This isn't rocket science. If the employer selectively confesses its lies to its employees, it is unquestionably insider trading for them to sell their stock. If the employer publically discloses its lies, although the employees may sell their stock, this does not help them because they will be in no better position than the other stockholders trying to unload their stock. The very purpose of insider trading laws is to ensure that insiders are not put in a better position than the general public.
It is of course criminal to defraud your stockholders, including employee stockholders, about the company's financial information. However, the solution is not to do that in the first place. Having done so, it is not legal to help your employees avoid the consequences at the expense of others.
I registered on Oct 8, 1999 (I have the original registration e-mail, and this matches my recollection of registering as a college freshman), so that is presumably very nearly when 100000 registered.
You don't randomize the ballot once, and make 10,000 copies of the same ballot. You randomize the ballot 100 times, and make 100 copies of each ballot. Or more or less, but not ONE! Pot. Kettle. Black.
-- From Amazon's MP3 Music Service: Terms of Use --
"you agree that you will not redistribute, transmit, assign, sell, broadcast, rent, share, lend, modify, adapt, edit, sub-license or otherwise transfer or use the Digital Content."
That sentence starts out, "Except as set forth in Section 2.1 above, you agree..." Section 2.1, in its entirety, says, "Upon your payment of our fees for Digital Content, we grant you a non-exclusive, non-transferable license to use the Digital Content for your personal, non-commercial, entertainment use, subject to and in accordance with the terms of this Agreement. You may copy, store, transfer and burn the Digital Content only for your personal, non-commercial, entertainment use." This is exactly what you'd expect, except maybe the non-transferrable part.
Quoting a partial sentence the way you did, I'm tempted to think you're just trolling.
If the computational power of the average Joe's computer rises so it can test one trillion 128-bit AES keys per second, then a botnet of one billion computers would only need 10 billion years to exhaust the keyspace. This is just basic arithmetic.
However, I agree that 1024-bit numbers could be at risk of being factored by a large botnet in the near future.
In general, people already worry to some extent about the possibility of millions of computers working together when thinking about key sizes.
"Now, the annual energy output of our sun is about 1.21*10^41 ergs. This is enough to power about 2.7*10^56 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all of its energy for 32 years, without any loss, we could power a computer to count up to 2^192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.
"But that's just one star, and a measly one at that. A typical supernova releases something like 10^51 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.
"These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space."
- Bruce Schneier, Applied Cryptography, 2nd ed., p. 158
Copyrights that expire on death is nuts if you believe in copyright at all, particularly if the duration is only 20 years anyway. Such a proposal makes it so that authors make less money if they have health problems (beyond any intrinsic productivity issue the health problem might be causing). Exclusive rights to a book that are likely to expire in 5 years or so are less valuable than exclusive rights that are not likely to expire before 20 years. The problem might be more acute with software, where the company wouldn't like the risk of key portions of its software entering the public domain if the programmer drops dead a couple of years after writing them. You could also have issues with the company encouraging the programmer not to have dangerous recreational activities. It is highly naive to believe that epxiration of copyright on death would not affect the author before death. It also unclear what problems exist with a short fixed term that are solved by a short term limited by the author's life.
Look, you can personally define things however you want, but the purpose of language is to be understood.
Your use is completely nonstandard. MITM attack refers to compromised communications between computers. Terms are more useful when they don't extend too broadly, as MITM attack would if you refer to any attack on communications between human beings. Also, the term is generally used in the discussion of cryptographic protocols. In such protocols, it is obviously assumed that the users can perform the underlying computation securely. Whether that requires a special hardware device or a normal desktop computer is beyond the scope of the protocol. There is obvious benefit to analyzing a cryptographic protocol with a trusted computer and untrusted communications and separately analyzing what a trusted computer should be. Throwing it all together makes the terms less useful.
I've taken classes in cryptography at a very good university where I majored in computer science and I've talked about security issues with other people plenty of times, and this is the first time I've heard MITM attack refer to a compromised computer being used by the person being attacked. Wikipedia doesn't support your claim -- you simply made your own definitions of words in Wikipedia's definition in order to make it support your claim. Look at the "Defenses against the attack" section of the article. If your claim was right, defense would require a special hardware device, which is nowhere mentioned.
If you're right, and people actually use MITM attack to refer to compromising someone's computer with a 0-day exploit, the way to prove that is not to cite a definition that could maybe refer that situation if you define certain words in the definition in a certain way, but simply to cite an example where someone reputable uses MITM attack to refer to the use of a 0-day exploit. If this is a normal use as opposed to a abnormal use, this wouldn't be hard.
That's not what "man in the middle" means. It refers to being in between in between the two endpoint computers. If you've compromised an endpoint computer, that's not a MITM attack.
Why change your MAC address? You realize the only one to see that is your ISP, and they can tie your traffic to you regardless, if they want. Perhaps a program running on your computer, such as spyware, might use your MAC address as a unique identifier, but surely someone like you would consider your computer totally compromised if it's running an untrusted program at all.
Sorry, I must also chime in to say that alita69 is wrong and Tack is right, as I don't want you to be misled.
IP packets have a "header" portion and a "data" portion, or "payload". The header always contains an IP address purporting to be that of the sender. The payload is specific to the application. According to Jacobson, Kazaa also places a copy of the IP address of the computer it is running on in the payload. NAT devices always modify the IP address in the header, and generally do not modify the payload. I'd be quite surprised if a consumer NAT device modified the payload for Kazaa specifically.
Like Tack, I'm not familiar with the Kazaa protocol, but Jacobson's claim that it puts an IP address in the payload is quite plausible and likely true. Also, I naturally have no knowledge of the reliability of Media Sentry's investigations. However, you can see from what I've said that the identical IP addresses in the header and payload are probably inconsistent with Kazaa running on a computer behind a NAT device, because the address in the header would be modified but the address in the payload would not. Like Tack, I think alita69 failed to understand that Jacobson was talking about an IP address in the payload.
Also, while alita69's statement that a home computer behind a NAT device will generally use DHCP is true, I'd guess that well over 99% of home computers in general use DHCP, so that is of little probative value.
There are multiple safe harbor provisions in the DMCA. Those that require material to be dealt with in an totally automated fashion are not those that would apply to YouTube in any event.
Section 512(a) provides a safe harbor for transitory communications, like information routed through an ISP or backbone. It does require that "the transmission, routing, provision of connections, or storage is carried out through an automatic technical process without selection of the material by the service provider" and also has a more restrictive defintion of a "service provider" than other sections, but would not apply to YouTube even if they did not manually censor because it also requires that "no copy of the material made by the service provider in the course of such intermediate or transient storage is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients," as it is indeed only intended to apply to routing through networks.
Section 512(b) provides a safe harbor for caching, but would not apply to YouTube in any event because they are not a cache.
Section 512(c) provides a safe harbor for storage at the direction of a user, and is the familiar section with the takedown notices and so forth. This indeed applies to YouTube, but contains no requirement that they not arbitrarily censor. It requires that the provider "(A)(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing; (ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or (iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material; (B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and (C) upon notification of claimed infringement as described in paragraph (3), responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity."
Thus, YouTube is required not to look closely at its site only in the sense that if it does look at things on its own site and see that they are infringing, it must remove them of its own accord. If I send a message to YouTube telling them that a video is porn, and an employee thereby looks at the video and sees that it's an episode of the Simpsons, they must remove the video. There is nothing preventing them from looking for porn, to continue with this example, and removing it whether it infringes or not while retaining protection under the safe harbor provision, so long as they remove infringing content that they incidentally find while looking for porn. This applies to any other censorship, be it removing videos that might offend someone or removing videos about biking.
Section 512(d) provides a safe harbor for search engines and has similar requirements of takedown notices and lack of knowledge that 512(c) has.
Section 512(e) provides a safe harbor for educational institutions and is irrelevant to this discussion.
Did you know that cyanide can be extracted from apple seeds, and that from four pounds of apples, one can produce enough to kill 10% of Chicago?
We're only talking about killing 10% of Chicago with polonium in the same sense that we're now talking about killing them with apples.
It is quite ironic that you complain about restrictions carrying toothpaste on planes, when you express in the same post the sort of irrational fear that leads to such pointless security measures.
You are incorrect. It is legal to express a gender preference if a common room, such as a bathroom or kitchen, is shared, which is the case for almost all roommate situations.
I apologize for being so rude. It was in response to your remark about circular logic, but it still wasn't called for. Since you responded with an actual point instead of letting it degenerate into pure name-calling, I'll summarize the argument to this point, which shows that we're talking past each other.
The story gave broken links to USC Title 18, Sections 2, 371, 1036, 1343, and 2318 and Title 49, Sections 46314 and 46316.
"troll -1" gave fixed links to Title 18, Sections 1036, 1343, and 2318, and expressed the belief that the grad student would be vindicated.
I gave fixed links to Title 18, Section 2 and 371, and expressed hope that "at the very last," "someone would have to actually use his generator to commit a crime" or "he'd have to communicate with some specific person about commiting a crime" to be punished. I think it was clear that I found these things unlikely.
You pointed out that Northwest Airlines isn't the United States.
I pointed out that federal crimes are "offenses against the United States."
You pointed out that the grad student himself didn't commit violations of the stuff "troll -1" linked to.
I pointed out that that's not necessary for aiding, abetting, or conspiracy, which was what the fixed links I gave described, and gave a hypothetical example of how he might be guilty.
You claimed I'm wrong because I haven't proved his guilt.
I don't think he's guilty, and I haven't claimed that he's guilty. I think it's theoretically possible that he's guilty.
God you're dumb. The whole point of things like "aiding and abetting" and "conspiracy" is that you don't have to commit the underlying offense to be guilty of them.
Again: I'm not sure how much you have to do for it to qualify. It seems unlikely that he conspired with anyone. However, given that he listed "[meeting] your eldery grandparents at the gate," which is a violation of Title 18, Section 1036, as a possible use of his generator, it might be legally possible for him to be guilty under Section 2 if someone else actually used it to do that.
I'm pretty sure a criminal violation of the "United States Code" is an "offense against the United States" even if the United States wasn't the victim of the crime.
(a) Whoever commits an offense against the United States or aids, abets, counsels, commands, induces or procures its commission, is punishable as a principal.
(b) Whoever willfully causes an act to be done which if directly performed by him or another would be an offense against the United States, is punishable as a principal.
If two or more persons conspire either to commit any offense against the United States, or to defraud the United States, or any agency thereof in any manner or for any purpose, and one or more of such persons do any act to effect the object of the conspiracy, each shall be fined under this title or imprisoned not more than five years, or both.
If, however, the offense, the commission of which is the object of the conspiracy, is a misdemeanor only, the punishment for such conspiracy shall not exceed the maximum punishment provided for such misdemeanor.
I'm not familiar with the legal definitions, but I'd hope that at the very least someone would have to actually use his generator to commit a crime for him to be punished under section 2, or that he'd have to communicate with some specific person about commiting a crime for him to be punished under section 371.
It would have been in their own interest to develop a better way to validate boarding passes DECADES ago, just to stop people from using such a simple trick to fly without paying.
They have bar codes on boarding passes, and on almost every flight I've been on, they scan the boarding passes at the gate with a scanner that displays your name, presumably by looking up the bar code identifier in their database. Regardless of how stupid their scheme for coming up with the identifiers is, I don't see how you'd know what name to put on the boarding pass to correspond to the bar code. (And the scheme would have to be pretty stupid for you even to be able to come up with a bar code for the right flight.
The point is that they don't check your ID at the gate and they don't check the airline's database at the security checkpoint, so it's possible to board a flight without ID that matches the name of the reservation.
This could be a useful way to fly using a stolen credit card, but not a way to simply waltz onto a plane without purchasing a ticket at all.
People talk about voting machines. The solution there is easy. The software needs to provide a signature of the results AND the software together. Then you can easily detect tampering while still providing all the freedom necessary to fix problems.
Huh? If I tamper with software on a voting machine, the tampered software will of course provide a signature of the tampered results and the original software.
Are you suggesting that voting machines have a hardware mechanism for signing the state of the machine, like trusted computing?
In any event, building a machine that only runs signed code, where the private key is not publically available, is still a perfectly good security measure for voting machines, and is far simpler to implement correctly than trusted computing.
Sometimes women claim that they should be able to have an abortion because they should not have to carry a baby to term. However, I'm sure you can see the solution, although it has to be applied before the problem in this case. This is called 'planning'. One thing you should plan to do is not have sex with men and therefore producing children, unless you mean it. If the state then has to treat mothers in this situation poorly to protect unborn children, well then you'll excuse me if I don't cry for these mothers too much.
(I am in fact pro-choice. If you are not, then of course I have not shown any inconsistency in your standards.)
To boot into trusted mode, you have to be running signed binaries provided by the holders of the attestation key. They may claim to give you source but you can't verify that it's the source of what's running because you can't compile it and replace the signed binary and then get into "trusted" mode.
That is patently absurd. If they give you source, and tell you the exact compiler and flags used, and you compile it and find that it yields, byte for byte, the binary that was signed, then you have verified the fact that the source is for that binary, and I completely fail to see how TCPA affects this at all, or how anything could affect this. If you go through the pointless exercise of replacing the signed binary with your identical binary, while leaving the old signature, which will after all be valid, then indeed your machine will boot in "trusted" mode.
Furthermore, the grandparent post is a more accurate explanation of TCPA than yours.
There is no particular trusted mode to boot into, and no signed binaries to be provided. As the grandparent explained, you (the owner of the hardware) can boot the machine however you like, but the machine will have a private key not known to you, and it will only sign accurate attestations of the state into which it was booted. Any third party will decide in their own discretion what attested states they consider "trusted."
Please note that I have not endorsed TCPA, I've simply defended the grandparent's accuracy. (The phrase "trust the machine" in the last paragraph could be replaced by "trust that the machine was booted into the state it attested too" to be less loaded, but really.) However, feel free to assume I'm a corporate shill for understanding how TCPA works.
I find this a bogus argument - Hmm - the government has a legally issued subpoena - and Googles response - it'll take a whole man-week to comply with. Ah come ON. IBM had to put in something like 4000 man-hours into SCO vs IBM. I don't see that as a legitimate excuse.
See, IBM is a party to the litigation in SCO v. IBM, but Google is not a party to the litigation in which this subpoena was issued. It is quite natural that actual parties to the litigation have greater duties than non-parties.
Slashdot Mirror
This isn't rocket science. If the employer selectively confesses its lies to its employees, it is unquestionably insider trading for them to sell their stock. If the employer publically discloses its lies, although the employees may sell their stock, this does not help them because they will be in no better position than the other stockholders trying to unload their stock. The very purpose of insider trading laws is to ensure that insiders are not put in a better position than the general public.
It is of course criminal to defraud your stockholders, including employee stockholders, about the company's financial information. However, the solution is not to do that in the first place. Having done so, it is not legal to help your employees avoid the consequences at the expense of others.
I registered on Oct 8, 1999 (I have the original registration e-mail, and this matches my recollection of registering as a college freshman), so that is presumably very nearly when 100000 registered.
You don't randomize the ballot once, and make 10,000 copies of the same ballot. You randomize the ballot 100 times, and make 100 copies of each ballot. Or more or less, but not ONE! Pot. Kettle. Black.
-- From Amazon's MP3 Music Service: Terms of Use --
"you agree that you will not redistribute, transmit, assign, sell, broadcast, rent, share, lend, modify, adapt, edit, sub-license or otherwise transfer or use the Digital Content."
That sentence starts out, "Except as set forth in Section 2.1 above, you agree..." Section 2.1, in its entirety, says, "Upon your payment of our fees for Digital Content, we grant you a non-exclusive, non-transferable license to use the Digital Content for your personal, non-commercial, entertainment use, subject to and in accordance with the terms of this Agreement. You may copy, store, transfer and burn the Digital Content only for your personal, non-commercial, entertainment use." This is exactly what you'd expect, except maybe the non-transferrable part.
Quoting a partial sentence the way you did, I'm tempted to think you're just trolling.
If the computational power of the average Joe's computer rises so it can test one trillion 128-bit AES keys per second, then a botnet of one billion computers would only need 10 billion years to exhaust the keyspace. This is just basic arithmetic.
However, I agree that 1024-bit numbers could be at risk of being factored by a large botnet in the near future.
In general, people already worry to some extent about the possibility of millions of computers working together when thinking about key sizes.
"Now, the annual energy output of our sun is about 1.21*10^41 ergs. This is enough to power about 2.7*10^56 single bit changes on our ideal computer; enough state changes to put a 187-bit counter through all its values. If we built a Dyson sphere around the sun and captured all of its energy for 32 years, without any loss, we could power a computer to count up to 2^192. Of course, it wouldn't have the energy left over to perform any useful calculations with this counter.
"But that's just one star, and a measly one at that. A typical supernova releases something like 10^51 ergs. (About a hundred times as much energy would be released in the form of neutrinos, but let them go for now.) If all of this energy could be channeled into a single orgy of computation, a 219-bit counter could be cycled through all of its states.
"These numbers have nothing to do with the technology of the devices; they are the maximums that thermodynamics will allow. And they strongly imply that brute-force attacks against 256-bit keys will be infeasible until computers are built from something other than matter and occupy something other than space."
- Bruce Schneier, Applied Cryptography, 2nd ed., p. 158
"Convicted of a crime I didn't even commit. Hah! Attempted murder? Now honestly, what is that? Do they give a Nobel prize for attempted chemistry?"
Copyrights that expire on death is nuts if you believe in copyright at all, particularly if the duration is only 20 years anyway. Such a proposal makes it so that authors make less money if they have health problems (beyond any intrinsic productivity issue the health problem might be causing). Exclusive rights to a book that are likely to expire in 5 years or so are less valuable than exclusive rights that are not likely to expire before 20 years. The problem might be more acute with software, where the company wouldn't like the risk of key portions of its software entering the public domain if the programmer drops dead a couple of years after writing them. You could also have issues with the company encouraging the programmer not to have dangerous recreational activities. It is highly naive to believe that epxiration of copyright on death would not affect the author before death. It also unclear what problems exist with a short fixed term that are solved by a short term limited by the author's life.
Look, you can personally define things however you want, but the purpose of language is to be understood.
Your use is completely nonstandard. MITM attack refers to compromised communications between computers. Terms are more useful when they don't extend too broadly, as MITM attack would if you refer to any attack on communications between human beings. Also, the term is generally used in the discussion of cryptographic protocols. In such protocols, it is obviously assumed that the users can perform the underlying computation securely. Whether that requires a special hardware device or a normal desktop computer is beyond the scope of the protocol. There is obvious benefit to analyzing a cryptographic protocol with a trusted computer and untrusted communications and separately analyzing what a trusted computer should be. Throwing it all together makes the terms less useful.
I've taken classes in cryptography at a very good university where I majored in computer science and I've talked about security issues with other people plenty of times, and this is the first time I've heard MITM attack refer to a compromised computer being used by the person being attacked. Wikipedia doesn't support your claim -- you simply made your own definitions of words in Wikipedia's definition in order to make it support your claim. Look at the "Defenses against the attack" section of the article. If your claim was right, defense would require a special hardware device, which is nowhere mentioned.
If you're right, and people actually use MITM attack to refer to compromising someone's computer with a 0-day exploit, the way to prove that is not to cite a definition that could maybe refer that situation if you define certain words in the definition in a certain way, but simply to cite an example where someone reputable uses MITM attack to refer to the use of a 0-day exploit. If this is a normal use as opposed to a abnormal use, this wouldn't be hard.
That's not what "man in the middle" means. It refers to being in between in between the two endpoint computers. If you've compromised an endpoint computer, that's not a MITM attack.
Why change your MAC address? You realize the only one to see that is your ISP, and they can tie your traffic to you regardless, if they want. Perhaps a program running on your computer, such as spyware, might use your MAC address as a unique identifier, but surely someone like you would consider your computer totally compromised if it's running an untrusted program at all.
Sorry, I must also chime in to say that alita69 is wrong and Tack is right, as I don't want you to be misled.
IP packets have a "header" portion and a "data" portion, or "payload". The header always contains an IP address purporting to be that of the sender. The payload is specific to the application. According to Jacobson, Kazaa also places a copy of the IP address of the computer it is running on in the payload. NAT devices always modify the IP address in the header, and generally do not modify the payload. I'd be quite surprised if a consumer NAT device modified the payload for Kazaa specifically.
Like Tack, I'm not familiar with the Kazaa protocol, but Jacobson's claim that it puts an IP address in the payload is quite plausible and likely true. Also, I naturally have no knowledge of the reliability of Media Sentry's investigations. However, you can see from what I've said that the identical IP addresses in the header and payload are probably inconsistent with Kazaa running on a computer behind a NAT device, because the address in the header would be modified but the address in the payload would not. Like Tack, I think alita69 failed to understand that Jacobson was talking about an IP address in the payload.
Also, while alita69's statement that a home computer behind a NAT device will generally use DHCP is true, I'd guess that well over 99% of home computers in general use DHCP, so that is of little probative value.
You are wrong.
There are multiple safe harbor provisions in the DMCA. Those that require material to be dealt with in an totally automated fashion are not those that would apply to YouTube in any event.
Section 512(a) provides a safe harbor for transitory communications, like information routed through an ISP or backbone. It does require that "the transmission, routing, provision of connections, or storage is carried out through an automatic technical process without selection of the material by the service provider" and also has a more restrictive defintion of a "service provider" than other sections, but would not apply to YouTube even if they did not manually censor because it also requires that "no copy of the material made by the service provider in the course of such intermediate or transient storage is maintained on the system or network in a manner ordinarily accessible to anyone other than anticipated recipients," as it is indeed only intended to apply to routing through networks.
Section 512(b) provides a safe harbor for caching, but would not apply to YouTube in any event because they are not a cache.
Section 512(c) provides a safe harbor for storage at the direction of a user, and is the familiar section with the takedown notices and so forth. This indeed applies to YouTube, but contains no requirement that they not arbitrarily censor. It requires that the provider "(A)(i) does not have actual knowledge that the material or an activity using the material on the system or network is infringing; (ii) in the absence of such actual knowledge, is not aware of facts or circumstances from which infringing activity is apparent; or (iii) upon obtaining such knowledge or awareness, acts expeditiously to remove, or disable access to, the material; (B) does not receive a financial benefit directly attributable to the infringing activity, in a case in which the service provider has the right and ability to control such activity; and (C) upon notification of claimed infringement as described in paragraph (3), responds expeditiously to remove, or disable access to, the material that is claimed to be infringing or to be the subject of infringing activity."
Thus, YouTube is required not to look closely at its site only in the sense that if it does look at things on its own site and see that they are infringing, it must remove them of its own accord. If I send a message to YouTube telling them that a video is porn, and an employee thereby looks at the video and sees that it's an episode of the Simpsons, they must remove the video. There is nothing preventing them from looking for porn, to continue with this example, and removing it whether it infringes or not while retaining protection under the safe harbor provision, so long as they remove infringing content that they incidentally find while looking for porn. This applies to any other censorship, be it removing videos that might offend someone or removing videos about biking.
Section 512(d) provides a safe harbor for search engines and has similar requirements of takedown notices and lack of knowledge that 512(c) has.
Section 512(e) provides a safe harbor for educational institutions and is irrelevant to this discussion.
Did you know that cyanide can be extracted from apple seeds, and that from four pounds of apples, one can produce enough to kill 10% of Chicago?
We're only talking about killing 10% of Chicago with polonium in the same sense that we're now talking about killing them with apples.
It is quite ironic that you complain about restrictions carrying toothpaste on planes, when you express in the same post the sort of irrational fear that leads to such pointless security measures.
You are incorrect. It is legal to express a gender preference if a common room, such as a bathroom or kitchen, is shared, which is the case for almost all roommate situations.
I apologize for being so rude. It was in response to your remark about circular logic, but it still wasn't called for. Since you responded with an actual point instead of letting it degenerate into pure name-calling, I'll summarize the argument to this point, which shows that we're talking past each other.
I don't think he's guilty, and I haven't claimed that he's guilty. I think it's theoretically possible that he's guilty.
God you're dumb. The whole point of things like "aiding and abetting" and "conspiracy" is that you don't have to commit the underlying offense to be guilty of them.
Again: I'm not sure how much you have to do for it to qualify. It seems unlikely that he conspired with anyone. However, given that he listed "[meeting] your eldery grandparents at the gate," which is a violation of Title 18, Section 1036, as a possible use of his generator, it might be legally possible for him to be guilty under Section 2 if someone else actually used it to do that.
I'm pretty sure a criminal violation of the "United States Code" is an "offense against the United States" even if the United States wasn't the victim of the crime.
You missed Title 18, Section 2: Principals.
and Title 18, Section 371: Conspiracy to commit offense or to defraud United States.
I'm not familiar with the legal definitions, but I'd hope that at the very least someone would have to actually use his generator to commit a crime for him to be punished under section 2, or that he'd have to communicate with some specific person about commiting a crime for him to be punished under section 371.
It would have been in their own interest to develop a better way to validate boarding passes DECADES ago, just to stop people from using such a simple trick to fly without paying.
They have bar codes on boarding passes, and on almost every flight I've been on, they scan the boarding passes at the gate with a scanner that displays your name, presumably by looking up the bar code identifier in their database. Regardless of how stupid their scheme for coming up with the identifiers is, I don't see how you'd know what name to put on the boarding pass to correspond to the bar code. (And the scheme would have to be pretty stupid for you even to be able to come up with a bar code for the right flight.
The point is that they don't check your ID at the gate and they don't check the airline's database at the security checkpoint, so it's possible to board a flight without ID that matches the name of the reservation.
This could be a useful way to fly using a stolen credit card, but not a way to simply waltz onto a plane without purchasing a ticket at all.
People talk about voting machines. The solution there is easy. The software needs to provide a signature of the results AND the software together. Then you can easily detect tampering while still providing all the freedom necessary to fix problems.
Huh? If I tamper with software on a voting machine, the tampered software will of course provide a signature of the tampered results and the original software.
Are you suggesting that voting machines have a hardware mechanism for signing the state of the machine, like trusted computing?
In any event, building a machine that only runs signed code, where the private key is not publically available, is still a perfectly good security measure for voting machines, and is far simpler to implement correctly than trusted computing.
Sometimes women claim that they should be able to have an abortion because they should not have to carry a baby to term. However, I'm sure you can see the solution, although it has to be applied before the problem in this case. This is called 'planning'. One thing you should plan to do is not have sex with men and therefore producing children, unless you mean it. If the state then has to treat mothers in this situation poorly to protect unborn children, well then you'll excuse me if I don't cry for these mothers too much.
(I am in fact pro-choice. If you are not, then of course I have not shown any inconsistency in your standards.)
You also need an untraceable method of funding your account and withdrawing your winnings.
To boot into trusted mode, you have to be running signed binaries provided by the holders of the attestation key. They may claim to give you source but you can't verify that it's the source of what's running because you can't compile it and replace the signed binary and then get into "trusted" mode.
That is patently absurd. If they give you source, and tell you the exact compiler and flags used, and you compile it and find that it yields, byte for byte, the binary that was signed, then you have verified the fact that the source is for that binary, and I completely fail to see how TCPA affects this at all, or how anything could affect this. If you go through the pointless exercise of replacing the signed binary with your identical binary, while leaving the old signature, which will after all be valid, then indeed your machine will boot in "trusted" mode.
Furthermore, the grandparent post is a more accurate explanation of TCPA than yours.
There is no particular trusted mode to boot into, and no signed binaries to be provided. As the grandparent explained, you (the owner of the hardware) can boot the machine however you like, but the machine will have a private key not known to you, and it will only sign accurate attestations of the state into which it was booted. Any third party will decide in their own discretion what attested states they consider "trusted."
Please note that I have not endorsed TCPA, I've simply defended the grandparent's accuracy. (The phrase "trust the machine" in the last paragraph could be replaced by "trust that the machine was booted into the state it attested too" to be less loaded, but really.) However, feel free to assume I'm a corporate shill for understanding how TCPA works.
I find this a bogus argument - Hmm - the government has a legally issued subpoena - and Googles response - it'll take a whole man-week to comply with. Ah come ON. IBM had to put in something like 4000 man-hours into SCO vs IBM. I don't see that as a legitimate excuse.
See, IBM is a party to the litigation in SCO v. IBM, but Google is not a party to the litigation in which this subpoena was issued. It is quite natural that actual parties to the litigation have greater duties than non-parties.