Friday, June 13, 2015 - [[[[[[[[[[[[[[[[[[[[[[ National Whistleblower Center ]]]]]]]]]]]]]]]]]]]]]]

Friday, June 13, 2015 - [[[[[[[[[[[[[[[[[[[[[[ National Whistleblower Center ]]]]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Monday, August 11, 2014 - [[[[[[[[[[[[[[[[[[[[[[[[[ Project - N.N.O.M.Y ]]]]]]]]]]]]]]]]]]]]]]]]]]

Monday, August 11, 2014 - [[[[[[[[[[[[[[[[[[[[[[[[[ Project - N.N.O.M.Y ]]]]]]]]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ The National Network Opposing The Militarization of Youth ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Monday, August 11, 2014 - [[[[[[[[[[[[[[[[[[[[[[[[[[ Project - Y.A.N:D ]]]]]]]]]]]]]]]]]]]]]]]]]]]

Monday, August 11, 2014 - [[[[[[[[[[[[[[[[[[[[[[[[[[ Project - Y.A.N:D ]]]]]]]]]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ The National Network Opposing The Militarization of Youth ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Sunday, July 13, 2014 - [[[[[[[[[[[[[[[[[[[[[ One Nation Under Surveillance ]]]]]]]]]]]]]]]]]]]]]]

Sunday, July 13, 2014 - [[[[[[[[[[[[[[[[[[[[[ One Nation Under Surveillance ]]]]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Saturday, January 18, 2014 - [[[[[[[[[[[[[[[[[[[ Nullify The NSA - OFFNOW.org ]]]]]]]]]]]]]]]]]]]]

Saturday, January 18, 2014 - [[[[[[[[[[[[[[[[[[[ Nullify The NSA - OFFNOW.org ]]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Saturday, January 18, 2014 - [[[[[[[[[[[ Whatis Taxed.com - Income Tax Research ]]]]]]]]]]]]

Saturday, January 18, 2014 - [[[[[[[[[[[ Whatis Taxed.com - Income Tax Research ]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Stop Funding Criminal Government - Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[[[[[[[[[[[[[[ The Lone Gladio By Sibel Edmonds ]]]]]]]]]]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[[[[[[[[[[[[[[ The Lone Gladio By Sibel Edmonds ]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[ Bin Laden Worked With U.S. Government After 9/11 ]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[ Bin Laden Worked With U.S. Government After 9/11 ]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[ U.S. Government 'Directly Involved' In Terror Plots ]]]]]

Thursday, Sept 11, 2014 - [[[[[[ U.S. Government 'Directly Involved' In Terror Plots ]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Thursday, October 12, 2015 - [[[[[[[[[[[[[[ The Attacks Will Be Spectacular ]]]]]]]]]]]]]]

Thursday, October 12, 2015 - [[[[[[[[[[[[[[ The Attacks Will Be Spectacular ]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ Disseminate Widely ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[[[[[ Reality Check More Americans Rethinking 9/11 ]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[[[[[ Reality Check More Americans Rethinking 9/11 ]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[[[[[[[[[[[[[[[[[[ We Will N.E.V.E.R. Forget ]]]]]]]]]]]]]]]]]]]]]]

Thursday, Sept 11, 2014 - [[[[[[[[[[[[[[[[[[[[[[[[ We Will N.E.V.E.R. Forget ]]]]]]]]]]]]]]]]]]]]]]
[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[[ N.E.V.E.R. Forget ]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]]

Cost of War to the United States

Thursday, January 21, 2010

$oMe Le$$On$ fRoM tHe At-T/FaCeBoOk $wItChErOo - OnLy In AmErIkA!


Thursday, January 21, 2010

by Peter Eckersley

Over the weekend, there was an odd story about people using AT&T's wireless network trying to log in to Facebook, and suddenly finding themselves logged in to somebody else's Facebook account. What could have caused such a strange phenomenon to occur? What does it tell us about the innards of the mobile web, and what lessons might it convey for network and application design?

Ars Technica had a good post documenting some of the possibilities, and AT&T has now made some public statements containing a few key clues about the problem. We have a few things to add.

[Warning - this post gets fairly technical]

1. Facebook. Facebook needs to start using HTTPS for everything! Without HTTPS and secure cookies, the private and sensitive information in their users' accounts is vulnerable to being mixed up by ISPs' proxy servers, logged, eavesdropped or pilfered by hackers.

1 Google now uses HTTPS by default for every interaction with Gmail, and there's no excuse for Facebook not to do the same.

2. AT&T. Here, the story is more complicated, but the short summary is that AT&T (and all other ISPs) really need to migrate away from using proxy and gateway servers to perform complicated software tasks.

The problem at the ISP's end appears to have been a manifestation of an engineering hangover from WAP 1.0, which was the first attempt to bring the Web to mobile phones. WAP made a number of design decisions intended to work around the limitations of 1990s-era cell phones, including tiny storage space, limited bandwidth, and small keypads. In retrospect, some of those design decisions appear to have been unwise. A relevant example was the decision to involve the wireless carrier in website authentication. Where the normal HTTP Web stores authentication cookies on users' computers, early versions of WAP specified that cookies should be stored on proxy servers called WAP gateways, operated by wireless carriers.2 Another practice was to try to avoid ever having to make the user type a username and password with only a numeric keypad, by circulating URLs that contained automatic authentication parameters.

===snipped===>

There is a lot of engineering controversy about whether it's ever appropriate for complex application functions to be performed by proxies, gateways or transcoders operated by ISPs. One key argument is that if the ISPs pick a poor solution, or don't all implement exactly the same thing, then developers and users will be worse off than if the ISP had done nothing at all.

Whether or not this is true in all cases, it's clear, at the very least, that ISPs need to be extremely cautious in this space. They need to only deploy a proxy-type solution when it is certain that clients and servers can't solve the problem for themselves. They need to be transparent: follow well-established standards, clearly document their practices, and answer technical questions promptly. Lastly, they should offer users and application providers a standardised way to opt-out of the proxies if they might cause technical or security problems.

Even as mobile phones and mobile browsers are approaching the sophistication of desktop PCs, many mobile carriers are continuing to play strange and undocumented tricks with subscribers' data communications.

And AT&T in particular still has a way to go with respect to transparency. Their public statements indicated that they had deployed some new security measures in the wake of the Facebook affair. When we asked them what those measures were, their spokesperson's response was:

------------------------------------------------------------------------------------------------

In terms of the new security measures AT&T has put into place, due to security sensitivity, we aren't providing specifics.

AT&T's disappointing response is to retreat to security through obscurity. But long experience teaches that security through obscurity is usually no security at all.

------------------------------------------------------------------------------------------------

==snipped===>"And Ye Shall Know The Truth and The Truth Will Set You Free"

WAKE UP AMERICA.....IT(s) OUR COUNTRY!!!

Love "Light" and Energy

_Don

References: Implementing and Testing The U.S. Torture Matrix - More Of The How!









No comments:

TOPs Blogger Role