Setec Astronomy

User avatar
Jadagul
Posts: 6751
Joined: 26 Apr 2010, 18:51

Re: Setec Astronomy

Post by Jadagul » 17 Oct 2017, 02:10

Sandy wrote:
17 Oct 2017, 02:07
Jadagul wrote:I'm really confused about why MS was able to get a patch out already, and Google is expecting to take most of a month.
Because it's a flaw in the spec, not the implementation, and MS is historically extremely OK rolling out implementations that don't conform to the spec.
So what, MS rolled out a fix that breaks the spec, and google etc are taking longer because they want fixes that conform to the spec?

(I did see that the reason Google/Linux is so much more vulnerable is that they took a throwaway comment in the spec seriously and implemented it).

User avatar
Sandy
Posts: 9984
Joined: 26 Apr 2010, 18:03
Location: In the hearts of little children, clogging their arteries.

Re: Setec Astronomy

Post by Sandy » 17 Oct 2017, 03:25

Jadagul wrote:
Sandy wrote:
17 Oct 2017, 02:07
Jadagul wrote:I'm really confused about why MS was able to get a patch out already, and Google is expecting to take most of a month.
Because it's a flaw in the spec, not the implementation, and MS is historically extremely OK rolling out implementations that don't conform to the spec.
So what, MS rolled out a fix that breaks the spec, and google etc are taking longer because they want fixes that conform to the spec?
Pretty much. Microsoft is light years better than they were in the "Embrace, Extend, Extinguish" 90s, but they are less enthusiastic about standards than the other players, with the occasional exception of Apple.

The other question is how well they tested the fix against router implementations. It may be they all use a couple of different chipsets and once you confirm it still works with them and defeats the attack, you're golden. But I don't know much about that or where the implementation is coded on the router side.

Another unknown is, when the standard is updated, whether it breaks MS's implementation...or whether they adopt MS's fix, or whether MS will be out of spec but still compatible in practice...and whether that will affect anything later.

Of course, this may just be the death knell for WPA2 like WEP before it, so there won't be any more spec revisions past a quick fix for this.

It's possible all my concerns are moot. MS is much more amenable these days, and I'm definitely not saying what they did was wrong, practically speaking. They just have that tendency left over from the bad old days.
Hindu is the cricket of religions. You can observe it for years, you can have enthusiasts try to explain it to you, and it's still baffling. - Warren

User avatar
Mo
Posts: 22991
Joined: 26 Apr 2010, 17:08

Re: Setec Astronomy

Post by Mo » 20 Oct 2017, 00:01

Sandy wrote:
17 Oct 2017, 03:25
Jadagul wrote:
Sandy wrote:
17 Oct 2017, 02:07
Jadagul wrote:I'm really confused about why MS was able to get a patch out already, and Google is expecting to take most of a month.
Because it's a flaw in the spec, not the implementation, and MS is historically extremely OK rolling out implementations that don't conform to the spec.
So what, MS rolled out a fix that breaks the spec, and google etc are taking longer because they want fixes that conform to the spec?
Pretty much. Microsoft is light years better than they were in the "Embrace, Extend, Extinguish" 90s, but they are less enthusiastic about standards than the other players, with the occasional exception of Apple.

The other question is how well they tested the fix against router implementations. It may be they all use a couple of different chipsets and once you confirm it still works with them and defeats the attack, you're golden. But I don't know much about that or where the implementation is coded on the router side.

Another unknown is, when the standard is updated, whether it breaks MS's implementation...or whether they adopt MS's fix, or whether MS will be out of spec but still compatible in practice...and whether that will affect anything later.

Of course, this may just be the death knell for WPA2 like WEP before it, so there won't be any more spec revisions past a quick fix for this.

It's possible all my concerns are moot. MS is much more amenable these days, and I'm definitely not saying what they did was wrong, practically speaking. They just have that tendency left over from the bad old days.
Didn't a lot of router companies have a lot of fixes shortly after the announcement? My understanding was the academic gave the industry a heads up and there was time between the discovery and it becoming public to develop a fix.
his voice is so soothing, but why do conspiracy nuts always sound like Batman and Robin solving one of Riddler's puzzles out loud? - fod

no one ever yells worldstar when a pet gets fucked up - dhex

User avatar
Jadagul
Posts: 6751
Joined: 26 Apr 2010, 18:51

Re: Setec Astronomy

Post by Jadagul » 20 Oct 2017, 00:40

No.

Some people had fixes out. Microsoft patched before the reveal, and BSD did as well. I think the core linux app was patched by the reveal as well---it's patched now.

But most of the router companies haven't issued patches, and neither have android or ios. There's a few lists going around like this one: http://www.zdnet.com/article/here-is-ev ... right-now/

User avatar
Mo
Posts: 22991
Joined: 26 Apr 2010, 17:08

Re: Setec Astronomy

Post by Mo » 14 Nov 2017, 16:40

Julian Assange seems awfully butthurt about selective leaking of his private information.

his voice is so soothing, but why do conspiracy nuts always sound like Batman and Robin solving one of Riddler's puzzles out loud? - fod

no one ever yells worldstar when a pet gets fucked up - dhex

User avatar
JasonL
Posts: 22529
Joined: 05 May 2010, 17:22

Re: Setec Astronomy

Post by JasonL » 14 Nov 2017, 16:53

ahahaaa

User avatar
thoreau
Posts: 26265
Joined: 06 May 2010, 12:56
Location: Back to the lab again

Re: Setec Astronomy

Post by thoreau » 14 Nov 2017, 17:46

I'd have a lot more sympathy for Assange if he were an equal-opportunity leaker of any and all public sector secrets, not a guy coordinating his activities with a Presidential campaign.
"ike Wile E. Coyote salivating over a "4000 Ways To Prepare Roadrunner" cookbook without watching his surroundings, the Road Runner of Societal Inertia snuck up on them both and beepbeeped them off the mesa."
--Shem

User avatar
Eric the .5b
Posts: 12330
Joined: 26 Apr 2010, 16:29

Re: Setec Astronomy

Post by Eric the .5b » 14 Nov 2017, 18:26

I'd be amused more at Assange's twisting if Blues weren't trying to paint anyone who ever leaked anything, criticized the last adminstration about the contents of those leaks,, or were otherwise "disloyal" to Obama as Russian agents.
"Better that ten guilty persons escape than that one innocent suffer."
"Cyberpunk never really gave the government enough credit for their ability to secure a favorable prenup during the Corporate-State wedding." - Shem

User avatar
Warren
Posts: 24407
Joined: 26 Apr 2010, 17:03
Location: Goat Rope MO
Contact:

Re: Setec Astronomy

Post by Warren » 16 Nov 2017, 17:14

I call for the a-pox-alypse
THIS SPACE FOR RENT

User avatar
Mo
Posts: 22991
Joined: 26 Apr 2010, 17:08

Re: Setec Astronomy

Post by Mo » 30 Nov 2017, 14:42

With all of the leaks of classified information and assets through contractors, I'm sure that there's absolutely no downside to this. Oh, and it's yet another company randomly headquartered in Whitefish, MT. Is that town some sort of cosmic nexus of awfulness?

https://www.buzzfeed.com/aramroston/tru ... -rendition
his voice is so soothing, but why do conspiracy nuts always sound like Batman and Robin solving one of Riddler's puzzles out loud? - fod

no one ever yells worldstar when a pet gets fucked up - dhex

User avatar
lunchstealer
Posts: 15974
Joined: 26 Apr 2010, 17:25
Location: The Local Fluff in the Local Bubble

Re: Setec Astronomy

Post by lunchstealer » 30 Nov 2017, 18:02

Mo wrote:
30 Nov 2017, 14:42
With all of the leaks of classified information and assets through contractors, I'm sure that there's absolutely no downside to this. Oh, and it's yet another company randomly headquartered in Whitefish, MT. Is that town some sort of cosmic nexus of awfulness?

https://www.buzzfeed.com/aramroston/tru ... -rendition
It's also where Richard Spencer is from, and had some crazy shit go down with white supremacists making threats against its (sizable by ~6000ish population towns) Jewish population.

So there's definitely some WTF going on there.
"The constitution is more of a BDSM agreement with a safe word." - Sandy

"Neoliberalism. Austerity. Booga booga!!!!" - JasonL

"We can't confirm rumors that Lynndie England is in the running to be Gina Haspel's personal aide." - DAR

User avatar
Aresen
Posts: 14499
Joined: 26 Apr 2010, 20:18
Location: Great White Pacific Northwest

Re: Setec Astronomy

Post by Aresen » 30 Nov 2017, 18:34

Nice skiing in Whitefish.

Lots of white powder. ;)
If Trump supporters wanted a tough guy, why did they elect such a whiny bitch? - Mo

Those who know history are doomed to deja vu. - the innominate one

Never bring a knife to a joke fight" - dhex

User avatar
Kolohe
Posts: 13432
Joined: 06 May 2010, 10:51

Re: Setec Astronomy

Post by Kolohe » 11 Jan 2018, 09:15

when you wake up as the queen of the n=1 kingdom and mount your steed non sequiturius, do you look out upon all you survey and think “damn, it feels good to be a green idea sleeping furiously?" - dhex

User avatar
Kolohe
Posts: 13432
Joined: 06 May 2010, 10:51

Re: Setec Astronomy

Post by Kolohe » 11 Jan 2018, 10:12



uh, everything is under control. Situation normal. But, uh, everything's perfectly all right now. We're fine. We're all fine here, now, thank you. How are you?
when you wake up as the queen of the n=1 kingdom and mount your steed non sequiturius, do you look out upon all you survey and think “damn, it feels good to be a green idea sleeping furiously?" - dhex

User avatar
Sandy
Posts: 9984
Joined: 26 Apr 2010, 18:03
Location: In the hearts of little children, clogging their arteries.

Re: Setec Astronomy

Post by Sandy » 11 Jan 2018, 11:02

I think it's better in the original German:

Hindu is the cricket of religions. You can observe it for years, you can have enthusiasts try to explain it to you, and it's still baffling. - Warren

User avatar
Painboy
Posts: 3677
Joined: 18 Feb 2013, 11:33
Location: Seattle

Re: Setec Astronomy

Post by Painboy » 11 Feb 2018, 14:13

It looks like Obama did spy on Trump, just as he apparently did to me
According to media reports this week, the FBI did indeed “wiretap” the former head of Trump’s campaign, Paul Manafort, both before and after Trump was elected. If Trump officials — or Trump himself — communicated with Manafort during the wiretaps, they would have been recorded, too.

But we’re missing the bigger story.

If these reports are accurate, it means U.S. intelligence agencies secretly surveilled at least a half dozen Trump associates. And those are just the ones we know about.

User avatar
Mo
Posts: 22991
Joined: 26 Apr 2010, 17:08

Re: Setec Astronomy

Post by Mo » 11 Feb 2018, 19:44

Painboy wrote:
11 Feb 2018, 14:13
It looks like Obama did spy on Trump, just as he apparently did to me
According to media reports this week, the FBI did indeed “wiretap” the former head of Trump’s campaign, Paul Manafort, both before and after Trump was elected. If Trump officials — or Trump himself — communicated with Manafort during the wiretaps, they would have been recorded, too.

But we’re missing the bigger story.

If these reports are accurate, it means U.S. intelligence agencies secretly surveilled at least a half dozen Trump associates. And those are just the ones we know about.
Similar to Julian Sanchez's comments on the Nunes memo, linking the wiretapping of Manafort, which based on the public evidence seems legit*, to wider wiretap abuse makes those worried about the latter look less legitimate. Also, IIRC, Manafort was out of the campaign by the time he was being monitored by intelligence agencies.

* A similar case is that Flynn's calls to the Russian Ambassador were tapped. Gee, the Russian ambassador is being monitored by our intelligence agencies? Quelle surprise.
his voice is so soothing, but why do conspiracy nuts always sound like Batman and Robin solving one of Riddler's puzzles out loud? - fod

no one ever yells worldstar when a pet gets fucked up - dhex

User avatar
Kwix
Posts: 1496
Joined: 17 May 2010, 22:07
Location: Great White North

Re: Setec Astronomy

Post by Kwix » 28 Mar 2018, 13:10

Apparently the FBI did drag it's feet in the Farook case in an attempt to set precedence.

OIG Report (.pdf 2mb)
"pedialyte is like planned parenthood for hangovers. it costs you a bit, but it makes your little problem go away until the next time you drink too much."-- dhex
"Sweet tea is the archvillain in Wilford Brimley's origin story." -- Ellie

User avatar
Kolohe
Posts: 13432
Joined: 06 May 2010, 10:51

Re: Setec Astronomy

Post by Kolohe » 21 Apr 2018, 22:43

this is 1) extremely odd and 2) just down the street from where I live. (I pass by this corner if I walk to the nearest Metrorail stop)
when you wake up as the queen of the n=1 kingdom and mount your steed non sequiturius, do you look out upon all you survey and think “damn, it feels good to be a green idea sleeping furiously?" - dhex

User avatar
Aresen
Posts: 14499
Joined: 26 Apr 2010, 20:18
Location: Great White Pacific Northwest

Re: Setec Astronomy

Post by Aresen » 21 Apr 2018, 22:51

Kolohe wrote:
21 Apr 2018, 22:43
this is 1) extremely odd and 2) just down the street from where I live. (I pass by this corner if I walk to the nearest Metrorail stop)
Did you realize your fly was undone yesterday morning?
If Trump supporters wanted a tough guy, why did they elect such a whiny bitch? - Mo

Those who know history are doomed to deja vu. - the innominate one

Never bring a knife to a joke fight" - dhex

User avatar
dead_elvis
Posts: 952
Joined: 01 May 2010, 15:26

Re: Setec Astronomy

Post by dead_elvis » 22 Apr 2018, 13:44

Ever feel like you're just a puppet on a string?

Washington State Fusion Center accidentally releases records on remote mind control
em-effects-on-human-body-5psusfx-1524087720-1-1.gif
em-effects-on-human-body-5psusfx-1524087720-1-1.gif (83.08 KiB) Viewed 591 times
It's probably misinformation though. OR IS THAT WHAT THEY WANT YOU TO THINK
It’s difficult to source exactly where these images come from, but it’s obviously not government material. One seems to come from a person named “Supratik Saha,” who is identified as a software engineer, the brain mapping slide has no sourcing, and the image of the body being assaulted by psychotronic weapons is sourced from raven1.net, who apparently didn’t renew their domain.

It’s entirely unclear how this ended up in this release. It could have been meant for another release, it could have been gathered for an upcoming WSFC report, or it could even be from the personal files of an intelligence officer that somehow got mixed up in the release. A call to the WSFC went unreturned as of press time, so until we hear back, their presence remains a mystery.
"Never forget: a war on undocumented immigrants by necessity is a war on all of our freedoms of association and movement."

User avatar
Eric the .5b
Posts: 12330
Joined: 26 Apr 2010, 16:29

Re: Setec Astronomy

Post by Eric the .5b » 22 Apr 2018, 16:24

Expect this to be cited by every Targeted Individual and HAARP nutcase.
"Better that ten guilty persons escape than that one innocent suffer."
"Cyberpunk never really gave the government enough credit for their ability to secure a favorable prenup during the Corporate-State wedding." - Shem

User avatar
Tuco
Posts: 137
Joined: 18 Feb 2017, 21:00

Re: Setec Astronomy

Post by Tuco » 23 Apr 2018, 06:20

This makes me miss Art Bell.

User avatar
Hugh Akston
Posts: 17170
Joined: 05 May 2010, 15:51
Location: El Pueblo de Nuestra Señora Reina de los Angeles

Re: Setec Astronomy

Post by Hugh Akston » 29 Sep 2018, 19:28

So last month the FBI tried to force Facebook to break the encryption on the Messenger app so they could listen in on some MS-13 gang members.

Facebook refused, saying that Messenger conversations are encrypted end-to-end. The FBI doesn't need the messages anyhoo, considering that all 16 suspects have been arrested and charged. But that didn't stop the Feds from filing a contempt charge against Facebook for failing to comply.

Fortunately the contempt charge was denied. Unfortunately, we're learning about this from 'sources' because the criminal case, the warrants, and the contempt proceedings are all classified, as one would expect in a free society with a functioning legal system. Hopefully the judge is equally lenient as the case proceeds, because as the gang members' attorney said:
“I would be interested in seeing, or trying to get an order unsealing that information to properly represent my client,” Broughton said.
"Is a Lulztopia the best we can hope for?!?" ~Taktix®
"Inexplicably cockfighting monsters that live in your pants" ~Jadagul

User avatar
JD
Posts: 10330
Joined: 05 May 2010, 15:26

Re: Setec Astronomy

Post by JD » 04 Oct 2018, 12:49

This is terrifying, and is, frankly, why I don't trust anything coming out of China, even though it's virtually impossible to avoid Chinese-made electronics at this point. (Not that I trust US agencies much more, but if I had to pick one...)
According to an explosive report in Bloomberg, US spies and large corporate IT departments have had an open secret for years: the servers supplied by US hardware giant Supermicro for Elemental, Inc were sometimes infected with tiny hardware backdoors by Chinese spies during their manufacture; these superminiature chips were wired into the systems' baseboard management system and were able to accept covert software patches that would allow Chinese spies to utterly compromise both the servers and the networks they were connected to.

The list of compromised entities is terrifying: Apple, Amazon, the Pentagon, DoD drone operations, Navy battleships, NASA, Congress and the Senate, even Bloomberg itself. All of these entities officially deny that they were ever compromised by the attack and claim that they have no knowledge of these hardware backdoors -- but Bloomberg's Jordan Robertson and Michael Riley cite multiple anonymous insiders and former insiders who say that the attack came to light in 2015 when Apple first discovered unusual traffic on its network and that in the years since, there have been mass teardowns of data-centers and divestments from Supermicro and Elemental.

The exception is Amazon, who actually acquired Elemental after they were made aware of the hack.

According to anonymous US spies interviewed by the Bloomberg writers, US intelligence operatives were able to identify the two Supermicro subcontractors in China where the motherboards were doctored, and learned that the managers in these factories with bribed, and then threatened, by the People's Liberation Army.
"Millennials are lazy. They'd rather have avocado toast than cave in a man's skull with a tire iron!" -FFF

Post Reply

Who is online

Users browsing this forum: Aresen and 5 guests