Brass Magnet
Founder's Club Member
I have no problem with useful tools in the hands of the citizenry.
I'm going away (well maybe, 'cause I'm not promising anything) because "Moving on" is so 2010......:lol:
Last edited:
-
We are now running on a new, and hopefully much-improved, server. In addition we are also on new forum software. Any move entails a lot of technical details and I suspect we will encounter a few issues as the new server goes live. Please be patient with us. It will be worth it! :) Please help by posting all issues here.
-
If you are having trouble seeing the forum then you may need to clear your browser's DNS cache. Click here for instructions on how to do that
-
Please review the Forum Rules frequently as we are constantly trying to improve the forum for our members and visitors.
Internet Censorship on the Table
- Thread starter impulse
- Start date
I have no problem with useful tools in the hands of the citizenry.
I'm going away (well maybe, 'cause I'm not promising anything) because "Moving on" is so 2010......:lol:
Brass Magnet
Founder's Club Member
OMG.....This is just too juicy to pass up!
QUOTE FOR TRUTH
From another thread: http://forums.opencarry.com/forums/...Question-about-a-LEO-stop-while-OC-ing./page3
I'm so glad I didn't promise to "go away".
Since you've "moved on" it should be not only extremely hard, but impossible to defend the hypocrisy of this one.
And no, I'm not trying to target you eye95 nor am I out to get you or following you around. I'm not aiming for your ignore list either. I just can't help but underline the truth of this matter. I was totally ready to let it go at the last couple of posts as I believe those clarified my belief enough. But this! Oh! This was just too tastey.
If you reply it will probably be to say that objection to show ID is OK because it's not mandatory. Well, in some states it is. It also most certainly is a "useful tool" for the government. Some differences but more similarities.
QUOTE FOR TRUTH
From another thread: http://forums.opencarry.com/forums/...Question-about-a-LEO-stop-while-OC-ing./page3
I'm so glad I didn't promise to "go away".
Since you've "moved on" it should be not only extremely hard, but impossible to defend the hypocrisy of this one.
And no, I'm not trying to target you eye95 nor am I out to get you or following you around. I'm not aiming for your ignore list either. I just can't help but underline the truth of this matter. I was totally ready to let it go at the last couple of posts as I believe those clarified my belief enough. But this!
Oh! This was just too tastey.If you reply it will probably be to say that objection to show ID is OK because it's not mandatory. Well, in some states it is. It also most certainly is a "useful tool" for the government. Some differences but more similarities.
Last edited:
eye95
Well-known member
If you cannot see the difference between an individual choosing to exercise a right because, if he didn't, he'd expose himself to abuse that might happen and the use of a tool being outlawed because it might be misused rather than the misuse itself being outlawed, then further convo would be a total waste.
I find your above post repugnant and lost a good deal of respect for you as a result, hence this reply. Go ahead, take another juvenile and incongruent cheap shot. Your behavior can't sink much lower than that exhibited in the above post--and, therefore, won't warrant another response.
Highly disappointing from a usually mature member.
I find your above post repugnant and lost a good deal of respect for you as a result, hence this reply. Go ahead, take another juvenile and incongruent cheap shot. Your behavior can't sink much lower than that exhibited in the above post--and, therefore, won't warrant another response.
Highly disappointing from a usually mature member.
Last edited:
Brass Magnet
Founder's Club Member
Please try to spare me the guilt trip eye. The difference between you and I is that I would have said exactly the same thing while sitting across from you at a table, with a "gotcha" look on my face. On the other hand, you wouldn't be calling my comment "repugnant" and "immature" or telling me I couldn't sink any lower. Also, I admit it when I think I'm wrong as is shown in an above post; something you might actually do in person, but not on this forum.
As for the rest of your post, you know it's hogwash, but you continue talking in circles; and you know you're doing that too. Of course I know the differences, I said as much in the post but the similarities are too great to ignore.
If it's the WAY I said it that is offending your (suddenly) tender sensibilities; I apologize, but I won't apologize for what I've said. My post speaks for itself; I won't be guilt tripped into abandoning it.
Oh, and I don't hold grudges either. (pretty bad attempt at a guilt trip huh?)
EricDailey X-NRA
Regular Member
Exactly
EXACTLY
The last night of Ted Bundys' life in prison on death row before he was electrocuted in Flordia, he admitted in a live radio interview that he began murdering girls for sexual pleasure because of his practice of viewing pornographic images of women. He said that pornographic images led him to murder innocent girls. He warned listeners to stop pornography and protect their children. He apologized and asked for forgiveness.
EXACTLY
The last night of Ted Bundys' life in prison on death row before he was electrocuted in Flordia, he admitted in a live radio interview that he began murdering girls for sexual pleasure because of his practice of viewing pornographic images of women. He said that pornographic images led him to murder innocent girls. He warned listeners to stop pornography and protect their children. He apologized and asked for forgiveness.
stainless1911
Banned
He had a problem that he knew about for years, probably most of his life. His fault was that he fed it, and like an animal, if you feed it, it will grow stronger and keep coming back, starve it, and it will get weaker and wont come around.
Im really not a big fan of porn, but it didnt cause him to do those things, he did it because he enjoyed it. If he wants forgiveness, thats fine, there are things I need forgiveness for, so I'll forgive him. But If porn was the cause of murder, people would have gone extinct long ago.
Im really not a big fan of porn, but it didnt cause him to do those things, he did it because he enjoyed it. If he wants forgiveness, thats fine, there are things I need forgiveness for, so I'll forgive him. But If porn was the cause of murder, people would have gone extinct long ago.
slowfiveoh
Regular Member
Blaming porn for the murder of women is like blaming firearms for shooting sprees. Both are completely illogical and unfounded beliefs, substantiated on nothing.
Ted Bundy did what he did because of a mental illness. Much as a mentally ill serial murderer may get thrills from the mutilation of his victims, whether it be by firearm, knife, or a handy dandy pillow. The carnal act of raping women is separate from the enjoyment of viewing pornography, even if that is how he started getting his "jollies".
Ted Bundy did what he did because of a mental illness. Much as a mentally ill serial murderer may get thrills from the mutilation of his victims, whether it be by firearm, knife, or a handy dandy pillow. The carnal act of raping women is separate from the enjoyment of viewing pornography, even if that is how he started getting his "jollies".
Citizen
Founder's Club Member
Wait a minute. Who says the people running it and monitoring it would not themselves be criminals or capable of criminality very soon after it is up and running? Oh, yeah. I forgot. We can trust the government.
eye95
Well-known member
Instead of complaining about monsters under our bed, let's look at the real "threat" that ".secure" presents (or doesn't). Where did this perceived bug-a-bear come from, is it real, and, if it isn't, what is real? Let's just shine a flashlight under the bed. Are there really monsters there? Or just dust bunnies?
Hear is NYTimes article that discusses General Alexander's mention of a secure network, the one that prompted all this ".secure" discussion: http://www.nytimes.com/2010/09/24/us/24cyber.html
Here is a symposium on cyber-securtiy that motivated the recent flurry of news activity on ".secure": http://www.potomacinstitute.org/ind...enge-symposium&catid=65:past-events&Itemid=94
In the video, there are very specific references to a secure sub-network at about 89 minutes and 109 minutes, although the whole two hours is a worthwhile watch. Interesting was the point at about 89 minutes when a former CIA director says that, in a zone of conflict, we want a strong government; however, in the realm of ideas and communications, we want the government to be weak. That is the conflict at the root of the "collective v. individual" struggle.
It is necessary to cede power to government for the security of the people. Otherwise, why have government at all? The question is what powers to cede, under what circumstances, and what rights should remain inviolate. That was the question with which the Founders struggled as they morphed into the Framers. John Jay said, in Federalist #2, "Nothing is more certain than the indispensable necessity of government, and it is equally undeniable, that whenever and however it is instituted, the people must cede to it some of their natural rights in order to vest it with requisite powers." Benjamin Franklin warned us against giving up "essential liberty" for "temporary security." Both men recognized that the government needed to be empowered, but both also knew that a grave amount of care needed to be exercised in empowering it, lest they go too far.
Would creating a ".secure" realm on the Internet, in which identity is absolutely established and transactions are viewable to all with a properly established need to know and in which no one need participate except to transact business which normally, in the real world, requires absolute identification and an audit trail, intrude upon essential Liberty, or would it provide necessary security? Since the Internet as it exists today would continue to exist, with all its anonymity, freedom, and lack of trackability, I'd say the proposal provides necessary security at the same small expense to Liberty that a bank asking for an ID and recording transactions presents. Oh, and it won't necessarily be implemented by the government. I expect that the feds would set a standard for the level of security since they would be a primary customer of that more secure realm. But, just as today, the Internet, including the secure portion, will be dominated by the private sector.
We do need to keep an eye on what the government actually does. We need to make sure that they don't infringe on essential Liberties. However, the proposal, as it is being discussed, does not.
Folks, don't just knee-jerk to the mythological description of this "monster under the bed." One advantage of knowing your enemy is that you just might find he is not an enemy at all. You just might find that there are no monsters under the bed, only some dust bunnies.
Hear is NYTimes article that discusses General Alexander's mention of a secure network, the one that prompted all this ".secure" discussion: http://www.nytimes.com/2010/09/24/us/24cyber.html
Here is a symposium on cyber-securtiy that motivated the recent flurry of news activity on ".secure": http://www.potomacinstitute.org/ind...enge-symposium&catid=65:past-events&Itemid=94
In the video, there are very specific references to a secure sub-network at about 89 minutes and 109 minutes, although the whole two hours is a worthwhile watch. Interesting was the point at about 89 minutes when a former CIA director says that, in a zone of conflict, we want a strong government; however, in the realm of ideas and communications, we want the government to be weak. That is the conflict at the root of the "collective v. individual" struggle.
It is necessary to cede power to government for the security of the people. Otherwise, why have government at all? The question is what powers to cede, under what circumstances, and what rights should remain inviolate. That was the question with which the Founders struggled as they morphed into the Framers. John Jay said, in Federalist #2, "Nothing is more certain than the indispensable necessity of government, and it is equally undeniable, that whenever and however it is instituted, the people must cede to it some of their natural rights in order to vest it with requisite powers." Benjamin Franklin warned us against giving up "essential liberty" for "temporary security." Both men recognized that the government needed to be empowered, but both also knew that a grave amount of care needed to be exercised in empowering it, lest they go too far.
Would creating a ".secure" realm on the Internet, in which identity is absolutely established and transactions are viewable to all with a properly established need to know and in which no one need participate except to transact business which normally, in the real world, requires absolute identification and an audit trail, intrude upon essential Liberty, or would it provide necessary security? Since the Internet as it exists today would continue to exist, with all its anonymity, freedom, and lack of trackability, I'd say the proposal provides necessary security at the same small expense to Liberty that a bank asking for an ID and recording transactions presents. Oh, and it won't necessarily be implemented by the government. I expect that the feds would set a standard for the level of security since they would be a primary customer of that more secure realm. But, just as today, the Internet, including the secure portion, will be dominated by the private sector.
We do need to keep an eye on what the government actually does. We need to make sure that they don't infringe on essential Liberties. However, the proposal, as it is being discussed, does not.
Folks, don't just knee-jerk to the mythological description of this "monster under the bed." One advantage of knowing your enemy is that you just might find he is not an enemy at all. You just might find that there are no monsters under the bed, only some dust bunnies.
Last edited:
slowfiveoh
Regular Member
Government creates ".secure" top level domain identifier.
Government declares it state property.
Government declares, as it has tried to do already with .gov addresses, that any "cyber attack" would be deemed as an "act of war", in an effort to deter other countries (ohhhh lets say China for example) from allowing their population to "attack sensitive government agencies" via the internet.
Government fails to realize that attacks can appear to come from anywhere on the internet via proxies and telnets, and enacting such legislation is stupidity.
Government fails to realize .secure is another "feel good" proposition that creates a false security that it will in fact be "secure", when it truly will not.
If it has general web access, it is at risk.
.secure will be NO different.
Government declares it state property.
Government declares, as it has tried to do already with .gov addresses, that any "cyber attack" would be deemed as an "act of war", in an effort to deter other countries (ohhhh lets say China for example) from allowing their population to "attack sensitive government agencies" via the internet.
Government fails to realize that attacks can appear to come from anywhere on the internet via proxies and telnets, and enacting such legislation is stupidity.
Government fails to realize .secure is another "feel good" proposition that creates a false security that it will in fact be "secure", when it truly will not.
If it has general web access, it is at risk.
.secure will be NO different.
eye95
Well-known member
None of that has happened or is happening. I would object to .secure being used in that way if it was used for anything other than government purposes. (The discussions I cited indicated it would be.) The government does indeed "own" .gov sites, so protecting them is well within their purview.
We should be wary of potential abuse, ready to stop it, but not behave as though it has already happened. It hasn't. Nor has it been proposed.
Last edited:
slowfiveoh
Regular Member
It has been enacted. It has been stated. It has been proposed.
http://online.wsj.com/article/SB10001424052702304563104576355623135782718.html
Several major problems are immediately presented by the stance the pentagon has taken.
For instance:
A blackhat from the Swiss Alps, could telnet into 20+ log-dumped POP's with the last session being hosted in mainland China (Hell even easier would the ubiquitous botnet). He/She could then shut down, let's say, our power grid.
So we launch a missile strike on China.
That's the correct answer yeah?
Pentagon posturing is blatant posturing. Nothing more, nothing less.
eye95
Well-known member
I quoted the posts in sequence so folks could watch you changing gears. What you described in the first post HAS NOT HAPPENED.
The second half of a simile that expounded on one of your hyperbolic suppositions has happened, but NONE OF THE EVENTS YOU LISTED IN YOUR FIRST POST HAS HAPPENED.
There is no point in discussing further with someone behaving so deceptively.
_____________________________________________
Folks, this discussion is about the .secure realm that has been proposed. Nothing has happened in regards to it. So far, there hasn't even been a concrete proposal, just some folks talking unofficially about the need for such a realm. Furthermore, there is no proposal to do away with the rest of the Internet as it exists now, just the addition of a realm in which folks could voluntarily participate on the condition of their identity being absolutely confirmed and audit trails of transactions being securely maintained, the precise things that happen when you conduct business inside of your bank.
I posted two links earlier. One of them describes how one person made some remarks that caught the eye of the media and some experts in the field, prompting the discussion, and the other is the video of the unofficial panel that set off the media firestorm over the .secure idea.
Folks, check out those links. Nothing is happening on the .secure idea. Individuals, almost exclusively non-governmental individuals, are exploring and discussing the idea. Nothing is happening in the governmental arena to make .secure a reality. Furthermore, when it happens, if it happens as described, it presents zero governmental abridgment of 4A rights. It is absolutely analogous to showing an ID when cashing a check and the bank maintaining a secure record of the transaction.
Again, keep your eyes out for real infringements (including if this idea gets contorted into an infringement) and don't fret over invented threats.
slowfiveoh
Regular Member
Eye, you're missing the parallels in behavior and activity that was meant to be pointed out by my post, and completely dismissing points 3-4 which have in fact happened already.
You are completely missing the totally relevant and factual point that what government is trying to do, is just another attempt at ******* in the wind and soaking itself.
My statements have far more to do with the technological aspect of what they are trying to do, and I don't think you are up to snuff on networking technology, at least not to the point that some of us may be. I have been in this field for 13 years, and I am telling you that government has been trying this censorship and control crap for a long time.
Since you don't understand what I'm talking about, I will simply put some facts out there that maybe you can look up when you have a chance.
#1. To reach a top level domain identifier from any outside access point, it must be routable. In other words, its resources will be exposed like every other top level resource. It has a DNS entry. Period.
#2. What OS technology is the government going to transition to on this new network to mitigate coded threats? That's what I thought. Probably and most likely MS OS's. Only the number one exploited and malicious software targetted OS's in the world.
#3. So what tax dollar amount is acceptable to spend on this undertaking, which will have probably near to no effect on their infrastructure security?
Eye, most security administrators, specifically those at the pentagon and the like, should very well know that so long as the carrier for government data remains public, there is always significant risk. So long as DoD employees for example want to check their email at work, there is risk. They also know that the only way to create a secure network is to literally install their own separate carrier, coast to coast, that is not in any way attached to public carriers.
.secure is a needless proposition that does not address the true threats to government security.
As happens in every board meeting I have ever been to, some higher up thinks he has a handle on the IT infrastructure of his company, and starts making stupid requests in the face of his IT staff telling him its a bad idea, or that he doesn't understand what he is saying.
Government is no different.
What people are trying to point out to you is that the dynamics of network technology are not understood by those making laws or statements in Washington. I would be shocked to see if there was really any meat behind the person or persons who proposed this new top level domain identifier. I am betting it is not a top tier network security professional.
You are completely missing the totally relevant and factual point that what government is trying to do, is just another attempt at ******* in the wind and soaking itself.
My statements have far more to do with the technological aspect of what they are trying to do, and I don't think you are up to snuff on networking technology, at least not to the point that some of us may be. I have been in this field for 13 years, and I am telling you that government has been trying this censorship and control crap for a long time.
Since you don't understand what I'm talking about, I will simply put some facts out there that maybe you can look up when you have a chance.
#1. To reach a top level domain identifier from any outside access point, it must be routable. In other words, its resources will be exposed like every other top level resource. It has a DNS entry. Period.
#2. What OS technology is the government going to transition to on this new network to mitigate coded threats? That's what I thought. Probably and most likely MS OS's. Only the number one exploited and malicious software targetted OS's in the world.
#3. So what tax dollar amount is acceptable to spend on this undertaking, which will have probably near to no effect on their infrastructure security?
Eye, most security administrators, specifically those at the pentagon and the like, should very well know that so long as the carrier for government data remains public, there is always significant risk. So long as DoD employees for example want to check their email at work, there is risk. They also know that the only way to create a secure network is to literally install their own separate carrier, coast to coast, that is not in any way attached to public carriers.
.secure is a needless proposition that does not address the true threats to government security.
As happens in every board meeting I have ever been to, some higher up thinks he has a handle on the IT infrastructure of his company, and starts making stupid requests in the face of his IT staff telling him its a bad idea, or that he doesn't understand what he is saying.
Government is no different.
What people are trying to point out to you is that the dynamics of network technology are not understood by those making laws or statements in Washington. I would be shocked to see if there was really any meat behind the person or persons who proposed this new top level domain identifier. I am betting it is not a top tier network security professional.
Last edited:
Dreamer
Regular Member
There is only one small problem with this scenario...
The computers that control the power grid are NOT connected to the Internet. So unless this theoretical Swiss hacker actually can figure out a way to physically get into a power plant in the US, gain physical access to the computers, and then upload a worm, virus or other malware and set it running, there is NO WAY that a hacker can "take down the power grid"...
Same for nuclear power plants. Their control computers are NOT connected to the internet. Physical access to the actual on-site computers is required to hack them...
This whole "shutting down the power grid/messing with nuclear facilities" argument is a red herring, a distraction, and to be honest, a fig, fat hairy lie.
Don't buy the hype. ANY move to "regulate" the internet is a DIRECT assault on the 1A, and a DIRECT assault to personal privacy, financial privacy and individual sovereignty. There is NOTHING that the government or any other group can do to make the internet "secure".
Networks are by DEFINITION, unsecure. Computers are nearly impossible to make "secure" against a sophisticated, clever, and well-equipped hacker. Information can be stolen from the power lines that a computer is plugged into if you have the right equipment. Information can be stolen by reading the RFI signals given off by a monitor. Information can be stolen by exploiting the BUILT-IN back doors in Windows. If a computer is plugged in to the wall, connected to the internet, and running, it is vulnerable.
I learned a LONG time ago, when I was actually paid by various businesses and organizations to develop systems security, that the only secure computer is one that is not powered up.
Anyone who tells you they can make your computer system "secure" is selling you snake oil. And when the government says they can do it, they are also setting up the system to steal your rights and privacy.
Last edited:
Gunslinger
Regular Member
eye post:
"The second half of a simile that expounded on one of your hyperbolic suppositions has happened..."
I'm finally rubbing off on him...
"The second half of a simile that expounded on one of your hyperbolic suppositions has happened..."
I'm finally rubbing off on him...
slowfiveoh
Regular Member
Dreamer it was a hypothetical. However, I can tell you that most SCADA systems are in fact outside accessible. I contracted for a water agency once, setting up systems in a remote part of California for growing populations. My role was to install a new domain controller for the remote plant subsystems. To do so, I needed to add clients to the DC. Most of the clients were controller interfaces for the SCADA equipment. The equipment was given no RG access, but, getting VPN credentials to the concentrator was all that it takes to have unfettered network access to said devices.
When someone says, "Those systems aren't on the internet", what they are really telling you is that the device has a strictly internal interface that is still reachable by network resources behind the firewall or RG. Once a connection is established behind the firewall via some errant, malicious code, or some admin slipping their credentials out to some 3rd party in some manner, then it is totally open and fair game.
There is a reason businesses and agencies say to keep your password safe and secure, and why admins bust their butts to make sure all users truly belong to the correct OU.
However, 99% of hacking is social engineering or phishing. They will spend years on a resource to finally gain internal knowledge and credentials into a system. Patience is all that is needed.
Unless you are an operator at a nuclear power plant, or one of its technology professionals, I sincerely doubt you can substantiate your statement. In order for the system to be monitored by head engineers and the like, remotely, I am sure some of its interfaces, if even just a monitoring system, are available from the outside with multilevel authentication.
Saying that they "aren't on the internet" has no clout whatsoever. They are on the internal network, which at some point is connected to an outbound RG.
EDIT: Just looked it up. The EMS (Energy Management System) is in fact network accessible. It is another SCADA configuration, which means it supports network view and control of station and substation devices.
It is, in fact, on the network of its parent company or organization, which is in turn connected to the internet somewhere.
"As proprietary systems became uneconomical, EMS suppliers began to deliver solutions based on industry standard hardware platforms such as those from Digital Equipment (later Compaq), HP, IBM and Sun. The common operating system then was either DEC OpenVMS or UNIX. By 2004, various EMS suppliers including Areva, ABB and OSI had begun to offer Windows based solutions. By 2006 customers had a choice of UNIX, LINUX or Windows-based systems. Some suppliers including NARI, PSI-CNI and Siemens continue to offer UNIX-based solutions. It is now common for suppliers to integrate UNIX-based solutions on either the SUN Solaris or IBM platform. Newer EMS systems based on blade servers occupy a fraction of the space previously required. For instance, a blade rack of 16 servers occupy much the same space as that previously occupied by a singleMicroVAX server."
Source - Wiki
Last edited:
Gunslinger
Regular Member
The DoD uses secure LANs or WANs. They exist only by and for themselves. All of the capability of the internet, none of the risk. Expanding them is finite, however. They will never replace the breadth of the internet.
slowfiveoh
Regular Member
The term "secure" is socially misleading.
In terms of information systems and networks, it is actually kind of ambiguous.
In this case, just so that others understand, you are talking about DoDnet being in no way physically connected to the cloud known as the internet. It is completely physically separate.
slowfiveoh
Regular Member
2 things here.
#1. Power lines do not relay any data whatsoever. Power goes into the computers PS (Power Supply), is regulated by an inverter to split power off to the various leads. The leads are then plugged into the master bus for the motherboard. There is NO information being passed in any manner whatsoever back through the power lines. That is a stone cold fact, and is substantiated by the hardwares science.
There are some networks that use power lines to pass data, but they are "crappy" at best, and rarely used.
#2. Do you realize the proximity to the heavy duty shielded cabling of a VGA/DVI, or especially HDMI, that you would have to have to pick this up? Even the ambient bleeding from the monitors integrated circuits would be so miniscule, that you could not pick anything up at all.
Hell we have specifically designed for long range RF transmission networks that have extremely limited distance due to natural atmospheric attenuation.
Lets not delve off into fantasyland please.