Jump to content

BIOHAZARD

Active Members
  • Posts

    114
  • Joined

  • Last visited

Converted

  • Location
    Pluto

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

BIOHAZARD's Achievements

Newbie

Newbie (1/14)

12

Reputation

  1. In primul rand trebuie sa-ti dai seama tu ca persoana ce anume iti place sa faci, adica sa faci un lucru si atunci cand il faci, sa te simti la fel ca si cand ai fi cu cei mai buni prieteni ai tai la o bere, daca intelegi ce vreau sa spun. Sa zicem ca iti place programarea ... acum trebuie sa te gandesti: "Ce anume imi place mie din segmentul de programare ? Sa creez aplicatii web, sa fac aplicatii software etc. ". Sa zicem ipotetic ca iti dai seama ca iti place web development-ul foarte mult si stii ca el implica limbaje precum HTML, CSS, JavaScript si PHP etc. Aici, trebuie sa o iei in ordine si sa incepi sa inveti mai intai HTML, dupa care CSS, apoi JavaScript si PHP (PHP si JavaScript), depinde de ce vrei sa faci mai intai. De ce aceasta ordine ? Pai mai intai trebuie sa inveti fluxul documentului HTML sa vezi cum sunt reprezentate elementele HTML (tag-urile) in pagina si sa stii denumirile elementelor si atributele si cum se pun si ce fac fiecare in documentul HTML (majoritatea oamenilor clacheaza crezand ca nu pot acumula atat de multa informatie - eu contrazic pe oricine acest lucru, si sunt de parere ca orice om care isi doreste cu adevarat sa faca un lucru, il poate face cu foarte multa usurinta - ai nevoie doar de organizare a timpului de lucru ); sa zicem ca au trecut 1-2 luni ca sa acumulezi notiunile de baza si sa stii cam cu ce se mananca HTML-ul; te apuci apoi frumos de CSS (limbaj de stilizare a elementelor HTML din documentul HTML) - aici deja incepe magia, o sa vezi cum poti sa dai viata elementelor patrate din pagina si cum le poti pozitiona si stiliza dupa bunul plac; dar parca te lovesti totusi de anumite neajunsuri; bine ... stiu sa fac deja acum dupa 3-4 luni o pagina web, sa o stilizez, o animez (cu multe limitari), dar parca totusi as vrea sa am mai multa flexibilitate in cod; te apuci si de JavaScript, unde incepi sa te familiarizezi cu primul limbaj de programare (incepi sa inveti ce sunt operatorii, ce sunt ramificarile si structurile conditionale, buclele, sirurile, evenimentele, DOM-ul, BOM-ul ) si de-abia acum cand aprofundezi tehnicile de OOP - ce sunt gandite sa reprezinte elementele din pagina ca pe niste obiecte, o sa incepi sa iti dai seama cam ce poti face cu toate aceste limbaje in stransa-legatura); nu esti multumit si vrei sa vezi ce poti face si pe parte de server, pentru ca desigur ca iti doresti sa devii un profesionist in ceea ce faci si vrei sa stii un limbaj si pe parte de server; te apuci de PHP si vei avea surpriza ca aici sa intalnesti notiuni despre care deja ai invatat in JavaScript sau invers si mici diferente). Daca in schimb tu te apuci sa inveti si dupa 5 minute in care nu intelegi ceva abandonezi, nu vei ajunge niciodata sa inveti ceva si o sa stai lenes mereu. Ti-as recomanda sa te uiti peste cateva citate precum cel al lui Mark Twain care spunea ceva de genul ca cele mai importante doua momente din viata unui om sunt cel in care se naste si cel in care acea persoana isi da seama pentru ce s-a nascut - adica scopul lui in viata - ce ii place sa faca, ce il reprezinta. Nu te hazarda sa te apuci de ceva ce nu-ti place pentru ca poate chiar daca vei excela totusi prin perseverenta, te vei simti un om neimplinit si nu vei avea satisfactie la finele zilei. Concluzionez cu urmatoarele: fa-ti un orar scolar (poate ti se pare amuzant) si incearca sa il respecti - ai 10 ore de munca si 4 ore timp liber - invata in 2 ore si intr-o ora pune in practica si apoi relaxeaza-te 1 ora - foloseste timpul in favoarea ta si nu in defavoarea ta ca pana acum. Apuca-te si invata si citeste frate .... daca ai nevoie de carti cu siguranta te vom ajuta o gramada si cu cat stim fiecare ... dar mai intai trebuie sa te lovesti tu de chestiile astea ca sa le intelegi pentru ca daca noi iti dam mura in gura totul nu o sa intelegi logica intregului limbaj ci doar logica matematica poate sau poate nimic. Deci totul depinde numai de cat timp iti dedici si sa iti doresti cu adevarat acest lucru, restul ESTE DOAR O CHESTIUNE DE TIMP (asa trebuie sa gandesti, sa nu faci greseala sa te pui pe invatat si sa zici ca ba sa invat cat mai mult in 2 ore ca e ceea mai mare tampenie). Citeste mai intai o carte despre managementul timpului si una pentru metode de invatare eficienta. Eu personal tot ce citesc, imi traduc/scriu pe pc/hartie, dupa care citesc 1-2-3 ori si incep sa-mi pun intrebari, ba chiar uneori pun pe cineva sa ma asculte ca la scoala ( si nu e vorba ca le tocesc, e vorba ca unele notiuni atunci cand le citesti, poate chiar le intelegi prea usor si nu ti se fixeaza pe memoria de lunga durata si le vei pierde nelucrand la inceput cu ele). Succes si multa bafta si spor in ceea ce vrei sa faci !
  2. Cum este frate posibil ca niste "Consilieri" Prezidentiali care se ocupa de imaginea Presedintelui Romaniei sa nu aibe in pana mea habar de drapelul romaniei ... "Libertate-Justitie-Fraternitate" cred ca este UFO pentru ei daca ii intreb ... si nu, nu cred ca au folosit modelul de drapel din 1862-1866 (cel al Principatelor Unite) ... si sa revenim la topic dupa un "amuzament" ... La Craiova s-a strigat pentru urmatoarele lucruri: 1) Parlament unicameral cu maximum 300 deputati; 2) Guvern de tehnocrati, integri si cu expertiza (nu in furat), cu premier neutru politic ce nu este membru de partid; 3) Legi mai aspre cu privire la coruptie si aplicarea lor in egala masura tuturor cetatenilor romani; 4) Imunitate 0 (Nu esti Dumnezeu TU) pentru parlamentari; 5) Majorarea bugetului pentru sanatate; 6) Majorarea bugetului pentru educatie; 7) MERITOCRATIE(google, daca nu ai habar ce e) in Administratia Publica; 8) Stoparea finantarii BOR si IMPOZITAREA VENITURILOR BOR (intamplator am discutat in timpul protestelor cu cineva care lucreaza la o banca din Bucuresti si mi-a zis ca s-au uitat din curiozitate si ei sa vada in conturile Bisericii ce zace - ma refer la cele de care se stie, citez: "Sunt foarte multe zerouri"); 9) Scaderea drastica a birocratiei (aici personal cred ca noi cei din domeniul IT putem face minuni prin aplicatii create cu cap); 10) TOATA Clasa Politica sa faca un pas in spate, la unison !
  3. Frate trebuie puricati in totalitate cei care vor fi pusi in functie, sa fie capabil sa-si exercite cu succes functia in interes National nu in interes propriu... Nu poti avea ca Ministru al Educatiei un om care nu stie Limba Romana in totalitate, sau un om care sa schimbe Limba Romana si sa permita utilizarea cuvintelor precum "aicea" in loc de "aici" etc... cred ca intelegeti unde bat si nu sunt visator frate, se poate intampla daca se vrea lucrul asta si noi putem face aceasta schimbare pentru ca suntem multi iar ei sunt o mana ... nu instig in nici un fel la vreo miscare Revolutionara ci la una pasnica in care dupa aceste demersuri sa se analizeze fiecare functie in stransa legatura cu poporul roman.
  4. Se pare ca multe persoane nu inteleg de ce s-a iesit in strada... s-a iesit pentru a se schimba total mentalitatea politica din Romania, pentru a desfinta o data pentru totdeauna ceea ce a insemnat comunismul politic de-alungul anilor in tara noastra. Poporul isi doreste oameni capabili in functiile de conducere cu specializari in domeniile pe care le conduc si un interes comun - acela de a da inainte fara coruptie pentru ca nu se mai poate asa, s-a umplut paharul fratilor. Nu mai raspundeti cu comentarii de genul n-o sa se schimbe nimic... nu o sa se faca nimic... tot aceeasi hoti o sa ramana... nu este adevarat... daca ne mobilizam din ce in ce mai multi o sa "se stranga cureaua" in jurul celor care ne-au distrus tara si o sa vedeti ca o sa fie schimbari majore. Felicitari din partea mea celor care au iesit si au protestat in mod civilizat ! In Craiova s-a vehiculat la Tv ca au iesit circa 2000 de oameni doar .... minciuni grosolane .... au fost peste 5000 de persoane si s-a marsaluit pe Calea Bucuresti pentru a scoate oamenii din casa pentru o cauza ce ne priveste pe toti. Autoritatile din Craiova s-au comportat ireprosabil si au fost cu noi pana la final, fara sa fie vreun incident semnalat! Ceea ce nu inteleg eu este cum pot unii oameni sa stea bine mersi in fata Televizoarelor care le-au spalat creierii atatia ani in loc sa fie alaturi de semenii lor intr-o cauza nobila !
  5. Foarte tare initiativa, multumesc frumos pentru fisiere .... iar pentru cei care spun ca nu stiu sa decodeze nici macar nu incearca sa afle cu ce se mananca treaba asta .... eu am reusit in 15 min fara sa am habar cu ce se mananca acest segment...
  6. M-ar interesa si pe mine daca se poate, mersi anticipat !
  7. Iti multumesc mult de tot, sunt foarte utile aceste materiale pentru mine
  8. Are cineva cartile prezentate in aceste video-conferinte ? Am incercat link-urile prezentate in primul video telecad.ro/html.pdf si telecad.ro/php.pdf si nu mai sunt active ... daca le are cineva sa le posteze aici va rog.
  9. Multumesc frumos ! Sunt foarte bune pentru mine.
  10. daca se poate le doresc si eu, multumesc in avans
  11. De ce sa te limitezi la SRI sau vreo Firma ... impune-ti ceva mult mai maret pe cont propriu .... trage tare la inceput si o sa culegi roadele succesului mai tarziu pe cont propriu, iar satisfactia o sa fie infinit mai mare Daca te pasioneaza rutina angajeaza-te la o firma sau la o institutie de stat.
  12. Aruncati o privire asupra acestui articol despre Familia Rothschild. Se zice despre Familia Rockefeller ca ar fi paravan ( sunt foarte apropiati de Rothschild ). Nu sunt adeptul teoriilor conspirative, dar cine a inventat banca cred ca are un cuvant de spus si in zilele noastre in economia mondiala
  13. Everything is broken "Once upon a time, a friend of mine accidentally took over thousands of computers. He had found a vulnerability in a piece of software and started playing with it. In the process, he figured out how to get total administration access over a network. He put it in a script, and ran it to see what would happen, then went to bed for about four hours. Next morning on the way to work he checked on it, and discovered he was now lord and master of about 50,000 computers. After nearly vomiting in fear he killed the whole thing and deleted all the files associated with it. In the end he said he threw the hard drive into a bonfire. I can’t tell you who he is because he doesn’t want to go to Federal prison, which is what could have happened if he’d told anyone that could do anything about the bug he’d found. Did that bug get fixed? Probably eventually, but not by my friend. This story isn’t extraordinary at all. Spend much time in the hacker and security scene, you’ll hear stories like this and worse. It’s hard to explain to regular people how much technology barely works, how much the infrastructure of our lives is held together by the IT equivalent of baling wire. Computers, and computing, are broken. Build it badly, and they will come. For a bunch of us, especially those who had followed security and the warrantless wiretapping cases, the revelations weren’t big surprises. We didn’t know the specifics, but people who keep an eye on software knew computer technology was sick and broken. We’ve known for years that those who want to take advantage of that fact tend to circle like buzzards. The NSA wasn’t, and isn’t, the great predator of the internet, it’s just the biggest scavenger around. It isn’t doing so well because they are all powerful math wizards of doom. The NSA is doing so well because software is bullshit. Eight months before Snowden’s first revelation I tweeted this: It was my exasperated acknowledgement that looking for good software to count on has been a losing battle. Written by people with either no time or no money, most software gets shipped the moment it works well enough to let someone go home and see their family. What we get is mostly terrible. Software is so bad because it’s so complex, and because it’s trying to talk to other programs on the same computer, or over connections to other computers. Even your computer is kind of more than one computer, boxes within boxes, and each one of those computers is full of little programs trying to coordinate their actions and talk to each other. Computers have gotten incredibly complex, while people have remained the same gray mud with pretensions of godhood. Your average piece-of-shit Windows desktop is so complex that no one person on Earth really knows what all of it is doing, or how. Now imagine billions of little unknowable boxes within boxes constantly trying to talk and coordinate tasks at around the same time, sharing bits of data and passing commands around from the smallest little program to something huge, like a browser?—?that’s the internet. All of that has to happen nearly simultaneously and smoothly, or you throw a hissy fit because the shopping cart forgot about your movie tickets. We often point out that the phone you mostly play casual games on and keep dropping in the toilet at bars is more powerful than all the computing we used to go to space for decades. NASA had a huge staff of geniuses to understand and care for their software. Your phone has you. Plus a system of automatic updates you keep putting off because you’re in the middle of Candy Crush Saga every time it asks. Because of all this, security is terrible. Besides being riddled with annoying bugs and impossible dialogs, programs often have a special kind of hackable flaw called 0days by the security scene. No one can protect themselves from 0days. It’s their defining feature?—?0 is the number of days you’ve had to deal with this form of attack. There are meh, not-so-terrible 0days, there are very bad 0days, and there are catastrophic 0days that hand the keys to the house to whomever strolls by. I promise that right now you are reading this on a device with all three types of 0days. “But, Quinn,” I can hear you say, “If no one knows about them how do you know I have them?” Because even okay software has to work with terrible software. The number of people whose job it is to make software secure can practically fit in a large bar, and I’ve watched them drink. It’s not comforting. It isn’t a matter of if you get owned, only a matter of when. This is a thing that actually happened several years ago. To get rid of a complaining message from another piece of software, a Debian developer just commented out a line of code without realizing that it left their encryption open to easy attack (https://www.xkcd.com/424/) Look at it this way?—?every time you get a security update (seems almost daily on my Linux box), whatever is getting updated has been broken, lying there vulnerable, for who-knows-how-long. Sometimes days, sometimes years. Nobody really advertises that part of updates. People say “You should apply this, it’s a critical patch!” and leave off the “…because the developers fucked up so badly your children’s identities are probably being sold to the Estonian Mafia by smack addicted script kiddies right now.” The really bad bugs (and who knows which ones those are when they click the “Restart Later” button?) can get swept up by hackers, governments, and other horrors of the net that are scanning for versions of software they know they can exploit. Any computer that shows up in a scan saying “Hey! Me! I’m vulnerable!” can become part of a botnet, along with thousands, or hundreds of thousands of other computers. Often zombied computers get owned again and become part of yet another botnet. Some botnets patch computers to throw out the other botnets so they don’t have to share you with other hackers. How can you tell if this is happening? You can’t! Have fun wondering if you’re getting your online life rented out by the hour! Next time you think your grandma is uncool, give her credit for her time helping dangerous Russian criminals extort money from offshore casinos with DDoS attacks. A map of things which were hacked for the Internet Census. Recently an anonymous hacker wrote a script that took over embedded Linux devices. These owned computers scanned the whole rest of the internet and created a survey that told us more than we’d ever known about the shape of the internet. The little hacked boxes reported their data back (a full 10 TBs) and quietly deactivated the hack. It was a sweet and useful example of someone who hacked the planet to shit. If that malware had actually been malicious, we would have been so fucked. This is because all computers are reliably this bad: the ones in hospitals and governments and banks, the ones in your phone, the ones that control light switches and smart meters and air traffic control systems. Industrial computers that maintain infrastructure and manufacturing are even worse. I don’t know all the details, but those who do are the most alcoholic and nihilistic people in computer security. Another friend of mine accidentally shut down a factory with a malformed ping at the beginning of a pen test. For those of you who don’t know, a ping is just about the smallest request you can send to another computer on the network. It took them a day to turn everything back on. Computer experts like to pretend they use a whole different, more awesome class of software that they understand, that is made of shiny mathematical perfection and whose interfaces happen to have been shat out of the business end of a choleric donkey. This is a lie. The main form of security this offers is through obscurity?—?so few people can use this software that there’s no point in building tools to attack it. Unless, like the NSA, you want to take over sysadmins. A well written encrypted chat, what could go wrong? Let’s take an example computer experts like to stare down their noses at normal people for not using: OTR. OTR, or Off The Record messaging, sneaks a layer of encryption inside normal plain text instant messaging. It’s like you got on AIM or Jabber or whatever and talked in code, except the computer is making the code for you. OTR is clever and solid, it’s been examined carefully, and we’re fairly sure it hasn’t got any of those nasty 0days. Except, OTR isn’t a program you use, as such. There is a standard for OTR software, and a library, but it doesn’t do anything on its own. It gets implemented in software for normal human shlubs to use by other normal human shlubs. By now, you know this ends in tears. The main thing that uses OTR is another piece of software that uses a library called libpurple. If you want to see infosec snobs look as distressed as the donkeys that shit out their interfaces, bring up libpurple. Libpurple was written in a programming language called C. C is good for two things: being beautiful and creating catastrophic 0days in memory management. xkcd: Heartbleed Explanation Heartbleed, the bug that affected the world over, leaking password and encryption keys and who knows what? Classic gorgeous C. Libpurple was written by people who wanted their open source chat client to talk to every kind of instant messaging system in the world, and didn’t give a shit about security or encryption. Security people who have examined the code have said there are so many possible ways to exploit libpurple there is probably no point in patching it. It needs to be thrown out and rewritten from scratch. These aren’t bugs that let someone read your encrypted messages, they are bugs that let someone take over your whole computer, see everything you type or read and probably watch you pick your nose on your webcam. This lovely tool, OTR, sits on top of libpurple on most systems that use it. Let me make something clear, because even some geeks don’t get this: it doesn’t matter how good your encryption is if your attacker can just read your data off the screen with you, and I promise they can. They may or may not know how to yet, but they can. There are a hundred libpurples on your computer: little pieces of software written on a budget with unrealistic deadlines by people who didn’t know or didn’t care about keeping the rest of your system secure. Any one of these little bugs will do when it comes to taking over everything else on your computer. So we update and update, and maybe that throws any intruders out, and maybe it doesn’t. No one knows! When we tell you to apply updates we are not telling you to mend your ship. We are telling you to keep bailing before the water gets to your neck. To step back a bit from this scene of horror and mayhem, let me say that things are better than they used to be. We have tools that we didn’t in the 1990s, like sandboxing, that keep the idiotically written programs where they can’t do as much harm. (Sandboxing keeps a program in an artificially small part of the computer, cutting it off from all the other little programs, or cleaning up anything it tries to do before anything else sees it.) Certain whole classes of terrible bugs have been sent the way of smallpox. Security is taken more seriously than ever before, and there’s a network of people responding to malware around the clock. But they can’t really keep up. The ecosystem of these problems is so much bigger than it was even ten years ago that it’s hard to feel like we’re making progress. People, as well, are broken. “I trust you…” was my least favorite thing to hear from my sources in Anonymous. Inevitably it was followed by some piece of information they shouldn’t have been telling me. It is the most natural and human thing to share something personal with someone you are learning to trust. But in exasperation I kept trying to remind Anons they were connecting to a computer, relaying though countless servers, switches, routers, cables, wireless links, and finally to my highly targeted computer, before they were connecting to another human being. All of this was happening in the time it takes one person to draw in a deep, committal breath. It’s obvious to say, but bears repeating: humans were not built to think this way. Everyone fails to use software correctly. Absolutely everyone fucks up. OTR doesn’t encrypt until after the first message, a fact that leading security professionals and hackers subject to 20-country manhunts consistently forget. Managing all the encryption and decryption keys you need to keep your data safe across multiple devices, sites, and accounts is theoretically possible, in the same way performing an appendectomy on yourself is theoretically possible. This one guy did it once in Antarctica, why can’t you? Every malware expert I know has lost track of what some file is, clicked on it to see, and then realized they’d executed some malware they were supposed to be examining. I know this because I did it once with a PDF I knew had something bad in it. My friends laughed at me, then all quietly confessed they’d done the same thing. If some of the best malware reversers around can’t keep track of their malicious files, what hope do your parents have against that e-card that is allegedly from you? Executable mail attachments (which includes things like Word, Excel, and PDFs) you get just about everyday could be from anyone?—?people can write anything they want in that From: field of emails, and any of those attachments could take over your computer as handily as an 0day. This is probably how your grandmother ended up working for Russian criminals, and why your competitors anticipate all your product plans. But if you refuse to open attachments you aren’t going to be able to keep an office job in the modern world. There’s your choice: constantly risk clicking on dangerous malware, or live under an overpass, leaving notes on the lawn of your former house telling your children you love them and miss them. Security and privacy experts harangue the public about metadata and networked sharing, but keeping track of these things is about as natural as doing blood panels on yourself every morning, and about as easy. The risks on a societal level from giving up our privacy are terrible. Yet the consequences of not doing so on an individual basis are immediately crippling. The whole thing is a shitty battle of attrition between what we all want for ourselves and our families and the ways we need community to survive as humans?—?a Mexican stand off monetized by corporations and monitored by governments. I live in this stuff, and I’m no better. Once I had to step through a process to verify myself to a secretive source. I had to take a series of pictures showing my location and the date. I uploaded them, and was allowed to proceed with my interview. It turns out none of my verification had come through, because I’d failed to let the upload complete before nervously shutting down my computer. “Why did you let me through?” I asked the source. “Because only you would have been that stupid,” my source told me. Touché. But if I can’t do this, as a relatively well trained adult who pays attention to these issues all the damn time, what chance do people with real jobs and real lives have? In the end, it’s culture that’s broken. A few years ago, I went to several well respected people who work in privacy and security software and asked them a question. First, I had to explain something: “Most of the world does not have install privileges on the computer they are using.” That is, most people using a computer in the world don’t own the computer they are using. Whether it’s in a cafe, or school, or work, for a huge portion of the world, installing a desktop application isn’t a straightforward option. Every week or two, I was being contacted by people desperate for better security and privacy options, and I would try to help them. I’d start, “Download th…” and then we’d stop. The next thing people would tell me was that they couldn’t install software on their computers. Usually this was because an IT department somewhere was limiting their rights as a part of managing a network. These people needed tools that worked with what they had access to, mostly a browser. So the question I put to hackers, cryptographers, security experts, programmers, and so on was this: What’s the best option for people who can’t download new software to their machines? The answer was unanimous: nothing. They have no options. They are better off talking in plaintext I was told, “so they don’t have a false sense of security.” Since they don’t have access to better software, I was told, they shouldn’t do anything that might upset the people watching them. But, I explained, these are the activists, organizers, and journalists around the world dealing with governments and corporations and criminals that do real harm, the people in real danger. Then they should buy themselves computers, I was told. That was it, that was the answer: be rich enough to buy your own computer, or literally drop dead. I told people that wasn’t good enough, got vilified in a few inconsequential Twitter fights, and moved on. Not long after, I realized where the disconnect was. I went back to the same experts and explained: in the wild, in really dangerous situations?—?even when people are being hunted by men with guns?—?when encryption and security fails, no one stops talking. They just hope they don’t get caught. The same human impulse that has kept lotteries alive for thousands of years keeps people fighting the man against the long odds. “Maybe I’ll get away with it, might as well try!” As for self-censoring their conversations in the face of hostile infrastructure, non-technical activists are just as good at it as Anons are, or people told to worry about metadata, or social media sharing, or that first message before OTR encryption kicks in. They blow. This conversation was a wake-up call for some security people who hadn’t realized that people who become activists and journalists routinely do risky things. Some of them joined my side of the time-wasting inconsequential Twitter fights, realizing that something, even something imperfect, might be better than nothing. But many in the security scene are still waiting for a perfect world into which to deploy their perfect code. Then there’s the Intelligence Community, who call themselves the IC. We might like it if they stopped spying on everyone all the time, while they would like us to stop whining about it. After spending some time with them, I am pretty sure I understand why they don’t care about the complaining. The IC are some of the most surveilled humans in history. They know everything they do is gone over with a fine-toothed comb?—?by their peers, their bosses, their lawyers, other agencies, the president, and sometimes Congress. They live watched, and they don’t complain about it. In all the calls for increased oversight, the basics of human nature gets neglected. You’re not going to teach the spooks this is wrong by doing it to them more. There will always be loopholes and as long as loopholes exist or can be constructed or construed, surveillance will be as prevalent as it possibly can be. Humans are mostly egocentric creatures. Spooks, being humans, are never going to know why living without privacy is bad as long as they are doing it. Yet that’s the lesser problem. The cultural catastrophe is what they’re doing to make their job of spying on everyone easier. The most disturbing parts of the revelations are the 0day market, exploit hoarding, and weakening of standards. The question is who gets to be part of the “we” that are being kept allegedly safe by all this exploiting and listening and decrypting and profiling. When they attacked Natanz with Stuxnet and left all the other nuclear facilities vulnerable, we were quietly put on notice that the “we” in question began and ended with the IC itself. That’s the greatest danger. When the IC or the DOD or the Executive branch are the only true Americans, and the rest of us are subordinate Americans, or worse the non-people that aren’t associated with America, then we can only become lesser people as time goes on. As our desires conflict with the IC, we become less and less worthy of rights and considerations in the eyes of the IC. When the NSA hoards exploits and interferes with cryptographic protection for our infrastructure, it means using exploits against people who aren’t part of the NSA just doesn’t count as much. Securing us comes after securing themselves. In theory, the reason we’re so nice to soldiers, that we have customs around honoring and thanking them, is that they’re supposed to be sacrificing themselves for the good of the people. In the case of the NSA, this has been reversed. Our wellbeing is sacrificed to make their job of monitoring the world easier. When this is part of the culture of power, it is well on its way to being capable of any abuse. But the biggest of all the cultural problems still lies with the one group I haven’t taken to task yet?—?the normal people living their lives under all this insanity. The problem with the normals and tech is the same as the problem with the normals and politics, or society in general. People believe they are powerless and alone, but the only thing that keeps people powerless and alone is that same belief. People, working together, are immensely and terrifyingly powerful. There is certainly a limit to what an organized movement of people who share a mutual dream can do, but we haven’t found it yet. Facebook and Google seem very powerful, but they live about a week from total ruin all the time. They know the cost of leaving social networks individually is high, but en masse, becomes next to nothing. Windows could be replaced with something better written. The US government would fall to a general revolt in a matter of days. It wouldn’t take a total defection or a general revolt to change everything, because corporations and governments would rather bend to demands than die. These entities do everything they can get away with?—?but we’ve forgotten that we’re the ones that are letting them get away with things. Computers don’t serve the needs of both privacy and coordination not because it’s somehow mathematically impossible. There are plenty of schemes that could federate or safely encrypt our data, plenty of ways we could regain privacy and make our computers work better by default. It isn’t happening now because we haven’t demanded that it should, not because no one is clever enough to make that happen. So yes, the geeks and the executives and the agents and the military have fucked the world. But in the end, it’s the job of the people, working together, to unfuck it. Sursa articol:aici
  14. da ... nu stiu ce e cu mine azi sunt aerian rau de tot ... o sa ma feresc sa dau curs ca postez numai prostii azi ))))
×
×
  • Create New...