Showing posts with label dev.net. Show all posts
Showing posts with label dev.net. Show all posts

2015-05-02

se-methylselenocysteine at wikipedia

2.1: web.cyb/net.wiki/se-msc:
. this is what I did for wikipedia;
their Methylselenocysteine page had been deleted
for copyviolations,
I may be doing too much quoting too;
we'll see ...

2014-06-07

DARPA's automated internet disinfectant

6.4: news.cyb/sec/DARPA's automated internet disinfectant:
Mike Walker, DARPA program manager
on Reddit.com:
In April of 2014,  insurers started selling insurance products
that covered physical harm generated by cyber effects
-- Google "cyber insurance" "property damage".
In May of 2014,
Sky News reported that over 42,000 London cars
-- nearly half of the cars stolen in the city of London --
were stolen with hacking.
The networked civilization we are building
is going to need to be able to make
strong promises about the safety of software,
because it won't just be guarding our data security
-- it will be guarding our physical security.
If we're going to be able to make strong promises about
software safety, we're going to need automation
that can investigate software in a
uniform, scalable and effective manner.
We know that expert auditors can't get there
-- IBM/Rational points out that our civilization crossed
1 trillion lines of code in the early 2000's.
Operating systems weigh in above 40 million lines
under constant development.
The problem is too big and it’s moving too fast.
We also know that today's automation is
losing every contest of wits to experts
-- in the wake of Heartbleed,
not a single automation product has come forward to say
that this flaw could have been detected
without expert annotation or intervention.
CGC is open technology development
on the problem of software safety,
a problem seen by the DoD
-- and everyone with a vested interest in our connected future.
cybergrandchallenge/about:
. What if a purpose built supercomputer
could scour the billions of lines of code we depend on,
find and fix the toughest flaws,
upend the economics of computer security,
and level the playing field
between attackers and defenders?
co.reddit comment:
. a lot invested in the [stale] attack/defense model
of computer security competition.
I've heard arguments from many players
that the current model of attack/defense CTF
[capture the flag competitions] is "stale". 
Mike Walker:
. great innovation is happening in the CTF community:
see Build It / Break It / Fix It,
funded by the National Science Foundation.
6.7: my response:
. what is stale is the attack/defense model;
because, the chip firmwares have backdoors;
you need to secure the hardware;
then you can analyze the software;
but, at least with DECREE
they are promoting a microkernel OS
that can guarantee isolation between app's?
(well, the interface is tiny, if not the Trusted Code Base).
. unfortunately what they have in mind
is to use their simple OS only for
easily managing the budding automation competition;
then they plan to evolve the winning buds
for auto-fixing today's software on today OS's.
. but, what can they do for firmware breaches?
. they are trying to show concern about cybercrime
without actually blocking the backdoors used by NSA .

2013-12-15

you want my wot?!

11.4: pos.cyb/net.mywot/you want my wot?!
. after I found out I really need to
integrate mywot into chrome browser
in order to post reviews of sites;
I was not so sure I felt safe
having them read my every link;
and, with malware so good at cracking any site,
what is the purpose of a service like mywot
that pretends today's safe site
is likely to be tomorrow's safe site ?
12.15:
. simply trust who you have to;
and have separate virtual machines
for each level of trust;
eg, have at least these levels:
# banks,
# the pit for everyone else .
. when I want to use my bank,
I restart my chromebook
to have its verified boot flush the malware .

2013-12-14

#nsa forces Torvalds' hand? #linux

12.14: intro:
see NSA backdoors all encryption software

12.12: news.cyb/sec/linux/nsa forces Torvalds' hand?:
rt.com:
. MIT-educated cryptographer and Linux developer
Theodore Ts'o stated publically that
he was happy with his decision to resist
earlier pleads from Intel engineers
to have that operating system commit entirely to
RDRAND [intel's on-chip routine] for encryption:
"Relying solely on the hardware random number generator
which is using an implementation sealed inside a chip
which is impossible to audit
is a BAD idea" . Now just three months later,
FreeBSD is rescinding their reliance on Intel and Via’s RNGs.
[by contrast:]
When a petition began circulating in mid-Sept
imploring Linux to stop relying on RDRAND,
one of the OS’s leading developers, Linus Torvalds,
called those who made those pleads "Ignorant" .

2013-12-07

Community-based internet with wireless_mesh_networks

12.5: news.cyb/net/Community-based internet with wireless mesh networks:
. there is software available
that allows our wifi routers to form meshes
with the wifi routers of our neighbors
so we can internet with them
and make use of their out-of-community connection .
... meshing makes a lot of noise
and is unreliable compared to;
better to plan point-to-point networks .

alternatives to wikipedia

12.4: web.cyb/net.wiki/alternatives to wikipedia:
. when considering alternatives to wikipedia
it is more than just a source of info,
it's something that can be edited by the public .
. we need a replacement for wikipedia
that doesn't shun conspiracy theorists;
and esp'ly the replacement must
allow mention of Dr. Judy Wood .
. the replacement should make categories per page,
according to what class of references are allowed:
# sources citable by academics,
# source trusted by the mainstream,
# sources considered to be on the fringe .

2013-10-01

NSA backdoors all encryption software

9.18: news.cyb/sec/NSA backdoors all encryption software:
fierce government it`NSA backdoor:
. the NSA's SIGINT (signals intelligence) Enabling Project
covertly influences or overly leverages
the policies, standards and specifications
of the global cryptography marketplace
to make commercial public key technologies
more crackable by the cryptanalytic capabilities
being developed by the NSA and DOD's
Central Security Service.
. it has used a quarter billion dollars yearly
for at least the past 2 years .

2013-09-26

NSA's globalized internet security

9.26: news.cyb/sec/NSA's globalized internet security:
Sept. 25, 2013, Army Gen. Keith B. Alexander,
Cybercom commander, and director of NSA,
at the National Press Club
or 4th Annual Cybersecurity Summit .

. in the past year, we saw more than 300
distributed denial-of-service attacks
on Wall Street.
We saw destructive attacks against
Saudi Aramco and RasGas [Co. Ltd.],
and against South Korea .

. U.S. Cyber Command (Cybercom)
has activated the headquarters for
one of its 3 Cyber Force branches:
Cyber National Mission Force,
that defends the nation;
Cyber Protection Force
defends DOD's information environment.
and Cyber Combat Mission Force
will provide assistance to the military
to implement cyber counterattacks .
Cybercom teams are now fully operational
and working side by side with NSA
to defend the nation.
The Army, Navy and Marines
trained about a third of the force in 2013
and they will train a third in 2014
and another third in 2015.

2012-06-12

elucidate wiki's account of WTC destruction

6.12:
. this is in reference to an earlier blog post
in which I was concerned that skyscrapers are using
controlled demolition as means of
emergency fire suppression
without telling either the public or firefighters .

6.10: co.apt/pol/purges/controlled demolition/automated:
. why didn't they tell the firefighters to leave
if they controlled when the building would fall down?
perhaps the demolition system is automated:
ie, the building could be sensing when its
electrical coordination system is about to get
compromised by the fire,
thereby allowing it to avoid a controlled demolition
up until the point at which the fire damage would
render the system unable to execute a demolition .

5.3: proj.cyb/net.wiki/World_Trade_Center#Destruction:
. I need to include in the tower destruction page
that the way it was destroyed has been disputed .
description of  edits:
/* Destruction */ linking to a related article: 
World Trade Center controlled demolition conspiracy theories
/* Destruction */ remove accidental insertion,
and move addition out of previous ref's scope
the result is this paragraph:

wiki's World_Trade_Center Destruction


At 9:59 a.m., the South Tower collapsed
after burning for approximately 56 minutes.
The fire caused steel structural elements,
already weakened from the plane impact,
to fail.
The north tower collapsed at 10:28 a.m.,
after burning for approximately 102 minutes.[118]
At 5:20 p.m.[119] on September 11, 2001,
7 World Trade Center started to collapse
with the crumble of the east penthouse,
and it collapsed completely at 5:21 p.m.[119]
owing to uncontrolled fires
causing structural failure.[120]
This account of the collapse's cause
was disputed by proponents of
World Trade Center controlled demolition
conspiracy theories
.

blogger.com's Dynamic Views

5.2: news.cyb/net.blogger.com/Dynamic Views:
summary:
. dynamic views allows your readers to
select a viewing mode
(list of entries, matrix of icons, etc);
. if you switch to the dynamic view
then you get a menu for changing views,
but you lose the view you have now !
. the way to get dynamic views
and still keep your old view,
is to make your own menu:
one of the widgets of the old view
allows you to list your favorite web pages;
you can fill this list with these links:
yoursite.blogspot.com/view/classic
yoursite.blogspot.com/view/flipcard
yoursite.blogspot.com/view/magazine
yoursite.blogspot.com/view/mosaic
yoursite.blogspot.com/view/sidebar
yoursite.blogspot.com/view/snapshot
yoursite.blogspot.com/view/timeslide

2012-02-06

my amazon astore 2012.02

. this is the current state of my amazon astore,
featuring gear and cookables I appreciate .
it's a mess because I had to strip out the
3-column tables for this blog's format;
but it document's my work on
astore.amazon.com/americiu-20