What would happen if he lobotomized(carefully and mildly) himself, and legitimately could not remember his encryption keys/pw nor the reason he performed lobotomy?
Surely this layman knows enough about the brain to know how to lobotomize himself such that he forgets his passwords, but not such that he forgets how to perform a self-lobotomy!
What happens if some 10 year old in say Russia, for example (lol), used Bitcoin he made from a few minutes of mining in the very early days of Bitcoin, to purchase a black hat SEO campaign, spamming social networks like Twitter, Tumblr, and Reddit with a click-baity title and purchased upvotes/likes/retweets, spreading a gif like this across US social networks. Would our law enforcement convince, or manually penetrate the networks of the black hat SEO service spending possibly millions of dollars to maybe track down this 10 year old, to find out they have no jurisdiction over him? What if someone had an unsecured hotspot on their phone and local LE accused the person who owned the phone of this?
Are local LE's capable of deciphering the possibly extremely technical misdirections one could easily employ? What if someone reads WikiLeaks, and used one of the exposed zero day exploits to frame a mobile phone user of this. What if someone's friend knows their WiFi password and does the same thing, spoofing the owners Mac address?
What prevents a 10 year old kid from sending anyone they dislike to court for who knows how long, requiring them to amass legal fees to defend themselves. What happens if one of the enormous number of people who have RAT's from malware on their computer from being set up in this manner?
What if someone creates their own image hosting server, and they swap all the images hosted, out for this gif? What happens if someone hacks said img hoster and does the same? What if it is a massive free, fast image hoster, and they are hacked and this happens?
If the precident dictates that this could potentially kill people, what standards of security should image hosters be held to? Should they be required to pay for the same annual audits companies who handle credit card info do? Or should they be held to the standards of government contractors? Seems like they are effectively claiming the security of image hosters is an order of magnitude more vital than any other company. What if a kid uses the WikiLeaks zerodays which were purposely not exposed by the CIA, provided the entry for this 'prankster'? Can any potential victims sue the government.
Since we've established that feelings matter, how is a gif like this different then offending someone to an absurd degree? I've seen several articles from multiple news sources from different countries, detailing the enforcement of hate speech crimes; for example, Western countries making it illegal to speak out against islam? Are offenses of those nature subject to similar accountibility? Are law enforcement agencies equipped well enough to be certain that no misdirection or projection of the actions onto another was utilized?
Obviously one could go on for eternity like this. Making it simple for anyone with Google to lock someone up who they dislike. Seems to me that a person who is susceptible to these triggers, should find a solution on their end to somehow inhibit the effectiveness of such weapons. If all jurisdictions were to take this seriously, whether it's a 'meme' charge or attempted murder, one could backlog an entire countries legal system for years for a small sum of money. Tbh, this is the dumbest thing I've ever heard of, and the few comments I read, are equally ignorant.
What if, the defendant in op's story denies the accusations. What if his friend did it from his phone while he was sleeping, and never told a soul? Good luck using the internet, everyone. Hide your kids, hide your wife.
Convicting a person who allegedly posted an image on the internet, with intent to trigger a sizeure in another, sets the precident for every means of distribution of a similar image that I listed off to be treated as attempted murder or whatever charges come of this. Name one thing in my wall of text that is not an implication of this story; Unless you are implying this article is on hackernews, only to foster discussion of the technical aspects of a subpoena of personal information?
> Convicting a person who allegedly posted an image on the internet, with intent to trigger a sizeure in another, sets the precident for every means of distribution of a similar image that I listed off to be treated as attempted murder or whatever charges come of this.
You are apparently unfamiliar with the concept of 'intent' in criminal law. This was a message targeted at an individual with specific intent to cause seizures. All your hypotheticals have no basis in fact.
> Name one thing in my wall of text that is not an implication of this story;
Every one of them?
> Unless you are implying this article is on hackernews, only to foster discussion of the technical aspects of a subpoena of personal information?
No, it is on HN because enough people found it interesting to warrant discussion of this actual case. Fantasy need not enter the discussion unless it bears some connection to reality, making stuff up out of whole cloth is not going to further the discussion in a meaningful way, no matter how long you make your walls of text.
> Proving intent in most cases, is extremely costly and difficult. Are you familiar with the concept of 'precedent' in criminal law?
I don't know about "most cases", but in this particular case it's fairly easy since the weapon came attached with a note saying essentially 'I am hoping this kills you, buh bye'.
If I were 10 years old and I had Bitcoins to spend, I sure as hell wouldn't use them "to purchase a black hat SEO campaign". What 10 year old kid would?
Sadly that's not how the justice system usually works. Investigators put together worst case scenario and find some facts that support their hypothesis (this document). Like everyone else he will settle and probably spend a few months in jail and pick up garbage on the freeway for 6 months, whether he did it or not. It's usually not worth the risk of losing in court
That much I'm fully aware, it's up to the defense basically even if the accused can't afford a good one. I believe the system should focus more on justice rather than convictions, but that's a whole different matter.
I am implying that this is rediculous, and that spending any significant resources to pursue this should be criminal. I'm saying that unless they have a confession from the defendant that he was trying to kill this guy, or his diary dictating that, which they should include in the story were that the case, then this is just stupid. The presidence this case might set forth is terrifying. It provides a never before seen limitless weaponization of the justice system, which will be abused by those without morals, those who have a lot to lose, and those with more $ to attack anyone they like. Any halfway smart kid can use this image attack with zero risk of being caught, so clearly the safety mechanisms and protections need to be on the victims end.
> I'm saying that unless they have a confession from the defendant that he was trying to kill this guy, or his diary dictating that, which they should include in the story were that the case, then this is just stupid.
You must have missed the bit in the article where the defendant actually indicated he did just that, and in writing no less.
> I'm saying that unless they have a confession from the defendant that he was trying to kill this guy, or his diary dictating that, which they should include in the story were that the case, then this is just stupid.
If that was the standard for a criminal prosecution, we'd rarely convict anyone.
> The presidence this case might set forth is terrifying. It provides a never before seen limitless weaponization of the justice system, which will be abused by those without morals, those who have a lot to lose, and those with more $ to attack anyone they like.
The fact that assault is a crime has been established many, many years ago.
Every response is karma suicide, however, I am obviously referring to this exact specific case.. One would traditionally assume that posting a gif is not a crime, no matter the gif (with a few exceptions in the law such as certain types of pornography), in THIS case, the person I am responding to claims it is a crime because of the intent. And the precedent I am discussing is apparently whether or not posting a 'gif' image is assault, regardless of intent, which you are implying this case would claim. Please see my other comment, the one(and the paragraph) talking about 'kittens'. Explain to me the difference between this specific case and that one? How about those gifs which tell you to stare at the optical illusion, and after an arbitrary amount of time, show a terrifying skeleton. Is it a crime to post that without sufficient warning?(assuming it hurts someone psychologically - please apply this assumption to all of the following hypotheticals) Those would never 'go viral' if they contained warnings, obviously, and could be extremely and permanently damaging to certain people with relevant psychological conditions. If it isn't a crime to share those images, is it a crime to post them on an anxiety subreddit? If not, is it a crime to post them on an anxiety subreddit, with intention to trigger panic attacks, or similar, in their users? Is it a crime to email those to a person who enjoys optical illusions, has severe panic disorder and ptsd, and several heart conditions? how about with the intent to kill them? Does intent dictate criminality here? If not, what makes it criminal? Number of people affected by a given condition?
Please continue down-voting each of my replies(so I am discouraged from proving my argument) and assume whatever titles are associated with that sort of behavior.
Edit: Also worth noting that getting convicted is mostly irrelevant to my argument. I am trying to bring attention to the burden this sort of thing could put on a legal system, especially if it was 'weaponized,' as well as the burden of legal fees, time, and negative publicity, false claims like these would have on the defendant.
Criminal intent is one of the most important parts of law. If there is no criminal intent in many cases there is no crime.
If you want to have a discussion, take some time to clearly articulate your arguments because it's hard to read. I think that's what's getting voted down, not necessarily that everyone disagrees with you.
> Is it a crime to email those to a person who enjoys optical illusions, has severe panic disorder and ptsd, and several heart conditions?
Maybe, it depends. In any case if your intent was pure but you're just stupid the case brought against you in the event of a mishap would be one of negligence.
Not sure if you're aware of this, but punishments are meted differently to 10-year-olds compared to adults. The suspect in this case was a 29-year-old man. And "most young kids are probably afraid of guns" sounds like something said by someone who didn't grow up in a rural state.
I think you highly underestimate the effect they have on you. A small number of bots can completely disrupt discourse, eliminate stories that might make the top of all, and instead only get a couple dozen views. One of the tests they (point) ran, consisted of voting every story in new on a particular, decent sized sub, either up or down, as soon as it was posted. the stories they voted up, once, had several times more likelihood of making the first page of hot, and consequently all. The first few minutes can make or break a story with just a handful of votes with great consistency. The $ spent on such narrative control are absurd. For instance, David Brock's "correct the record" burned through 10's of millions of $ during the election, used new and purchased accounts, custom 3rd party anaylitics, offices of shills domestic and foreign; there are several different leaks which came out, showing the conversations in their slack groups, and how they go about effectively killing a story, or fabricating an entire narritive. It is VERY difficult to distinguish shills from 'legit' posters in some circumstances, often those who laid low and applied only mild pressure, weren't discovered until they posted images with correct the record filenames, or accidentally used the same verbiage from separate accounts. Currently, since the termination of correct the record, shareblue has taken over their 'mission' and does the same stuff in the same places. The FBI and CIA make enormous use of the same things, to discourage leaked Intel and damaging natsec information on Reddit and the Chan's from spreading, and he FBI has gone as far as planting child pornography to scare people off and even threaten prosecution of those who are influential/damaging. Correct the record has lists and ratings of Reddit users, one which leaked recently, which you can download right now and import into RES. The same thing occurs in the movie/TV industry, and we are starting to see the evidence come out now, of the massive operation mansanto was running out of large corporate offices, as well as partnering/contracting researches and those of larger social significance to discredit and dismantle the compilation of evidence and investigation into their wrongdoings. Judging by your comment, I'd guess you are among the highest tier of impressionability among those partaking in this discussion. Ignorant comment.
I'll add the most common use if intelligence shilling appears to be burying legitimate leaks in similar but provably false claims, or completely unverifiable, but equally absurd claims. On the Chan's '' for instance, there is no way to tell whatsoever, who is being sincere.
That was always and is universally true, and is in fact one of the basic facts of Chans... and why it appeals mostly to the very young. Chans mostly reflect the teenagers who are their majority users... a lot of style, occasionally a little brilliant substance, mostly garbage invented for thrills.
Right. CTR and Shareblue is all in reference to reddit. Rest is just somewhat relevant rambling, that many may not be aware of. Also, unrelated, I somehow responded in the wrong place with my first comment, to be clear.
Couple of thoughts after skimming the article. Consider weighing the importance of being able to upgrade or change uC. Don't choose a controller made by only one manufacturer (unless there is a level of certainty or confidence in their continued production/support and profitability). It would be unfortunate for example, if you used an atmega microcontroller and they went out of business, or changed their strategy and abandoned a platform, requiring you to switch to an alternative and rewrite some or all of your code. Having a codebase that can be made to run on different platforms easily would be ideal.
If there is a good chance, after a small order, you realize from feedback you are missing some crucial features and need to make changes, changes which require more it's higher or more precise clock, or whatever, make sure that the jump to the next size chip doesn't abandon or make a drastic jump in price or available volume. If you plan to manufacturer your product for a long time, ensure that you are confident in the availability of quantities at similar price for however long you expect to require it. Always be wary of jumping on board anything brand new. The Intel Edison/Curie for example based on the Quark ended up having an unfixable segfault, and was virtually abandoned shortly after it's release.
I don't think anywhere near half the country wants to be lumped into a generalization with the people yelling into that camera. Check out some of the footage on youtube.. I'm pretty sure Shia was arrested for assaulting someone who was 'memeing' the camera as well; setting the maturity bar high... It's those same people on that camera who are the ones terrorizing the streets, tearing down/burning free speech signs and assaulting those with differing views. Anyone who actually thinks that those folks are the ones denying free speech are entirely deluded. Commence down-voting.
are you suggesting it's /pol/-type Trump supporters burning free speech signs, or am I misreading your comment? Because it's antifa members and black-bloc anarchists that are doing that.
No, should've made it more clear apparently. I'm referring to the 'antifa' members (who are massively overrepresented) by msm; same misrepresentation/oversampling and 'echo chamber' that led to the massive Trump 'suprise.' I'm only suggesting the comment I responded to, which I agree with ignored even more then just half the population not almost half.
ah gotcha. Yeah I don't think the majority of non-Trump-supporters would have anything positive to say about the rioters. It's horseshoe theory in action - there are 2 kinds of fascist; fascists and anti-fascists.
Are you implying that he did something dishonest? I can't recall one example even. Although, I do recall a handful of politicians and news stories claiming the DKIM verified emails were likely fake. For example, I remember when Donna Brazile said that it wasn't her who sent the email leaking debate questions. Russians probably broke DKIM, and Brazile was probably coerced into admitting she's a liar.
Technically, there is absolutely nothing impressive whatsoever, in the archive released yesterday; I went through the entire thing. Relative to the Snowden leaks, the CIA tools look benign. The biggest difference between the two sets of leaks(and subsequent NSA revelations) however, is scale & automation. NSA's tools are built almost entirely by contractors. The 'hacking' tools are integrated with deployment tools, as well as data collection. For example, say I work for the NSA and I want to see Bob's desktop wallpaper. I already have some generic social network information, as well as ISP info on bob, and he has already been assigned a 'selector,' which I use to query Bob's information, which was gathered from all sorts of sources. Assuming I don't already have a RAT or similar installed on Bob's computer, a further step is required. The NSA has many redundant attacks entirely automated, and most of the massively successful attacks, require some sort of MITM attack. Schneier released a video(on October 26th 2016, I think - if not real close to that date,) of some sort of intelligence meeting he spoke at, with just a handful of people, where he claimed he was going to bring something to light that had not previously been revealed anywhere in public. He revealed that the majority of home routers in the U.S.(commonly believed to be the ones provided by ISP, which run a custom Linux distro, with half a dozen internal subnets, mine runs on Arris hardware, has full busy-box, and used to contain a root pivot script that was previously accessible via ssh, on an accidentally unsecured network interface, within an obscure IP range, whos shell login turned out to be the commonly available Arris rolling code('arris pw of the day?'). The embedded Linux running on the device is based on the "RDK project" as is the DVR's and modem/router combos from a variety of other ISP's. Supposedly this is patched(for arris) but I haven't attempted any further investigation since August 2016. I believe the backdoor was simply a poorly designed interface between the router and the technician GUI software.) Sorry for the unnecessary details, but I've already typed it out now. Schneier revealed that these routers(HE never specified which, but said they are everywhere), referred to by the NSA internally as 'diodes'. The diodes are used(automatically) to provide better proximity to other users, not necessarily the target, where the plethora of attacks are then executed from. The initial development costs are immensely greater than those of the CIA's, much easier and cheaper to use, by the lay person, and are more carefully controlled/depend on the system hosted by the NSA. While proximity attacks are not the only method of intrusion/full control, the next best, or perhaps better alternative is Acidfox, which is often delivered via email/browser, and requires user intervention. Clearly the NSA is leaps and bounds ahead of CIA in terms of sophistication, as well as control/oversight, as you can't just walk out the door with an archive containing 75% of their tools(they depend on infrastructure.) The CIA attacks depicted in the Wikileaks archive, almost all require manual intervention, are less reliable, and 'janky' as hell. The CIA has a record of using their tools for less than honorable/legal purposes(which may be further elaborated on, depending on what goes down with the Trump wiretaps,) either way, the CIA hacks seem like a waste of time and money (5000 employees at the consulate in Germany) and redundant. The CIA must be able to utilize the NSA's vastly superior technology/information after receiving a warrant, which makes the motives and means all the more suspicious. Who knows what will come out, but one thing is for certain, there will be a lot more information revealed pertaining to the illegal, unwarranted, for personal gain, sharing of their tools with ex employees and contractors, in the coming weeks. I could go on for ages on this stuff, but I usually just get instantly downvoted, and I'm not providing sources(as it's all from memory[pro memory,] but it's all easily duckduckgo-able [or google.]) There are certainly more sophisticated employees and programs at the CIA(obviously), but I have a feeling that the shindig over in Germany consists mostly of this sort of thing, cheaper, younger, less experienced kids, copy & pasting junk together, customized and deployed on a case by case basis. I also have a feeling that the reasons Obama set that up, is going to be an interesting narrative which we will soon watch unfold. (hint: 7th floor group; aka 'shadow government') P.S. I refuse to go back and grammar check this monstrosity.
Edit: Maybe someone can answer this question for me.. So from the Snowden leaks, we know the extent of the NSA toolkits and the requirements which need to be met to utilize them. Now we know some of the CIA's capabilities, and after Apple refused to unlock the San Bernardino Shooter's iPhone, we found out the FBI was playing some sort of politics, by claiming that justice might not be served without Apple's intervention, and proceeded to publicly shame the ethical position Apple took. So why on earth was Obama trying to force Apple's hand in that matter? Soon as Apple said no, the FBI somehow found the single magical person willing and able to defeat the privately enhanced security of the shooter's 5S? Makes no sense to me.
Thanks for sharing. Consider breaking it up into a few paragraphs to make it easier to parse.
The most interesting tool I found in the leaks was the bug that jumps airgap to make Nero burn trojaned binaries. If we see more tools like this come out of the woodwork, it shows that the CIA is at least in some ways keeping their teeth sharp.
I believe that the FBI and Obama both played politics for a few reasons, namely:
- Obama and the FBI probably withheld a reasonable amount of information from each other regarding the case
- This was all a charade to bring the topic into the public sphere. It backfired, but the aim was to allow future high-profile cases on which concurrent evidence trails are harder to establish. Once it backfired, Comey came out with a public letter admonishing the American people, comparing us to children. He stated that with Rule 41 coming into effect, the FBI would use its expanded powers to collect information for the following year. They would then use that information in an upcoming "adult conversation" the FBI wishes to have with the public about the future of open, libre encryption.
We should be expecting that "conversation" to take place this year. And I don't expect it to be much of a dialogue so much as a monologue. I expect the FBI to either directly or indirectly (thru Wikileaks, etc) release information that "proves" that backdoored encryption and its inherent reduced security is necessary for public safety. There is a saying we all know and love about the merits of this particular trade-off
I'm certain the FBI always had that contact on standby. They probably received multiple unprompted bids from various hacking companies during the public run of the case. They wanted to flex how much pull they had over a giant like Apple. Even though they seemingly failed, they came out with a huge data point: The American people need further brainwashing and ideological shifting before attempting a full coup over libre encryption in America.
I don't think they wanted to flex muscle over Apple, I think they were trying to build case law for situations like this. Also breaking into a phone with an exploit like this is expensive and if they have an exploit, they might not want to publish that they have it in the future so having the backdoor provides deniability even if it's fundamentally dumb.
/puts on tinfoil hat
There is also the other option which is that trust in American tech companies has been sketchy at best following the NSA leaks and this was a chance for the Obama administration to allow companies to reestablish some legitimacy when it came to security by making the US government look evil but having the corporations 'prove' that they are not backdoored by the NSA. They can still break in the covert way, but it makes it look tech companies are not as compromised as the NSA leaks would suggest.
they might also used the whole stunt as a way to inform the public that they have the capability so that next time around at the interview goes "look kid, we do have the capability to unlock the phone, but it's costly, nasty, annoying for everyone involved and will put your refusal in a very very bad light in front of the judge and jury, why you don't just give the code and we tell the judge you cooperated?"
To be frank, the whole concept of "plea bargaining" in US law is a vulnerability, broadening the attack surface for many otherwise less harmful vulnerabilities.
Hadn't thought about it like that. Interesting. Was too late to edit when I saw your comment. Unrelated: Most interesting thing to me, of this nature(was from the snowden leaks) is known as 'RAGEMASTER;' an RF retro-reflector built into a vga cable(deployed by intercepted packages between computer supplier and target I believe) which allows NSA to observe the contents of a vga signal remotely, using radar, and subsequent re-modulation and sync of the signal.. Totally bizarre.
Maybe someone can clear this one up. So from the Snowden leaks, we know the extent of the NSA toolkits and the requirements which need to be met to utilize them. Now we know what the CIA has to work with, which requires the same authorizations, however apparently they encounter less oversight/obstructions(irrelevant), and after Apple refused to unlock the San Bernardino Shooter's iPhone, we found out the FBI was playing some sort of politics, by claiming that justice might not be served without Apple's intervention, and proceeded to publicly shame the ethical position they took. So why on earth was Obama trying to force Apple's hand in that matter? Soon as Apple said no, the FBI somehow found the single magical person willing and able to defeat the privately enhanced security of the 5s the shooter carried? Makes no sense to me.
Reddit.. The narrative has been violently pushed and pulled 1000 directions for a couple years now. I'm not sure exactly what you're suggesting, but are you saying someone is either mind controlling him, or effecting leverage over him to coerce him to become their tool? You do believe it was indeed him in his interview with Hannity a month ago, right?
