Slashdot Mirror

... is this physiological difference innate or developed as a result of Einstein applying his brain to difficult problems? Like what happens to the brains of London cab drivers.

There is a lot of overlap between anonymity and privacy but neither is a subset of the other.
http://www.wired.com/politics/security/commentary/securitymatters/2007/09/security_matters_0920
http://www.concurringopinions.com/archives/2011/01/privacy-vs-security-vs-anonymity.html

The NSA/CIA would still fully understand the databases, OS, OS file system, networks and hardware links within France via Tailored Access Programs, templates (ready-to-go backdoor), ~ Genie.
http://www.wired.com/threatlevel/2013/09/nsa-router-hacking/

http://richard.stallman.usesthis.com/
From 2010:
"I am using a Lemote Yeelong, a netbook with a Loongson chip and a 9-inch display. This is my only computer, and I use it all the time. I chose it because I can run it with 100% free software even at the BIOS level."
http://www.wired.com/magazine/2009/12/st_essay_china/
"Lemote positions its netbook as the only computer in the world with nothing but free software, right down to the BIOS burned into the motherboard chip that tells it how to boot up."
Vs the US "backdoor-free chip designs" that made the news? http://www.wired.com/threatlevel/2013/09/nsa-router-hacking/
Tailored Access Programs "“templates” for breaking into common brands and models of routers, switches and firewalls."

http://richard.stallman.usesthis.com/
From 2010:
"I am using a Lemote Yeelong, a netbook with a Loongson chip and a 9-inch display. This is my only computer, and I use it all the time. I chose it because I can run it with 100% free software even at the BIOS level."
http://www.wired.com/magazine/2009/12/st_essay_china/
"Lemote positions its netbook as the only computer in the world with nothing but free software, right down to the BIOS burned into the motherboard chip that tells it how to boot up."
Vs the US "backdoor-free chip designs" that made the news? http://www.wired.com/threatlevel/2013/09/nsa-router-hacking/
Tailored Access Programs "“templates” for breaking into common brands and models of routers, switches and firewalls."

My post relates to approving work on DRM in HTML 5.1. How is your reply relevant to my point that it will be twenty years before this spec sees the light of Internet-day? The fact that Netflix uses EME now? Ok. Apparently Netflix users don't care and I overestimated 21 million streaming customers' common sense http://www.wired.com/business/2012/01/netflix-q4-results/...and Netflix is not the entire Internet.

Seems I did not know enough of the story, per this "Wired" article, so, um, 'nevermind' :

The July 16 order came after Texas-based Lavabit refused to circumvent its own security systems to comply with earlier orders intended to monitor a particular Lavabit user’s metadata, defined as “information about each communication sent or received by the account, including the date and time of the communication, the method of communication, and the source and destination of the communication.”

http://www.wired.com/threatlevel/2013/10/lavabit_unsealed?ref=cm

The FBI had already gained control of Tor boxes against Freedom Hosting - see here ( http://www.wired.com/threatlevel/2013/09/freedom-hosting-fbi/ ). It's not pushing the realms of reason to assume they've done so again for Silk Road.

If you read the article, they demanded the SSL key since Lavabit did not comply with the earlier order. All the Feds originally wanted was metadata for one user. Lavabit could have provided that, but refused. The prosecutors asked they be held in contempt of court, and then asked for the SSL keys. This is on Lavabit.

Edward Snowden’s E-Mail Provider Defied FBI Demands to Turn Over Crypto Keys, Documents Show

“The representative of Lavabit indicated that Lavabit had the technical capability to decrypt the information, but that Lavabit did not want to ‘defeat [its] own system,’” the government complained.

U.S. Magistrate Judge Theresa Buchanan immediately ordered Lavabit to comply, threatening Levison with criminal contempt — which could have potentially put him in jail.

By July 9, Lavabit still hadn’t defeated its security for the government, and prosecutors asked for a summons to be served for Lavabit, and founder Ladar Levison, to be held in contempt “for its disobedience and resistance to these lawful orders.”

A week later, prosecutors upped the ante and obtained the search warrant demanding “all information necessary to decrypt communications sent to or from the Lavabit e-mail account [redacted] including encryption keys and SSL keys.”

http://www.wired.com/wired/archive/7.03/punchcards.html seems to offer some historic insights too.
Keep it all working at the lowest cost for the shareholders. Then you have the rush to the not so safe or cheap cloud, web 2.0 and vision of one skilled non union person with a laptop doing a lot of remote work.
Its seems a cute list of mission statements: protect from outside data threats, protect from inside data threats, made web 2.0+ work, make the cloud work no matter the costs or network holes, keep the old system running to save costs.

Your racism aside, the US did stop having borders a while back - or, I should say, it decided to make the border 100 miles wide, thus allowing Customs officials to checkpoint people well within the actual borders of the US.

Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?

Vaguely, by maintaining customers' loyalty and trust. Specifically, by keeping Microsoft out of the court battles that some other companies are fighting.

Why would MS appoint somebody to advise them on privacy of their customer's data? How does it benefit the shareholders?

Vaguely, by maintaining customers' loyalty and trust. Specifically, by keeping Microsoft out of the court battles that some other companies are fighting.

There's many things that Apple might not have invented, but did nonetheless popularize.

It was IBM who "popularized" the PC among the ranks of accountants and economists and statisticians and MBAs who never felt the magic of the cramped Apple II keyboard or the 40 column display with no lowercase letters. These dullards constituted a far larger market than Apple commanded until the distant dawn of gadget manna.

For the tablet, some company that loomed large in the public imagination needed to step up and offer legitimacy that this wasn't just a niche product doomed to forever remain a niche product, just as IBM did with the original PC—this while Xerox already had the bones of the Apple Lisa/Macintosh with mice and networking in an advanced state of development within their research lab.

Funny how the worm turns.

The entirely of the PC revolution was set in motion by a combination of Leibniz/Babbage and the invention of solid state semiconductors and would have unfolded much as it has without any of the companies we know today who muscled their way into the vanguard of brand recognition by some combination of skill and luck (far more luck than usually admitted in the retrospective hagiography).

Bell Labs' attorneys soon discovered Shockley's field effect principle had been anticipated and devices based on it patented in 1930 by Julius Lilienfeld, who filed his MESFET-like patent in Canada on October 22, 1925.

Fifty years later, we arrive at Apple's founding moment:

The MOS Technology 6502 is an 8-bit microprocessor that was designed by Chuck Peddle and Bill Mensch for MOS Technology in 1975. When it was introduced, the 6502 was by a considerable margin, the least expensive full-featured microprocessor on the market, selling for less than one-sixth the cost of competing designs from larger companies, such as Motorola and Intel.

Innovation is a fifty-lap relay race around a marathon track. I'd also give props to Colossus, System/360 (mainframe), the Unix philosophy, and the massive scale of Google's data center search appliance (cloudframe). Apple never made it into this league.

Throughout this period the Colossus remained secret, long after any of its technical details were of any importance. This was due to the UK's intelligence agencies use of Enigma-like machines which they promoted and sold to other governments, and then broke the codes using a variety of methods. Had the knowledge of the codebreaking machines been widely known, no one would have accepted these machines; rather, they would have developed their own methods for encryption, methods that the UK services might not have been able to break.

The scope of PRISM is a big surprise? To anyone? Really?

It's pretty obvious with Coke that cultivating their global brand was their core innovation. This is less obvious with Apple, but closer to the mark than most suppose.

How Amazon Followed Google Into the World of Secret Servers

Pinkham was struck by how different the machines looked â" and how hot they were. Even then, Google was running its website on dirt-cheap, stripped-down servers slotted into extremely tight spaces. They didnâ(TM)t even have plastic cases.

This was at least as central to Google's business model as their brand-building Page Rank algorithm. And it requires building a robust data-center OS.

If I had to name one thing that Apple innovated outside of brand/fit-and-finish (and gleanings from NeXT) while doing the lion's share of the work themselves, it would be this:

The combination of the LaserWriter, PostScript, PageMaker and the Mac's GUI and built-in AppleTalk networking would ultimately transform the landscape of computer

...but he was right. In North America, the *carriers* are the cell phone manufacturers' customers, not the end-users. In the USA, Samsung has something like six customers.

When dealing with gatekeeper like this, you need to understand there are 2 directions, you can push products through the gatekeeper, and you help the end customer pull things through the gatekeeper. The iPhone is more of a pull-through product. Of course initially, BBry was push product, but its success created a pull-dynamic (employees kind of demanded it because their buddies in other companies had one and it was somewhat of a status symbol). I think somehow BBry forgot that lesson and decided to mostly focus their message on the corporate CIO gatekeepers (since it's easier to track from a business account salesperson bean-counter perspective) and tried to simply push their products through them taking for granted that it was the pull-side that really made them successful and they needed to foster that as well.

A little understood fact is the iPhone's secret to success is Jobs managed to get AT&T on board.

I don't know that it was little understood. Way back then, wired ran an interesting article on it. Here are some interesting excerpts...

Apple was prepared to consider an exclusive arrangement to get that deal done. But Apple was also prepared to buy wireless minutes wholesale and become a de facto carrier itself... For Cingular, Apple's ambitions were both tantalizing and nerve-racking. A cozy relationship with the maker of the iPod would bring sex appeal to the company's brand. And some other carrier was sure to sign with Jobs if Cingular turned him down — Jobs made it clear that he would shop his idea to anyone who would listen.

Sigman's team made a simple bet: The iPhone would result in a surge of data traffic that would more than make up for any revenue it lost on content deals.... It may appear that the carriers' nightmares have been realized, that the iPhone has given all the power to consumers, developers, and manufacturers, while turning wireless networks into dumb pipes. But by fostering more innovation, carriers' networks could get more valuable, not less. Consumers will spend more time on devices, and thus on networks, racking up bigger bills and generating more revenue for everyone.

The War Between alt.tasteless and rec.pets.cats

This isn't validation of crazy paranoia.

no, it's just that what a few knew and a bunch more of us suspected is now in the media. for what it's worth; you shouldn't expect much intelligent debate in the media anyway. however, now there's no valid excuse anymore for not wanting to know. that could be a good thing. it could also be bad because generalized opposiion could bring the elites to drop the masquerade and go full psycho.

you know that Microsoft researches several years ago published about the exact crypto weakness people now are surprised about?

source?

http://www.wired.com/threatlevel/?p=85661 There is a link in this article to the actual presentation they did.

Even Slashdot's editors don't know the value of metadata, calling it "non-content data", at least on the front page post? Click through the link and read the sub-headline: "Microsoft provided metadata in 77 percent of more than 37,000 law-enforcement requests for information".

Your metadata is as valuable as the content. Otherwise, why would the NSA and Facebook invest so much in it?

You'd need to falsify this:
http://www.youtube.com/watch?v=YrI03ts--9I

And explain this:
http://www.theregister.co.uk/2010/12/08/new_model_doubled_co2_sub_2_degrees_warming/

And this:
http://rs79.vrx.net/opinions/ideas/climate/poles/

Go!

(otherwise, it would appear to be bullshit.)

Also, why did Lovelock say this:

"James Lovelock, the scientist that came up with the 'Gaia Theory' and a prominent herald of climate change, once predicted utter disaster for the planet from climate change, writing 'before this century is over billions of us will die and the few breeding pairs of people that survive will be in the Arctic where the climate remains tolerable.' Now Lovelock is walking back his rhetoric, admitting that he and other prominent global warming advocates were being alarmists. In a new interview with MSNBC he says: '"The problem is we don't know what the climate is doing. We thought we knew 20 years ago. That led to some alarmist books — mine included — because it looked clear-cut, but it hasn't happened," Lovelock said. "The climate is doing its usual tricks. There's nothing much really happening yet. We were supposed to be halfway toward a frying world now," he said. "The world has not warmed up very much since the millennium. Twelve years is a reasonable time it (the temperature) has stayed almost constant, whereas it should have been rising — carbon dioxide is rising, no question about that," he added.' Lovelock still believes the climate is changing, but at a much, much slower pace."

Also don't you think this is more likely?
http://www.wired.com/wiredscience/2012/08/ff_apocalypsenot/all

Given the leaked IPCC report agreed with Lovelock and they admit they exaggerated and don't know what's gong on, why do you think they do?

It would be no great surprise if voting on this bill went along the same lines as the congressional vote on reining in "the NSA’s phone-spying dragnet. It turns out that those 217 'no' voters received twice as much campaign financing from the defense and intelligence industry as the 205 'yes' voters."

In particular,

Dianne Feinstein (D-CA), the chair of the Senate Select Committee on Intelligence, is married to Richard C. Blum, who was substantially invested in URS Corp, which owns EG&G, a leading government technical provider that has been awarded hundreds of millions of dollars in security-related contracts. Feinstein never abstained from voting when it affected her husband’s wallet and Blum made $100 million when he sold his shares, as investigative reporter Peter Byrne exposed in his 2007 series the “Feinstein Files.”

( http://www.indypendent.org/2013/07/16/nsa-follows-you-we-follow-money )

See also:

• NSA Defenders Protecting Their Own Wallets,
• Feinstein: 700k From NSA Affiliates Since 2007 PRISM Launch
• Big campaign donations from contractors doing secret work for NSA,
• .. etc.

Good luck firing them, though.

That's what they did: http://www.wired.com/wiredscience/2008/06/answering-mars/

CIA Head: We Will Spy On Americans Through Electrical Appliances

Global information surveillance grid being constructed; willing Americans embrace gadgets used to spy on them

Steve Watson | Prisonplanet.com | March 16, 2012

http://www.prisonplanet.com/cia-head-we-will-spy-on-americans-through-electrical-appliances.html

"CIA director David Petraeus has said that the rise of new "smart" gadgets means that Americans are effectively bugging their own homes, saving US spy agencies a job when it identifies any "persons of interest".

Speaking at a summit for In-Q-Tel, the CIA's technology investment operation, Petraeus made the comments when discussing new technologies which aim to add processors and web connections to previously 'dumb' home appliances such as fridges, ovens and lighting systems.

Wired reports the details via its Danger Room Blog[1]:

"'Transformational' is an overused word, but I do believe it properly applies to these technologies," Petraeus enthused, "particularly to their effect on clandestine tradecraft."

"Items of interest will be located, identified, monitored, and remotely controlled through technologies such as radio-frequency identification, sensor networks, tiny embedded servers, and energy harvesters - all connected to the next-generation internet using abundant, low-cost, and high-power computing," Petraeus said.

"the latter now going to cloud computing, in many areas greater and greater supercomputing, and, ultimately, heading to quantum computing." the CIA head added.

Petraeus also stated that such devices within the home "change our notions of secrecy".

Petraeus' comments come in the same week that one of the biggest microchip companies in the world, ARM, unveiled new processors that are designed to give practically every household appliance an internet connection[2], in order that they can be remote controlled and operate in tandem with applications.

ARM describes the concept as an "internet of things".

Where will all the information from such devices be sent and analyzed? It can be no coincidence that the NSA is currently building a monolithic heavily fortified $2 billion facility[3] deep in the Utah desert and surrounded by mountains. The facility is set to go fully live in September 2013.

"The Utah data center is the centerpiece of the Global Information Grid, a military project that will handle yottabytes of data, an amount so huge that there is no other data unit after it." reports Gizmodo.

"This center-with every listening post, spy satellite and NSA datacenter connected to it, will make the NSA the most powerful spy agency in the world."

Wired reports[4] that the incoming data is being mined by plugging into telecommunications companies' switches, essentially the same method the NSA infamously uses for warrantless wiretapping of domestic communications[5], as exposed six years ago.

Former intelligence analyst turned best selling author James Bamford, has penned a lengthy piece[6] on the NSA facility and warns "It is, in some measure, the realization of the 'total information awareness' program created during the first term of the Bush administration-an effort that was killed by Congress in 2003 after it caused an outcry over its potential for invading Americans' privacy."

[+]

Steve Watson is the London based writer and editor for Alex Jones' Infowars.net[7], and Prisonplanet.com[8]. He has a Masters Degree in International Relations from the School of Politics at The University of Nottingham in England.

(C) 2012 PrisonPlanet.com is a Free Speech Systems, LLC company. All rights reserved.

[1] http://www.wired.com/dangerroom/2012/03/petraeus-tv-remote/
[2] http://www.bbc.co.uk/news/technology-17345934
[3]

SSL can be MITM'd so long as you can sign a certificate in a way trusted by web browsers. And it turns out quite a number of branches of the US Government are among the nearly 2000 entities with the ability to sign certificates for any domain that will be accepted by web browsers as valid and trusted (which I did not know previously). See http://conferences.sigcomm.org/imc/2013/papers/imc257-durumericAemb.pdf

And RSA did recently ask developers to stop using all versions of the BSAFE toolikit (including Crypto-C ME, Micro Edition Suite, Crypto-J, Cert-J, SSL-J, Crypto-C, Cert-C, and SSL-C), which default to using Dual EC DRBG, and for all customers of RSA Data Protection Manager (DPM) server and clients to change the pseudo random number generator in use, since it also defaults to using Dual EC DRBG. See http://www.wired.com/threatlevel/2013/09/rsa-advisory-nsa-algorithm/

This help came "after 18 months of losses" ( http://www.wired.com/thisdayintech/2009/08/dayintech_0806/ )

And you can go and check Apple's share price, at just $3.3 on Xmas 97, it was well on its way to collapse, to claim that Apple didn't need the money (if anything at least as a moral buster) sounds frankly preposterous.

This help came "after 18 months of losses" ( http://www.wired.com/thisdayintech/2009/08/dayintech_0806/ )

And you can go and check Apple's share price, at just $3.3 on Xmas 97, it was well on its way to collapse, to claim that Apple didn't need the money (if anything at least as a moral buster) sounds frankly preposterous.

Anonymity != Privacy because we're in the age of big data where large data sets can be cross-correlated to profile an individual. From stores that track your cell phone while you're shopping to big chain stores figuring out you're pregnant, big data techniques are invading your privacy in more and more ways. If you think that anonymous data collection is safe, it's still data collection and despite people's best efforts, we are of course creatures of habit and your repetitive habits allow people to build fingerprints about you. If you have enough data points, even anonymous data points, you can build a profile of an individual, their habits, their likes, their dislikes and where they go on the Internet. If you can take that profile and match it against an individual using other correlating data you've been identified. This has been proven for example in the 2007 Netflix prize competition where anonymous movie reviewers were tracked down. There's lots of examples on this and over the past few years, techniques have become much better at picking individuals out of anonymous data sets.
  More chilling is a study released this year showed that using in analyzing anonymous cell phone tracking data, 95% of 1.5 million individuals could be identified.

What this means that as long as companies are able to collect data about you, whether tagged or anonymous, you're still being tracked somewhere and that is no guarantee that your privacy is protected. What has to happen to provide privacy is to stop all of the tracking and I don't see companies nor governments giving up that mechanism anytime soon.

or did NSA tell RSA to slip in a backdoor back in 2006

It's not so much the possibility that the NSA influenced RSA, rather they influenced the standard itself.

Here's the whole story according to Bruce Schneier:

http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115

Several viruses are notorious for this same practice. Address book harvesting is malicious, no matter the party doing it. Worse, LinkedIn cannot even keep your passwords safe.
http://www.wired.com/geekmom/2012/06/linkedin-data-breach/
They didn't even use a salt with their hashes.

If you want to go that route, the safest thing to do would probably be to crash it onto the moon instead... at least more of it will be recoverable than leaving it in orbit or letting it crash to Earth.

Some profitable orbits are starting to get crowded, yes, so your harbor analogy isn't so bad. But space is a fantastically large ocean! I do get tired when people get their ideas of distances in space from the movies. The moon is really frigging far away!

Earth and moon in same photo

If we're going with the "oh, but it's a world treasure and the energy requirements aren't so bad"... here's something bold for you -- we should take ISS, put a big-ass rocket on it, shoot it out of the solar system! Then we have something to aim for when the governments of the world ask why we need a space program.

Chris Kohler reports that Subutai Corporation, the developer of Clang, the motion-controlled swordfighting game spearheaded by fiction author Neal Stephenson, has burned through the over half a million dollars that backers donated and can't finish the game without even more money. "We've hit the pause button on further CLANG development while we get the financing situation sorted out," says the Clang Team. "We stretched the Kickstarter money farther than we had expected to, but securing the next round, along with constructing improvised shelters and hoarding beans, has to be our top priority for now."

But not so fast writes Kohler. "What shocks me about this particular update is that Subutai seems to be neither apologetic, nor realistic about what actually occurred in this case. Reading the update, it seems like the blame is falling everywhere but on Subutai's own decisions."

The Clang Team says that "Kickstarter is amazing, but one of the hidden catches is that once you have taken a bunch of people's money to do a thing, you have to actually do that thing, and not some other thing that you thought up in the meantime." Only after completing the whole Kickstarter did they discover the hidden trick to the whole thing writes Kohler, which is that you have to make the thing you took people's money to make.

"Hey, Kickstarter creators: If you run out of money and need to explain things to your backers, you're stuck between a rock and a hard place and I don't envy you having to decide how to approach it. But I can say one thing: Definitely do not post an update like this."

Chris Kohler reports that Subutai Corporation, the developer of Clang, the motion-controlled swordfighting game spearheaded by fiction author Neal Stephenson, has burned through the over half a million dollars that backers donated and can't finish the game without even more money. "We've hit the pause button on further CLANG development while we get the financing situation sorted out," says the Clang Team. "We stretched the Kickstarter money farther than we had expected to, but securing the next round, along with constructing improvised shelters and hoarding beans, has to be our top priority for now."

But not so fast writes Kohler. "What shocks me about this particular update is that Subutai seems to be neither apologetic, nor realistic about what actually occurred in this case. Reading the update, it seems like the blame is falling everywhere but on Subutai's own decisions."

The Clang Team says that "Kickstarter is amazing, but one of the hidden catches is that once you have taken a bunch of people's money to do a thing, you have to actually do that thing, and not some other thing that you thought up in the meantime." Only after completing the whole Kickstarter did they discover the hidden trick to the whole thing writes Kohler, which is that you have to make the thing you took people's money to make.

"Hey, Kickstarter creators: If you run out of money and need to explain things to your backers, you're stuck between a rock and a hard place and I don't envy you having to decide how to approach it. But I can say one thing: Definitely do not post an update like this."

Privacy Policies are not legally binding - so its merely a PR thing. TOS gives Google rights - for e.g. to kick a user out of their service whenever they want - without giving the *user* any rights - other than what the privacy policy states they might do.

I think privacy policies are more meaningful than you imply. I believe they create promissory estoppel.

Well, nothing stops individual employees from leaking/spying on data anyway. And it has happened .. at Google/Facebook/etc, so all the security in the world will only stop external script-kiddies and other low-level information hackers but cant stop anyone who is motivated enough.

Actually, there is a lot that stops individual employees from leaking/spying. The article you mentioned was three years old, and it described things that happened earlier. There is a lot of infrastructure in place today to prevent unauthorized employee access that wasn't there 3-4 years ago. I happen to know that very well, because I design and build a lot of it -- and 95% of all of my effort is devoted to internal threats. Not because we believe that there are a lot of malicious Googlers, but because if you can guarantee that insiders can't get at the data, outsiders have no chance -- and to prevent examples like the one you cited (which AFAIK was the last such case).

Of course, you'll note that the preceding paragraph was just reassurances with no details. Unfortunately, that's because I can't provide details -- which I actually think is a mistake on Google's part, and something I regularly bring up with management. Google has a really excellent security story, and I think we should be telling it. But since we aren't all I can say is: It's awesome, trust me :-)

So, I'd much rather the data stay in house at Google, who does a good job of securing it, is willing to fight back against government intrusion, and even gives me the option of seeing what data they have collected (through the privacy dashboard) and allowing me to opt out and/or have my data deleted. And I'd rather that Yahoo! promise to keep what they collect on me in-house as well, rather than selling it, even if I don't have quite as much confidence in their integrity.

Your statement contains an implicit assumption that data *must* be collected. I am of the opposite view. Personal data should never be automatically collected, even in an anonymous fashion. All data collection must be done through a specific means (e.g. user submitted form) via an explicit opt-in event - not just clicking "I Agree" on some large wall of text that nobody can understand.

We disagree on the need for an explicit opt-in, and I do think that Google's business model is a reasonable one, and one that's good for users. Google can provide the array of great services that it does because of the trade it makes with users: You allow Google to collect data and use it to target ads to you, and in exchange you get all this stuff. You are free to opt out of this deal, but, frankly, Google wants to make it such a great deal that you don't want to -- and being responsible with your data, ensuring that you know that it won't be used for any other purposes and won't leak, is an important part of the deal.

and even gives me the option of seeing what data they have collected (through the privacy dashboard) and allowing me to opt out and/or have my data deleted.

I have never seen any option of permanently deleting data. I assume deleted just means hidden from the user. One reason being google cant guarentee that the data is deleted from all the backups, and another reason is - even deleted data is valuable for targeting ads.

No, deleted means deleted. I don't think Google is goi

Thinking food... The Corvette was introduced in 1953, but it didn't turn a profit until 1958. The Volt is in it's 4th year and doing fine...
1979 was the peak for Corvette sales at 53,807, and have declined every year since.
The Volt just passed 53K units
The Volt did outsell the Corvette in 2012, and is doing even better in 2013... Volume with a profitable car, vs profit on few Halo cars?
http://www.wired.com/autopia/2012/06/volt-v-vette/ or http://insideevs.com/monthly-plug-in-sales-scorecard/

No? Perhaps we have different standards of comfort, but it seems pretty good to me. The first clause says that Google may outsource data processing, but that whoever they outsource to must follow the same rules as Google. The second says Google will only sell aggregated, anonymized data.

I wanted to contrast the language difference between TOS and Privacy Policy. A TOS is something "I Agree" to whereas a Privacy Policy is just something Google tells me it might or might not do with my data. A huge difference. It is evident in the language too, TOS allows Google to sell personally identifiable data, while privacy policy states they wont. Privacy Policies are not legally binding - so its merely a PR thing. TOS gives Google rights - for e.g. to kick a user out of their service whenever they want - without giving the *user* any rights - other than what the privacy policy states they might do.

Well, at least as long as Page, Brin and Schmidt are in charge, Wall Street and other MBAs don't have much say. Those three outvote the rest of the shareholders combined. And Google is pretty light on MBAs in general, especially in managerial and executive positions. It's very engineer-heavy all the way up to (and including) the top :-)

Given the amount of personal info Google has, I hope that's true for everyone's sake.

The problem is that once the data has been sold, there's no way to call it back, and no way to keep track of what was done with it. I also don't have a lot of confidence in the security practices of, well, most everyone. I was a security consultant for 15 years, working with all kinds of fortune 500 companies -- mostly financial institutions! -- and security practices are generally appalling.

Well, nothing stops individual employees from leaking/spying on data anyway. And it has happened .. at Google/Facebook/etc, so all the security in the world will only stop external script-kiddies and other low-level information hackers but cant stop anyone who is motivated enough.

So, I'd much rather the data stay in house at Google, who does a good job of securing it, is willing to fight back against government intrusion, and even gives me the option of seeing what data they have collected (through the privacy dashboard) and allowing me to opt out and/or have my data deleted. And I'd rather that Yahoo! promise to keep what they collect on me in-house as well, rather than selling it, even if I don't have quite as much confidence in their integrity.

Your statement contains an implicit assumption that data *must* be collected. I am of the opposite view. Personal data should never be automatically collected, even in an anonymous fashion. All data collection must be done through a specific means (e.g. user submitted form) via an explicit opt-in event - not just clicking "I Agree" on some large wall of text that nobody can understand.

and even gives me the option of seeing what data they have collected (through the privacy dashboard) and allowing me to opt out and/or have my data deleted.

I have never seen any option of permanently deleting data. I assume deleted just means hidden from the user. One reason being google cant guarentee that the data is deleted from all the backups, and another reason is - even deleted data is valuable for targeting ads.

I'm sure we disagree on most of the above since you work for Google :)

it is literally impossible to have a small budget for a modern CGI-heavy action or animated movie

That depends on what you're trying to make. Disney's Beauty and the Beast has excellent animation, was well written and performed, got nominated for a Best Picture (which was such a shock that animated movies soon got pushed into their own category, away from the serious live action films), and was produced for what would be in today's dollars, a $41 million budget. A few years ago, Disney released Tangled, which has excellent animation, was well written and performed, and did get some awards although not best animated feature, and was produced for what would be in today's dollars, a $273 million budget.

Both are good movies. But Tangled, which cost over six and a half times as much as Beauty and the Beast, after adjusting for inflation, is not six and a half times better. You can make perfectly good movies on lower budgets.

The special effects for something like Avatar, Star Trek, The Avengers, etc, for $100M+ alone.

And yet, everyone loved Star Trek when it was on TV, and had such a low budget that they had to use the backlot for the Nazi, Gangster, and Roman planets, and the villain of the week was the giant floating head of Zsa Zsa Gabor! And everyone still loves The Wrath of Khan the most, and adjusted for inflation, it was made on a $26 million budget.

You know what would've been a better use of my time instead of seeking ST:ID? Seeing Trek in the Park.

Arguing that "if someone spent too much creating their content that's their problem, everyone should still be able to consume it for free" or "expensive movies are sometimes worse than cheap ones, and I should be able to watch bad movies for free" make no sense either. If it's bad don't watch it. If you watch it you apparently thought it was worth watching so compensate the creators.

I'm not arguing the latter, but I am arguing something close to the former. If it were legal for people to make and distribute copies of works on a strictly non-commercial basis (no charge for copies, nor for the media, nor bandwidth, no tip jars, no ads, not used as a draw for something else, no donations -- all completely at a loss), then that would simply be a factor for producers to take account of in budgeting films. Just think about how happy Hollywood would be if going to the movies was mandatory, and that you'd commit a felony if you didn't buy a ticket once a week. If maximizing their income is our priority, why don't we force people to go? If not, then why should it bother us if their income is not maximized, or even if it is less than what it happens to be now? They might make less than they do now, but they'll cope, I'm sure.

And comparing copyright issues from today and 300 years ago doesn't make sense, as copying was limited by technology or skill

I have news for you: that's still true. The technology has gotten better, and some of the skills, like literacy, are more widespread, but pirates do not have magic wands.

Today 1000 people can put 2 years of work into a movie, and it can be copied in 10 minutes using cheaply available hardware.

And the movie studios are free to use whatever equipment best serves their interests for making their own copies. They are not at a technological disadvantage. A huge movie studio can afford the same gear that the average basement-dwelling nerd can. In fact, usually legitimate publishers have the upper hand, being able to act openly, serve larger audiences, and use better, faster equipment which is nevertheless has lower marginal costs. At most there might be parity, but pirates never have the upper hand unless publishers are doing something stupid to handicap themselves.

or legal threats (debatable as to whether it really works

fictional zombie problem

Well of course. I'm sorry, movies and games having people shooting and using a crowbar on threatening live people just wouldn't go over. That'd be like "anarchy of the strongest" or something.

It's not a person you're shooting, just a zombie who happens to just _LOOK_ like a person. And besides, he's the one attacking me, I'm just an innocent bystander who would just happily just ignore them -- they're the ones that started it.

And besides, zombies with all of their bleeding and moaning and shuffling and all look Nothing Like Us, forget about skin color or religion or anything else. They're dumb, offensive, illogical, not human, and they deserve to die. Again if necessary.


Gee, if you have severely limited food stocks with some controlled depot concentrations, you can replace "zombie infection" with "hunger" (you can be infected if you share too much food), the "survivors" with the "ones in control of the local food depots" (?the rich?), and the panic, fear, angst and suffering that the infected deal with along with the power, control, and angst feelings that the survivors deal with, and you've got a uncivilized, more violent Soylent Green

Oh, look: it's the news:
Zero
One
Two
Three

Don't worry though -- remember, the ones in control over government are here to help YOU -- once they finish helping themselves.

And that's just human nature, that's pretty much what you can expect from everyone -- they take care of themselves and their friends, because -- they're friends. And the sad part is, I'm NOT against government at all -- especially ours -- I'm just again people in government with unlimited power and zero responsibility.

"A government big enough to give you everything you want, is a government big enough to take away everything that you have." ...and I'm only anonymous here because I'm too lazy to figure out my password -- I'll claim this accidental article shortly.

Remember the NSA has only gotten caught when they've been betrayed, not because their technical means were discovered.

Only for very specific definitions of "caught" - back in 2007 we were pretty sure they had fucked with Dual_EC_DRBG.

As people have noted, educate your community about other internet options.
http://www.wired.com/wiredenterprise/2013/05/community-fiber/
Understand your State, your local laws and then read up about what other people did in choice limited regions.

Here is an article that explains this better than I did, written by an attorney that specializes in computer security, electronic privacy etc.

http://www.wired.com/opinion/2013/09/the-unexpected-result-of-fingerprint-authentication-that-you-cant-take-the-fifth/

"Bahnhof, a builder of futuristic-looking data centers" Has nominated Snowden for the peace prize.

I wouldn't expect those morally corrupt idiots to actually award him the prize. It would restore some of their credibility if they did though.

"... Instead, it is still a higher priced product, although not nearly as pricey as the 5S, and the 4S is free with contract."

Sure, it's more expensive, but look at all of the new features it comes with.

http://www.wired.com/dangerroom/2013/04/iphone-biometrics/

It sounds like they combined the once-external system that AOptix was selling to the government, combined it with some old Sony technology ( http://netsecurity.about.com/b/2007/08/30/new-sony-rootkit-found-on-usb-flash-drive.htm ), miniaturized/integrated them and gave it all to you for a modest price increase. You never have to type a password again, nor do you have to go to jail to get finger-printed. As an added bonus, the 911 operator will know it's actually you calling for help!

http://www.wired.com/wiredenterprise/2012/10/linus-torvalds-hard-disks/

They've documented 2.
3 is right fucking here - http://www.google.com/transparencyreport/
4 is documented in their court battle http://www.wired.com/threatlevel/2013/04/google-fights-nsl/
5 was documented
6 was documented http://www.zdnet.com/blog/btl/google-wins-floating-data-center-patent/17266
7 was documented http://www.latimes.com/nation/nationnow/la-na-nn-nsa-google-encryption-20130907,0,3652913.story

All are verifiable and you're full of shit.

Except that this came to light back in 2007.
http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115

So why has nobody fixed this in the past six years? Thanks to Snowden it's back in the spotlight, and now it seems like action is being taken. That's his legacy. I thank him for that.

Except that this came to light back in 2007. http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115

> iPhone 5 was a radical new design

http://www.wired.com/images_blogs/gadgetlab/2012/09/iphone5Comparison.jpeg

Yeah that's FREAKING RADICAL, MAN!

Different form factor and replacing the glass back with a unibody aluminum shell was pretty dramatic. When you cherry pick one picture that only shows a portion of the device, yes it is harder to see.

> iPhone 5 was a radical new design

http://www.wired.com/images_blogs/gadgetlab/2012/09/iphone5Comparison.jpeg

Yeah that's FREAKING RADICAL, MAN!

Shouldn't we be welcoming RdRand with open arms? It's a mathematically proven high-quality random number generator that lets chips like Ivy Bridge & Haswell produce large amounts of true random data (not a simple PRNG data) at multi-gigabit speeds.

... but ... SPIES. And Gub'mint. And HAXXORz.

I have to admit I didn't know much about the controversy so I went and found some articles.

Here is an article showing some weaknesses in Linux's random generation: Analysis of the Linux Random Number Generator

As reported by Bruce Schneier for this Wired article: http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115

Clearly you and I read different articles (you didn't cite yours, so it's hard for me to say). Here's a quote from this one:

Montiel also shared a potentially damning anecdote regarding the negotiations over the Honda Ridgeline’s trap. “We asked him to build us a hidden compartment for 10 kilos,” he testified. “I remember we had problems because he asked, ‘Well, what’s a kilo like?’ I remember I saw a brick on the ground, and I said, ‘It’s a little bit bigger than this. I need you to do it for 10.’”

Whether or not you trust the testimony of a convicted drug trafficker is still an issue, of course, but they did have testimony describing him as having knowledge of what was going on.