736200+ entries in 0.414s
cads: including stuff
that
the media has spun as "the ability
to store all
the
transfers on
the internet for a whole 4 day review period"
cads: snowden's revalations have continued
to detail a number of really extensive cyber capabilities
that
the NSA has
mircea_popescu: there's a difference between snowden and "what
the guardian represents".
cads: I
think
that
the capabilities being divulged are
too over
the
top and being divulged in a way engineered
to make
the vast majority of people accept
them.
bounce: wonder how hard it is
to
TEMPEST-proof a laptop. if a can of metallic paint
to
the inside of
the shell is enough
that should be a nice enough niche earner
cads: mircea_popescu: what are
the odds you put on Snowden himself being a US agent?
mircea_popescu: which is precisely why he makes
the sort of cargo cult suggestions he does make.
cads: the suggestions he gives for airgaps would not protect against
the kind of measures
the NSA is claimed
to be able
to
take
cads: yeah, I suddenly want
to read some more criticisms
bounce: the execution in
the context of stupidly complex machinery a bit less so
mircea_popescu: jurov "In
this paper we will describe some of
the shortcomings and suggest solution"
bounce: well,
the sentiment is sensible enough: minimise infection vectors, build in barriers and
things
that might
tip you off
cads: haha, I suspect
that
too
cads: "Malware can silently write data
to a USB stick, but it can't spin
the CD-R up
to 1000 rpm without your noticing. "
ozbot: Why I suspect Schneier is an US agent. pe
Trilema - Un blog de Mircea Popescu.
cads: I don't like
that he suggests a usb key, because usb keys have been penetrated before
cads: for example use read only cdrs
to dump data into
the machine
cads: I'm being more pessimistic
than necessary - his advice is actually about as decent as you can get
moiety: 22:47 <mircea_popescu> and secretaries you don't seduce.
they're always busy at work. << a good secretary can't be seduced.
this is
true. however, also means loyalty.
bounce: that means something like linux or a *BSD is Right Out because...
those come FROM
the internet!!1!
cads: and... I'm hoping he really did something better
than i'm
thinking
cads: which consisted of a brand new laptop
that had never been connected
to
the internet, and a
thumbdrive
cads: bruce schneir described
the airgapping "effort" he was using
to research
the NSA papers and write
the articles reviewing
them.
mircea_popescu: ThickAsThieves prolly have
to move it on punched paper acroiss airgap
mike_c: yeah, i hope you are right (i am in on
that bet).
ThickAsThieves: i already followed
their instructions
to activate
the accounts
the wanna shut down
mircea_popescu: cads diametric you
two should joint or several work out something i can ipo.
ThickAsThieves: i just might, would be nice
to get
the damn bill first...
cads: my source material is probably
the wikipedia article on
the military design document I mentioned earlier, instead of
the actual document
cads: what I recall was
that
these punched cards were
transfered over by humans, but I remember nothing of how
they'd use
that
to prevent arbitrary content from entering
the red system
ThickAsThieves: yes but ive never felt more cheesed for my hourly payout
than with a lawyer
mircea_popescu: fast food chains compete for customers. rich people compete for seats at
the hot club.
cads: bounce: hum, I'd like
to read
that document
mircea_popescu: because you have
to establish yourself
to
the provider, not
the other way around.
ThickAsThieves: but i do question why it is more accepted, other
than people are more loose with
their money
ThickAsThieves: the self-sabotaging of
that nature probly is an american cultural
thingy
bounce: that still depends on
the front making intelligent decisions as
to what
to sign, but, you know...
ozbot: BitBet - Bitcoin
to drop under $400 before June
bounce: ISTR
the cacert people had a description up of how
they did it: serial cable
to
the box with
the signing key and a custom protocol
that only understood signing requests and returned signed certificates, no other connection
to anything whatsoever.
bounce: depends. if you do an automated
transcription of ethernet frames
to punch
tape and back again, you don't really have an air gap. just like putting a wireless hop in
the network
to have an "air gap" doesn't really work.
mircea_popescu: ThickAsThieves:trying
to "play" it
to what you
think
the client will accept << what
the fuck self-sabotaging second guessing bullshit is
this, seriously! bejaysus.
cads: such a
traditional system might still use punch cards
to
transfer data from
the black
to
the red system
cads: mircea_popescu: I know
there's a military handbook
that describes design of airgapped systems (the red/black system design philosophy)
bounce: some jugging around with public key crypto goes a ways
there
mircea_popescu: ThickAsThieves:hourly from
the get-go just doesnt work << it does work in some fields. lawyers are
the
typical usecase, but also many high-demand few specialist engineering fields. you pay
the hourly rate
to qualify yourself as an actual customer
bounce: "arrange
things such
that sensitive stuff is offline as much as possible"
thestringpuller: how else would
the college derp get laid without a women studies class?
cads: systems goes online once in its life
to acquire
the required reference materials, and
then gets all its wireless adaptors removed
mircea_popescu: but
the man doth have a point. i find it shocking
that us pretend-academia will offer "women's studies" shit about
that
twerking girl, but
there's no actual airgapping programme anywhere.
cads: airgapping bothers me, but
the way I'd use it is as a fully offline reference system
thestringpuller: I'm more asking "how do I learn
to build a house" don't say "stay in schoo"
cads: the cads number -
the number of
times you've come up with a math breakthrough while recieving fellatio from one of my booth babes
mircea_popescu: to actually implement it you hire someone
to do it you know ?
mircea_popescu: thestringpuller well
that general question has been answered in
the general as best it could on
the post man.
cads: Other mathematicians
that would publish with me would eventually measure
themselves according
to
their Cads number.
thestringpuller: would be a neat guide since I have yet
to find a way
to do it practically for something in production
cads: I'd be known as
that mathematician
that hasn't done any actual math, but has a harem of booth babes and has pushed forward
the field into
the next millenium.
mircea_popescu: basically, always and everywhere
take
THEM as
the joke, see how long
they last.
mircea_popescu: get
the hottest 12 chicks
to boothbabe
topless, only invite
to present
those professors who you owe favours
to.
cads: the AMA and university bodies and others
that organize math conferences
tend
to be way
to conservative
to
take
that as anything other
than a joke
mircea_popescu: cads do
this as a power play. it's what i'd do if i were somehow inexplicably interested in math academia.
mircea_popescu: "you" can have a girl hang around
the whole day for
the cost of
two beers, except not YOU.
cads: where 90% of
the crowd would probably kill
to have booth babes
cads: yeah my conference experience is limited
to math conferences
cads: blah I'm going
to read
that article by extrapolating it from its
title
mircea_popescu: course in
typical nerd fashion he misrepresents what happened, but hey.
ozbot: Booth Babes Don’t Work |
TechCrunch
mircea_popescu: the rough equivalent being
the it corp dudes
that go
to check out
the babes at it conferences.
cads: really I know if we just go
to a
trade show and knock some people unconscious with our sturdy ass prototypes, we'll come away with at least people we can
talk
to without 99.999% failure
mircea_popescu: 5th wheel intern-ish girlies without clear responsibilities, which'd be
the ones answering
to a call like
that,
those you can seduce.
mircea_popescu: and secretaries you don't seduce.
they're always busy at work.
ThickAsThieves: Google Apps is
trying so hard
to purge
their grandfathered free users
cads: mircea_popescu: welcome
to my life!