than the current solution in the long run though.
I'm sure there are other ways you can think of.
I just have a Fonera. Keeps the public network separate from my private one(s), with track being kept of who does what from the public side (local laws otherwise states I'm responsible for everything that goes through my network).
Also it gives me a nice convenient separate (private) LAN with a password that can freely be given to guests and changed at a whim. Not that it matters much, as there's nothing else than guests on it.
Bullshit!
Friday afternoon changes are the best. Just make sure that:
-you strictly the required change, for which you have a written order, 2 minutes before the end of the shift
-you're not on call on the week-end, or in on the following Monday, or on Tuesday for that matter. On company-approved leave, of course (to be made up during the week-end, if need be).
-the change has the potential to ruin someone important's life (or contract) if anything goes wrong.
You only usually get the one try, so make it good.
Friday afternoon requests should be pretty seldom after that.
I am thankful for the relevant use of the rightful use of the new-fangled "huge pic in your face".
Not so thankful as to read the article though, as I'm busy enough running proper software. But hey, I'm keeping notes, I might even direct people to this article if they want a go (poor souls).