Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Wednesday November 05 2014, @04:05PM   Printer-friendly
from the insecure-by-design dept.

Roy Schestowitz at TechRights reports

The FBI does not even pretend not to be pursuing back doors; quite the contrary! It demands them and now insists on legislation that would make them mandatory. The same goes for the NSA, Microsoft's very special partner. Anyone who still thinks that back doors in encryption are within the realm of "conspiracy theory" must not have paid attention.

[...]Some months ago we showed that a former Microsoft engineer working on Windows BitLocker confirmed that the US government asks Microsoft for back doors and now we have more details on how this is done, courtesy of cryptology enthusiasts in Cryptome.

[...]When Microsoft speaks about security, it usually means "national security", i.e. the ability of the state to break security of software. It's about interception, not security. When Microsoft speaks about 'secure boot' it speaks about an antifeature in UEFI that enables the state to remotely brick computers, too.

This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by opinionated_science on Wednesday November 05 2014, @04:32PM

    by opinionated_science (4031) on Wednesday November 05 2014, @04:32PM (#113276)

    funny that article is no longer viewable.../paranoia

    • (Score: 2, Funny) by Anonymous Coward on Wednesday November 05 2014, @04:49PM

      by Anonymous Coward on Wednesday November 05 2014, @04:49PM (#113282)

      Works here, your Winblows machine must be hacked with M$ security features.

      • (Score: 0) by Anonymous Coward on Wednesday November 05 2014, @05:12PM

        by Anonymous Coward on Wednesday November 05 2014, @05:12PM (#113296)

        It works now, but it was down earlier. How would an OS prevent you from seeing a specific web page that didn't exist before the last "Security Update"?

        • (Score: 2) by choose another one on Wednesday November 05 2014, @05:34PM

          by choose another one (515) Subscriber Badge on Wednesday November 05 2014, @05:34PM (#113302)

          Pattern matches naughty words like the built-in parental controls...

        • (Score: 2, Funny) by Anonymous Coward on Wednesday November 05 2014, @05:41PM

          by Anonymous Coward on Wednesday November 05 2014, @05:41PM (#113305)

          systemd supports that feature. Before I updated my Debian system, I could view web pages. Then I did an update, and systemd was unexpectedly installed. Now I can't view any web pages because my computer no longer even boots successfully. I tried to diagnose why the init failed, but the log files were corrupt, and couldn't be used with standard tools like more or grep.

          • (Score: -1, Flamebait) by Anonymous Coward on Wednesday November 05 2014, @06:23PM

            by Anonymous Coward on Wednesday November 05 2014, @06:23PM (#113317)

            you're so full of shit. stop trying to start a flame war you troll. you just read read a few posts and talk like you have looked at the code.

            • (Score: 2) by Bot on Wednesday November 05 2014, @07:48PM

              by Bot (3902) on Wednesday November 05 2014, @07:48PM (#113338) Journal

              Anon, meet anon, the systemd troll.
              This is an above average 7/10 trolling of his.
              Best regards.

              --
              Account abandoned.
              • (Score: 0) by Anonymous Coward on Wednesday November 05 2014, @10:38PM

                by Anonymous Coward on Wednesday November 05 2014, @10:38PM (#113377)

                I don't think it's just one person who has had trouble with systemd.

                The reports of problems with it are too widespread for a single "troll".

                It's just like the memory usage and performance problems of Firefox.

                These problems are reported by lots of people, all over the place.

                Deniers such as yourself just blame and malign the problem reporters, instead of acknowleging that the problems are real and affect lots of people.

                • (Score: 0) by Anonymous Coward on Thursday November 06 2014, @12:41AM

                  by Anonymous Coward on Thursday November 06 2014, @12:41AM (#113404)

                  The problem isn't that people dislike systemd, the problem is that they're bitching about it in inappropriate places and disrupting normal conversation. In short, they're trolling. If they'd keep their complaints about systemd to where they belong - discussions about Linux or systemd - there'd be no problem.

    • (Score: 1, Insightful) by Anonymous Coward on Wednesday November 05 2014, @05:15PM

      by Anonymous Coward on Wednesday November 05 2014, @05:15PM (#113298)

      3 November 2014. A sends:

      How to Disable OneDrive Completely

      http://answers.microsoft.com/en-us/onedrive/wiki/sdinstall-sduninstalling/how-to-disable-onedrive-completely/b97a8336-62e7-476c-872c-3286c0a01cf6 [microsoft.com]

      1 November 2014

      Microsoft OneDrive in NSA PRISM

      A sends:

      1) Bitlocker keys are uploaded to OneDrive by 'device encryption'.

      "Unlike a standard BitLocker implementation, device encryption is enabled automatically so that the device is always protected.

      ...

      If the device is not domain-joined a Microsoft Account that has been granted administrative privileges on the device is required. When the administrator uses a Microsoft account to sign in, the clear key is removed, a recovery key is uploaded to online Microsoft account and TPM protector is created."

      http://technet.microsoft.com/en-us/library/dn306081.aspx [microsoft.com]

      2) Device encryption is supported by Bitlocker for all SKUs that support connected standby. This would include Windows phones.

      "BitLocker provides support for device encryption on x86 and x64-based computers with a TPM that supports connected stand-by. Previously this form of encryption was only available on Windows RT devices."

      http://technet.microsoft.com/en-us/library/dn306081.aspx#BKMK_Encryption [microsoft.com]

      3) The tech media and feature articles recognise this.

      "... because the recovery key is automatically stored in SkyDrive for you."

      http://www.zdnet.com/surface-bitlocker-and-the-future-of-encryption-7000024613/ [zdnet.com]

      4) Here's how to recover your key from Sky/OneDrive.

      "Your Microsoft account online. This option is only available on non-domain-joined PCs. To get your recovery key, go to ...onedrive.com..."

      http://windows.microsoft.com/en-us/windows-8/bitlocker-recovery-keys-faq [microsoft.com]

      5) SkyDrive (now named OneDrive) is onboarded to PRISM. (pg 26/27)

      http://hbpub.vo.llnwd.net/o16/video/olmk/holt/greenwald/NoPlaceToHide-Documents-Uncompressed.pdf [llnwd.net]

      Page 111

      (TS//SI//NF) PRISM (US-984XN) expanded its impact on NSA's reporting mission in FY12 through increased tasking, collection and operational improvements. Here are some highlights of the FY12 PRISM program:

      PRISM is the most cited collection source in NSA 1st Party end-product reporting. More NSA product reports were based on PRISM than on any other single SIGAD for all of NSA's 1st Paty reporting during FY12: cited in 15.1% of all reports (up from 14% in FY11). PRISM was cited in 13.4% of all 1st, 2nd, and 3rd Party NSA reporting (up from 11.9% in FY11), and is also the top cited SIGAD overall
      Number of PRISM-based end-product reports issued in FY12: 24,096, up 27% from FY11
      Single-source reporting percentage in FY12 and FY11: 74%
      Number of product reports derived from PRISM collection and cited as sources in articles in the President's Daily Brief in FY12: 1,477 (18% of all SIGINT reports cited as sources in PDB articles - highest single SIGAD for NSA); In FY11: 1,152 (15% of all SIGINT reports cited as sources in PDB articles - highest single SIGAD for NSA)
      Number of Essential Elements of Information contributed to in FY12: 4,186 (32% of all EEIs for all Information Needs); 220 EEIs addressed solely by PRISM
      Tasking: The number of tasked selectors rose 32% in FY12 to 45,406 as of Sept 2012
      Great success in Skype collection and processing; unique, high value targets acquired
      Expanded PRISM taskable e-mail domains from only 40, to 22,000

      Page 113

      (TS//SI//NF) SSO HIGHLIGHT - Microsoft Skydrive Collection Now Part of PRISM Standard Stored Communications Collection

      By [NAME REDACTED] on 2013-03-08 1500

      (TS//SI/NF) Beginning on 7 March 2013, PRISM now collects Microsoft Skydrive data as part of PRISM's standard Stored Communications collection package for a tasked FISA Amendments Act Section 702 (FAA702) selector. This means that analysts will no longer have to make a special request to SSO for this - a process step that many analysts may not have known about. This new capability will result in a much more complete and timely collection response from SSO for our Enterprise customers. This success is the result of the FBI working for many months with Microsoft to get this tasking and collection solution established. "SkyDrive is a cloud service that allows users to store and access their files on a variety of devices. The utility also includes free web app support for Microsoft Office programs, so the user is able to create, edit, and view Word, PowerPoint, Excel files without having MS Office actually installed on their device." (source: S314 wiki)

    • (Score: 2) by Thexalon on Wednesday November 05 2014, @05:47PM

      by Thexalon (636) on Wednesday November 05 2014, @05:47PM (#113306)

      I'm sure there's nothing underhanded going on. I mean, I was able to read it just fi... Ow, put me down! %^(FNEOF)--NO CARRIER--

      --
      The only thing that stops a bad guy with a compiler is a good guy with a compiler.
  • (Score: 2) by Wootery on Wednesday November 05 2014, @04:55PM

    by Wootery (2341) on Wednesday November 05 2014, @04:55PM (#113286)

    Benjamin 'Mako' Hill, who seems to be the one who coined it for the FSF (third paragraph) [fsf.org] is inconsistent in its use: does it refer to pay-to-uncripple, or 'features' which actively make the product worse for the end-user? The two are not equivalent. In this example [wiki.mako.cc], Panasonic do not give you the option to 'buy your way out'.

    • (Score: 1) by GeminiDomino on Wednesday November 05 2014, @06:55PM

      by GeminiDomino (661) on Wednesday November 05 2014, @06:55PM (#113329)

      or 'features' which actively make the product worse for the end-user?

      We always referred to these as "misfeatures."

      --
      "We've been attacked by the intelligent, educated segment of our culture"
      • (Score: 2) by sjames on Wednesday November 05 2014, @08:42PM

        by sjames (2882) on Wednesday November 05 2014, @08:42PM (#113351) Journal

        A mis-feature is something that might legitimately have been seen as a feature even though it really isn't. An anti-feature is something that even the marketing department can't ACTUALLY believe is a feature.

    • (Score: 2) by sjames on Wednesday November 05 2014, @08:40PM

      by sjames (2882) on Wednesday November 05 2014, @08:40PM (#113350) Journal

      That depends on perspective. Sometimes you can pay for the removal of an anti-feature, sometimes not.

      • (Score: 2) by Wootery on Thursday November 06 2014, @11:32AM

        by Wootery (2341) on Thursday November 06 2014, @11:32AM (#113484)

        Reading the FSF page again, I see I misunderstood:

        An antifeature, in the way I use the term, is functionality that a technology developer will charge users to not include.

        I thought 'antifeature' meant the property of having no crippling applied, but the intended meaning is that 'antifeature' refer to the means of crippling.

        i.e. How do we get rid of the number-of-cores limit antifeature?, as opposed to as an antifeature, the Ultimate version of the software will use as many cores as are available.

  • (Score: 2) by Nerdfest on Wednesday November 05 2014, @05:05PM

    by Nerdfest (80) on Wednesday November 05 2014, @05:05PM (#113291)

    Reading the other related articles on that site makes me very sad.

    • (Score: 2, Interesting) by CreatureComfort on Wednesday November 05 2014, @05:53PM

      by CreatureComfort (4295) on Wednesday November 05 2014, @05:53PM (#113310)
      But hey, Ted Cruz and all the Tea Partyers who just got voted in will save us all!

      I mean they are all against government intrusion and for scaling back government, right? Right? Right?

      \ or is that just for the rich?
      --
      Unheard of means only it's undreamed of yet, Impossible means not yet done. ~~ Julia Ecklar
      • (Score: 0) by Anonymous Coward on Wednesday November 05 2014, @06:16PM

        by Anonymous Coward on Wednesday November 05 2014, @06:16PM (#113315)

        If you're not one of the rich, you're just not working hard enough. Pull yourself up by your bootstraps, get up off your lazy welfare-teat-suckling ass and get a job! Its nobody's fault but your own that you're in poverty and thus undeserving of governmental help.

  • (Score: 3, Funny) by buswolley on Wednesday November 05 2014, @05:51PM

    by buswolley (848) on Wednesday November 05 2014, @05:51PM (#113308)

    Wait I thought that Truecrypters were supposed to use bitlocker now.... ;)

    --
    subicular junctures
    • (Score: 3, Informative) by mojo chan on Wednesday November 05 2014, @07:19PM

      by mojo chan (266) on Wednesday November 05 2014, @07:19PM (#113334)

      Don't worry, the article doesn't know what it is talking about. Bitlocker is still thought to be secure.

      The author has put two and two together to get five. Firstly it is just the recovery key that is uploaded to OneDrive. This key is itself encrypted with a recovery password. It is there so that if you somehow lose the primary key you have a backup. Like the primary key it is useless unless you also have the password.

      Secondly OneDrive is part of the PRISM programme, so the FBI and various other agencies have easy access to it. We know that already. It doesn't matter, I could email my backup key to GCHQ right now and it wouldn't help them. They would still need my hard drive before they can even begin the cracking process, and then still need to break my rather long password.

      --
      const int one = 65536; (Silvermoon, Texture.cs)
      • (Score: 3, Insightful) by emg on Wednesday November 05 2014, @07:53PM

        by emg (3464) on Wednesday November 05 2014, @07:53PM (#113339)

        Or, like most sensible people, you could just not use Windows on any computer connected to a network.

      • (Score: 1, Informative) by Anonymous Coward on Thursday November 06 2014, @08:30AM

        by Anonymous Coward on Thursday November 06 2014, @08:30AM (#113463)

        Don't worry, the article doesn't know what it is talking about.

        It did, however, give a very plausible explanation for why, when my Windows 8.1 tablet recommended that I turn on encryption, as soon as I clicked "no" to handing my administrator user over to Microsoft, it disabled encryption.

        Sorry, but actions speak more than words. And when it comes to Microsoft, Microsofts actions speak a lot more than your words.

  • (Score: 4, Interesting) by ThG on Wednesday November 05 2014, @05:53PM

    by ThG (4568) on Wednesday November 05 2014, @05:53PM (#113309)

    We have known this for 15 years already... http://www.heise.de/tp/artikel/5/5263/1.html [heise.de]

    • (Score: 2, Informative) by Anonymous Coward on Wednesday November 05 2014, @10:02PM

      by Anonymous Coward on Wednesday November 05 2014, @10:02PM (#113366)

      Longer even .. The long, strong arm of the NSA (July 27, 1998) [cnn.com]

      Hot line to the NSA

      It's gotten to the point where no vendor hip to the NSA's power will even start building products without checking in with Fort Meade first. This includes even that supposed ruler of the software universe, Microsoft Corp. "It's inevitable that you design products with specific [encryption] algorithms and key lengths in mind," said Ira Rubenstein, Microsoft attorney and a top lieutenant to Bill Gates. By his own account, Rubenstein acts as a "filter" between the NSA and Microsoft's design teams in Redmond, Wash. "Any time that you're developing a new product, you will be working closely with the NSA," he noted.

  • (Score: 3, Informative) by darthservo on Wednesday November 05 2014, @06:41PM

    by darthservo (2423) on Wednesday November 05 2014, @06:41PM (#113322)

    This seems to be that it's not specifically a "backdoor" (bypassing authentication) into the encryption of BitLocker itself, but is really about ease of access to a user's OneDrive which happens to automatically store the recovery key (if they are not on a domain). Basically it's streamlining the formal process of gaining access to someone's cloud share where a device recovery key will also exist - the same key the user has and implements. I'm not seeing anything here that would imply there is one master key that can be used to bypass any BitLocker device anywhere, aside from the mention of informal requests for backdoors - but there aren't any technical details as to what those would be.

    Not saying BitLocker may not have backdoors, but I'm not seeing a true "backdoor" in this specific case.

    --
    "Good judgment seeks balance and progress. Lack of it eventually finds imbalance and frustration." - Dwight D Eisenhower
    • (Score: 2) by edIII on Thursday November 06 2014, @06:25PM

      by edIII (791) on Thursday November 06 2014, @06:25PM (#113596)

      I agree on the term backdoor in the way it's used might be misleading.

      However, I would like to offer a slightly different definition more consistent with its contemporary use:

      Backdoor:

      1. Any attempt to install hardware or software by a manufacturer or reseller in a device that allows the manufacturer the ability to surreptitiously access the device.
      2. Any method by which access to a device is provided surreptitiously by inherent design, and such access is controlled by the manufacturer.

      For Microsoft to be in possession of individual restore keys means they are in possession of a defacto Master Key for all consumers utilizing their service. From this point of view, the entire OneDrive service is also defacto backdoor'd.

      It's basically a key-escrow encryption implementation on a large scale. Instead of the keys being sent to the FBI, the FBI has them sent to MS, where they can then have a system integrator take that access and make it programatically available with secure networks and APIs to the FBIs platforms (such as DSCNET for voice).

      This is a backdoor according to every reasonable definition I can think of. It's just a backdoor as a consequence of an external service being installed.

      --
      Technically, lunchtime is at any moment. It's just a wave function.
  • (Score: 4, Insightful) by Phoenix666 on Wednesday November 05 2014, @07:13PM

    by Phoenix666 (552) on Wednesday November 05 2014, @07:13PM (#113331) Journal

    If the state is going all out to destroy our lives and businesses, why are we not reciprocating? They have declared us the enemy, so why aren't we doing anything about it? Every time one of these stories comes out, the apologia from statists is right there, at the ready. But these stories keep coming. Is there really no threshhold left?

    --
    Washington DC delenda est.
    • (Score: 2) by HiThere on Wednesday November 05 2014, @08:45PM

      by HiThere (866) Subscriber Badge on Wednesday November 05 2014, @08:45PM (#113352) Journal

      Anyone who was serious about attacking the state would not say so in any traceable way.

      So you don't know whether or not an all out attack is in progress. If it were, you shouldn't expect to see any evidence until at least it either succeeded or failed.

      --
      Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
      • (Score: 0) by Anonymous Coward on Wednesday November 05 2014, @10:00PM

        by Anonymous Coward on Wednesday November 05 2014, @10:00PM (#113365)

        GP did not say anything about attacking the state. Attacking your own democratic state is pretty dumb. Political change may appear too slow in a lifetime of an individual, but only a few generations can make a huge difference. It is the sick states who designed all the most terrifying wars. Most people would love peace at almost any cost. But they would in fact gain greatly from peace, since oppression and war only enrich the rich. If we have the will, we should be able to improve our states to the point where they respect human rights here on Earth at least. ~Anonymous 0x29B1D963
        -----BEGIN PGP SIGNATURE-----
        Version: GnuPG v2

        iQIcBAABAgAGBQJUWpv5AAoJEJky/icpsdljDE8QAJi8ZFsbdZCV/ojsMqkpMzjP
        54O/uCTAluoObO1OntQg/kN7VNe8m2Tv1dSOcnVuTzkgOGVwW7aZFY92oxJJrN0p
        C+8nX/HzQ0OLzur0Q1z/v45tgesyHTaIHQf2yi/Pbm9/sOQrmM2L0Ffj/D5D3TFy
        Yui93vQBR7B+7+7l5B+TzPvr4S4XjMIeSaWxRBSIZfbr8kSBUPDqdq9UCoEEEsLo
        gNrWhapFtLMZ4uGRv+QWA+9vWLNZmIn3ReQV6UBViBVJeTFc1/tfwPLChVr0J+fQ
        oo/ktLb3k3RzyRxmGRkYnpy4oFO2bWppN6hJZnGHrqPX8hJQ/HKzXCyasDi971SZ
        q1oBUYnfUf/fNZKHxXqehn2D1meTUzl3qrPTaaLOBj60lmF4bUR2QNLr5Llgr/2t
        vLGlHx1DSYvOFKt+gF8eLbMwC7RWbQEfA8vmtyN3V4rgw3Eirz4XRKamNeCRFOMM
        iuoRUyFLXJHld+OquDNq4DsNy7d6MZnZW7xZxYZs5X3FG2Mo9Xc0YRytAQJprt1x
        H9VadG244u86kVdKW7+FeOKBVhxC9BYfxDlViE7ytAkZF7swHX5eaGqKML8Q0slN
        NMx/MEnMeTfBpw8BLV/IaH9WNYK9jgvrEYk0DjcFmCISc4ncK3MEKuVuUcLTCMgi
        3rc92vYlQGW6WgF9R0mF
        =9SE1
        -----END PGP SIGNATURE-----
        -----BEGIN PGP PUBLIC KEY BLOCK-----
        Version: GnuPG v2

        mQINBFRalKYBEAC7s2al42s0drJrQqrWrwN7do+i6WI7d6Wb1Kg1qeNdUmuRA3S/
        L9jbKhhVgut5+9oGUmAajIfa3Owpx+GAxvuDvcHdds5HQv5Xsx79YhXUxzFFFVem
        25BKbVBeXwtvFjTApCScgtt9XNv83UYLW5ieUJBKy5fM8xFi8q9j6FxMhXlaLq4l
        KD+3cOsbemOJZV67lZfwEAWGhtR4OfvdD61Er3tYuj4UVZ7hTGGw9cbBAkHLUZ4e
        hdk9ZpiNYktM3jd3E5BjrhwWMA+F9ivwXUgz3a/xJMscyxVygXZb0zOTNKQZsPEV
        0ziVONjg7a406cmBhMa3GijQMhkWbS7NeUSV7IwBY8jSfzDkQKqQASZ7BbG5RbFd
        MvWUkkHhmKh4jTTAdD5Qs/Cj2yYucgMVoQNGxGYqYleiHzYNOZQQovypOBkFFUiH
        uStLy2tcEbInrxXT7NfmAuqP23dumWs98DQtUda6ja/tYkxibUOa93EoJ1GfGuqO
        30soT+CUFxdk8NBMYPZh5gsUQOXq20mqBt/TyZ/x8BMDDllOglCCmIYUVZyzfCoZ
        GyGCRC91/c7/lZG833I7oVVunDhH+AHnN6L5+iFAi6xTY4FZMyDqynUBBCFiahJ9
        OVBzICgbMa0ObxJCN/NeIDAuLGwMUPxZEMD91fqo+pPlRIrDbqbDThbTcwARAQAB
        tCJBbm9ueW1vdXMgKFRoZSBNb3V0aCBvZiBBbm9ueW1vdXMpiQI5BBMBAgAjBQJU
        WpSmAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQmTL+Jymx2WOPKBAA
        iRuyJ3Pquge2iwmchXoERzCEgz2hOe2fTuAf53xwVyUHPhiF06qhi9a6vWmfp7Co
        4Pd4aFCFKF+QqzBY6gsNVtWYxb3pmaRiCyr5wFy1pbytiEyAxcCSrtC+CftFyBce
        nCxDQiZiUxG8D77ewDAAwowEUxdq6VAyy+roypi7ZRWUsjb1II/72lN81MFSndkP
        ExN1oOgHoc6qijCM9dfRCzQUKpeOfjoJXMDKA/eY6ZXoPoR1v3NSHLsvlJ63butG
        T8b0Z5IuNvi8S9XrL/VAcfT9Fk8vD4LiUcK7eQtTAXR1mEGOXf1k+Ha7UxHTs1Jh
        xXUTGSZYShj+2M2pL6VzLNPZURSQdsq0bbIKEz03fH8vU61/Mvj+vWXB4LAyENea
        5spGX8SFq/JwdIUE/A50K+ZfM4tD1B9/5UFXgBARmNLCPLlzbVTJM/Ski0q4CstH
        CmJ2SVvwebuE0LsaQ0+pVuvHow+C8eP7cgltlrHGIOWuXx3/8eN6FyZINNie6I/o
        x7PS6mkQmhyW6doNHPp5G1A5fztvM3qW9XdQDDtPsMDM66jxYujvazN+dj5IyZZu
        cwsybzniP8yTTBkfbmjyfYTOpAaR5k3AGVb8qoG/DCu3/r1sc7Rt6Rqs2rY7OrQA
        Q2si8wg+UHl0jWFHdVI81zswz61KBavLkLYc5sZQriS5Ag0EVFqUpgEQALDNi33q
        FatzcJRPxshzazGh8lTv8sd2ejawHMbggbBBCFbKBLq9YkQEMmCmJliykR4sh9BD
        eCoazZOt+yUOf2GpM/a47F7CTIgy5AuM7Mg7fh40A3M3pVVbeB5JOfGJRSnRNBcI
        8aen/qUaagHcBL8QbqPRF1TeeU3nJ3HnZWwTeGSH5rZJjkBxMsnDanNTHaQ5QT3K
        ZLG6OYuFB6QoaNUjAV2dGxBTqj4y9b9JY4Ww5b4yFuKCN+ZxWqqsgRORgLq99zEc
        PtuGAscvkN5v83zEsQJok+HcLJwZq8iPBMPmBRqT9HQ95agKeJaUFBiZoJOw2QD6
        2hM2hFcWDecsUCqjR37zSXWVhRRsWlm8iYN201KtDI3/HP9h8WJSnuDbXhfyJBts
        mOOFAblQEOkgiTQysRlDaf81ULCu9iWqO5URF2VhZQlCP/WS/PI6uVfug0CnzfG7
        j+tqaJm82km0oOUceCtR7qba+UDBkjXuAq2JFhD7edKXpKlWiUNdEl1zLCWhsE8+
        UgoZgRMhAdZcf2OvoS6/fKByRqz/Opax9lSOAWTkSvnrQHx/vribd6bYcq/vJ7hm
        Xyy5JvLbbKAGIqCTIfq7x8UhGLPS1taPC8IKoQrVSTHUHkbnMYnLI7zwfomWOYVD
        Znhv3jt1lLTEOPJ+fHElD3riRX/s4yE9H99BABEBAAGJAh8EGAECAAkFAlRalKYC
        GwwACgkQmTL+Jymx2WOBHBAAtVv95Hhtezub37CMXstpL+I8zv7xQgjQETycoHy4
        NCMlxYEvvFfeOdLIOJCgTAWbLXlOvimIewckHaBg3D5qVSItNCeAvHKW58xVACFr
        5NPGDL7yC7v63N/nL6V3SQMPnUwLDI10n/DaVNK7QGHUv8tfjh7ceiF9qPRtJImo
        O3AxS9Ld4ZgL55FU4HjIG7KQWCuflYt0bZmuKa5nXUpaTEDtBasSvauB53N/8f2m
        sjD/poUm3nJivVVvQmjAdALoiqwgDQiZ3/2P2Ho9oXzJN8iHvCT/vBIUEpN1zhBJ
        Cyc7ls0IjKfALsUzeD5rspqlfL08z7ZsMSZNcmyehi8n3GCX64U4eEDObOz5DaOP
        orruc8P6sgSCv5InRc0eNBSAn7hFMwPHn36TbP/vASB6BN8k/OPCRLsgh7Eg5ahe
        4Fk5SdI1Tk/p58UId5Rk5mA/JFTgtfCr2H9T1f2KltbW5PqbLYpZihMSe9wplNaC
        L7jtQLZSFIOk5o8EyDaCQKfMTlg6N/Lu4BMY8xeJ1pyq7Uy4GwWuMhvMxvo7BRvz
        ADn7eYBnAl5zmPbsylV4H2WiC0pJQLgFtqrx5QsY0OZbPRxKdWF+PdXy1+m3uAAJ
        BxyNCEtK1zWgzPePYHE7zFP0BePiSoNlMiRA6dp+nuBil4+5X794yraO+F9iaIJG
        mLg=
        =v5O8
        -----END PGP PUBLIC KEY BLOCK-----

    • (Score: 1) by Wrong Turn Ahead on Wednesday November 05 2014, @10:45PM

      by Wrong Turn Ahead (3650) on Wednesday November 05 2014, @10:45PM (#113380)

      Maybe we're looking at this all wrong... Thanks to the leaks, the NSA has a golden opportunity, in that, we are all becoming much better at security (at our own expense); providing them with a much richer selection of talent to hire from in the future. Would you really turn down an NSA job on principles and ideology? Great pay and benefits to do less than you do now? Sounds awesome! They're not eroding rights, they're laying the groundwork for an economic boom baby! Go team!

      • (Score: 0) by Anonymous Coward on Thursday November 06 2014, @12:53AM

        by Anonymous Coward on Thursday November 06 2014, @12:53AM (#113409)

        Would you really turn down an NSA job on principles and ideology?

        Yes. Anyone with any morals, ethics, or honor would either decline the job or immediately turn whistleblower since working at the NSA, like all Federal-level positions, requires taking an Oath of Office, an oath to defend the Constitution against all enemies, foreign and domestic. Being a domestic enemy of the Constitution yourself means violating that oath.

      • (Score: 1, Insightful) by Anonymous Coward on Thursday November 06 2014, @02:21AM

        by Anonymous Coward on Thursday November 06 2014, @02:21AM (#113427)

        Would you really turn down an NSA job on principles and ideology?

        Two words: Edward Snowden.

  • (Score: 1) by timbim on Thursday November 06 2014, @06:29AM

    by timbim (907) on Thursday November 06 2014, @06:29AM (#113451)

    I have always used mcrypt with the serpent cipher. Am I safe?

    • (Score: 2) by Gaaark on Thursday November 06 2014, @01:57PM

      by Gaaark (41) on Thursday November 06 2014, @01:57PM (#113514) Journal

      Did you compile the programs yourself? Did you build your own compiler to compile it with? Did you check the source code?

      If not, assume the answer is no. To be safe, assume the answer is no.

      --
      --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---
    • (Score: 1) by mathinker on Thursday November 06 2014, @10:12PM

      by mathinker (3463) on Thursday November 06 2014, @10:12PM (#113672)

      Are you a Shakespearean actor playing a Nazi dentist?

      • (Score: 1) by timbim on Friday November 07 2014, @03:22PM

        by timbim (907) on Friday November 07 2014, @03:22PM (#113836)

        I dont get it

        • (Score: 1) by mathinker on Friday November 07 2014, @05:39PM

          by mathinker (3463) on Friday November 07 2014, @05:39PM (#113881)

          In that case, you should probably see the movie "The Marathon Man". And ignore the rest of this reply which would be a spoiler.

          .
          .
          .
          .

          A Google search [google.com] and a bit of work should have gotten you to here [imdb.com].

  • (Score: 2) by mcgrew on Thursday November 06 2014, @01:36PM

    by mcgrew (701) <publish@mcgrewbooks.com> on Thursday November 06 2014, @01:36PM (#113507) Homepage Journal

    TFS: When Microsoft speaks about security, it usually means "national security", i.e. the ability of the state to break security of software.

    No, when Microsoft talks security, they're talking about their own financial security. But they don't care about YOUR security. Unless you bought a boxed set of Windows and installed it yourself, you're not MS's customer, Dell is.

    --
    mcgrewbooks.com mcgrew.info nooze.org