āNo, weāre not giving you the shaft, weāre merely commoditizing the shaft,ā
Ice burn, man. Ice burn. Itās probably good that cruelty to animals legislation doesnāt apply to that kind of pig. I wish I had turns of phrase that good.
I think thatās $250M, not $250B.
This is all thoroughly entertaining! I can see both sides of the argument though. And Iām now 100% certain that BitLocker does have a backdoor as Microsoft have denied it. How about that āalways-onā XBOX One Kinect? Iām kinda paranoid that my Wii Fit has 1000 pics of my balls nowā¦
Iām sure your balls are nice, but just donāt have any groups over there in front of the cam. Once facial recognition sees thereās a group at hand, thatās probably when they get more interested. Perfect time to listen in on business plans or the dreaded organizing of activism of any sort.
By the way, I heard that the Miley twerking ration would be reduced from thirty ass shakes to twenty.
If any government agency wants to see my balls then Iām happy to oblige a live showing at a discounted rate.
And this is when some of the more prudish watchers get hazard pay.
Ed Snowden gets my vote for entertainer of the year, hands down! Iād love a reveal showing the FBI has been actively monitoring 4chan and can identify posters. Can you imagine the reaction to such news?
Speaking of encryptionā¦ I had an interesting āresponseā from Apple. This is what I posted at Appleās official tech support ādiscussionsā forum:
Has anyone proved or disproved that Appleās DMG format is lacking a backdoor to allow the ATF, NSA, FBI, DEA, etc. access to the data within them?
Iām not suggesting that I believe the AES encryption itself has an
issue, I want to know if anyone has been able to independently verify
that Appleās implementation with DMG is lacking a backdoor that can
bypass AES.We already know thereās a backdoor for iPhones that Apple will access
for law enforcement.CNET: Product reviews, advice, how-tos and the latest news
Is an Apple DMG also subverted with a backdoor as well?
This was the āresponseā:
Iāll go ahead and err on the side of caution and take that as a āyesā.
Can you imagine the reaction to such news?
I can imagineā¦
Hacks continue as FBI claims to have dismantled Anonymous
The FBI is claiming to have dismantled the hacker organization Anonymous. But shortly after an officialās statements were published in the press, Anons dumped large amounts of data that appears to have been stolen from FBI servers.
Have you heard the good news? I heard the Miley Cyrus twerking ration has been increased to twenty ass-shakes from ten.
Right there Microsoft has a better slogan than anything it has used before.
Microsoft - Commoditizing the Shaft Since 1975
The NSA have been monitoring everyone, and can identify anonymous authors by the distinguishing features of their writing styles, word usage, word frequencies - Itās pretty trivial.
Right you are! Thanks.
Speaking of Bitlocker, Iām reminded of TrueCrypt.
My home desktop is configured for dual-booting, and I was looking into using TrueCrypt for drive encryption, since it works for multiple operating systems. TrueCrypt wasnāt available in the repositories for Fedora Linux, and the immediate reason was a group of concerns about TrueCryptās licensing terms. The biggest problem with the license terms is that the TrueCrypt developers explicitly retain the right to sue users for copyright violations ā making it unclear what rights users have to use TrueCrypt.
From what I can make out, where things really get weird is that no one is sure who the developers are, and the FSF, et. al., havenāt been able to reach them to discuss changes in the licensing terms.
TrueCrypt is open source, and supposedly experts have checked the source code thoroughly, so it seems unlikely that thereās a back door embedded in that code. But the weirdness of the license, and the mystery about the identity of the developers, strikes me as possibly significant, given what weāre hearing now about the NSAās efforts to poison standards and push software developers to add back doors.
Truecrypt as written is probably secure. However, can you be sure that the version you downloaded is? Bad actors (IE NSA) could be man-in-the-middling downloads and inserting their own hacked version with a back door. Try to verify it - but whoās to say that they arenāt also replacing the web page with the MD5 signature with a different one too? Get one thatās crypto signed - but maybe theyāre intercepting calls to PGP key servers as well. You canāt really be sure unless you have the MD5 handed to you by the developer in person, and even he canāt be sure unless he has decompiled the binary to make sure the compiler isnāt inserting back doors. The rabbit hole goes as deep as you like.
Itās time to use encryption in a way to introduce strangers to one another securely.
Check out my blog: The Holy Grail of Cyptography and A Subversive Idea.
TL;DR: Itās difficult to create the first secure channel between strangers but after that, you canāt stop them from communicating securely.
Guido.
Although I like TrueCrypt, I have a problem with āOpen Sourceā authors who try to keep too much control over who does what.
It seems that the TC license, specifically Section VI Paragraph 2, has changed for the (somewhat) better (perhaps) since that mail-archive thread you link to. I havenāt read everything and IANAL, so Iāll reserve judgment.
How did they ask? Yes, thatās right. In a meeting. Nefarious bastards.