Profile

Cover photo
Dinyar Rabady
Works at CERN
Attends University of Vienna
Lives in Geneva, Switzerland
544 followers|481,370 views
AboutPostsPhotosVideos+1'sReviews

Stream

Dinyar Rabady

Shared publicly  - 
 
 
Pretty slick. *

* - It should be noted, if you don't feel like clicking through, that they did not actually compromise the "hacked" computer through the air gap. They started off by inserting their malware onto the target machine, so they required some form of conventional, physical access. But, once their (very tiny footprint) malware was inserted, they can get the data off from a pretty respectable distance. Which is, as I say, pretty slick.

Maybe truly secure "air gapped" will now have to include being inside a Faraday cage. :-)

(Actually not the worst idea anyway, if you want to harden against solar flares and such...)
This post originally appeared in Wired. The most sensitive work environments, like nuclear power plants, demand the strictest security. Usually this is achieved by air-gapping computers from the Internet and preventing workers from inserting USB sticks into computers. When the work is classified or involves sensitive trade secrets, companies often also...
View original post
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
 
When they simulated a fire, though, the system went haywire. Some alarms failed to activate. Others indicated a fire, but in the wrong part of the terminal. The explanation was buried in the 55-mile tangle of wiring that had been laid, hastily, beneath the floors of the building where ORAT technicians soon discovered high-voltage power lines alongside data and heating cables—a fire hazard in its own right. That wasn’t all. Smoke evacuation canals designed to suck out smoke and replace it with fresh air failed to do either. In an actual fire, the inspectors determined, the main smoke vent might well implode.
...
Schwarz also appointed an emergency task force to propose solutions that would allow the airport to open on time. In March 2012 the group submitted its stopgap: Eight hundred low-paid workers armed with cell phones would take up positions throughout the terminal. If anyone smelled smoke or saw a fire, he would alert the airport fire station and direct passengers toward the exits. Never mind that the region’s cell phone networks were notoriously unreliable, or that some students would be stationed near the smoke evacuation channels, where in a fire temperatures could reach 1,000F.

#GermanEfficiency  
Inside Germany’s profligate (Greek-like!) fiasco called Berlin Brandenburg
10 comments on original post
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
 
"Sounds of joy & images of excitement continue to cover the streets of #Tehran"

#irandeal   #irandealvienna   #peace   #iran   #US  

Just a few years ago, things like this would have been impossible to spot in Iran!

Such a cute kid!
View original post
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
 
In a sense, this is right. In another, it's not answering the right question. Why would the NSA demand encryption backdoors even if they know full well that no such thing is practical? The answer eventually comes down to institutional design.

Some thoughts on how we went wrong:

(1) In a sense, the NSA is like a large tech company which contains both engineers and less-technical project managers. The engineers are generally mathematics and computer science Ph.Ds from specialized fields. The project managers are all military officers. Employees that span both domains are extremely uncommon: most managerial positions are filled by people who started in military signals intelligence or the CIA, then transferred to NSA.

The head of the NSA is, by law, always a military officer. By custom, the deputy director of the NSA is a mathematician or engineer, but there's no mistaking who's in charge: officers with often-marginal technical ability. Insofar as the NSA believes that key escrow is possible to do safely, that knowledge is fully believed by nontechnical management, not the cryptographers that would be called upon to implement the program.

(2) In another sense, the NSA is like the Air Force.

The USAF is basically a logistics organization. Their job is to put men and materiel precisely where they belong, as quickly as possible, using planes. That's what most of the Air Force does: only 2% of its personnel are combat pilots, and less than a third of its planes are armed. By comparison, the Navy -- which is not primarily a logistics organization -- has more combat pilots and aircraft.

Nonetheless, most of the USAF's leadership comes out of the combat pilot ranks. Why? Because combat aircraft are the flashiest and most iconic symbols of what the USAF does. 

Since the idea of cyberwarfare came on the scene, the NSA has been selecting its leadership from officers with a background in offensive cyberwarfare, rather than defensive cryptography. To the average congressperson, this is both more exciting and more comprehensible. This leads the NSA to systematically overestimate the value of offensive operations and denigrate the critical importance of solid civilian cryptography.

(3) Compartmentalization makes it difficult for the NSA to evaluate the systemic risk of espionage programs. 

Inside the NSA, functional segregation makes it difficult to understand the risk characteristics of programs outside an individual employee's reporting chain or tech stack. Only high-level managers have comprehensive need-to-know over most of the agency's programs, but their limited attention means that it's difficult for the people in charge to assess technical risk.

Which they wouldn't be particularly good at anyway. Because they aren't technical.

(4) Secrecy is corrosive to accountability. When you don't have to justify your actions to anyone -- when, in fact, it's a crime to justify your actions to anyone but the person who ordered them -- you stand a greater risk of doing things which are unjustified.

This means, ultimately, that the more secrecy your program needs, the more hostile oversight needs to be. 

(I originally posted this as commentary on a reshare, but current events have made it relevant again, and was asked for a reshareable version. Bonus for technical readers: a primer from +Lea Kissner about how the DUAL_EC_DRBG backdoor works.)
11 comments on original post
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
A short game sheds light on government policy, corporate America, and why no one likes to be wrong.
3
Andreas Stangl's profile photoDinyar Rabady's profile photoSusanne Rabady's profile photo
4 comments
 
Ja, das ist das Problem: Verifizieren ohne Falsifizieren genügt nicht. Wahrscheinlich wäre der Grundstein für den Mut dazu schon in der Volksschule zu legen: nicht die korrekte Lösung ist das Ziel, sondern der sinnvollste Weg. 
 ·  Translate
Add a comment...
Have him in circles
544 people
meng xipeng's profile photo
Phil Dreizen's profile photo
Jerry Spieß's profile photo
Angeliki Zafeiropoulou's profile photo
Tony Wailey's profile photo
Peter Poier's profile photo
Tylor Simon's profile photo
Muhammed Mustafa's profile photo
Patrick Wyatt's profile photo

Communities

23 communities

Dinyar Rabady

Shared publicly  - 
 
Very long read, but really worth it.
Last winter two bodies were found in Norway and the Netherlands. They were wearing identical wetsuits. The police in three countries were involved in the case, but never managed to identify them. This is the story of who they were.
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
 
We’re all supposed to be tolerant people and being intolerant is one of the worst things you can be.  I’ve been called both.

But what is tolerance?  Whenever I hear that word I almost always think to myself, “You keep using that word, I do not think it means what you think it means.”

Tolerance As Agreement
The use of ‘tolerance’ as meaning ‘agreement’ or ‘acceptance’ is the most prevalent usage today (outside of medical contexts) and it goes something like this:  If you are a tolerant person that means that you have no objections to what others say and do so long as it doesn’t harm you personally and you are intolerant otherwise.

This may be a positive character trait under some circumstances but, I hate to break it to you, this is not tolerance.  Let me see if I can motivate the distinction I have in mind.  Do you tolerate orgasms?  Do you tolerate it when your team wins the Super Bowl?  Do you tolerate the achievements of your children?

No?  Well then, that must mean you hate your children, your team, and, orgasms - right?

Obviously, this is wrong.  But why is it wrong?  Because to tolerate something implies that you find it objectionable.  You don’t tolerate your children’s achievements, you celebrate them.  You don’t tolerate orgasms, you enjoy them.  You don’t tolerate Super Bowl wins, you jump up and down screaming your head off like an idiot.  Let me say the jarring bit of this paragraph again - to tolerate something implies that you find it objectionable.

Don’t believe me? Here are some different examples: Do you tolerate sharp claws digging into your skin when a kitten is snuggling into the crook of your arm?  Do you tolerate blistering heat to watch your daughter play soccer?  Do you tolerate a crowded, stuffy room in order to pay your respects at a funeral?

To my mind, this second set of examples make far more sense than the first set.  The reason, I assert, is that each of these examples contains an objectionable element (sharp claws, blistering heat, a crowded stuffy room) that is tolerated for some other objective (or end, as philosophers would say).  In short, to tolerate X implies two things: 1) that X is objectionable and 2) that you forgo complaining about X or working to stop X because you see X as necessary in some way.

You can’t snuggle with the kitten without the claws.  You can’t cheer for your daughter without enduring the heat.  You can’t pay your respects without sitting in that stuffy room.  So, you tolerate those negative aspects of the experience.

This is why tolerance is not all daffodils and sunshine as it is made out to be.

“So what?” you say.  Ok, I’ve been using the word a little wrong.  What of it?
(Why is there a guy from New Jersey in my head?)

Well, in fact, there are some irritating consequences:

First, and simply, it irritates me when we use words incorrectly.  You don’t tolerate other cultures unless, in fact, you really dislike other cultures.  If you love Mexican culture then you are not tolerating it.  You are embracing it.

Secondly, and more importantly, we’re missing something important when we use ‘tolerance’ incorrectly.

Consider Alice:  Alice has no problem accepting gay men and lesbian women for who they are.   Her brother is gay and one aunt has been with her partner all of Alice’s life.  To Alice, there is nothing objectionable about homosexuality at all and so supporting marriage equality is automatic.

Now consider Bob.  Bob doesn’t like homosexuality.  He thinks it’s gross and unnatural.  However, Bob supports marriage equality.  Bob believes that his unease around gays and lesbians is his issue and he tries not to inflict it on them - though he makes no secret of his views.  Why is Bob this way?  Because Bob believes in equality and respect.  And, he sees that these principles require him to treat gay and lesbian people with respect and equanimity.  These principles are more important to Bob than his feeling icky around gay men.

And now consider Cassie: Cassie thinks homosexuality is a sin and detests gays and lesbians.  Cassie considers it her Christian duty to stand against this rising tide of perversion she sees sweeping the nation.  When her sister came out of the closet, Cassie shunned her.  She opposes marriage equality with every fiber of her being.

OK, now according to popular usage Alice is tolerant but Bob and Cassie are intolerant.  But popular usage is wrong (Dagnabit!)  Bob is the tolerant one.  Cassie is obviously intolerant.  And Alice doesn’t have to be tolerant - she embraces people regardless of sexual orientation equality.

Now, Alice may be the one we admire more but Bob is the one who is doing something hard here.  Bob is the one who is working to be a better person.  Bob is the one who is expending effort in order to do the right thing.  For Alice, it’s effortless and Cassie isn’t even trying.  But according to popular usage Bob is thrown in with Cassie as intolerant.

And that just cheeses me off.
11 comments on original post
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
"Wie muss denn so ein Flüchtling ausschauen, damit man dem einen oder anderen Leser ein bisschen Mitleid herauskitzelt? Dreckig, zerlumpt, unrasiert, fahles Gesicht, ausgelaugt von der Flucht, auf ewig für das passende mediale Bild, damit keine Bild-Text-Schere in den Köpfen entsteht? Ui, bei unrasiert muss so ein Flüchtling auch aufpassen. Sonst könnte er glatt als Terrorist durchgehen. Sollen für solche Köpfe alle Markenklamotten aus den Kleiderspenden aussortiert werden, damit so ein Flüchtling authentisch und arm genug aussieht?"
 ·  Translate
Das erste Mal stieß mir das Thema “Dresscode für Flüchtlinge” sauer auf, als ich eine Geschichte über einen Flüchtlingsjungen im biber brachte. Er gewann damals einen Redewettbewerb, erzählte dort über sein Leben, seine Flucht nach Österreich.
1
Add a comment...

Dinyar Rabady

Shared publicly  - 
 
 
I have to give Microsoft credit here.

It appears that the company has agreed to accept, without a fight, the ending of a state tax exemption that will result in them paying an additional $57 million over the next two years alone.

Oh, and get this.  They are the only ones being excluded from this exemption.  They are being singled out.  No other company's taxes are going up because of this move.

Why is Microsoft going along with this?  It appears that they are concerned about state funding of education and infrastructure.  It turns out that businesses actually rely on having access to employees who are educated and who can travel to work.  Who knew?

What I love about this turn of events is how it flips the Republican mantra of "Cutting taxes solves ALL our problems" on its head.  Here is a huge corporation saying, "No, please, tax us.  Just use the money wisely!"

Kudos Microsoft - Kudos!
10 comments on original post
1
Add a comment...
People
Have him in circles
544 people
meng xipeng's profile photo
Phil Dreizen's profile photo
Jerry Spieß's profile photo
Angeliki Zafeiropoulou's profile photo
Tony Wailey's profile photo
Peter Poier's profile photo
Tylor Simon's profile photo
Muhammed Mustafa's profile photo
Patrick Wyatt's profile photo
Communities
23 communities
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Geneva, Switzerland
Previously
Vienna, Austria
Contact Information
Work
Email
Address
CERN Building 40-3-B01 1211 Genève 23 Switzerland
Apps with Google+ Sign-in
  • Monument Valley
Work
Occupation
PhD student at the CMS Experiment at CERN
Employment
  • CERN
    PhD student, 2012 - present
    Work on the upgrade for the CMS Level-1 trigger.
  • Catalysts
    Java developer, 2012 - 2012
    Work on a anti-phishing mail server acting as a relay between customers on Austria's biggest platform for classified ads.
  • Institute of High Energy Physics of the Austrian Academy of Sciences
    Undergrad working on the Trigger of the CMS Experiment, 2011 - 2012
    Development of a protocol buffer-based communications protocol on top of TCP/IP.
  • University of Vienna
    2008 - 2011
    Teaching assistant for the Physics for Biologists lab course.
  • Caritas Vienna
    2005 - 2008
Education
  • University of Vienna
    Physics, 2012 - present
    Work on upgrading parts of the Level-1 Trigger of the CMS Experiment. This involves development in VHDL as well as C++.
  • University of Vienna
    Physics, 2006 - 2012
    Emphasis on software in high energy physics with some courses taken in Computational Physics.
Basic Information
Gender
Male
Dinyar Rabady's +1's are the things they like, agree with, or want to recommend.
Joe Sacco: On Satire – a response to the Charlie Hebdo attacks | World n...
www.theguardian.com

The acclaimed graphic artist and journalist Joe Sacco on the limits of satire – and what it means if Muslims don’t find it funny

To the sea
www.beaconreader.com

Speaking over several days from her new home in Germany, Lilas - a Syrian refugee in her mid-20s - recounts a journey that started in Syria

One paper by Nobel Prize winner Jean Tirole that every internet user sho...
www.vox.com

Why "if you're not paying for the product, you're the product" is a little too simple.

JuiceSSH - SSH Client
market.android.com

The all in one terminal client for Android including SSH, Local Shell, Mosh and Telnet support. Features: - Full colour terminal / ssh clien

Leo's Fortune
market.android.com

Leo's Fortune es una galardonada aventura de plataformas en la que tienes que seguir el rastro al misterioso y ladino ladrón que te ha robad

Das Mädchen Wadjda
market.android.com

Das Mädchen Wadjda ist der erste Spielfilm der saudi-arabischen Regisseurin Haifaa Al Mansour und ist der erste abendfüllende Streifen von e

Udacity - Learn Programming
market.android.com

Join our 1.3 million other students today and learn programming and big data to advance your knowledge and career in programming. Udacity co

Al Jazeera English Magazine
market.android.com

The Al Jazeera English digital monthly magazine showcases the very best of Al Jazeera’s journalism from across the globe. It features compel

Unlocked: An Oral History of Haden's Syndrome: A Tor.Com Original
market.android.com

A new near-future science fiction novella by John Scalzi, one of the most popular authors in modern SF. Unlocked traces the medical history

„Biete, kleine Spende“ | dasbiber
www.dasbiber.at

Unsere Redakteurin Marina Delcheva war mit zwei Mitgliedern der ominösen Bettel-Banden unterwegs. Als Undercover-Bettlerin wurde sie beschim

Google Online Security Blog: Making end-to-end encryption easier to use
googleonlinesecurity.blogspot.com

While end-to-end encryption tools like PGP and GnuPG have been around for a long time, they require a great deal of technical know-how and m

Google Now Launcher
market.android.com

Upgrade the launcher on your device to make Google Now one swipe away. From your primary home screen, swipe right to access Google Now cards

Chromecast
market.android.com

Chromecast is the easiest way to enjoy online video and anything from the web on your TV. Plug it into any HDTV and control it with your exi

Teclado de Google
market.android.com

El teclado de Google te permite ingresar texto de manera inteligente y con facilidad. Con la escritura gestual, deslízate por las letras y l

Ihr seid supergeil, supergeil
pankisseskafka.com

[UPDATE: Möbius loop: Here is the Slate BrowBeat post from which I link to this post, to provide the translation for that post, which then l

Sea of Poppies: A Novel
market.android.com

At the heart of this vibrant saga is a vast ship, the Ibis. Its destiny is a tumultuous voyage across the Indian Ocean; its purpose, to figh

How Britain exported next-generation surveillance
medium.com

Thousands of cameras, millions of photographs, terabytes of data. You’re tracked, wherever you go.

You know the Science. Do you know your Code?
cds.cern.ch

This talk is about automated code analysis and transformation tools to support scientific computing. Code bases are difficult to manage beca

Paperman
market.android.com

Introducing a groundbreaking technique that seamlessly merges computer-generated and hand-drawn animation techniques, first-time director Jo

Public - 2 months ago
reviewed 2 months ago
We came in the afternoon for a snack and while there were plenty of tables free were only allowed to sit at the last high-table if we didn't want a full meal. The place is very dark and decorated with christmas lights all over. After waiting for the waiter to take our order for 20 minutes we left.
Public - 5 months ago
reviewed 5 months ago
The cappuccino is very good. The staff seemed slightly overwhelmed, but very friendly all the same!
Public - 5 months ago
reviewed 5 months ago
We had an excellent burger here and the beer on tap was great! The service was fast and friendly.
Public - 5 months ago
reviewed 5 months ago
72 reviews
Map
Map
Map
We very much enjoyed our stay at Glen Oaks. We stayed in the Queen Room which was very nicely furnished. The prices are steep, but this was expected for the region.
Public - 5 months ago
reviewed 5 months ago
I had the red beef curry which was very good. The service was friendly and prompt.
Public - 5 months ago
reviewed 5 months ago