Sciencemadness Discussion Board
Not logged in [Login ]
Go To Bottom

Printable Version  
 Pages:  1  2
Author: Subject: Hazmat False Alarm/Raid near my house
Chemosynthesis
International Hazard
*****




Posts: 1071
Registered: 26-9-2013
Member Is Offline

Mood: No Mood

[*] posted on 15-4-2015 at 11:50


Here is the section of Title 10 of the US Code law on PC Act that pretty forcibly restricts Navy+Marines, not in the PC Act itself: 10 U.S.C. §375.

NG swears two oaths, to state and federal constitutions, but when acting in Title 10 federal capacity is considered Army for Army National Guard.
View user's profile View All Posts By User
macckone
International Hazard
*****




Posts: 1976
Registered: 1-3-2013
Location: Over a mile high
Member Is Offline

Mood: Electrical

[*] posted on 15-4-2015 at 12:20


Quote: Originally posted by Chemosynthesis  
Here is the section of Title 10 of the US Code law on PC Act that pretty forcibly restricts Navy+Marines, not in the PC Act itself: 10 U.S.C. §375.

NG swears two oaths, to state and federal constitutions, but when acting in Title 10 federal capacity is considered Army for Army National Guard.


The PCA was originally army only. Various modifications have been made through the years. Now there are exceptions for terrorist attacks and natural disasters. The exception for active insurrection was removed in 2008, I think. The army can also act against foreign persons on American soil, ie. to stop illegal immigration or foreign militias, armies and unlawful combatants.

The navy and marines are restricted by regulations, not law, drawn by the dept. of defense. The law specifying these regulations could easily be reinterpreted from its clear meaning. Oh side note, other laws can be interpreted to mean that intentional injury of a cop is an act of terrorism, so in theory the army can be called out if someone attacks a cop. Not sure what this really has to do with the original incident except for the NG at the scene, which isn't covered be PCA unless they are nationalized by the President.
View user's profile View All Posts By User
Chemosynthesis
International Hazard
*****




Posts: 1071
Registered: 26-9-2013
Member Is Offline

Mood: No Mood

[*] posted on 15-4-2015 at 14:24


We disagree. National Guard has no authority unless activated by the governor or president, so it is a little more complicated than just being prohibited when activated by the president. They then must be activated through the authority of the governor. All these minor points about what constitutes justification for activation are irrelevant to the procedure itself. Your logic means that the governor's office was somehow alerted and activated the National Guard for this case. That sounds fishy to me given my knowing more than one governor. Now I don't know the secret details of the applicable governor's machinations, so I am ignorant of that, but it sounds weird to me. Possible, but weird... at least in my state (working off of hurricane deployments, including out of state to Katrina). Their state may work differently. This is part of why I was asking; perhaps someone could inform me that their state has active units for some other reason that were re-assigned, or their constitution is drawn up differently.

And of course the PCA has been amended. Most notably in 1981, but this likely isn't relevant. You said it only technically applies to Army and AF. Not true. Law binds it to Navy and Marines. Specifics are delegated to DoD, but the law is applicable. Whether you can argue it in court is irrelevant. It is also irrelevant to my original point of the Army National Guard, and was originally phrased in a manner I believe is not accurate. PCA applies to Marines and Navy through law, title 10 USC, in contrast with what you had said. If you had said the law itself read as being, or was originally not applied to other branches, you would have a historical point.

[Edited on 16-4-2015 by Chemosynthesis]
View user's profile View All Posts By User
gregxy
National Hazard
****




Posts: 421
Registered: 26-5-2006
Member Is Offline

Mood: No Mood

[*] posted on 15-4-2015 at 19:39


I don't think it would be difficult (for the NSA, CIA etc) to automate. The big part is getting the taps on the data line of any interesting site or the user. These record the IP address and the arrival/departure times the data is sent/recieved. (the meta data, Snoden said they are already doing this).
You then build a signature from these times and match them up. As long as the data path is constant and delay time variation << than the time between data exchanges (mouse clicks) after 5-10 data exchanges they can match you. For a low traffic site given enough exchanges from a visitor, there is no need to even match the IP addresses.
The matching should be O(N) where N is the number being watched.
First sort them into bins bases on the times. N=millions is not an issue.

I think TOR uses the same data path for each session, so its no help,
against the NSA, its a "honey pot".

Algorithm:

Write bot to read SM look for interesting words.
Identify interesting poster, get his post times.
Match post times to data io times
Match data times to joe-blows data times tapped from his ISP.
Send robot cop to arrest joe
View user's profile View All Posts By User
Loptr
International Hazard
*****




Posts: 1298
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

[*] posted on 15-4-2015 at 19:55


Quote: Originally posted by gregxy  
I don't think it would be difficult (for the NSA, CIA etc) to automate. The big part is getting the taps on the data line of any interesting site or the user. These record the IP address and the arrival/departure times the data is sent/recieved. (the meta data, Snoden said they are already doing this).
You then build a signature from these times and match them up. As long as the data path is constant and delay time variation << than the time between data exchanges (mouse clicks) after 5-10 data exchanges they can match you. For a low traffic site given enough exchanges from a visitor, there is no need to even match the IP addresses.
The matching should be O(N) where N is the number being watched.
First sort them into bins bases on the times. N=millions is not an issue.

I think TOR uses the same data path for each session, so its no help,
against the NSA, its a "honey pot".

Algorithm:

Write bot to read SM look for interesting words.
Identify interesting poster, get his post times.
Match post times to data io times
Match data times to joe-blows data times tapped from his ISP.
Send robot cop to arrest joe


Haha, explain how this could be achieved in O(N) time? :)

Again, they have bigger fish to fry. They have the resources to do whatever they want. The point was to not make your self an easier target, that is completely susceptible during a drive by attack.

Tor also combines multiple messages during forwarding, so ingress can not easily be correlated to egress. You would have to capture a lot of Tor traffic to do this, and I mean across all nodes in the Tor network.

You have over simplified the problem and inflated your important as a target to them.

I am not here to debate Tor or whatever. Just take the necessary precautions that you believe will put one or more steps in between you and them. Use clear text browser sessions, what do I care? Go ahead. Nothing will likely happen, simply because SM itself is not a target.

[Edited on 16-4-2015 by Loptr]
View user's profile View All Posts By User
turd
International Hazard
*****




Posts: 800
Registered: 5-3-2006
Member Is Offline

Mood: No Mood

[*] posted on 16-4-2015 at 13:10


Quote: Originally posted by Loptr  
From what I recall, the most revealing tell of an HTTPS connection is the URL and querystring that you see in your address bar. IIRC, that is unencrypted.

Hell no, that would completely defeat the purpose of SSL/TLS!
This was also the reason why for HTTPS you needed an IP address per virtual host, since the name of the virtual host is sent in the encrypted message creating a chicken and egg problem.

The problem was fixed (intermittently?) by SNI: https://en.wikipedia.org/wiki/Server_Name_Indication though I'm not sure how widely deployed this is.

It may become obsolete anyway with IPv6, since with that we get a bazillion (give or take) IP addresses per physical device. :P On the other hand you might consider it a disadvantage that the IP address is unambiguously associated with one virtual host.
View user's profile View All Posts By User
Bert
Super Administrator
*********




Posts: 2734
Registered: 12-3-2004
Member Is Offline

Mood: " I think we are all going to die. I think that love is an illusion. We are flawed, my darling".

[*] posted on 16-4-2015 at 13:49


I still have seen nothing on what actually caused this whole incident... And am curious, as I lived in twin cities for a while.

The rest of the security related stuff could better go in another recent thread.




Rapopart’s Rules for critical commentary:

1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.”
2. List any points of agreement (especially if they are not matters of general or widespread agreement).
3. Mention anything you have learned from your target.
4. Only then are you permitted to say so much as a word of rebuttal or criticism.

Anatol Rapoport was a Russian-born American mathematical psychologist (1911-2007).

View user's profile View All Posts By User
Loptr
International Hazard
*****




Posts: 1298
Registered: 20-5-2014
Location: USA
Member Is Offline

Mood: Grateful

[*] posted on 16-4-2015 at 15:47


Quote: Originally posted by turd  
Quote: Originally posted by Loptr  
From what I recall, the most revealing tell of an HTTPS connection is the URL and querystring that you see in your address bar. IIRC, that is unencrypted.

Hell no, that would completely defeat the purpose of SSL/TLS!
This was also the reason why for HTTPS you needed an IP address per virtual host, since the name of the virtual host is sent in the encrypted message creating a chicken and egg problem.

The problem was fixed (intermittently?) by SNI: https://en.wikipedia.org/wiki/Server_Name_Indication though I'm not sure how widely deployed this is.

It may become obsolete anyway with IPv6, since with that we get a bazillion (give or take) IP addresses per physical device. :P On the other hand you might consider it a disadvantage that the IP address is unambiguously associated with one virtual host.


You're right, turd. For some reason, I thought the first line in the HTTP request header was visible. I am not sure why I thought this--memory from somewhere.

Quote:
GET /webpage.htm HTTP/1.1


I think I am confusing it with the HTTP CONNECT method, that is initially sent over HTTP in cleartext, which then causes a secure session to be established.

[Edited on 16-4-2015 by Loptr]
View user's profile View All Posts By User
Bert
Super Administrator
*********




Posts: 2734
Registered: 12-3-2004
Member Is Offline

Mood: " I think we are all going to die. I think that love is an illusion. We are flawed, my darling".

[*] posted on 16-4-2015 at 15:59


I am going to split this thread and merge most of it with a recent thread more in line with the computer security subject...

If anyone knows anything about OP's neighborhood chemist- Love to hear it.




Rapopart’s Rules for critical commentary:

1. Attempt to re-express your target’s position so clearly, vividly and fairly that your target says: “Thanks, I wish I’d thought of putting it that way.”
2. List any points of agreement (especially if they are not matters of general or widespread agreement).
3. Mention anything you have learned from your target.
4. Only then are you permitted to say so much as a word of rebuttal or criticism.

Anatol Rapoport was a Russian-born American mathematical psychologist (1911-2007).

View user's profile View All Posts By User
Zombie
Forum Hillbilly
*****




Posts: 1700
Registered: 13-1-2015
Location: Florida PanHandle
Member Is Offline

Mood: I just don't know...

[*] posted on 16-4-2015 at 16:27


It was Cou! He chlorinated the sewer system in a hasty attempt to flush the evidence.I believe he got his arm stuck in the john, and had to dial 911.

That's what I heard.




They tried to have me "put to sleep" so I came back to return the favor.
Zom.
View user's profile View All Posts By User
 Pages:  1  2

  Go To Top