spartango (u/spartango)

spartango commented on Feds: There are hostile stingrays in DC, but we don’t know how to find them arstechnica.com/tech-poli... · Posted by u/lgs1

walrus01 · 7 years ago

I work in wireless telecom: Really doubtful "we don't know how to find them". The FCC's enforcement bureau has a set of vans equipped to find unauthorized transmitters. IMSI catchers must transmit and remain on the air. It would be very risky to operate, even briefly, a portable imsi catcher in a briefcase and move it around WA DC, nevermind one that remained in fixed locations for hours. The only other explanation I can think of is being operated from embassies with full diplomatic protections, but that runs the risk of the host county (USA) PNG'ing several staff with 24 hour notice as punishment.

Quick edit: Whole US federal agencies have their own TSCM (technical surveillance countermeasures) staff entirely separate from the FCC. It is a job position at the dept of state. Evolved from bug detection and removal in the analog days to now encompass just about everything that can leak data.

spartango · 7 years ago

While there is extensive infrastructure for detecting active transmitting devices like Stingrays, there's no discussion (or tooling) around passive IMSI grabbers. These devices are significantly more limited (no IMEI or MSISDN, GSM-only), they remain pretty effective in areas/networks where GSM is still in place.

spartango commented on Amazon Prime Strikes Deal for Most PBS Children’s Shows nytimes.com/2016/07/02/bu... · Posted by u/uptown

aresant · 9 years ago

"Much of PBS Kids programming . . . will be REMOVED from rival streaming sites like Netflix and Hulu, and will be available only on Amazon Prime."

Oh goody.

So now instead of being able to use Netflix via Apple TV to watch her favorite PBS show my 5 year old is going to have to figure out how to bring up Amazon Prime through the shitty Samsung TV interface.

Or better yet maybe I'll have to buy another device that will be obsolete in a year.

This Amazon / Apple bs war of not supporting eachother's devices has got to stop, it sets a terrible precedence which seem to be aimed at protecting the devices which are so incredibly commoditized!

Apple - please just let us have an Amazon app on Apple TV. Is it such a protective move when I can just airplay prime from an iphone / ipad / macbook to apple tv?

spartango · 9 years ago

For what it's worth, PBS has an app[1] for Apple TV, and it has much of PBS' content.

With that said, the general problem of certain services being restricted from/to specific platforms is extremely frustrating, and will only get more painful as exclusives become common.

[1] http://www.pbs.org/anywhere/connected-tv/apple-tv/

spartango commented on Being privacy-aware in 2016 vox.space/blog/89/being-p... · Posted by u/maglavaitss

barking · 9 years ago

Some people are advising that duckduckgo can say that they are not tracking you but being based in the USA could be made to do so by the NSA.

spartango · 9 years ago

I'm not convinced this localization argument holds so much water. Consider the following:

Case 1: If you're using a search engine not based in the US, and you're not a US person, then the NSA probably can't use any legal tools against you (depending on country). However, the NSA is allowed to use the full range of its capabilities to collect against you (PPD28 notwithstanding). They can infiltrate that service by technical or human means and carry out espionage activity without legal restriction (Title 50/EO12333). Further, they can retain the data unredacted for a long time.*

Case 2: On the other end of the spectrum, if you're a US person and you're using a US-based search engine, surveillance activities against you are far more complex. Warrants, NSLs, and/or other legal paperwork is involved, and there are strict rules on data retention, sharing, and minimization. That's not to say that there isn't surveillance, just that it comes with substantially more overhead. Meanwhile, most of the NSA's technical exploitation approaches are off-limits, and any collection/exploitation activity must be carefully managed.

Case 3: The intermediate case, where you're a non-US person using a US service, is a bit more hairy but still is better than the first case. While the NSA/FBI can utilize a range of legal tools (again, warrants, NSLs, etc) against you, because your data is likely entangled with US-persons data, it must also deal with all the overhead of minimizing and redacting that data (same as case 2). Similarly, the use of technical means against US providers is heavily restricted, so you won't be fighting against the same capabilities as you would be in case 1.

At the end of the day, which do you think is easier for the engineers at NSA: exploiting, entering, and just taking everything (case 1) or filling out a huge amount of paperwork and carefully handling the redacted scraps of data that comes back from the provider eventually (cases 2 and 3)?

I think you can make an argument for either side, but I tend to believe that technical exploitation is easier than legal, for now.

*Caveat here is that this intelligence data is hard[er] to use in US law enforcement activity against you. It's worth noting, however, that NSLs and FISA data are also non-trivial.

spartango commented on Why I’m not speaking at CPDP: It’s the privacy-washing ar.al/notes/why-im-not-sp... · Posted by u/detaro

spartango · 10 years ago

Maybe I'm just out of the loop, but the author doesn't make it clear what exactly is objectionable about Palantir with respect to privacy issues. That's not to say that there isn't anything, but just that it would be helpful to have a synopsis of what exactly they're doing wrong.

I understand that they do work with governments, but that's as much as I've seen in the press. There has been far wider discussion of the privacy challenges facing Facebook and Google.

spartango commented on F-35 stealth jet 'will not be able to fire its guns until 2019' telegraph.co.uk/news/worl... · Posted by u/protomyth

ZanyProgrammer · 11 years ago

Is the software gun issue with the F-35 fleet in general, or with the very glitchy F-35B? The article doesn't do a good job of explaining that-though since its a British article, I'd assume its the F-35B, which will be on the QE2 class carriers.

Really, if you want a culprit for the F-35, blame the US Marine Corps (MARINES, RAWR!!) for insisting on the highly faulty and problem plagued F-35B. If the Brits had insisted on building proper through deck carriers, this wouldn't be an issue (at least the F-35B issues). The QE2 class are awfully big, and really should just be through deck without the ski jump.

spartango · 11 years ago

Neither the F-35B nor the F-35C carries a gun. The USAF's F-35A is the only model affected by this issue.

Also, the Marines want the STOVL F-35B for operation on LHA/LHDs, as well as small island bases with short/limited runways. It's not just the ski-jumping Brits who want that feature.

With that said, you're right that the STOVL capability has added substantial complexity to the airframe.

spartango commented on Can a Computer Replace Your Doctor? nytimes.com/2014/09/21/su... · Posted by u/mp4box

ThomPete · 11 years ago

This is what stood out for me actually:

"... At the Mayo Clinic’s Transform symposium this month in Rochester, Minn., I heard Eric Dishman, a general manager at Intel, explain how he had used data to individualize his own cancer care. More than a decade ago, when he was only partly responding to chemotherapy for a rare kidney cancer, he used a step monitor to help figure out what provoked his pain and then worked with a physical therapist to treat it. More recently, scientists were able to analyze the genetic sequence of his tumor, identifying a medicine for treatment. He is now cancer free..."

spartango · 11 years ago

If you find the work in cancer interesting, it's worth looking into a few commercial outfits that are doing this type of testing:

* Genomic Health ($GHDX) with OncotypeDX

* Foundation Medicine ($FMI) with FoundationOne

Both of these companies have tests on the market that analyze tumor genomes (sequencing or microarray-based) and provide information to oncologists to better treat their patients. Information like drug efficacy and tumor aggressiveness (requiring chemo-/radiotherapy).

spartango commented on Show HN: Miimic – Let your friends text for you miimic.me/... · Posted by u/jchoudh

spartango · 11 years ago

An email version of this would be quite useful for team interactions with sensitive partners/clients/contacts.

spartango commented on Terminal – Virtual computers that start, resize, and scale in seconds terminal.com... · Posted by u/dshankar

wmf · 11 years ago

Check out CRIU.

spartango · 11 years ago

Cool, thanks. I hadn't seen this before.

For those wondering: CRIU is Checkpoint/Restore In Userspace.

http://criu.org/Main_Page is the project, and http://criu.org/LXC is container support.

From a quick look, it seems that there are some limitations in CRIU, especially with LXC support, but it is work in the right direction.

spartango commented on Terminal – Virtual computers that start, resize, and scale in seconds terminal.com... · Posted by u/dshankar

dk8996 · 11 years ago

Looks like they are running on AWS -- you can see in the video "xlarge" and other systems types that are named the same in AWS. Interesting how they are playing some "tricks" to enable some cool capabilities. I am willing to bet they have a AWS box running of each type and using Docker or something like that. Probably spinning up instance types as they are used up. I am also willing to bet that if they got some non-significant traffic, that 5 sec will be 5-10 min. Don't mean to throw cold water on it but over all looks cool -- not sure what I would use it for. I would love to see the architecture for this product.

spartango · 11 years ago

Your explanation is clever and could account for most of the behavior of the product. Certainly the environments, rapid booting, and even hot resizing.

What's missing, however, is how they do machine state snapshots (not supported in any container system afaik). I know Xen/VMWare support these, but if they are running atop AWS they will not have access to the hypervisor. I can imagine kludgily running another hypervisor atop AWS, but there would appear to be a more clever solution.