Political/Current Events Random, Pics, and Videos Thread - Page 318 - Miata Turbo Forum -Boost cars, acquire cats.

Welcome to Miataturbo.net   Members
 


Current Events, News, Politics Keep the politics here.

Reply
 
 
 
LinkBack Thread Tools Search this Thread
Old 07-24-2016, 11:52 AM   #6341
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago
Posts: 24,634
Total Cats: 1,562
Default

Joe Perez is online now   Reply With Quote
Old 07-24-2016, 04:56 PM   #6342
Elite Member
iTrader: (3)
 
Join Date: Feb 2008
Location: Huntsville, AL
Posts: 1,867
Total Cats: 45
Default

So, will the DNC met down over wikileaks shenanigans, or will there be business as usual?
vehicular is offline   Reply With Quote
Old 07-24-2016, 04:56 PM   #6343
Elite Member
iTrader: (5)
 
Erat's Avatar
 
Join Date: Oct 2011
Location: Detroit
Posts: 3,876
Total Cats: 219
Default

Erat is offline   Reply With Quote
Old 07-24-2016, 05:05 PM   #6344
Elite Member
iTrader: (1)
 
cordycord's Avatar
 
Join Date: Dec 2011
Location: SoCal
Posts: 1,709
Total Cats: 122
Default

Giving Lena Dunham more than 5 seconds of your time means she wins. Bitch be crazy (I just appropriated that phrase).
cordycord is offline   Reply With Quote
Old 07-24-2016, 08:54 PM   #6345
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago
Posts: 24,634
Total Cats: 1,562
Default

What do the blue-shaded areas have in common?



Joe Perez is online now   Reply With Quote
Old 07-24-2016, 09:36 PM   #6346
AFM Crusader
iTrader: (18)
 
olderguy's Avatar
 
Join Date: Oct 2004
Location: Wayne, NJ
Posts: 4,272
Total Cats: 64
Default

Quote:
Originally Posted by Joe Perez View Post
What do the blue-shaded areas have in common?



No circles?
olderguy is offline   Reply With Quote
Old 07-24-2016, 09:40 PM   #6347
Senior Member
iTrader: (1)
 
Join Date: Nov 2010
Location: Marylandistan
Posts: 678
Total Cats: 26
Default

Quote:
Originally Posted by vehicular View Post
So, will the DNC met down over wikileaks shenanigans, or will there be business as usual?
This is getting very interesting. I wonder when the next distraction attack will happen?
stratosteve is offline   Reply With Quote
Old 07-24-2016, 10:35 PM   #6348
Elite Member
iTrader: (19)
 
Join Date: Jun 2007
Location: Rochester, NY
Posts: 5,180
Total Cats: 321
Default

Quote:
Originally Posted by Joe Perez View Post
What do the blue-shaded areas have in common?
Civilization.
rleete is offline   Reply With Quote
Old 07-25-2016, 07:49 AM   #6349
Boost Czar

Thread Starter
iTrader: (60)
 
Braineack's Avatar
 
Join Date: May 2005
Location: Chantilly, VA
Posts: 70,100
Total Cats: 1,400
Default

Quote:
Originally Posted by vehicular View Post
So, will the DNC met down over wikileaks shenanigans, or will there be business as usual?
You think a little email scandal -- one which doesn't really violate major laws -- is going to hurt a liberal?
Braineack is offline   Reply With Quote
Old 07-25-2016, 07:50 AM   #6350
Boost Czar

Thread Starter
iTrader: (60)
 
Braineack's Avatar
 
Join Date: May 2005
Location: Chantilly, VA
Posts: 70,100
Total Cats: 1,400
Default

Quote:
Originally Posted by stratosteve View Post
This is getting very interesting. I wonder when the next distraction attack will happen?
there it is.
Braineack is offline   Reply With Quote
Old 07-25-2016, 08:40 AM   #6351
Boost Czar

Thread Starter
iTrader: (60)
 
Braineack's Avatar
 
Join Date: May 2005
Location: Chantilly, VA
Posts: 70,100
Total Cats: 1,400
Default

Non-humorous, not-very-ironic distraction:

PHOTOS: DNC erects four-mile eight-foot tall fence around Philly convention site - The American MirrorThe American Mirror

Quote:
To the Democratic National Committee elites, keeping average Americans away from their convention is a good idea, while protecting the southern border from intruding terrorists, rapists and murderers is a bad one.

The DNC has erected a four-mile fence around its convention site at Philadelphia’s Wells Fargo Center.


Braineack is offline   Reply With Quote
Old 07-25-2016, 11:05 AM   #6352
Boost Czar

Thread Starter
iTrader: (60)
 
Braineack's Avatar
 
Join Date: May 2005
Location: Chantilly, VA
Posts: 70,100
Total Cats: 1,400
Default

related.

Braineack is offline   Reply With Quote
Old 07-25-2016, 11:18 AM   #6353
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago
Posts: 24,634
Total Cats: 1,562
Default






Joe Perez is online now   Reply With Quote
Old 07-25-2016, 11:41 AM   #6354
AFM Crusader
iTrader: (18)
 
olderguy's Avatar
 
Join Date: Oct 2004
Location: Wayne, NJ
Posts: 4,272
Total Cats: 64
Default

I thought of this:

https://www.youtube.com/watch?v=MVVMBxkZvX0

olderguy is offline   Reply With Quote
Old 07-25-2016, 12:10 PM   #6355
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago
Posts: 24,634
Total Cats: 1,562
Default

You can trust federal administrative agencies with your secrets. Or more specifically, with the keys to them.


Hackers create Safe Skies TSA master key from scratch, release designs
Steve Ragan — Senior Staff Writer, CSO | Jul 23, 2016 9:00 PM PT



On Saturday evening, during the Eleventh HOPE conference in New York City, three hackers released the final master key used by the Transportation Security Administration (TSA), which opens Safe Skies luggage locks.

The talk was given by DarkSim905, a lock enthusiast who heads the New Jersey chapter of TOOOL (The Open Organization of Lockpickers); Nite 0wl, a member of TOOOL from New York City; and Johnny Xmas, of RedLegg International's TradeCraft Labs.

In addition to releasing a 3D-printable model of the Safe Skies master key, the talk also addressed the techniques used to collect the intelligence leading to the compromise of the seven Travel Sentry keys in 2015, as well as vulnerabilities in the Safe Skies lock design.

The public release of this eighth and final key has once again exposed the problems created by key escrow.

Approved Locks:

TSA approved locks became a common sight at airports in 2003. Passengers were using locks to prevent theft, and the TSA wasn't thrilled with the overhead required to inspect baggage. Prior to the creation and availability of approved locks, the TSA would simply cut the lock off if a bag needed inspected. These days, under the approved locks program, the TSA can access bags by using a master key.

Two companies are responsible for the majority of the TSA approved luggage locks on the market.

The first is Travel Sentry, but they don't make their own locks. Travel Sentry authorizes a system of keys that can be used as standards for other lock manufacturers. The second company is Safe Skies. They do make their own locks, and hold the patents for the designs.

When the approved locks program was introduced, some felt the concept was security theater and wouldn’t actually provide additional protection from thieves. But it’s possible some travelers did believe in the concept stronger protection, as the TSA made claims in 2012 that the locks would "prevent anyone from removing items" from locked bags.

A few years later, the TSA reversed their stance in a statement given to the Intercept, saying the approved lock program was implemented to provide "peace of mind."

When asked for comments concerning the creation of a Safe Skies master key, the TSA sent Salted Hash a similar comment.

"These consumer products are convenience products that have nothing to do with TSA's aviation security regime," an agency spokesperson said.

"Carry on and checked bags are subject to the TSA's electronic screening and manual inspection. In addition, the reported accessibility of keys to unauthorized persons does not affect the physical security of bags while being screening by TSA officers."

Granted, the locks do serve as a deterrent against opportunistic theft, but that's about it. Locked or not, your luggage can be opened with a pen, a knife, or screwdriver in seconds – and most of the more common Travel Sentry or Safe Skies locks can be picked with ease.

But, as Johnny Xmas said during a recent interview with Salted Hash, the point being made isn't about "how bad men can lick your travel toothbrush" after opening your luggage with a printed key.

The point being made by the development and subsequent release of the eighth and final TSA master key centers on the dangers of government key escrow.

Travel Sentry and key escrow:

Testing the security of TSA approved locks is something lock enthusiasts have been working on since 2004.

In late 2015, a hacker who goes by name of Xylit0l, using high-quality public images released by the TSA and published by Travel Sentry, as well as a ton of community-driven research, eventually produced 3D-printable copies of the Travel Sentry master keys.

Later, DarkSim905, Johnny Xmas, and another hacker by the name of MS3FGX, added to the project by fixing a few of the early design flaws and sharing knowledge.




The media coverage related to the Travel Sentry leak primarily focused on the fact that hackers could now break into luggage, which the hackers involved in the leak claimed completely missed the point.

"The point we were trying to make, which everyone involved stated very clearly over and over again, was that this was all an act of civil disobedience in order to create an excellent metaphor for the general public to better understand the inherent dangers of trusting a highly-targeted third-party to have the tools necessary to grant unfettered access to your stuff," Johnny Xmas said.

Around the time the Travel Sentry keys were released, Apple and the FBI were going to war over the FBI's demand that Apple develop a backdoor in their software. The backdoor would allow unrestricted access to the encrypted data on a person's iPhone or iPad, but the FBI claimed they would only use it when legally allowed.

Another way to put it – the FBI wanted Apple to give them a master key that would bypass the security protections on an Apple customer's device, one that would be held in escrow and only used when the FBI felt it necessary. However, no one trusted the FBI's ability to protect such golden keys.

"At its best key escrow creates a larger attack surface and places significant, if not complete, control or your security in the hands of a third-party. How much can you trust that third-party? If they're dishonest or greedy, they can steal your property or access your sensitive information without your knowledge or consent," explained Nite 0wl during a recent interview with Salted Hash.

Even if the third-party is completely honest, Nite 0wl added, "their security must be at least as good as your own or an attacker can get your keys from them instead of attacking your system directly."

Yet, at that point in time, those calling out the parallels between the Travel Sentry keys and the backdoors being sought by the FBI were routinely ignored.

"Security, encryption and protecting communications that many of us security researchers take for granted, are constantly under threat. Just because the average person was forced to share keys to their things (i.e. luggage), doesn't mean we should accept it for our electronic communications as a result," DarkSim905 said.

"The fact an organization with an already questionable history and existence went so far as put all of our travelers' belongings at risk for theft is mind boggling. It should shock anyone who has even vaguely private things or thoughts. People have had a great deal of things stolen from their luggage in recent years due to the abuse of key escrow," DarkSim905 added, referencing reports of valuables being stolen at airports.

As mentioned, when the Travel Sentry story broke, most of the hackers involved felt the media missed the point entirely.

In all fairness, they were right to be frustrated. At no point, did the media contact Johnny Xmas, DarkSim905, Xylit0l, or MS3FGX to get additional details or confirm facts – a major misstep considering there were problems with some of the keys in the first place.

One Tweet made by Johnny Xmas at the time was widely circulated in the media, despite the fact it wasn't truthful.

"I had printed the keys up, confirmed they looked good, and then took that picture while I was out grabbing some dinner. I came home and began testing them, only to find the sizes were way too small," he explained.

Xmas posted a second message to Twitter after some testing, saying that he had the correct scale for the TSA keys. However, this wasn't correct either, as 004 and 006 needed serious work before they could function properly.

"All of this is of particular importance because at no time did anyone publishing these articles ever attempt to get in touch with me. I was making claims lofty enough to attract major media attention, and yet nobody ever attempted to verify the truthfulness of them," Xmas added.

Safe Skies:


The Safe Skies master key released during the Eleventh HOPE conference took some effort to engineer.

According to research, Safe Skies only uses a single master key. Previously, Nite 0wl and the others had high-resolution images and design specs to work with on the Travel Sentry project. This time however, they had no such help, so things had to be done manually.

"Unlike the Travel Sentry keys, there is very little information about the exact design of the Safe Skies key floating around. There are no leaked documents, inadvisable publicity photos, or anything like that. Instead, I had to use more traditional locksmithing techniques to create a working key," Nite 0wl explained.

The first step in his research was to acquire Safe Skies locks for examination and testing. Nite 0wl purchased them from as many different sources as possible to ensure he had a diverse sample set to work with.



The second step was to identify possible key blanks. This stage was helped by examining the user keys that were supplied with some of the Safe Skies locks. Ultimately though, he had to resort to creating his own blanks. While the first set of custom blanks were created with polystyrene sheets, he eventually switched to modifying commercially available key blanks that were similar to actual Safe Skies keys.

"Once I had blank keys that would fit the locks I needed to figure out what the cuts should be," Nite 0wl said.

This stage involved examining and comparing the user keys supplied with the sample locks, since he knew the master key could never exactly match one of the user keys. By doing so, he was able to eliminate those sets of cuts and look for patterns that would give him a rough idea of the pattern a master key would use.

"The big breakthrough was when I acquired several Safe Skies locks that used wafer-tumbler mechanisms instead of pin-tumbler mechanisms, because of the different mechanical design I was able to work out the master key cuts very quickly and then confirm that the key worked on all of the sample locks I had," he added.

The 3D model of the master key being released contains some additional work by Nite 0wl and the others, and it might require some additional tweaks due to the nature of consumer 3D printers, but the key itself is fully functional on Safe Skies locks.




There is one point all three of the speakers wanted to stress during their interview. There was nothing shady or illegal going on during their research. Unlike the Travel Sentry keys, the Safe Skies key was not developed due to leaked photographs, files, or any other proprietary data. This was a manual development project, one that was full of trial and error. But their overall point remains the same – key escrow is a bad idea.

"This was done by legally procuring actual locks, comparing the inner workings, and finding the common denominator. It's a great metaphor for how weak encryption mechanisms are broken - gather enough data, find the pattern, then just "math" out a universal key (or set of keys). What we're doing here is literally cracking physical encryption, and I fear that metaphor isn't going to be properly delivered to the public," Johnny Xmas commented.

Salted Hash reached out to Safe Skies and the TSA for comment. However, only the TSA responded.

Attempts were made to reach Safe Skies prior to publication via phone, email, and LinkedIn, but none were successful.



Hackers create Safe Skies TSA master key from scratch, release designs | CSO Online
Joe Perez is online now   Reply With Quote
Old 07-25-2016, 08:43 PM   #6356
Boost Pope
iTrader: (8)
 
Joe Perez's Avatar
 
Join Date: Sep 2005
Location: Chicago
Posts: 24,634
Total Cats: 1,562
Default

So I'm reading about this mass-killing that happened today in Japan, where some guy murdered 15-20 people with a knife. And I'm thinking what a shame it is that knives are outlawed in Japan. If more people had been carrying a knife, this wouldn't have happened.


Joe Perez is online now   Reply With Quote
Old 07-25-2016, 09:56 PM   #6357
AFM Crusader
iTrader: (18)
 
olderguy's Avatar
 
Join Date: Oct 2004
Location: Wayne, NJ
Posts: 4,272
Total Cats: 64
Default

Quote:
Originally Posted by Joe Perez View Post
You can trust federal administrative agencies with your secrets. Or more specifically, with the keys to them.

I only lock my luggage if there is a firearm contained therein and according to their protocol. TSA has opened my other luggage and left me little thank you notes when I carry multi meters and/or electrical assemblies
olderguy is offline   Reply With Quote
Old 07-25-2016, 10:14 PM   #6358
Elite Member
iTrader: (3)
 
Join Date: Feb 2008
Location: Huntsville, AL
Posts: 1,867
Total Cats: 45
Default

Quote:
Originally Posted by Braineack View Post
You think a little email scandal -- one which doesn't really violate major laws -- is going to hurt a liberal?
As it turns out, it looks like it did...

Bernie Sanders aims to quiet boos in Philadelphia - CNNPolitics.com
vehicular is offline   Reply With Quote
Old 07-26-2016, 08:56 AM   #6359
Boost Czar

Thread Starter
iTrader: (60)
 
Braineack's Avatar
 
Join Date: May 2005
Location: Chantilly, VA
Posts: 70,100
Total Cats: 1,400
Default

Quote:
You think a little email scandal -- one which doesn't really violate major laws -- is going to hurt a liberal?
Quote:
Originally Posted by vehicular View Post
I'm sorry, where did Hillary get hurt (politically speaking)?

How exactly is Bernie's lack of back-bone and ultimate support for Hillary going to hurt Hillary??

He pretty much said "we need people who stop at no law, who have no morals, who will do whatever it takes to bring our people together and makes us stronger."
Braineack is offline   Reply With Quote
Old 07-26-2016, 09:00 AM   #6360
Boost Czar

Thread Starter
iTrader: (60)
 
Braineack's Avatar
 
Join Date: May 2005
Location: Chantilly, VA
Posts: 70,100
Total Cats: 1,400
Default

Quote:
Originally Posted by Joe Perez View Post
If more people had been carrying a knife, this wouldn't have happened.
Joe Perez:

1. The narrative is not it "wouldnt" have happened, but only that something could have potentially been averted or stopped.
2. we have learned now, that not having a defensive weapon of your own, or/and praying, doesn't stop you from crazy knife wielders. Guess what MIGHT have?

Priest had throat cut while another hostage is fighting for life after knifemen burst into Normandy church at 9am





Last edited by Braineack; 07-26-2016 at 09:32 AM.
Braineack is offline   Reply With Quote
 
 
Reply

Related Topics
Thread Thread Starter Forum Replies Last Post
Project Gemini - Turbo Civic on the Cheap Full_Tilt_Boogie Build Threads 52 08-28-2016 05:18 AM
OTS Bilstein to motorsports ASN conversion stoves Suspension, Brakes, Drivetrain 5 04-21-2016 04:00 PM
Going back to stock. Need some 1.6 parts. Trent WTB 2 10-01-2015 01:15 PM
Leaky Wilwoods mx592 Suspension, Brakes, Drivetrain 1 10-01-2015 01:45 AM


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 03:51 PM.