Absolutely. It seems all the posts blasting the 'President' for this stuff people intending to blast the President himself rather than the process. Yes, The US Congress (legislative branches) have authorized all of these programs, repeatedly. And people will continue to vote for them, and even I will; because the alternatives are FAR worse.
I am willing to exchange a little bit of my personal privacy for the rights for gays to marry. That's just how it goes. It's a trade off I accept.
Exactly this. The kind of person you're looking for is probably going to be outside the bounds socially. And if you're not willing to exchange how you THINK a person should dress or behave in exchange for their knowledge; then you're going to have some real issues.
I'll reply to this, not as an AC, and not as an MS Shill. In fact, I've had this Slashdot account for years.
I recently switched to a Windows Phone (Lumia 920) from the iPhone 5 through that promotion that Nokia is running for trade ins. Yes, I voluntarily funneled out $450 for a Lumia 920 (of which I'll get $360 back when I send 'em my iPhone 5)
Anyways...
Overall, I've been happy with the phone. It works reasonably well. And while the lack of apps can be a problem, it hasn't detracted from the functionality of the phone itself. The best I can say is 'different'.
I also like the live tiles over notification center...
The only people stabbing anyone in the back are the corporate overlords you so revere. What do you propose the solution to the aforementioned problem is, if not to organize?
I'm a bigger fan of violence myself, but I'm not stupid enough to think I'd be leading some sort of revolt in the process, so I don't carry it out. But I wouldn't be surprised if it came to that.
Have you ever worked in IT? Because I can assure you it's a lot more challenging than that.
You see, at 1 update/day for 50 days, you risk potentially breaking any application that the business uses. Every update is not just "rolling out Java", it's the following:
1. Hunt around for download links for a full, offline version of the installer. 2. Find out which management system you're going to use to do remote installs to every system. 3. Write up a change control document and follow an approval process to get changes out. 4. Test said update to a test environment as best as you can. 5. Get approval for update. 6. Roll out update to users. 7. If update breaks something, roll all users back. 8. Try to explain to management why IT just caused significant downtime.
If it's a web application it's reasonable to assume that browser caching would cache certain data on the hard drive. Even "clearing cache" would only delete the headers and not securely delete all of the data. With IE, you can enforce a GPO that tells the browser not to cache data retrieved over HTTPS ; but this is assuming that HTTPS is used for internally connected systems (often times they're not), and it assumes the user is using Windows in an Active Directory environment.
The other thing is policy. I work in an organization developing policy surrounding HIPAA data and I can tell you that it's significantly easier to have a global overall encompassing policy than it is to separate out what data should and SHOULDN'T be copied off of the server. If a user has read writes they have the rights to copy data to their HDD. So we treat all systems, even ones not directly involved in dealing with HIPAA data as the same. It makes it much easier to say with certainty that appropriate security measures have been applied.
Honestly, you'd be surprised at how easy it is to kill someone in an automobile accident, it doesn't really take much speed nor time to make it happen. It's just the results are slanted for against the receiving parties depending on those factors. You have a higher likelihood of dying in a higher speed crash, but it's not always 100%.
I agree completely, but the end result of the situation is that things are inherently legal until proven illegal, but more importantly each step of the entire process has to be established legally:
1. Is it legal for the recorders to be installed, configured, and enabled in vehicles? 2. Is it legal for insurance companies to require these devices to be installed, configured, and enabled? 3. Is it legal for insurance companies to retrieve this information? To share this information? And under what circumstances can they do so? 4. Is it legal for the government to require these devices to be installed, configured, and enabled? 5. Under what circumstances may the government retrieve this information? How can they share it? 6. Can the information be used in both civil and criminal penalties?
Each of these are extremely valid points that no doubt as time goes on will be asked and resolved in court, but that doesn't necessarily mean the entire process has to stop until they're answered, at least not without some sort of major challenge.
I don't agree here. For the most part the problems we're seeing surrounding voting is a problem with the enforcement of the system, not the theory of the system itself. When you vote people into office you do so in hoping that they represent your viewpoints and those that live within their respective areas. But they are only human, and they don't *have* to fully represent their people. They just have to represent themselves, which you hope is an idea that you would share.
The system is working pretty much as designed, but for the most part people spend more time on sites such as Slashdot rather than talking with their elected officials. It's easier to bitch about say, a road not being paved, than it is to go out of your way to ensure it gets paved. (FYI, I have done this in the past, and the total time from initial e-mail to the road being fixed was about a week).
I agree to a point, but for the most part some of your recommendations have to be balanced with the needs of the country. Drivers losing their licenses for injuries is a bit much considering the US as a whole has rather abysmal public transportation. A suspension of a license with remediation is fine and should be encouraged, as long as fault is established.
I disagree with the end of "right turn on red", but I do think it should be more strictly enforced. Right turn on red is AFTER STOP, but most people tend to ignore the stopping part. Again, a black box would help provide this information assuming the stop and turn was within the range of the recorder.
The one nice thing about these things is that they will help establish fault better. I'm currently involved in a traffic case right now (thank god no injuries) where a person merged into me on a road without signaling and without looking. Apparently, accidents involving "merging" are very difficult to prove fault and information like this would help determine that. For example, returning information on turning of the wheel without a blinker, etc. would be IMMENSELY helpful in these situations. I'd say a lack of using signals for turning and merging is one of the top causes of accidents within the US, they just can't really do anything about it because it's nearly impossible to prove.
Says the Anonymous Coward. While I'm not a lawyer and can't cite specific references it doesn't mean I'm not familiar with how these things happen. It's similar to people sharing information about traffic violations and if the "cop doesn't show up, you don't have to pay the fine." Sure, it's not specific legal advice but that doesn't mean the person doesn't know what they're talking about.
Furthermore, this has long been established in the courts. You're saying that under criminal penalty, investigators do not have the ability to enter your home with appropriate warrants to retrieve information relevant to their case? It's easy to argue against such possibilities when you're on the receiving end of the search.
I'm not saying such information should be available to RFID to a police officer that pulls you over for speeding, but the data should be available for review in criminal cases with subpoenas.
I don't agree, and largely because you don't have a 'right' to drive within the United States, which is likely where they'll draw any legal help for challenges within the US. You also have limited rights in public places. What's the difference between a black box in the car and investigators measuring your travel speed using a camera from a gas station across the street? Or even in the same parking lot?
It's very similar amounts of information, and if one of my loved ones was killed by someone that was lying in court I'd want to know the information as well. I'm sure you would, also.
What we're establishing here is that "swearing on the bible" is not enough to go on with regards to perjury, and I'm okay with that.
Just as an addition here, remember this the next time you vote and you vote for candidates that want to "reduce the size of government" and extoll the virtues of private enterprise. As you are learning, you really don't have a choice with a black box situation. If all the car manufacturers install them, and you need a car, what recourse do you have? If you remove said box and it violates the manufacturer's warranty and they no longer service/repair your vehicle, whose fault is that? Not theirs. Who will you turn to for resolution? The government. But if the government is 'limited in power' and 'reduced', what exactly will they be able to do as a 3rd party in this situation?
1. Car makers can put whatever devices in their cars they want. It's up to you, the buyer, to either not buy cars with black boxes OR to petition your local/state/federal politicians to make selling cars with black boxes illegal. You have either choice, it's up to you.
2. Insurance companies can require black boxes in cars if they were factory installed in order to be insured. Though there may be laws that they might be breaking because many states require auto insurance, but I'm not a lawyer. Either way, again, two options: vote with your wallet or make this practice illegal by approaching your politicians.
3. The aforementioned black box information does not have to be admissible in court for criminal penalties, but insurance companies could black ball you for information obtained from the box. Also, affected victims do have the 100% right to go after you for CIVIL penalties related to any crashes. The only time the 'government' matters is when there is involvement of criminal penalty. A civil court could mandate that the black box information be passed over to the victimized parties for review, or the data retrieved from therein.
I like how people talk about 'right to privacy' but each example I've mentioned still falls 100% within the boundaries of privacy laws AND more importantly, the US Constitution. Remember, such 'rights' are only granted against GOVERNMENT, but private parties can require whatever the hell they want. You can bitch and moan up a storm about right to privacy and whatnot but remember, private parties have far more leniency compared to personal information. For example, a government might require a warrant to obtain information on you ; but a PI can do whatever they please. The only reason a PI is limited is because someone somewhere said it was fucked up and got laws added.
Actually, it would have--but only if the.pk private keys were not compromised in the process. Also, a quick change of keys in the root zone for.pk's DS keys would have invalidated the previous keys, resulting in the compromised keys being invalidated globally.
Whether or not the process exists to remove DS records quickly from the root zone, however, I'm not sure--I don't manage TLDs...
I'll just leave this here. But feel free to continue thinking you know everything. Also check out RFC 4226 and 6238 and compare it with this wiki article. Enjoy!
This is nothing new to the IT industry in general and has been going on for years. It's only moved to "Security" now because the wave of nerds that 10 years ago were hired for "basic IT" are now sufficiently advanced where connecting a network together is trivial and their knowledge has moved on.
Slashdot Mirror
Absolutely. It seems all the posts blasting the 'President' for this stuff people intending to blast the President himself rather than the process. Yes, The US Congress (legislative branches) have authorized all of these programs, repeatedly. And people will continue to vote for them, and even I will; because the alternatives are FAR worse.
I am willing to exchange a little bit of my personal privacy for the rights for gays to marry. That's just how it goes. It's a trade off I accept.
Exactly this. The kind of person you're looking for is probably going to be outside the bounds socially. And if you're not willing to exchange how you THINK a person should dress or behave in exchange for their knowledge; then you're going to have some real issues.
I'll reply to this, not as an AC, and not as an MS Shill. In fact, I've had this Slashdot account for years.
I recently switched to a Windows Phone (Lumia 920) from the iPhone 5 through that promotion that Nokia is running for trade ins. Yes, I voluntarily funneled out $450 for a Lumia 920 (of which I'll get $360 back when I send 'em my iPhone 5)
Anyways...
Overall, I've been happy with the phone. It works reasonably well. And while the lack of apps can be a problem, it hasn't detracted from the functionality of the phone itself. The best I can say is 'different'.
I also like the live tiles over notification center...
For what it's worth, Surface Pro (A Microsoft-built device) allows you to disable Secure Boot support if you so choose.
UEFI -> Secure Boot -> Measured Boot (requires TPM)
This isn't any different than the way Steam works right now...
I guess you use a different version of Windows 8 than I do, I've found the experience to be quite useful.
Indeed they would.
The only people stabbing anyone in the back are the corporate overlords you so revere. What do you propose the solution to the aforementioned problem is, if not to organize?
I'm a bigger fan of violence myself, but I'm not stupid enough to think I'd be leading some sort of revolt in the process, so I don't carry it out. But I wouldn't be surprised if it came to that.
Have you ever worked in IT? Because I can assure you it's a lot more challenging than that.
You see, at 1 update/day for 50 days, you risk potentially breaking any application that the business uses. Every update is not just "rolling out Java", it's the following:
1. Hunt around for download links for a full, offline version of the installer.
2. Find out which management system you're going to use to do remote installs to every system.
3. Write up a change control document and follow an approval process to get changes out.
4. Test said update to a test environment as best as you can.
5. Get approval for update.
6. Roll out update to users.
7. If update breaks something, roll all users back.
8. Try to explain to management why IT just caused significant downtime.
How do you propose we handle this?
If it's a web application it's reasonable to assume that browser caching would cache certain data on the hard drive. Even "clearing cache" would only delete the headers and not securely delete all of the data. With IE, you can enforce a GPO that tells the browser not to cache data retrieved over HTTPS ; but this is assuming that HTTPS is used for internally connected systems (often times they're not), and it assumes the user is using Windows in an Active Directory environment.
The other thing is policy. I work in an organization developing policy surrounding HIPAA data and I can tell you that it's significantly easier to have a global overall encompassing policy than it is to separate out what data should and SHOULDN'T be copied off of the server. If a user has read writes they have the rights to copy data to their HDD. So we treat all systems, even ones not directly involved in dealing with HIPAA data as the same. It makes it much easier to say with certainty that appropriate security measures have been applied.
For what it's worth that's actually not a whole lot of money depending on the development practices of the organization.
* Cost of resources used (PCs, software, servers, etc.)
* Development, QA, Lifecycle
* Project Managers, Managers, Business Analysts, Developer
Honestly, you'd be surprised at how easy it is to kill someone in an automobile accident, it doesn't really take much speed nor time to make it happen. It's just the results are slanted for against the receiving parties depending on those factors. You have a higher likelihood of dying in a higher speed crash, but it's not always 100%.
I agree completely, but the end result of the situation is that things are inherently legal until proven illegal, but more importantly each step of the entire process has to be established legally:
1. Is it legal for the recorders to be installed, configured, and enabled in vehicles?
2. Is it legal for insurance companies to require these devices to be installed, configured, and enabled?
3. Is it legal for insurance companies to retrieve this information? To share this information? And under what circumstances can they do so?
4. Is it legal for the government to require these devices to be installed, configured, and enabled?
5. Under what circumstances may the government retrieve this information? How can they share it?
6. Can the information be used in both civil and criminal penalties?
Each of these are extremely valid points that no doubt as time goes on will be asked and resolved in court, but that doesn't necessarily mean the entire process has to stop until they're answered, at least not without some sort of major challenge.
I don't agree here. For the most part the problems we're seeing surrounding voting is a problem with the enforcement of the system, not the theory of the system itself. When you vote people into office you do so in hoping that they represent your viewpoints and those that live within their respective areas. But they are only human, and they don't *have* to fully represent their people. They just have to represent themselves, which you hope is an idea that you would share.
The system is working pretty much as designed, but for the most part people spend more time on sites such as Slashdot rather than talking with their elected officials. It's easier to bitch about say, a road not being paved, than it is to go out of your way to ensure it gets paved. (FYI, I have done this in the past, and the total time from initial e-mail to the road being fixed was about a week).
I agree to a point, but for the most part some of your recommendations have to be balanced with the needs of the country. Drivers losing their licenses for injuries is a bit much considering the US as a whole has rather abysmal public transportation. A suspension of a license with remediation is fine and should be encouraged, as long as fault is established.
I disagree with the end of "right turn on red", but I do think it should be more strictly enforced. Right turn on red is AFTER STOP, but most people tend to ignore the stopping part. Again, a black box would help provide this information assuming the stop and turn was within the range of the recorder.
The one nice thing about these things is that they will help establish fault better. I'm currently involved in a traffic case right now (thank god no injuries) where a person merged into me on a road without signaling and without looking. Apparently, accidents involving "merging" are very difficult to prove fault and information like this would help determine that. For example, returning information on turning of the wheel without a blinker, etc. would be IMMENSELY helpful in these situations. I'd say a lack of using signals for turning and merging is one of the top causes of accidents within the US, they just can't really do anything about it because it's nearly impossible to prove.
Says the Anonymous Coward. While I'm not a lawyer and can't cite specific references it doesn't mean I'm not familiar with how these things happen. It's similar to people sharing information about traffic violations and if the "cop doesn't show up, you don't have to pay the fine." Sure, it's not specific legal advice but that doesn't mean the person doesn't know what they're talking about.
Furthermore, this has long been established in the courts. You're saying that under criminal penalty, investigators do not have the ability to enter your home with appropriate warrants to retrieve information relevant to their case? It's easy to argue against such possibilities when you're on the receiving end of the search.
I'm not saying such information should be available to RFID to a police officer that pulls you over for speeding, but the data should be available for review in criminal cases with subpoenas.
I don't agree, and largely because you don't have a 'right' to drive within the United States, which is likely where they'll draw any legal help for challenges within the US. You also have limited rights in public places. What's the difference between a black box in the car and investigators measuring your travel speed using a camera from a gas station across the street? Or even in the same parking lot?
It's very similar amounts of information, and if one of my loved ones was killed by someone that was lying in court I'd want to know the information as well. I'm sure you would, also.
What we're establishing here is that "swearing on the bible" is not enough to go on with regards to perjury, and I'm okay with that.
Just as an addition here, remember this the next time you vote and you vote for candidates that want to "reduce the size of government" and extoll the virtues of private enterprise. As you are learning, you really don't have a choice with a black box situation. If all the car manufacturers install them, and you need a car, what recourse do you have? If you remove said box and it violates the manufacturer's warranty and they no longer service/repair your vehicle, whose fault is that? Not theirs. Who will you turn to for resolution? The government. But if the government is 'limited in power' and 'reduced', what exactly will they be able to do as a 3rd party in this situation?
Think about that very, very carefully.
Okay, let me break this down for you easily.
1. Car makers can put whatever devices in their cars they want. It's up to you, the buyer, to either not buy cars with black boxes OR to petition your local/state/federal politicians to make selling cars with black boxes illegal. You have either choice, it's up to you.
2. Insurance companies can require black boxes in cars if they were factory installed in order to be insured. Though there may be laws that they might be breaking because many states require auto insurance, but I'm not a lawyer. Either way, again, two options: vote with your wallet or make this practice illegal by approaching your politicians.
3. The aforementioned black box information does not have to be admissible in court for criminal penalties, but insurance companies could black ball you for information obtained from the box. Also, affected victims do have the 100% right to go after you for CIVIL penalties related to any crashes. The only time the 'government' matters is when there is involvement of criminal penalty. A civil court could mandate that the black box information be passed over to the victimized parties for review, or the data retrieved from therein.
I like how people talk about 'right to privacy' but each example I've mentioned still falls 100% within the boundaries of privacy laws AND more importantly, the US Constitution. Remember, such 'rights' are only granted against GOVERNMENT, but private parties can require whatever the hell they want. You can bitch and moan up a storm about right to privacy and whatnot but remember, private parties have far more leniency compared to personal information. For example, a government might require a warrant to obtain information on you ; but a PI can do whatever they please. The only reason a PI is limited is because someone somewhere said it was fucked up and got laws added.
Actually, it would have--but only if the .pk private keys were not compromised in the process. Also, a quick change of keys in the root zone for .pk's DS keys would have invalidated the previous keys, resulting in the compromised keys being invalidated globally.
Whether or not the process exists to remove DS records quickly from the root zone, however, I'm not sure--I don't manage TLDs...
Could have solved this issue. Assuming keys wouldn't have been compromised in the process.
http://www.wowwiki.com/Battle.net_Mobile_Authenticator_Specification
I'll just leave this here. But feel free to continue thinking you know everything. Also check out RFC 4226 and 6238 and compare it with this wiki article. Enjoy!
You are an idiot. Seriously.
This is nothing new to the IT industry in general and has been going on for years. It's only moved to "Security" now because the wave of nerds that 10 years ago were hired for "basic IT" are now sufficiently advanced where connecting a network together is trivial and their knowledge has moved on.