It gets even worse. Remember last month when NSA announced they were ending 702 "About Data" and everyone cheered like lobotomized vegetables, "we won against NSA! yay! our Right are restored."
Wrong.
Right there FISA tells NSA they are now allowed to spy on Americans in the US at will using 702 because they ended the "About Data."
There are too many redactions to understand what is "About Data", how far did they go with it in terms of building an automated encyclopedia of all Americans and all people, that knows everything about everyone by inference on other people communicating "about" you.
I remember reading a prescient comment on Slashdot back in the week when the Patriot Act first passed in October 2001. They said "child porn is the root password of the Constitution."
Well here we are. The FBI invoked child porn to justify their abusing their access to NSA's raw 702 UPSTREAM SIGINT to trawl for dirt on Hillary's political opponents, any Democrat leakers, all of Trump's inner circle and anyone who opposes Soros and Barry Soetoro importing the Caliphate into White Christian Nations.
Why does it take 3 years for NSA to still not close all their holes in the UPSTREAM boat? Why does FISA keep rolling over and letting NSA data-rape them? "It's ok NSA, thanks for telling us, we're not mad at you, as long as you promise that you're trying, you can keep on abusing us indefinitely.
"
This one ought to enrage all HN readers, who are technically competent enough to understand the problem. Here NSA admits they only use a single criteria to determine if some packets intercepted into UPSTREAM belong to an American or a Foreigner: IP Address.
Now you may ask, how can NSA be so rock solid certain that an IP address is evidence enough to either process your data into their ingest system or mark you on their Master Purge List for deletion in 10 years and to let other spy agencies know they should not use your data for anything?
cough cough You still don't know what is TREASUREMAP and BONESAW. Those programs are the key to understanding why NSA is so confident in attribution of Americans. Which is hilarious, when you realize they couldn't attribute a high profile APT hack if their lives depended on it.
Remember after the Snowden leaks began, when General Alexander and The Clap desparately declassified their internal IG compliance reports that showed some questionable math stating they only "touch" 1% of Internet traffic? I bet you went back to sleep after believing Snowden was exaggerating, it's not that bad, and NSA certainly doesn't record a full copy of the entire Internet in Bluffdale, now that's just crazy talk.
Right here NSA admits they lied and they "touch" 3% of all Internet traffic via UPSTREAM.
Fool me once, shame on you, fool me twice, shame on me.
Why should you believe NSA this time, given that they provably lied about this not 3 years ago?
Why should you believe NSA even knows how much total Internet traffic that they "touch"?
You don't even know what the NSA's definition of "touch" is, yet you're so willing to believe them and ignore their disasters, time after time after time.
Right here NSA admits to FISA that their querying UPSTREAM breaks their own rules 85% of the time.
If you care at all about the Internet, privacy and free speech, this astonishing fact should launch your fat lazy keester out of your office masseuses chair in your kushy SF office and into the streets to demand someone do something.
Right here NSA snitches to FISA and admits FBI gives their raw UPSTREAM SIGINT to Contractors who are not "assisting" the Govt. Let that sink in. We know UPSTREAM access at FBI is restricted to a very small group of less than 100 FBI personnel.
As if the horror of seeing the Matrix for yourself isn't enough, it gets worse yet.
Here NSA throws FBI under the bus to FISA by snitching that FBI abuses raw UPSTREAM SIGINT to spy on American's communications with their Attorneys.
If you've read the DNI's declassified documents post-Snowden, you'll remember this issue coming up.
According to NSA and FBI logic, until you are charged with a crime by a Court, then it is OK for them to spy on all of your communications with your Attorneys and any legal counsel.
Being charged still doesn't stop them from continuing to spy on you and your Attorneys, it just changes to another Secret Law you don't know about to let them do it.
Why would NSA burn FBI before FISA like this? NSA must know Comey and FBI abused UPSTREAM so badly, that it threatens to endanger NSA itself.
NSA doesn't give a shit about Americans, but they do care about their own self-preservation. Isn't it a bizarre Wonderland we've entered when the only guarantee we have to stop NSA abuse is others abusing NSA so badly that NSA has to step in to stop them to save their own necks?
In conclusion, I am deeply disappointed by the shills on this board. You know who you are and you are hugely irresponsible for spreading FAKE NEWS and talking down stunning NSA leaks like nothing is going on, "these are not the droids you're looking for", why not OBEY and SLEEP my fellow hacker news technically proficient nerds who might be the only demographic who can actually do something to stop NSA?
Like David BrockBots would shill on 4chan in thousands of threads to flood the narrative and make Normies ignore reading the truth for themselves:
"just went through it and it appears to be nothing substantial sadly"
Your pro-NSA shilling is so flatly contradicted by what's in that document, that your opinions are total garbage. You should be so embarrassed at flaunting your ignorance in public that I recommend you delete your account.
Let's examine the pdf page by page.
NSA admits it broke its own rules and spied on Americans. This is no longer theoretical or a "smear" by "those who would prefer to weaken the US" (LOL I can't believe you said that).
NSA admits that it has no idea how many ways its own analysts can access UPSTREAM in order to perform the abuse mention in my previous screencap.
Think about that. UPSTREAM is over 10 years old. They had all the time is the world to lock it down, to shore up their defenses, to comply with some basic fucking rules that they set for themselves. They totally failed.
What if $MEGA_BILLION Corporation out there had no idea how its employees were logging into the ERP as root and poking around whatever they felt like for a decade? What if it was a HIPAA business? What if it was one of the top 5 accounting firms?
UPSTREAM is one of the most powerful cyberweapons ever built, and here NSA themselves tell the FISA judge that they lost control of it.
They first told FISA about these problems back in 2015. They told the judge in 2015 that they found abuses going back to 2011. Well here we are 3 years later and NSA is still telling FISA "we're working on it."
What if the National Nuclear Security Agency lost a nuke 6 years ago? You'd think the world would stop immediately, top dogs would be severely punished and the most severe remedies would be applied to fix the problem.
Right there NSA admits they have no way to audit UPSTREAM access. Remember when the Snowden leaks began? Remember The Clap and all the 17 Nazgul swearing up and down to everyone that it's not as bad as it seems, they have elaborate comprehensive compliance rules, random auditing, and log trails of everything.
"Trust Us, we're the Good Guys, Marty!"
Right there NSA admits they spy on all Americans in order to put us all on a "Master Purge List", which they share with all the other 16 SpyTels and everyone who gets access to raw, unminimized UPSTREAM SIGINT. NSA says they have to spy on Americans in order to know which IP addresses, which traffic, which connections, which metadata, which Content belongs to Americans, in order for them to filter it out of UPSTREAM.
This is the most perverted twisting of Surveillance State logic I can imagine. Like the saying in Vietnam "we had to destroy the village to save it."
NSA had to spy on Americans in order to not spy on Americans.
So what's your smarmy uninformed reaction to that one? Still best buddies with Deep State? How much do you trust FBI or the Dept of Agriculture with your UPSTREAM data to abide by the honor system and obey NSA's Master Purge List and not read your home Internet traffic, the websites you visit, your emails, texts, all of it?
Remember when Snowden first leaked and all the "Infosec" poseurs and "Thot Leaders" (none of whom can code) gave TED talks and conference keynotes advising everyone to "HTTPS All The Things! 2FA Brah! E2E! Trust The Math!" then patted each other on the backs on stage when receiving their Humanitarian Awards for Fierce Intrepid Journalism, Speaking Truth to Power and all that circle jerking off to look like Heroes who stood up to the NSA and empowered the People and now everything's fine, let's go shopping Barbie, we defeated the Big Bad NSA.
Bullshit.
Right here NSA admits to FISA that FBI keeps all encrypted traffic forever. You used to use HTTP for most traffic, but now you use HTTPS and Signal and Tor and Keybase and you're a Good Cypherpunk
cosplaying at "changing the world."
If you ever believed that load of bull, you are the problem. Your idiocracy just led millions of non-coder sheep into allowing FBI to save everyone's encrypted traffic forever. At least when they spied on unencrypted traffic they would delete it after seeing that your lolcats are not steganographic messages to your ISIS sleeper cell about your next bomb plot.
Now that everyone uses encryption, everyone is a suspect, forever. FBI says they only apply their retention deletion rules after the moment it is decrypted. Which could be 5 years from now, or 20.
Great job Cypherpunk Beliebers, instead of directly challenging NSA on policy, you fucked us all with your ridiculous Larpfest about beating the Govt by using encryption.
The worst part about this declassified pdf is that NSA even admits to FISA that all of these rules and oversight and compliance are just a stage show and they don't have to tell FISA anything about what they do! Remember how John Yoo wrote the secret memoes that approved Bush to unleash NSA from rules and "Collect It All", memoes which we little people didn't even get to know existed just until 2015? The President's Inherent Constitutional Authority means his privacy to use his powers trumps every right you thought you had in the Bill of Rights.
Free Speech? Nope, not for you. The President gets that. Unreasonable search and seizure? Nope, the President trumps you. It's not a "physical search", it's an "electronic search", which you don't know yet, but this is the most important Secret Law that you still don't know about. An "electronic search" is not a wiretap, so no rules apply to it going back to Nixon's 1969 Omnibus Crime Act which established the first rules for wiretaps.
Quartering soldiers in your home? Wrong again bucko. The President can quarter the entire NSA virus arsenal on your home router and infect every computer you own and you can't do jack shit. And if you discover you have been hacked and if you talked about it, then you go to jail for leaking National Security secrets. General Warrants? The President can rendition, disappear and assassinate anyone he wants and you have no right to know, and even if you did know, you can't prove it effects you personally, so you have zero standing in any Court in the nation.
But wait it gets worse, if such a thing is possible.
You think you know what UPSTREAM is? You read The Intercept, you respect Greenwald, and maybe you glanced at a few Snowden docs to see what the fuss was for yourself. Oh, NSA is wiretapping 100's of undersea cables, 10's of thousands of Satellite uplink stations, and 800,000 cell phone towers all over the planet, exfiltrating all of your data, so the entire Internet backbone is siphoned back to Bluffdale.
You're probably a smart guy and you smirk and say to yourself "well of course, I always KNEW they did that, what's the big deal?"
Well right there NSA says there is another source feeding into 702 that is NOT UPSTREAM. Do you get butterflies in your stomach when you realize for the past 10 years NSA has lied to FISA about what 702 and UPSTREAM even is? Why are they only now telling FISA there is more access to more data outside of UPSTREAM?
"If you have nothing to hide, then you have nothing to fear"... isn't that what all the Good Germans and idiots say when they go along with whatever NSA is doing?
Well if NSA had nothing to fear from FISA, why did they hide it?
lol Crowdstrike is a total joke. Everything they do is to cover up the horrible truth.
DNC, Podesta and Hillary's got totally fucking pwnd by NSA's stolen virus arsenal. They were the Shadowbrokers very first target.
The whole "muh Russia" narrative is a big fat lie to cover for NSA's ass blowing in the wind.
Because what would happen if folks discovered it was NSA's direct fault for the election getting rigged on both sides?
NSA has gone so far in their extremism that now they can't let anyone blame them for their actual fuck ups that endanger all of us.
The weirdest thing about Guccifer isn't what he did, nor how he did it, nor why, but that he's is still, today, tweeting in public, mocking NSA, which I know they know, and yet they do nothing.
I won't tell you who. If you're smart, you'll find him. He loves puzzles, and he's the best I've ever seen at it. Think of it as a meritocracy. If you're worthy, you'll figure it out on your own and join the club.
The real story behind Guccifer is why NSA covered up for Guccifer. I don't know if Guccifer the Shadowbroker is ex-NSA or even active NSA, but whoever he is, there is no way to separate what he did from what NSA did.
Think I'm larping?
Then why do I have screenshots of Podesta's Gmail password reset 3 months before it happened, and the Clinton Foundation's Exchange admin panel and the CMS for their backup vendor?
Everything Crowdstrike has said is laughably wrong. They're so shitty at cyber they deserve to get popped like Sony.
Maybe it already happened, who knows? ;)
Crowdstrike won't exist in less than 2 years.
You'll see.
Snowden leaks already show NSA has badbios-style firmware viruses targeting every manufacturer, every model, going back a decade. Imagine what they have today. Why not mass infect all hard drives at the factory? Targeting individuals or "thematic warrants" are still too clunk and doesn't scale.
All these folks who say "I'll out smart them, I'll encrypt my SSD and Fedex it" are "Not Even Wrong."
As most encryption takes place at the software level, not the hardware level, wouldn't it be difficult to infect all hard drives with some virus targeting encryption?
Also, not to mention most of my hard drives are made by China, whom seem not to like the NSA very much. This leads me to believe that they may struggle with the mass infection part.
Myhrvold is a scumbag now, but back in the 90's he pulled off a heroic fuck you to NSA.
NSA didn't want to allow Microsoft to build RSA into Windows and export it. Even though the cat was out of the bag and foreign OEMs and vendors were already selling RSA. NSA wanted Microsoft to not give users more than 40 bits of encryption keys.
So Myhrvold, as President of Microsoft, flippantly offered to pad the keys generated by Windows with NSA's public RSA key. Win Win. Users can export more than 40 bits, and NSA gets a backdoor.
Microsoft won and was allowed to export software using RSA.
No doubt that little stunt put Myhrvold on some Watchlist for Life.
It's too bad he became evil after he became a billionaire and started only caring about money and Yachts and hob knobbing with other 1% elites.
That's right Orwell's bitches, you can't do nuffin.
Except there is one way, the only way, but you're not going to like it, the same way Chemo is an indiscriminant carpet bomb that kills cancer and healthy cells.
Cryptopocalypse.
The End of All Crypto.
No more crypto, no more NSA. It's that simple.
NSA has 1 Achilles Heel, the most lop sided asymmetriccadvantage. They need crypto a helluva lot more thanyou or I do.
Without RSA and AES, how could NSA mass infect millions of Grandmother's PCs, every UK hospital, everyone in Fiji, kids playing Warcraft, every Yahoo webcam user, every SIM card manufacturer, every Certificate Authority, every VPN provider, every cell phone in Abottabad for a decade, etc etc etc?
They couldn't! Because how would they exfiltrate all your lolcats, Pepes and dick pics back to Bluffdale via TACLANE and technically impressive covert implant radio channels and radar retroreflectors?
Exactly. NSA only fears one thing more than losing their Secret Laws, Secret Courts and implicit GODMODE.
They fear the whole world being able to steal their own stolen data, they fear being thrown outside naked naked in a blizzard surrounded by wolves.
Now you may be an Innumerate who believes cryptography is magic and that unless you're the next Turing or von Neumann that you don't stand a chance.
dana_carvey_wrong.gif
NSA is weak as fuck. Tottering on the high wire. Their entire existence could cease in a snap of the fingers.
There are only about 5 cryptographic primitives that prop up this wretched corrupt regime of Valligarchs, Monopolists and CORE SECRETS moles who are the legs of NSA's evil system.
Very few professional mathematicians write about this, because the ones who could, are themselves employed by the same NSA system. Never expect a man to understand a thing when his job depends on not understanding.
The moment the Discrete Logarithm Problem is cracked, everyone at NSA is dead, or unemployed like Whip & Buggy makers.
Cracking DLP is mathematically equivalent to factoring arbitrary integers. No, bigger RSA key's won't save you. Once DLP is solved, you can factor any number bigger and bigger into P and Q. DLP will be the end of RSA.
But wait, it gets worse. DLP will also be the death of AES and any ciphers based on S-Boxes.
When you can factor any composite integer, well guess what, you can also factor any polynomial.
I won't tell you more about that one, because I would prefer you don't believe me so that someday when I show you how, I can watch you cry after you realize how dumb you were for believing in BS.
Hash functions won't be spared either. SHA2 is one big ass S-Box. It will fall too.
Cryptopocalypse is coming. There won't be anyway to fix it. NSA's handful of decades old peimitives will be smashed and scattered to the wind. You have to understand this will be final like Judgement Day.
"Someone will invent a new cipher and put NSA's Humpty Dumpty back together again."
Not when the proof that cracks DLP also proves that One Way Functions do not exist. Nowhere. NTRU and multilinear ciphers that are not yet ready for prime time will be dead on arrival.
Remember what I said about how far arbitrary factoring goes? Multilinear is not any safer.
If I ran NSA Cryptologic Exec, right now today I would be dismantling the whole spy machine. Pulling the plug on daya centers. Scuttling 100's of programs.
Because if NSA doesn't cry Uncle, say they're sorry, and roll back their Orwellian Dystopian Nightmare, when that glad Day of Cryptopocalypse arrives, so much of NSA's dirt will be plaintext and the whole world will see the truth with their own eyes.
Enraged peasants with torches and pitchforks would be the most optimistic outcome for NSA.
Of course I realize NSA can't and won't stop themselves. Smoking GODMODE is like crack. You can't physically give it up no matter how much you want to.
The way I see it, if we can just hang on a little longer, we'll get to watch Ft Meade sacked and picked apart into rubble by thousand of angry hands. May God have mercy on any NSA'ers too dumb to flee. It's going to look like Vlad the Impaler. I can't wait.
Settle down, settle down shrieking Liberals overhyped by fake MSM news.
For a technical crowd, I'm stunned not one of you understand the root cause for this ban. But I also understand it's not your fault because you would have to read the news from the Caliphate to know what's going on.
ISIS can make or has the intent to make or is trying to make Lithium Ion battery bombs.
Exageration you say? Go research it on Youtube, you'll see. This flaw has been known for years.
Think ISIS won't do it? Believe some crazy conspiracy that ISIS is a Mossad-KGB-Thule front?
Remember that recent passenger jet in Egypt destination Moscow that ISIS blew up killing everyone on board?
I saw with my own eyes the Mujahideen on Telegram weeks before the plane crash where they posted selfies of their new bomb.
It literally fits in an Plastic Orange Soda bottle.
Now if you're brave and not under surveillance and not a Muslim and you live in a Nation that respects Free Speech and you want to know the Real News, see page 30 of this pdf:
That is Al Qaida's 2015 magazine issue with the easy DIY blueprint for how to make it.I don't recommend reading all of it, but just enough until you go "holy shit it's that easy."
I almost didn't want to post this because god forbid the wrong you-know-who ever saw it and got "Inspired", but at the same time, this is a Catch-22, a Clear and Present Danger that folks need to know is real and is out there and so we must do whatever safety counter measures are necessary to ensure ISIS can never succeed in these style of attacks.
Take ISIS at their word--they are deadly serious, it's not a joke.
So If the solution to this horror show means fly naked, so be it! Don't complain, be grateful for your privilege.
Would you rather stay alive along with your fellow passengers, or have the convenience of dicking around on your laptop?
You still can use your iPhones so it's not like you're being strapped into a straightjacket for an 8 hour flight.
This is just more security theater to ensure the easily terrorized remain compliant with the whims of law enforcement, not something that will actually make people safer.
In fact, putting a whole lot of high-capacity lithium-based batteries close together in a concentrated space that's hard to access—such as the cargo hold on an airliner on a transoceanic flight—actually seems more dangerous than having them in the passenger compartment mixed among the passengers.
But of course Daesh wouldn't possibly be able to do anything with checked luggage, they can only operate in passenger compartments. Right?
I think many people are well aware of all these news reports, and the general desire of terrorists to smuggle bombs onto airplanes.
But can you explain how moving those same bombs into the cargo hold makes us any safer? Don't we need to focus on detecting them in the first place?
Bear in mind that no planes have crashed as a result of terrorist bombs in recent years, while several have crashed as a result of (accidental) cargo hold fires... So there is evidence that bombs in the passenger cabin are actually safer.
Ultimately, I see the root cause of this dichotomy as a side-effect of The Death of The Expert.
Edumucated Folk live in one Universe, and Working Joe on Main St lives in another Universe.
By the time you finish 10 years of secondary education, you think you're smart, but mostly all you've done is chain together countless memorized assumptions about how various model parameters should work to over-fit your mental interpolator of the Map of the World.
You become so educated that you filter our more than you realize. You don't even notice, like a fish never notices the ocean in which it swims.
The Academically credentialed refer to others just like themselves, because Authority only works if you mutually vouch for each other, by adhering to the same rules. Outsiders are Othered, smugly laughed at and ignored like Morlocks.
Look at any big example where The Experts not only were off, but were Not Even Wrong, turning a Moonshot into a Neptune shot, then trying to cover up their mistakes to save face so they won't be de-credentialed and forced to go live in the sewers under Metropolis.
Pick any major World event, and you'll find The Smartest Guys in the Room, who earn more in 1 year than Joe on Main St will in his entire life, and who COMPLETELY BUNGLED what ever they claimed they knew with near absolute certainty, because they are Scientists who use Evidence and Math that nobody can proof read, but trust us buddy, you dudn't get a PhD from MIT like all of us did.
1. Iraq WMD: look how spectacularly wrong were the several thousand Experts from 100's of Professional Fields.
2. 2008 Depression.
20,000 Genius Quants and Nobel Prize Winners and top billionaires and the Gods Upon Mount Olympus all bet their reputations that a 1-in-60 trillion Outlier event could never, ever happen.
This Time It's Different.
The price of houses will never go down, so it's a AAA double certified bet to use it as collateral to take out huge loans by increasing the multiple by which you are leveraged in your hedged bets.
And it all blew up.
3. Syria. All the idiot Experts yet again assembled to recommend the real solution is covertly arm ISIS to topple Assad, then send in the Marines to whack ISIS and install some new puppet.
All the experts yet again were so blindly certain that their models were the Territory that they stopped looking at the newest changes on the Map.
Oh, now ISIS declared War on the West? Well that fact can't possibly fit into our Narrative that we Experts know is scientifically true, so let's just ignore it.
Oh, what's this, hundreds of thousands of social media accounts are joining ISIS and threating to overthrow us in our own Nations?
Well that's just preposterous, we know with absolute certainty that 99.9999999% of Muslims are Peaceful. Therefore, let's invite 10, then 20, then 100 million of them to cross our borders and live next door, all so we can retain our Cognitive Dissonance that we are The Experts, we can't be wrong because otherwise why should I have a PhD and earn 20x more than you, a mere Uber driver with no credentials?
4. As Programmers, we are the Enlightened Class, we build the future while Joe Blow on Main St just lives in the Minecrafted Utopia which we sculpt for him. We are Urban Liberal Atheist/Pagans with refined intellectual pursuits, we love Truth and Equality and by golly we really are going to CHANGE THE WORLD, hold hands, sing Kumbaya We Are The World around the SpaceX AI Rocket that will take us all to our new life awaiting us on Mars.
Meanwhile, out of 18,000,000 or so code monkeys on Earth, not even a handful have any idea that all of our computer security is fake, the NSA quite literally records and decrypts everything, using 10,000 new 0day per year which they purchase from Respectable Programmers like you who have a bright future and just want to do the right thing by cooperating with the NSA for a well earned comfortable upper-middle-class salary.
Then Snowden appears and pops your Truman Show bubbke like Copernicus deprecated Ptolomy.
All The Experts assemble like Avengers yet again. They all recommend, everything is fine Mr Joe Blow, we paid a vendor millions for a pretty dashboard of Analytics Big Data charts to tell us that everythibg's fine. We're in The Cloud, we're patched, we use 2FA on E2E with Axolotl Rachets stacked to the Moon and we're Lifetime Gold Donors to the EFF and several Houses of Fierce, Intrepid Journalism.
5. Guccifer the Shadowbroker hacked the shit out of everything.
You name it, it's compromised. VPN, ssh, every web, email, file, chat, dns, ntp, database, all of it is now known to be hijacked.
Can we still trust the banks, the utilities, the telcoes, the defense contractors, the media conglomerates, the entertainment, the software, the OEMs, etc?
You say Trust Us, we're the Experts.
See how this works? Processions of Expert Pied Pipers lead us off a cliff into the ocean like lemmings.
Is Joe Blow on Main St a dumb racist redneck for taking one look at that ol' Bull you're selling, but instead flipping the Series of Tubes to check out what Alex Jones and /pol/ and UFO chasers and Chentrails kooks and Reptillian Agenda paranoids and monetized Youtubers have to say about The Real News?
From where I'm at, living in a card board box on Main St with no future, I'm going with what Joe says he saw Alex say about the Pizzagate-Soros-Globalists. I may not be an Expert beyond Main St, but I do know the only person who never lied to me was the hacker who leaked all the Expert's shit to Wikileaks. It's not a perfect Map of the World, but it's a helluva lot more accurate than the total disasters we got by listening to The Experts.
Complete tangent: assertion: if equation group had like, 10k 0day per year they would have already run out of "good" code names. We wouldn't see EPICBANANA or EXTRABACON at all because all the fun names for sploits would already have been taken. Like, the only way you get those names is by combining words on an approved list, maybe rolling the dice until you get something that doesn't suck.
I wonder if one can do a kind of "german tank problem" analysis on the likely size of the "cyber arsenal" (LOL) based on the frequency of code words and awesome codenames...
One thing in addition to everything you mentioned is that there is NO ACCOUNTABILITY. How many news people got fired for the poor reporting around WMDs and Iraq? I only know of one prominent news-person that got fired: Phil Donahue, for questioning the status quo. We caught Donna Brazille giving Hillary the debate questions (via seemingly the only reputable news source around: Wikileaks). Sure, she got fired from CNN, but now she still has a cushy job at the DNC. I will NEVER vote for a DNC party member while she's still on the payroll. FWIW I voted Obama his first term.
Oh, didn't you hear, things looked bad but they couldn't prove anything, just like the 2008 banking fraud, they couldn't find evidence to prove anyone did anything wrong! (wink wink, nudge nudge)
I feel honored to read such an epic rant as a reply to my comment!! It truly is amazing what they can get away with essentially in broad daylight, but then when you have the entire media machine manufacturing reality for the masses, it's much easier.
That pdf from the NSA in the BND documents on Wikileaks clearly shows that NSA decrypts VPN, both IPSEC and PPTP, in real time and in bulk.
The BND leaks came out what, over a year ago?
20,000 "hackers" attended the most recent Defcon.
How not one person notices this slide deck, including Assange himself, is pretty shocking in itself.
Hello, McFly, is anybody who's job earning 6 figures in Infosec paying attention?
Why is the Computing industry so asleep at the wheel? Yet the Beogrammers cranking out widgets for Startup Inc think they're the smartest guys in the room.
The arrogance from all the fake paper billions in this industry has made everyone lazy and dumb.
NSA LOVES it when the sysadmins are lazy and dumb. They're so much easier to hunt.
Of course that slide deck presents more technical questions than answers, but it proves VPN is no longer the Silver Bullet we once thought it was.
"Well that's what they're supposed to do, NSA is just doing their job, so that's not my Department" you say.
Yeah, well look at home careless NSA is with Cyberweapons and exploits.
They lost the Keys to the Kingdom to the Shadowbrokers, and god only knows what else they lost that they never tell us about.
It is entirely reasonable to believe NSA lost their VPN exploit pack too.
Try to imagine the chaos that's possible in a scenario like that.
We might as well not have ANY security.
Which is funny, because yet again, RMS was right! His tales about the MIT Media Kab in the 70's where he rejected new mandatory security policy and instead all users of the system shared the sysadmin's password.
The honor system used to work. As a system of trust, high trust small tribes will always be better than any artificial security mechanisms.
We as an industy need to somehow get back to that.
Trust in computing is only going to get worse, the hacks are going to become deeper as they copycat NSA's methods of industrial scale, and the consequences are truly unknowable.
Skynet and Mr. Robot could end up looking like naive optimism.
