October 14, 2012, Felix Baumgartner ascended more than 24 miles above Earth’s surface to the edge of space in a stratospheric balloon. Millions across the globe watched as he opened the door of the capsule, stepped off the platform, and broke the speed of sound while free falling safely back to Earth. Felix set three world records that day—and inspired us all to reach beyond the limits of our own realities, and reimagine our potential to achieve the incredible.
GoPro was honored to be a part of this epic achievement, with seven HERO2 cameras documenting every moment. From the airless freeze of outer space, to the record-breaking free fall and momentous return to ground—see it all through Felix’s eyes as captured by GoPro, and experience this incredible mission like never before. No one gets you closer than this.
Shot 100% on the HD HERO2(r) camera from GoPro.com.
East of the River
“Wilderness is Their Home Now”
Additional Music Courtesy of ExtremeMusic
The Internet Archive
A Chicago computer hacker tied to the group known as Anonymous was sentenced Friday to 10 years in prison for cyberattacks on various government agencies and businesses, including a global intelligence company.
Jeremy Hammond, 28, was handed the maximum term for the December 2011 hacking of Strategic Forecasting, an attack his lawyers contend was driven by concern about the role of private firms in gathering intelligence domestically and abroad.
…resulted in the theft of 60,000 credit card numbers and records for 860,000 clients, which were then uploaded online.Prosecutors say the hack of Strategic Forecasting, or Stratfor, resulted in the theft of 60,000 credit card numbers and records for 860,000 clients, which were then uploaded online. Hammond admitted being behind it in May.
He also admitted to hacking several law enforcement agencies and organizations, including the Arizona Department of Public Safety, and releasing personal details of officers as part of an attack by the Anonymous-affiliated group LulzSec.
Remember Lavabit, the “secure email” service that was closed down by its owner Ladar Levison, ostensibly to avoid complying with a government request to access their “secure emails?” Specifically, emails from one of their most famous clients, Edward Snowden?
Something that always bothered me about the story: Lavabit claimed on their home page (see screenshot above) that their system was designed so that even their administrators couldn’t read users’ emails. I assumed this meant they were using some kind of public/private key scheme to encrypt emails, so that they would be encrypted while on Lavabit’s servers in a form that could not be decrypted even by Lavabit.
So how then could the government read those emails without the private keys of each user? Well, it turns out that Lavabit’s claim they couldn’t read emails simply wasn’t true. Their basic design was not secure at all, as cryptographer Moxie Marlinspike explains: Op-Ed: Lavabit’s Primary Security Claim Wasn’t Actually True.
If, as Lavabit said, it wasn’t capable of reading its users’ e-mails, how could it have been in a position to provide those plaintext e-mails to the US government?
Unfortunately, Lavabit’s primary security claim wasn’t actually true. As Ladar himself explained in this blog post, the system consisted of four basic steps:
- At account creation time, the user selected a login passphrase and transmitted it to the server.
- The server generated a keypair for that user, encrypted the private key with the login passphrase the user had selected, and stored it on the server.
- For every incoming e-mail the user received, the server would encrypt it with the user’s public key, and store it on the server.
- When the user wanted to retrieve an e-mail, they would transmit their password to the server, which would avert its eyes from the plaintext encryption password it had just received, use it to decrypt the private key (averting its eyes), use the private key to decrypt the e-mail (again averting its eyes), and transmit the plaintext e-mail to the user (averting its eyes one last time).
Unlike the design of most secure servers, which are ciphertext in and ciphertext out, this is the inverse: plaintext in and plaintext out. The server stores your password for authentication, uses that same password for an encryption key, and promises not to look at either the incoming plaintext, the password itself, or the outgoing plaintext.
The ciphertext, key, and password are all stored on the server using a mechanism that is solely within the server’s control and which the client has no ability to verify. There is no way to ever prove or disprove whether any encryption was ever happening at all. Whether it was or not makes little difference.
So the claim on Lavabit’s home page that they couldn’t read stored emails was simply false. The promise of security they made to their users was a lie. They promised not to read the emails, but breaking that promise would have been trivially easy with the way their system was built — and that’s why the feds wanted access.
It’s not clear whether the Lavabit crew consciously understood the system’s shortcomings and chose to misrepresent them, or if it really believed it built something based on can’t rather than won’t. One way or the other, in the security world, a product that uses the language of cryptography to fundamentally misrepresent its capabilities is the basic definition of snake oil.
Yep. And it raises the issue of whether Lavabit’s owner is telling the truth about the real reasons for shutting down his business, as well.
Apple released the latest version of Mac OS today, code-named Mavericks, and after installing it I feel like I’m at a highly dangerous, potentially lethal surfing spot with insanely gigantic waves. (OK, not rly.) Good thing I read John Siracusa’s incredibly in-depth article on this new operating system before getting my shorts wet: OS X 10.9 Mavericks: The Ars Technica Review.
Mavericks is the first California-themed release of OS X, named after “places that inspire us here in California,” according to Craig Federighi, who says this naming scheme is intended to last for at least the next 10 years. The pressure is on for Mavericks to set a new direction for the Mac platform.
According to Apple, Mavericks has a dual focus. Its first and most important goal is to extend battery life and improve responsiveness. Secondarily, Mavericks aims to add functionality that will appeal to “power users” (Apple’s words), a group that may be feeling neglected after enduring two releases of OS X playing iOS dress-up.
Is that enough for Mavericks to live up to its major-release version number and to kick off the next phase of OS X’s life? Let’s find out.
Greenwald and the Guardian’s latest bombshell breaking story on the NSA uses a fear-mongering tactic that’s been common throughout their bombshell breaking stories — a seemingly deliberate intention to confuse and conflate the ability to do something with the act of doing something.
The breathless headline: US and UK Spy Agencies Defeat Privacy and Security on the Internet.
The overheated lead paragraphs:
US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.
The files show that the National Security Agency and its UK counterpart GCHQ have broadly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.
And not a hint of acknowledgment that in order to decrypt any US citizen’s information for any purpose, the government still needs to get an individual warrant. (This time, a search for “warrant” in the article returned no results.)
The bombshell comes down to this: spy agencies crack encryption schemes.
“Since the beginning of human history,” the Guardian did not add.
Greenwald boasts that he ignored government requests not to publish the article:
“Intelligence officials asked the Guardian, New York Times and ProPublica not to publish this article” http://t.co/SeboSzdzBr
— Glenn Greenwald (@ggreenwald) September 5, 2013