#facestab chump Archives for 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009

NIST-certified USB Flash drives with hardware encryption cracked
posted by seti at 2010-01-04 22:57

pretender: If the attack description is correct then this can actually be fixed with a software update
pretender: Which just shows that hardware encryption is totally pointless for USB drives if you still need to run software on the machine
pretender: The only benefit of hardware encryption is speed which is irrellevant for usb drives since usb is the bottleneck. Truecrypt will do just fine and you can even review and build it from source.

G-spot news now: ...
posted by seti at 2010-01-04 22:37

http://www.mail-archive.com/ietf-announce@ietf.org/msg06723.html
posted by textjunky at 2010-01-04 03:49

textjunky: Working Group to reexamine cookie issue, since browser programmers seem to ignore their RFCs and ignore concern about privacy of users, in favor of facilitating commercial spying
textjunky: where 'commercial spying' == commercial entities spying on private individuals, for the most part
textjunky: who knows what other lobbyists are behind the poor implementations of common browsers, but one can guess that anyone who wants to spy on people likes the way things are now
textjunky: spies, gtfo of our opensource projects
textjunky: <spies> but we thought you _liked_ our useful suggestions about which SUV to buy! don't you like our useful suggestions?
textjunky: PUTRID. GTFO.
textjunky: the likely-candidate mentioned: draft-abarth-cookie
textjunky: wherein it is written, "The cookie protocol has many historical infelicities and should be avoided for new applications of HTTP."
textjunky: unfortunately the primary users of state tracking (oft-quoted 'shopping basket' example of cookie use) are the primary abusers as commercial 'market research' spies on customers browsing behaviours
textjunky: so good luck with reforming or removing this subsystem
textjunky: in the words of jillzilla, "that's sure jammed in there pretty hard"
textjunky: the link about the evolution of the currently-ignored current standard by David Kristol should be pretty interesting
textjunky: "political flashpoint"
textjunky: there's flash cookies too that your browser can't disable without help .. what fuckmunkeys
textjunky: macromedia friendlily provide a web page you can access on their site to control the settings on YOUR browser
textjunky: there is no control for 'always ask before running flash content', which is the only control really needed
textjunky: and an exception list where we can whitelist sites whose flash content we want to see ... of course, problem is the people paying the bills want us to see their SPAM
textjunky: SPAMBURGER SPAMBURGER SPAMBURGER
textjunky: ah .. you CAN set the storage space limit to zero using their secret hidden-on-their-own-site control box, for infinite nagging, but still, not a whitelist .. adplock doesn't seem to have a solution either unless you think a shell script to empty the cache each day is a solution
textjunky: absolute PUKE
textjunky: plugins exist to remove the FLASH cookies but not compatible afaict with any widely deployed browser .. require 'upgrade to the latest version' which is just as much a horror as cookies themselves ... next rant will be about that ;-)
textjunky: upgrade for this .. upgrade for that .. we made a nice new modular plugin module which you should upgrade to be able to use
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: O:
textjunky: SHARE AND ENJOY!!!!!!
textjunky: flash whitelist extension for firefox .. now i know why this exists ... where's the install-all-critically-necessary-extensions-extension, please?
textjunky: also a generic script blocker exists
textjunky: all of which making computer very complex and unpleasant to use
textjunky: please go away from me
textjunky: WE MADE A NICE NEW MODULAR PLUGIN MODULE WHICH YOU SHOULD UPGRADE TO BE ABLE TO USE
textjunky: <spies> but we thought you liked our useful suggestions about which SUV to buy! don't you like our useful suggestions?
textjunky: frankly you can stick your SUVs up your fucken arse. i want a web browser that's simple and reliable, and has engaging multimedia scripting abilities, without the possiblity of cross-domain data/execution transfer .. was that too much to ask?
textjunky: if your stupid fucking servers need to talk to each other, why don't they do that? it's no excuse for why my web browser must take info from one server and pass it to a second server ... there is only one reason for allowing that, for lobbying for that to occur, and that is to SPY on people for malicious reasons
textjunky: spies, gtfo of our opensource projects
textjunky: go back and hide under a desk at microsoft if you must
textjunky: you may have written the software, but it's running on MY COMPUTER. it should not be trying to undermine my welfare. my gratitude for your donation does not extend to granting you a right to act contrary to my own personal interests. get the fuck out.
textjunky: reiterations: any software on my computer running ostensibly at my instigation, but actually designed by you to act at your instigation and contrary to what would be my express interests, is in fact a job running on your behalf against me, and should be given the same degree of respect as any other virus or malware, no matter whether it draws pretty pictures for me, or not
textjunky: as should its author and the people who payroll and lobby for its deployment
textjunky: s/degree/kind/

pornrider
posted by textjunky at 2010-01-04 03:32