This is getting a bit off topic, but no, motorcycles would not benefit from seatbelts. They would actually be a huge detriment. You're right with the idea that it is advantageous to be separated from the motorcycle in a crash. Not just due to not wanting to be dragged along however.
When I started riding a motorcycle several years back I took a proper safety and rider training course. One of the strategies that could be employed for an imminent crash was literally referred to as a "Superman Dive". Basically, you see you're about to hit a car/truck so you put your feet on the footpegs, hands on the gas tank and jump over the vehicle you're about to hit and then do your best to roll when you hit the ground on the other side. A seatbelt would naturally prevent this.
While hitting the ground on the other side of the vehicle and then going for a roll is far from a good day, it beats going from whatever-speed-you're-at to zero instantly when you're flung into the other vehicle. Since there is no metal box around you on a motorcycle, rather than be a safety feature, a seatbelt would limit or prevent actions that could seriously reduce the chances and severity of injuries.
You're assuming that the local IT staff regularly monitor network traffic and are generally competent. Sadly, that isn't always the case. The attacker may also only need a few hours to get the data he is after, a fairly small window. As well, they'd have to be monitoring internal traffic, not just outgoing, as with one of these plugged in an attacker would be on the internal network. Most likely this type of attack would have to be detected by noticing that someone was accessing files, or trying to anyway, they had no business accessing rather than network traffic per se.
I like the idea of a signal booster. That is actually a great idea for disguising these things. I've seen these things before and figured it would be best to just run the Ethernet behind a printer or something and hope that people don't notice it was still continuing on past the device, but your idea is even better. Everyone complains on some level about their Internet, just install the 'signal booster' to give them a stronger connection. ;-)
That is TERRIBLE advice. I don't know exactly what you mean by 'friendly hacking' but ANY exploitation of a website vulnerability without that site's permission would be a crime pretty much anywhere; even if it isn't malicious. It would be far from the first time that an administrator or owner didn't understand that the person was trying to help or just didn't really want to deal with it and it then just ended up being an issue of the vulnerability discoverer vs. law enforcement. Never a fun situation even if you win.
I really hate the fact that this nonsense keeps getting reported. Even the article itself, while it has the headline "'Anonymous' hackers plan to shut down the Internet this Saturday", states that "there is really no need to fear". Better title: 'A few individuals make crazy claims of doing something impossible.'.
Not only would it be basically impossible to take down the DNS servers even if they had large participation, but there will be essentially no participation since most main 'anonymous' sites/leaders are telling people to have nothing to do with it.
This is just nonsense intended to drive up hit counts. I really don't think a person needs to be very technical to realize this is nonsense. Most people aren't rocket scientists, but would have the sense to call bullshit pretty quickly if I claimed I was going to test a working warp drive on Friday. I've never understand why computers seem so complicated and strange to people that the same common sense and critical thinking that makes it obvious I don't really have a warp drive don't seem to apply.
While it is unlikely that this will actually happen you are still far from correct saying that this is virtually impossible, for certain this is possible.
If anyone here recalls the blackhat heydays pre-2003 you may have/have not recalled a group known as "Fluffy Bunny" that broke into (at the time) what were thought to be the some of the most secure box's on the net, a few to name were VA software, UU.net(efnet), (cross site scripting) securityfocus.com, sans.org, (even a site dedicated to making fun of and host mirrors of defaced websites) attrition.org.
Getting back to the original point I was trying to make, one of their most notable hacks was breaking into multiple Akamai servers. No remote exploits were used against Akamai servers, every computer they had access to at Akamai was gained through a patch version of ssh which recorded all users password before encryption and placed it in a log file within a hidden directory on the system, this patch was installed on every box they exploited, they got lucky when a user from the uu.net box logged into an Akamai box using the compromised ssh client.
So they have Akamai, now what? The group further infiltrated their way into Akamai's intranet and gained access to other computers on their network through social engineering. Finally they located the development server that stored the source code that Akamai used to update some 12,000+ high bandwidth servers they used. The plan was to patch the update software they used to automate the patching process to also include a rootkit&DDoS client. With this they would be able to control a ridiculously large botnet, joined with their already amassed 4000+ DDoS net from other compromised computers this would have effectively timed out all 13 top level root name servers. More then likely you can tell what happens after that.
If you were interested to know, these guys were caught out out of the stupidity of this guy.
http://articles.latimes.com/2000/sep/22/local/me-24959
Whom was drunk and instead of hanging up decided to curse out a field technician that came onto the centrex line(thanks AT&T) they used to communicate through. This resulted in the tech recording the line 24/7 and eventually handing the information over to the authorities.
Exactly. It seems to be a point that a lot of people forget. A lot of people don't fully trust the Internet security tools, such as TOR, for anonymity. So, they try to add a layer of what is essentially physical security by using an Internet connection that doesn't track back to them. However, a lot of times people don't fully consider that at that point you must now not only secure your Internet security but physical security as well. Ie. Not be seen.
I'm not saying it is a bad idea to want to add an extra layer of security/anonymity, but it actually has to be done right. If investigators trace it back to the coffee shop and see on the CCTV that you're the only one sitting there using a laptop for the entire time the attack took place you're screwed.
Interestingly enough, all the ways to actually add that layer of physical security are potentially illegal. (depending on local laws) Obviously, the laws can vary a lot, but in a lot of places the methods a person would use to hide themselves are considered unlawful access.
Take the coffee shop for example, instead of entering the coffee shop you sit outside it. If it doesn't have cameras outside, the businesses around it very well might have one that can see you, and then there are also the people that see you. (witnesses) Okay then, long range antenna, right? Wrong, still illegal in some places. Even though it is an unsecured wifi that is meant for people to connect to it, it is meant for customers. That means that you either have to go in and buy a coffee (which shows on camera that you were in the area) or to have previously asked permission to use it which means that someone in the coffee shop must know who you are to have given you permission. This caveat actually applies to the parking lot situation too and people really have been charged before for accessing a coffee shop's wifi from the parking lot without actually going in so this isn't just a thought exercise.
Generally, if you're doing something online illegal enough to be investigated that fully, illegally accessing some coffee shop's connection is the least of your problems. There are legitimate reasons to want total anonymity though, such as whistle-blowers or individuals living in certain countries. If you're going to try for that level of anonymity it is important to know the local laws and make sure that whatever you're trying to be anonymous about is worth potentially breaking that law if it exists.
I really don't see much/any hypocrisy in the comments I've read. There aren't exactly many people just saying "Pirate ALL the things!".
There are legitimate reasons to be concerned by these constant attempts to attack certain technology or websites. Personally, I think that having a society that thinks that censorship is a good way to deal with ideas you dislike, which is where we're heading if this keeps up, is a lot more dangerous than intellectual property theft.
Hell, it has been known for years that certain ISPs even go as far as to throttle ALL bittorrent traffic and despite what the MPAA would like people to believe some of the bittorrent use is perfectly legal. World of Warcraft actually uses bittorrent for their patches.
As well, there are the facts that:
-Laws have been passed that are so excessive in punishment that judges are actually slashing the penalties, and there are even stronger laws that lobbyists are trying to get passed.
-This idea of protecting intellectual property at all costs has led to modern electronics devices being very rigidly controlled to the point that if you try to modify YOUR device to just install linux or something, you might be a criminal.
-Copyright lasts a ridiculously long time. There should definitely be some rights so that the creator can benefit, but almost a century is too long.
I've actually got that book in my collection and you're right, it is a good read.
The idea of producing rocket fuel on Mars is not only a good one, but quite likely the only way such a mission would even be viable. The idea of hauling all that extra rocket fuel for the return trip to Mars and back simply doesn't work.
Eugene Kaspersky's twitter comment seemed a lot more speculative than anything I heard Costin Raiu say. Exact quote:
"The mystery of #Duqu framework http://bit.ly/w5BrzP <- seems the state behind #Duqu sponsored the development of a new progr language"
I don't even do much programming and I was immediately wondering "wtf?" at that statement. The idea of developing a new programming language just to create a worm seemed far fetched, to say the least. He also mentions, as if it were fact despite that I've seen no hard evidence supporting it, that DuQu was created by a nation state. The whole thing just reeked of alarmist cyberwar nonsense.
While I agree that it is reasonable to expect trending towards an alarmist reaction, there are significant enough similarities between DuQu and Stuxnet to suggest that the authors of the former had access to the source code of the latter. If you read the W32.Stuxnet Dossier (http://www.symantec.com/content/en/us/enterprise/media/secur...) from Symantec it pretty objectively articulates the complexity and sophistication of the creation of Stuxnet. I personally don't think it's an alarmist opinion to believe Stuxnet had national interest behind it, and so am pretty wary of DuQu until more information is uncovered.
There are significant similarities between DuQu and Stuxnet, agreed. However, I don't think that necessarily means they share the same author. Stuxnet has been widely distributed and analysed. There are a lot of smart people/groups in this world and one of them could have decided to use it as a starting point for other purposes. I also agree that it isn't alarmist to believe Stuxnet had a national interest behind it, there has been significant research and evidence to support that, but that is Stuxnet, not DuQu. Again, since DuQu came after Stuxnet it is quite possible that another group is responsible for DuQu that is not related to the original. Although, I do also think that being wary of DuQu until more information is uncovered is wise. I just don't like how the comment about it being created by a nation state is thrown in there casually as if it were already an accepted fact when it is not.
I noticed that too and agree entirely. There is absolutely nothing in the article that suggests this argument was actually made and rejected. At the end of the day, judges are people too and can't possibly have the entirety of all case law in their minds at all times. It is up to defense attorneys to research the case and bring up relevant arguments. I just can't see anything in the article that even suggests that the idea of a wiretap warrant being more appropriate was even discussed.
The only way to really counter such an attack would be to have a constant stream of traffic going 24/7 that is set at such a level that your normal usage never exceeds it. Then, when you send a real message, the computer throttles back on the garbage communication and injects your real traffic into the stream. The amount of traffic thus remains constant and it would be difficult to do any type of frequency analysis on the traffic.
However, depending on how high the garbage stream must be set to ensure that there is never a spike of real communications higher than that, it could easily be too costly for most people.
I'm not sure it would have to consistently exceed it, as long as it varied in a random fashion, and that your actual use of the network didn't result in an observable increase in instantaneous or average traffic.
So if it saturates your connection for an hour for 6 hours randomly spaced throughout a day, it's not immediately apparent if that's because you're using it, or it's a decoy stream. Varying the amount used (and always adding at least a little extra when in use) would also make it harder to detect.
At least, that's how it seems to me. There may be some sort of cunning statistical attacks depending on the implementation, especially if the attackers have the endpoint under physical surveillance (and notice that your presence always matches traffic increases of some level)
When I started riding a motorcycle several years back I took a proper safety and rider training course. One of the strategies that could be employed for an imminent crash was literally referred to as a "Superman Dive". Basically, you see you're about to hit a car/truck so you put your feet on the footpegs, hands on the gas tank and jump over the vehicle you're about to hit and then do your best to roll when you hit the ground on the other side. A seatbelt would naturally prevent this.
While hitting the ground on the other side of the vehicle and then going for a roll is far from a good day, it beats going from whatever-speed-you're-at to zero instantly when you're flung into the other vehicle. Since there is no metal box around you on a motorcycle, rather than be a safety feature, a seatbelt would limit or prevent actions that could seriously reduce the chances and severity of injuries.