I tend to assume people pretend to be surprised because it allows them to be more outraged. This assumption could easily be egocentric bias, but I have difficulty seeing how any moderately informed person would be truly surprised by these 'revelations.' Some interesting specific details, sure -- but nothing particularly strange has surfaced.
I guess it depends on what you mean by "moderately informed." I've been on HN for a while now. The HN community obviously cares about the NSA's activities, but how many posts were there on HN about the NSA collecting all of this information before Snowden? Or are you just talking about people in the academic crypto community?
I basically mean people with an interest in privacy and implications of information technology on society. If someone doesn't have that interest, I wouldn't expect them to assume the NSA is collecting all the info it can. With a basic background I would expect other people to recognize how powerful vacuuming up everything is. This expectation is strengthened by personal experience (moderate n, but selection bias). Certainly having the leaks makes people actually talk about it -- partially because assumed isn't the same as proved when you are an activist. Furthermore the extent to which the NSA hands this information over to eg the FBI was unknown. IMHO the real danger of spying on everyone is 3 felonies a day style selective enforcement. If the NSA keeps everything well barricaded from political and personal motivations and only pursues genuine threats to national security I frankly think that might be best for everyone. That possibility is seeming less likely because of information the leaks have provided.
That makes sense - the ice cubes are below freezing, so it will take less melting to reach melting point equilibrium temp. In this case you are simply using the heat storage of ice rather than the phase transition energy required to melt the ice.
I hate to spoil the fun, but she may well just be someone the thief sold the laptop to. Unless there's some unmentioned reason to believe she's not innocent it shouldn't be acceptable to spy on her and post her activities online.
It's a ethical question more than a legal question. Perhaps they did not buy the laptop, maybe someone else in their family did and they are merely a bystander.
* Do they have an expectation of privacy?
* Does this violate this expectation?
* As a deterrent for buying stolen property does this possible violation outweigh the benefit?
Consider a school which loans out laptops to its students but then uses the laptops to spy on the students. Or a company that backdoors its product so that when it is pirated they can spy on the users that pirated the software, perhaps uploading all their email to tumblr.
* Would such an action ever to ok?
* Where do you draw the line?
* What if you inform people that you are going to do this? How loud of a notification do you need to be justified (tiny sticker on the back of the laptop)?
> A suburban Philadelphia school district is agreeing to pay $610,000 to settle two lawsuits brought by students who were victims of a webcam spying scandal in which high school-issued laptops secretly snapped thousands of pictures of pupils.
The location of the laptop has nothing to do with it. It is the behavior of the publisher that is unethical and/or illegal. If the Iranians have a cause of action against the publisher in the UK based on privacy laws, they would have standing to bring a suit in court in the UK. They don't have to be citizens to do that.
- she's not a minor (as far as we can tell) so having/publishing her pictures are not illegal in the UK.
- She's not a UK resident or have established a valid UK contract, or contact UK authorities about international law concerning rights to the use of ther image
So, i'd say it's pretty legal. Douchbaggery, but legal.
If i were on his place, i'd get enough personal information to 'convince' (wink wink) her that it was her best interest to return my property and report the seller (if that was the case) the local authorities.
Also, since he never mention that he tried to contact her, it makes him 10x more idiot.
NOTE: This is what is called a 'rhetorical question'. I'm not trolling.
> Shouldn't he be able to use it as he sees fit?
Say it ends up in the wheelhouse of an old oil tanker and the Captain prefers its GPS and maps application to the 1980s-era thing built in to the ship. If the legitimate owner of the laptop "saw fit" to modify the displayed GPS coordinates such that a catastrophe ensued, "shouldn't" he be able to do that?
After all, it's not his fault that a coastline packed with baby seals was standing in front of it.
That gets into the territory of intent. If he intended to crash the ship, then it's illegal. If, in the normal course of working on his laptop, he changed the map's endpoint to somewhere else (say, the local Wal Mart), he did not intend to crash the ship.
Is Dom intending to cause harm with these pictures? Is he actually causing harm? Those are the relevant questions.
But for a portable 'personal' computer like this Mac laptop, it's difficult to "use it as one sees fit" in the normal way when it's in Iran. Sure, it's possible he could make a remote connection and continue to edit documents on it or something. But in practice Dom is unlikely to get any real utility out of it by treating it as cloud server in the hands of untrusted parties. We probably all agree that Dom should be free to recover and wipe his own data from it, but that's purely an attempt to cut his losses rather than derive further "use".
So Dom continuing "to use it as he sees fit" is not really possible. Nearly everything Dom can do remotely to this computer will be inseparable from his intent with respect to effects on these other parties.
Look at the pictures. Who do you think needs the laptop more? I think it's better (and probably all we can do) to inform the Iranian police and plead with them them to just find and ask these people who sold them the laptop.
Whoever's ultimately responsible for the theft is in the US--finding the seller on the Iranian side will help you track down the person who ultimately stole it.
I have absolutely no problem doing whatever I like to hardware that is stolen from me. However, mere spying doesn't get the message across.
I'd prefer to brick the unit. A nice fast erasure of the firmware would be good, though reflashing the unit to display an "I'm stolen" message would be better. You could even request payment for an unlock ("This is stolen, but you can buy it from me.")
Would you be Ok with tracking their usage, finding their contact info and letting them know you know they have your stolen laptop and ask them to return it. If they don't comply with returning it, then does spying become acceptable?
"Without establishing a solid connection to China, there will always be room for observers to dismiss APT actions as uncoordinated, solely criminal in nature, or peripheral to larger national security and global economic concerns. We hope that this report will lead to increased understanding and coordinated action in countering APT network breaches."
This really is the key point. People generally believed that the major hacks have been Chinese government based, but without publicized proof public policy is unlikely to change. China (and people who don't want to insult China) can get away with dismissing the mountain of circumstantial evidence because few people with power want to directly accuse it. Maybe this report will start to change the situation.
Strong ties have been established with attacks like this already, this isn't the first time. Sadly my source  has disappeared, but I literally just finished an aggregation of other content  this morning.
I agree that pretty much anyone who gave a cursory inspection would come to the conclusion that the attacks were from Chinese intelligence. There were still lots of defences of China claiming it could be patriotic hackers, or that the evidence was circumstantial. I think some of this was that if US officials make it clear that they know the attacks are from China it puts them under pressure to act (potentially in a way that would anger China). Diplomatically it's more convenient to pretend not to be sure.
There's also the matter of "is this worth starting a war over?"
One thing about this is that Chinese military is not the same thing as Chinese intelligence. The main Chinese intelligence agency is the Ministry of State Security. Mixing up the PLA with the MSS is like mixing up the DOD with the CIA.
I doubt that the United States government will do anything more than "raise the issue." The trouble is that if the US does something like file a formal diplomatic protest, it will be a promise by the United States not to try to do anything similar, and I don't see how the US would consider that to be in its national interest.
One other interesting thing is that the Chinese hacker community is very different from the US hacker community, in that US hackers tend to hate the military and authoritarian systems whereas the Chinese hacker community sees themselves as patriotic defenders of the motherland. A lot of this has to do with differences in history (i.e. the US involvement with Vietnam). Something that gives you an idea of the difference is that if you go to any newsstand, you'll see a lot of military magazines, and so hackers in China are "solider wannabees" in ways that hackers in the US aren't.
APT is just an externality for US biz right now. The fact that the Chinese were able to steal the plans to the JSF doesn't really hurt Lockheed-Martin's ability to sell the plane to the US or allies. Of course it hurts the ability of the buyers to effectively deploy the JSF against anyone able to buy JSF data from the Chinese; but LockMart really doesn't care too much about that.
“Either they are coming from inside Unit 61398, or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
— Kevin Mandia
USCYBERCOM is still trying to get its shit together, so to speak. Flamer is a great example of this. We took a bunch of toys that the NSA had laying around (MD5 collision research, a few 0days purchased from defense contractors, etc) and went over to Israel's house to have them show us how to put them into play.
Exactly. The focus of the whole story is on caffeine, but dropping caffeine is quite minor in comparison to eating better, sleeping better, and exercising more. I think it's general consensus that caffeine withdrawal takes no more than a week.
But there is a substantial link between dropping caffeine and sleeping better. And there is a link between sleeping better and getting more effective exercise. And it is hard to get effective exercise and still manage to live on something like Mountain Dew (which might prompt an improved diet).
True - if caffeine was interfering with his sleep then it was a problem. I didn't see any indication that he had attempted to fix his sleep schedule before he dropped caffeine, though it's certainly possible that he did. Sleep exercise and diet are connected to each other, and maybe kicking caffeine happened to give him enough motivation or momentum to improve all three of them, but it's only loosely related. Setting up dropping caffeine as the cause of his improvement is strange - it just happened to come first.
With perfect efficiency a 10 kg weight lifted 2 meters would only output about a tenth of a watt over half an hour. That is indeed enough for a led, but not a very powerful one. I doubt this is worth it.
You might want to keep the buttons at the bottom of the object they modify (for example on the 'update my list' page). That would make it more consistent on mobile or space constrained displays. It's also more common practice.
let mapleader = ","
nnoremap / /\v
vnoremap / /\v
nnoremap <leader><space> :noh<cr>
nnoremap <tab> %
vnoremap <tab> %
inoremap <F1> <ESC>
nnoremap <F1> <ESC>
vnoremap <F1> <ESC>
nnoremap ; :
noremap j gj
noremap k gk
nm <C-P> :se invpaste paste?<CR>
" Sage settings (from Franco Saliola)
autocmd BufRead,BufNewFile *.sage,*.pyx,*.spyx set filetype=python
autocmd Filetype python set tabstop=3|set shiftwidth=3|set expandtab
autocmd FileType python set makeprg=sage\ -b\ &&\ sage\ -t\ %
" REQUIRED. This makes vim invoke Latex-Suite when you open a tex file.
filetype plugin on
" IMPORTANT: win32 users will need to have 'shellslash' set so that latex
" can be called correctly.
" IMPORTANT: grep will sometimes skip displaying the file name if you
" search in a singe file. This will confuse Latex-Suite. Set your grep
" program to always generate a file-name.
set grepprg=grep\ -nH\ $*
" OPTIONAL: This enables automatic indentation as you type.
filetype indent on
" OPTIONAL: Starting with Vim 7, the filetype of empty .tex files defaults to
" 'plaintex' instead of 'tex', which results in vim-latex not being loaded.
" The following changes the default filetype back to 'tex':