$ php -i 2>/dev/null | grep php.ini
Configuration File (php.ini) Path => /etc
Loaded Configuration File => /etc/php.ini
$ php -i | grep php.ini
PHP Deprecated: Comments starting with '#' are deprecated in /etc/php.ini on line 736 in Unknown on line 0
PHP Deprecated: Comments starting with '#' are deprecated in /etc/php.ini on line 886 in Unknown on line 0
Configuration File (php.ini) Path => /etc
Loaded Configuration File => /etc/php.ini
PHP Warning: Unknown: It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'America/Los_Angeles' for 'PST/-8.0/no DST' instead in Unknown on line 0
We study the ability of a passive eavesdropper to leverage “third-party” HTTP tracking cookies for mass surveillance. If two web pages embed the same tracker which tags the browser with a unique cookie, then the adversary can link visits to those pages from the same user (i.e., browser instance) even if the user’s IP address varies. Further, many popular websites leak a logged-in user’s identity to an eavesdropper in unencrypted traffic.
To evaluate the effectiveness of our attack, we introduce a methodology that combines web measurement and network measurement. Using OpenWPM, our web privacy measurement platform, we simulate users browsing the web and find that the adversary can reconstruct 62—73% of a typical user’s browsing history. We then analyze the effect of the physical location of the wiretap as well as legal restrictions such as the NSA’s “one-end foreign” rule. Using mea- surement units in various locations—Asia, Europe, and the United States—we show that foreign users are highly vulnerable to the NSA’s dragnet surveillance due to the con- centration of third-party trackers in the US. Finally, we find that some browser-based privacy tools mitigate the attack while others are largely ineffective.
Methodology (Section 4, page 4)
Synthetic queries; i.e. no consumers were actually involved (or harmed) in this study.
Random generation of traces from random selection of Alexa top 500 sites.
Generated user behavior seeded via the 2006 AOL Search Query Dataset.
Jonathan Mayer; The Web is Flat; In His Blog entitled Web Policy; 2014-10-30.
tl;dr => modular modern design means components come from off shore, thereby obviating the potency of the “domestic only” or “one end foreign rule” for jurisdictional surveillance.
G. Acar, M. Juarez, N. Nikiforakis, C. Diaz, S. Gürses, F. Piessens, B. Preneel. FPDetective: dusting the web for fingerprinters; In Proceedings of the 2013 ACM SIGSAC Conference on Computer & Communications Security (CCS); ACM; 2013; pages 1129–1140; previously noted.
A. Arnbak, S. Goldberg; Loopholes for circumventing the constitution: Warrantless bulk surveillance on americans by collecting network traffic abroad; 2014; SSRN.
M. Balakrishnan, I. Mohomed, V. Ramasubramanian; Where’s that phone?: Geolocating IP addresses on 3G networks. In Proceedings of the 9th ACM SIGCOMM conference on Internet Measurement Conference (IMC); ACM; 2009; pages 294–300; slideshare, promotion,
R. Balebako, P. Leon, R. Shay, B. Ur, Y. Wang, L. Cranor; Measuring the effectiveness of privacy tools for limiting behavioral advertising; In Proceedings of Web 2.0 Security and Privacy Workshop (W2SP), 2012.
S. Chen, R. Wang, X. Wang, K. Zhang; Side-channel leaks in web applications: A reality today, a challenge tomorrow. In Proceedings of the 2010 IEEE Symposium on Security and Privacy (SP); IEEE; 2010; pages 191–206.
A. Clement; IXmaps – Tracking your personal data through the NSA’s warrantless wiretapping sites; In Proceedings of the 2013 IEEE International Symposium on Technology and Society (ISTAS); IEEE; 2013-06-27; pages 216-223; paywall.
D. Herrmann, R. Wendolsky, H. Federrath. Website fingerprinting: Attacking popular privacy enhancing technologies with the multinomial naïve-bayes classifier. In Proceedings of the 2009 ACM Workshop on Cloud Computing Security (CCSW); ACM; 2009; pages 31–42.
A. Hintz; Fingerprinting websites using traffic analysis. In Privacy Enhancing Technologies (PETS); Springer; 2003; pages 171–178.
B. Krishnamurthy, C. Wills; Privacy diffusion on the web: a longitudinal perspective; In Proceedings of the 18th International Conference on World Wide Web (WWW); ACM; 2009; pages 541–550.
B. Krishnamurthy, C. E. Wills; On the leakage of personally identifiable information via online social networks; In Proceedings of the 2nd ACM Workshop on Online Social Networks; ACM; 2009; pages 7–12;
B. Krishnamurthy, C. E. Wills. Privacy leakage in mobile online social networks; In Proceedings of the 3rd Conference on Online Social Networks; USENIX; 2010.
S. J. Murdoch, G. Danezis; Low-cost traffic analysis of Tor; In Proceedings of the IEEE Symposium on Security and Privacy (SP); IEEE; 2005; pages 183–195.
S. J. Murdoch, P. Zieliński; Sampled traffic analysis by internet-exchange-level adversaries. In Proceedings of Privacy Enhancing Technologies (PETS); Springer; 2007; pages 167–183.
N. Nikiforakis, A. Kapravelos, W. Joosen, C. Kruegel, F. Piessens, G. Vigna; Cookieless monster: Exploring the ecosystem of web-based device fingerprinting. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP); IEEE; 2013; pages 541–555.
A. Panchenko, L. Niessen, A. Zinnen, T. Engel; Website fingerprinting in onion routing based anonymization networks; In Proceedings of the 10th annual ACM workshop on Privacy in the Electronic Society; ACM; 2011; pages 103–114.
D. X. Song, D. Wagner, X. Tian; Timing analysis of keystrokes and timing attacks on ssh; In Proceedings of the 10th USENIX Security Symposium; 2001.
A. M. White, A. R. Matthews, K. Z. Snow, F. Monrose; Phonotactic reconstruction of encrypted voip conversations: Hookt on fon-iks; In Proceedings of the 2011 IEEE Symposium on Security and Privacy (SP); 2011; pages 3–18.
T.-F. Yen, Y. Xie, F. Yu, R. P. Yu, M. Abadi; Host fingerprinting and tracking on the web: Privacy and security implications; In Proceedings of the 19th Annual Network and Distributed System Security Symposium (NDSS); 2012.
APSB14-27Security updates available for Adobe Flash Player
1109795 – Blocklist Flash versions vulnerable to CVE-2014-9163 (184.108.40.206 and below, 220.127.116.114 on linux)
CVE-2014-9163Stack-based buffer overflow in Adobe Flash Player
before 18.104.22.1689 and 14.x and 15.x before 22.214.171.124 on Windows and OS X and before 126.96.36.1995 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in 2014-12.
It is not fully funded
<quote ref=”FAQ“>Approximately 75 percent of service between San Jose and San Francisco will use EMUs. The remainder will use diesel locomotives. Full conversion to EMUs for the San Jose to San Francisco service will occur at a future time when funding is secured and the remaining diesel trains reach the end of their service life.</quote>
All trees will be removed that 10 feet or closer to the overhead power grid.
California High Speed Rail Authority (CHSRA)
Caltrain Modernization (CalMod) Program
California Environmental Quality Act (CEQA)
Communication-Based Overlay Signal System Positive Train Control (CBOSS PTC)
LibreOffice printing is broken; more specifically, the print selection dialog.
Maybe it always has been broken, but who prints nowadays?
This seems like one of those classic cases in open source where Group A with Application A thinks their Widget is better than Group B which writes all the other applications and defines the whole culture in which both live and whose Widget works, just works, and is in use by everyone.
So Group A continues to refuse to integrate their application. Their pride is enbiggened. Users don’t get any Widget services from Application A.
Export as PDF
Print the PDF
lpr from the command line
evince for the cli-challenged
CUPS printing functions
via ipp on IPv4 and IPv6
Works everywhere but LibreOffice.
in all GNOME applications
in Firefox 29
Something about how spadmin should be used to configure the LibreOffice printers
Doesn’t do anything
The Use System Print Dialog setting
charitably, doesn’t work at all
it seems to truncate printing functionality, it flashes a dialog that never draws … but nothing prints.