|
The Telecom Digest
Volume 29 : Issue 97 : "text" Format
Messages in this Issue:
Re: Most people can't talk on a cellphone and drive safely, study finds (Sam Spade)
Re: Data security law sparks concerns (Barry Margolin)
Re: Data security law sparks concerns (Robert Bonomi)
Court Backs Comcast Over FCC on 'Net Neutrality' (Neal McLain)
Re: Waiting for Verizon.. (Scott Dorsey)
Re: Walmart changing phone system after abuse (Scott Dorsey)
====== 28 years of TELECOM Digest -- Founded August 21, 1981 ======
Telecom and VOIP (Voice over Internet Protocol) Digest for the
Internet. All contents here are copyrighted by Patrick Townson and
the individual writers/correspondents. Articles may be used in other
journals or newsgroups, provided the writer's name and the Digest are
included in the fair use quote. By using -any name or email address-
included herein for -any- reason other than responding to an article
herein, you agree to pay a hundred dollars to the recipients of the
email.
===========================
Addresses herein are not to be added to any mailing list, nor to be
sold or given away without explicit written consent. Chain letters,
viruses, porn, spam, and miscellaneous junk are definitely unwelcome.
We must fight spam for the same reason we fight crime: not because we
are naive enough to believe that we will ever stamp it out, but because
we do not want the kind of world that results when no one stands
against crime. Geoffrey Welsh
===========================
See the bottom of this issue for subscription and archive details
and the name of our lawyer, and other stuff of interest.
Date: Wed, 07 Apr 2010 02:59:49 -0700
From: Sam Spade <sam@coldmail.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Most people can't talk on a cellphone and drive safely, study finds
Message-ID: <pIYun.61976$y13.5120@newsfe12.iad>
Robert Bonomi wrote:
>
>
> There was, and may still be, an FAA rule of long standing that banned
> the operation of devices that 'might' generate either magnetic or RF fields
> during certain 'critical' parts (notably take-off and landing) of flights,
> UNLESS that particular device had been tested in that particular aircraft
> and found not to interfere with any of the navigation, communication, or
> flight control systems (I believe there's another 'system' component, too,
> but the name escapes me.) No provision for 'type acceptance' of either the
> aircraft, or the 'electronic' device.
Title 14 Code of Federal Regulations, Part 91:
§ 91.21 Portable electronic devices.
(a) Except as provided in paragraph (b) of this section, no person may
operate, nor may any operator or pilot in command of an aircraft allow
the operation of, any portable electronic device on any of the following
U.S.-registered civil aircraft:
(1) Aircraft operated by a holder of an air carrier operating
certificate or an operating certificate; or
(2) Any other aircraft while it is operated under IFR.
(b) Paragraph (a) of this section does not apply to -
(1) Portable voice recorders;
(2) Hearing aids;
(3) Heart pacemakers;
(4) Electric shavers; or
(5) Any other portable electronic device that the operator of the
aircraft has determined will not cause interference with the navigation
or communication system of the aircraft on which it is to be used.
(c) In the case of an aircraft operated by a holder of an air carrier
operating certificate or an operating certificate, the determination
required by paragraph (b)(5) of this section shall be made by that
operator of the aircraft on which the particular device is to be used.
In the case of other aircraft, the determination may be made by the
pilot in command or other operator of the aircraft.
Date: Wed, 07 Apr 2010 00:22:10 -0400
From: Barry Margolin <barmar@alum.mit.edu>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Data security law sparks concerns
Message-ID: <barmar-C37473.00221007042010@news.eternal-september.org>
In article
<0e-dndNL6phofSbWnZ2dnUVZ_jidnZ2d@posted.nuvoxcommunications>,
bonomi@host122.r-bonomi.com (Robert Bonomi) wrote:
> In article <p0624082ac7dec3365af2@[10.0.1.4]>,
> >
> >***** Moderaotor's Note *****
> >
> >My new employer has given me a new laptop, which has a built in
> >provision to encrypt the entire hard disk. The encryption is done by
> >the laptop's hardware, not the Operating System, and I've been assured
> >that the hard drive is unreadable in any other machine.
>
> Don't believe everything you've been told. <grin>
>
> Consider: If the machine (*not* the disk) breaks, is all the data on
> that drive then "irretrievably" lost? or can it be recovered? If
> not, then either (1) there is 'nothing important' on the machine,
> (2) it can all be readily re-constituted from other records (raising
> the question of how secure are those records), or (3) the data is
> duplicated 'somewhere else'.
>
> Consider: all the "box specific" information needed to
> encrypt/decrypt is in the hardware on that box. And, on another
> identical machine, it has the corresponding information for -that-
> boxes encryption/decryption stored in the same places. Once you
> identify where that information is stored, how difficult would it
> be to copy the 'secrets' from the first machine to the second one,
> assuming you got access to the hardware?
Isn't the secret stored in the user's head? I've never used
whole-disk encryption, but I assume you enter a password that's used
to encrypt and decrypt the filesystem.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
***** Moderator's Note *****
For the laptop I was given (a Dell Latitude e6400), there is a
power-on password used to decrypt the disk.
Bill Horne
Moderator
Date: Wed, 07 Apr 2010 15:26:29 -0500
From: bonomi@host122.r-bonomi.com (Robert Bonomi)
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Data security law sparks concerns
Message-ID: <A5KdnaKxR5rodyHWnZ2dnUVZ_g2dnZ2d@posted.nuvoxcommunications>
In article <barmar-C37473.00221007042010@news.eternal-september.org>,
Barry Margolin <barmar@alum.mit.edu> wrote:
>In article
><0e-dndNL6phofSbWnZ2dnUVZ_jidnZ2d@posted.nuvoxcommunications>,
> bonomi@host122.r-bonomi.com (Robert Bonomi) wrote:
>
>> In article <p0624082ac7dec3365af2@[10.0.1.4]>,
>> >
>> >***** Moderaotor's Note *****
>> >
>> >My new employer has given me a new laptop, which has a built in
>> >provision to encrypt the entire hard disk. The encryption is done by
>> >the laptop's hardware, not the Operating System, and I've been assured
>> >that the hard drive is unreadable in any other machine.
>>
>> Don't believe everything you've been told. <grin>
>>
>> Consider: If the machine (*not* the disk) breaks, is all the data on
>> that drive then "irretrievably" lost? or can it be recovered? If
>> not, then either (1) there is 'nothing important' on the machine,
>> (2) it can all be readily re-constituted from other records (raising
>> the question of how secure are those records), or (3) the data is
>> duplicated 'somewhere else'.
>>
>> Consider: all the "box specific" information needed to
>> encrypt/decrypt is in the hardware on that box. And, on another
>> identical machine, it has the corresponding information for -that-
>> boxes encryption/decryption stored in the same places. Once you
>> identify where that information is stored, how difficult would it
>> be to copy the 'secrets' from the first machine to the second one,
>> assuming you got access to the hardware?
>
>Isn't the secret stored in the user's head? I've never used
>whole-disk encryption, but I assume you enter a password that's used
>to encrypt and decrypt the filesystem.
>
IF as Bill said, the disk cannot be put in a different laptop and
decrypted there (given you have the password/whatever), then the
encryption is also based on some UNIQUE per-machine "secret" (something
like the 'serial number' perhaps) that is stored IN the machine itself.
I would hope that the system required some form of external input,
password, fingerprint scan, 'whatever'
>***** Moderator's Note *****
>
>For the laptop I was given (a Dell Latitude e6400), there is a
>power-on password used to decrypt the disk.
Ah. that kind of a system. The entered password is of a limited-enough
length that it is pretty much guaranteed vulnerable to brute-force attack
using 'not impossibly expensive' (as in "probably under $100k") purpose-
built MPP hardware. The form/format/content of the critical filesystem
metadata (boot block, MBR, partition tables, etc.) is well enough known
that one can 'recognize' a correct decryption when it occurs. Making it
possible to read the encrypted sector into memory -once-, and run 'all the
possible' keys against it, unit you find the one that succeeds. With
limited key size, this approach is "computationally feasible".
This level of defense IS sufficient to protect against "casual", or
'target of opportunity', attacks -- where the bad guy has come into
possession of the machine, _NOT_KNOWING_ what it contains (nor, therefore,
how valuable the information therein "might" be), and goes looking to
see what he can find.
As I said previously, if it is an expressly targeted attack, where the
bad guys already know "what" information is there, and the value of it
is 'significant' enough to justify expending real effort (i.e., 'serious
industrial espionage, 'sale-able' financial data, stuff with 'national
security' implications, etc., etc.), such a defense is little more than
an 'inconvenience' to the attacker.
Date: Wed, 07 Apr 2010 10:30:08 -0500
From: Neal McLain <nmclain@annsgarden.com>
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Court Backs Comcast Over FCC on 'Net Neutrality'
Message-ID: <4BBCA500.1060003@annsgarden.com>
By Amy Schatz
Wall Street Journal, Wednesday, April 7, 2010
A U.S. appeals court ruled Tuesday that the Federal Communications
Commission overstepped when it cited cable-giant Comcast Corp. for
slowing some Internet traffic on its network, dealing a blow to big Web
commerce companies and other proponents of "net neutrality."
In a unanimous decision, a three-judge panel of the U.S. Court of
Appeals for the District of Columbia Circuit said the FCC exceeded its
authority when it sanctioned Comcast in 2008 for deliberately preventing
some subscribers from using peer-to-peer file-sharing services to
download large files.
At stake is how far the FCC can go to dictate the way Internet providers
like AT&T Inc. and Verizon Communications Inc. manage traffic on their
multibillion-dollar networks. For the past decade or so, the FCC has
maintained a mostly hands-off approach to Internet regulation. But that
could soon change, likely setting off a prolonged, expensive lobbying
battle pitting Web-content providers against Internet-service providers.
http://tinyurl.com/y88sktp
Neal McLain
Date: 7 Apr 2010 12:49:45 -0400
From: kludge@panix.com (Scott Dorsey)
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Waiting for Verizon..
Message-ID: <hpid39$d38$1@panix2.panix.com>
>***** Moderator's Note *****
>
>I understand what you've written, but that's not the question I need
>an answer to. Given the price/performance ratio of a car battery, are
>there ANY backup applications it's suited for? Think about it: I can
>buy them on any streetcorner in the world, they have recharging
>stations as close as the nearest working automobile, and they're as
>rugged as any battery gets.
No, they are not as rugged as any battery gets. They won't last more
than two or three deep discharges; the plates will warp and the cells will
short out and then you pitch them.
Car batteries are intended for high peak loads for cranking a starter,
but they are unable to deal with long-term loads or deep discharge like
a backup battery would be used for.
>What's the amp-hour capacity of a typical car battery? May I assume
>that I can draw that capacitiy for that many hours from a new auto
>battery? Can I draw 1/10 that capacity for 10 times more hours?
You will notice that most car batteries aren't even rated in amp-hours,
only in "cold cranking amps." The fact that they don't have a rating for
long-term use is a sign....
--scott
--
"C'est un Nagra. C'est suisse, et tres, tres precis."
Date: 7 Apr 2010 15:39:32 -0400
From: kludge@panix.com (Scott Dorsey)
To: telecomdigestmoderator.remove-this@and-this-too.telecom-digest.org.
Subject: Re: Walmart changing phone system after abuse
Message-ID: <hpin1k$do0$1@panix2.panix.com>
>hancock4@bbs.cpcn.com wrote:
>
> Recently, an unknown person used a Walmart store telephone to access
> the P.A. system to broadcast offensive comments throughout the store.
> Police and store officials are investigating.
>
> Walmart announced its changing its system to restrict access.
So, if people are able to get to store telephones without any store
staff noticing them, what is to prevent them from stuffing their pockets
with store merchandise and walking out with it?
There is no substitute for having actual staff on the floor watching the
customer. "Changing the system to restrict access" doesn't really solve
the problem. You need to have real people walking the floor, watching the
customers and maybe even answering their questions.
--scott
--
"C'est un Nagra. C'est suisse, et tres, tres precis."
TELECOM Digest is an electronic journal devoted mostly to telecom-
munications topics. It is circulated anywhere there is email, in
addition to Usenet, where it appears as the moderated newsgroup
'comp.dcom.telecom'.
TELECOM Digest is a not-for-profit, mostly non-commercial educational
service offered to the Internet by Bill Horne. All the contents
of the Digest are compilation-copyrighted. You may reprint articles in
some other media on an occasional basis, but please attribute my work
and that of the original author.
The Telecom Digest is moderated by Bill Horne.
Contact information: Bill Horne
Telecom Digest
43 Deerfield Road
Sharon MA 02067-2301
781-784-7287
bill at horne dot net
Subscribe: telecom-request@telecom-digest.org?body=subscribe telecom
Unsubscribe: telecom-request@telecom-digest.org?body=unsubscribe telecom
This Digest is the oldest continuing e-journal about telecomm-
unications on the Internet, having been founded in August, 1981 and
published continuously since then. Our archives are available for
your review/research. We believe we are the oldest e-zine/mailing list
on the internet in any category!
URL information: http://telecom-digest.org
Copyright (C) 2009 TELECOM Digest. All rights reserved.
Our attorney is Bill Levant, of Blue Bell, PA.
---------------------------------------------------------------
Finally, the Digest is funded by gifts from generous readers such as
yourself who provide funding in amounts deemed appropriate. Your help
is important and appreciated. A suggested donation of fifty dollars
per year per reader is considered appropriate. See our address above.
Please make at least a single donation to cover the cost of processing
your name to the mailing list.
All opinions expressed herein are deemed to be those of the
author. Any organizations listed are for identification purposes only
and messages should not be considered any official expression by the
organization.
End of The Telecom Digest (6 messages)
|