I am going to be a devil's advocate again: It did work extremely well on the PS3, where a "complete" break wasn't achived until recently, and for a console that is almost five years old, that is a pretty good accomplishment.
Satellite is well protected with no "master cards" available on any black market. So far, no cracks are out there in any form.
The iPhone 5 has yet to have even a single usable JB. The 4S has had only limited windows of time where it was jailbreakable.
Even with e-readers, I've yet to see a cracked AZW file in the past two years. Amazon must be doing something right with their Kindle DRM. (I hope to be proven wrong, but I was curious about this earlier, did some quick searching and found any supposed decoders just were links to malware/Trojans.)
Tell me about it... there is a whole list of things that I really wish the US would adapt to, such as the metric system [1].
I just don't see what's so wrong about ditching the paper dollar? If people are wanting it for a collection, have the US make a "proof set" with the bill. With how little a dollar buys, we might be better off replacing the dollar, the $5, the $10, and the $20 with coins. Save the $50s and the C-notes for the guys with the grills.
If laws like the DMCA and such can be passed, maybe something constructive but unpopular like a currency revamp using the latest anti-counterfeit measures for coins might be useful in the long term? Maybe sneak in some text on the next omnibus law through Congress requiring the Metric system for all dimensions and measures for Federal contracts as well?
[1]: OK, save the Imperial measurements so people can have their.50 caliber revolvers, and 2x4 planks will be 2x4s... but virtually everything else needs to be in the same units the rest of the world uses.
I will say this: If I come across a "people of Costco" website site, it likely would be something completely different than the one mentioned by the parent poster.
What makes me wonder is what would happen to the standard economic models should nuclear power advance a few generations (such as getting thorium reactors operable), or even fusion.
At the minimum, cheap energy would at least get us multilevel hydroponic farms for intensely dense organic food growth. Even in areas of low to no water, that can be solved by desalination.
As for recycling, given technologies to obtain gasoline from CO2 in the air (although it takes a lot of energy), would be able to keep our petroleum based infrastructure going and actually end up carbon positive.
The biggest limiter on our economy in the US these days is hydrocarbon fuel availability. Since 2010, I've been seeing the cycle of a recovery starting, gas prices going up, said recovery stalls, gas prices fall almost back down, but hit a low at 2-5% more than the last ebb, and the cycle beginning again.
The ironic thing is that the point is moot. I've seen some very well engineered iPod docks, but with the change of connector, they are pretty much useless now.
I still wish the phone industry would make a standard connector that doesn't just provide pins, but a structural support so a device can be attached and stick up vertically. The old 30 pin Apple connector did this extremely well, and was somewhat forgiving of thick cases. The new Lightning adapter is a different beast altogether.
I feel like devil's advocate here, but I've had decent luck with the Ford Sync system. It works well with iOS and Android, and has not given me any real grief.
Only minor issue is that it tells the Bluetooth device that is playing music to start playing when the radio is turned on, even if the radio is turned off.
All and all, it has been pretty decent -- especially with the service of it texting where the wrecks are on my daily commute route.
With the various codes, cards, and such in car stereos, all stealing it would do is give a thief a bezel and some other parts to sell on eBay.
Even a new low-end Honda requires a five digit number typed into the stereo after a battery change, and after too many tries, it then requires a dealer trip for a JTAG programmer.
Personally, I wouldn't mind if the PATS module on a car and the stereo shared info. That way, if the battery was pulled, it could query the engine about the keycode, and if that keycode is validated as one the stereo has worked with previously, just authorize it until the next time power is killed. When the user adds a key to the PATS system, if the radio has not been pulled, it would add the same key to its database.
Result: Good protection, and to the user, they wouldn't have to care about a keycode or not unless they were moving it to a completely different vehicle.
It takes enterprises years to move from one release to another. Heck, I still see businesses still on XP because "it works", even though to bring a new XP install up to speed, it takes hundreds of patches.
Enterprises would not be happy with MS, especially if a service life of a Windows release drops. It takes a lot of time for an OS to work through a company, because it takes training, security, and in some cases, legal approval for anything to be added or modified on a gold corporate image.
MS's bread and butter is the enterprise. Honking those guys off is not a good idea.
What I can see MS doing is splitting Windows into three releases: Server, Consumer, and Client. (This is different from editions.) Server and Client would be released on a four year cycle, while Consumer would feature all the latest bells and whistles and get updates on an annual basis. Presently, the closest it would be like would be XP Pro, and XP Media Center Edition.
Correct. What is so special about the firewall/NAT box I'm mentioning is the form factor -- something of a small size that can be made relatively cheaply that can be easily plugged in between the switch and the device, and be powered off the Ethernet cable.
Of course, the same result could be achieved by putting devices on their own VLAN, but this is a relatively quick and dirty way to accomplish the same thing.
In the past, there was a dongle about the size of 1-2 chewing gum sticks stacked together which had two Ethernet ports on it. On the internal side, it had a very simple, configurable web page, and it did decent firewalling and NAT. Since this was sold before the days where Wi-Fi became common, it was very useful for laptops when plugging into Ethernet.
I don't remember the company that made them, but it would be nice to see that be sold again, but to protect devices.
Even with one SIM card, that can be virtualized as well. Skype and Google Voice do a good job at giving one a usable number.
I can see cellphone providers jumping on the bandwagon as well with this and offering a passthrough service, so the only thing the SIM card is used for is authorizing network usage.
ARM chips have "world" support (TrustZone). This is pretty much most of a hypervisor except for the filesystem redirects. However, it allows two completely separate VMs to run without them seeing or affecting each other on a CPU die basis.
Since this is done at a low level, it is a lot harder to bypass than just having a hypervisor in software.
Some hypervisors are extremely efficient. The one on IBM's POWER7 series is extremely thrifty at watts/CPU usage, especially when handling numerous virtual machines with their virtual processors.
It could also be something as simple as having multiple cores, several being lower speed/lower power, and the virtual machines that are not in use being scheduled to run on those. When they gain the user's attention, the VM in use gets moved to the faster CPU. Combine this with some power management (no apps running == VM is essentially taking no CPU overhead), and this wouldn't be too hard on battery life.
However, if the VM is completely isolated, similar to a Bochs VM, turning on and off power becomes a lot harder.
Devil's advocate here. Having a low level hypervisor on the phone is something I've wanted for a long time. There are reasons that having two OS stacks that don't "see" each other on a level 1 hypervisor system would be , and it is less to deal with technical than legal reasons.
Reason 1: I can fire off a "kill" command from Exchange, and the business part gets zonked. The phone still is trackable and locatable. I can do this with a text message and TouchDown, but this way, all data related to work (or even perhaps a client) is gone, and assuming everything is encrypted with a key, I can be sure that the data is rendered unrecoverable, not just deleted or "wiped" (overwriting three times does not work with flash media due to wear levelling unless the low level controller is told to zap the individual cells themselves.)
Reason 2: Separation. I can sign off on the fact that there is absolutely -zero- mingling of personal and work/client data other than being on the same physical hardware (the same way a mainframe can separate LPARs). Confidential stuff never touches the same filesystem as personal data, so a rogue app that gets root would not be able to rummage inside the latest TPS reports.
With how contacts get slurped up by apps, someone storing work related contacts on their phone is likely going to have them vacuumed up by an app, which will aid greatly for spamming, as well as directed attacks (from a contact list with titles, org structures can be deduced, etc.) So, keeping business contacts completely away from personal ones, or contacts addressible by Facebook [1].
Having stuff completely separate minimizes the chance of "leakage". I can sort of do this with Android, but on the iPhone, there is no app like RoadSync or Touchdown to keep the Exchange stuff separate.
Reason 3: Legal/tax reasons. Having stuff separate also makes the legal eagles happy.
Of course, hypervisors are not perfect, but what they provide is separation that is useful in a legal sense (separate filesystems, separate CPU usage, separate RAM images.) It is easier to explain complete separation/isolation to a jury who hates your guts than to explain how unlikely it would be for a root exploit that would allow user "a" in a multi-user system to access user "b"'s stuff, from happening.
So, even though keeping work stuff in a single app is a working solution, the best from both a technical and legal viewpoint would be a level 1 hypervisor.
[1]: If I remember right, there was a bug in the FB app that might alter contacts about a year ago, and that would not be good with work stuff.
Someone needs to invent a fairly simple device. It would have two Ethernet ports and a USB port. The USB port is used for programming it, perhaps then used for power. The Ethernet ports would be used for bridging/routing.
You put the device between whatever device and the rest of the network, select what purpose the device does, (or manually specify ports), and call it done, with the thing automatically proxying/masquerading. Print job hits port 515 on the device, the device sends the packets to the printer.
This way, even if there is some unknown port, it gets shut off.
Of course, the next step for backdoors would be backdoors in protocols (such as unique packets that normally would get ignored), but that can be found by DPI.
One clarification: The old Bioware treated their buyers as customers. I'm not impressed with the Bioware now that EA has had it, or the big names making the regurgitated crap for consoles.
All DRM is going to get broken on a PC. This is why there is a push for Secure Boot, hardware DRM stacks, and so on. However, even then, all that does is annoy legit customers who will just find better things to do than buy games, period. Worst case, one goes to the bookstore, grabs some friends, pull out the PnP version and does that.
Want to balance piracy versus usability? Use CD keys for online access. No CD key means that single user stuff might be usable, but patches are doable, but harder, online servers are inaccessible, and it becomes difficult to find online content. This way, someone playing a single player game can do it without worrying about always-on DRM, but if they want to get on the Net and grab levels/scenarios/creatures/skins/guns/etc., they need to have their CD key to pass the gatekeeper.
Now, this doesn't mean an account, although an account can store CD keys. This way, a game can be traded, but still be useful for the next buyer.
This happens with e-books all the time, but since Amazon re-did their DRM system about 6-9 months ago, there seems to have been nobody bothering to break their new AZW files.
It is a part of life. Generally, if someone buys a book, they are not interested in pirated online copy, so the full content PDF is a nice bonus.
Depends on the CD key. I like using NWN 1 as the best example of DRM working right, after they patched out CD-ROM protection:
You received a CD key. Yes, one can run a keygen for the client, but to get onto multiplayer, so you can play on PWs, grab modules, etc., the keys were stored in an individual database, and even if the NWN client was happy, the CD key wouldn't get you onto the online network.
Since Bioware (RIP) offered plenty of modules for the game, it was worth a legit copy for play hours and ease of grabbing/reviewing stuff to play.
The latest copy-protection, be it activation, poking at the CD-ROM drive, etc. always get patched, or if the game sucks enough, it just ensures that one will never play anything from that maker again. I made that mistake once with Ubisoft (and to boot, it was a Steam game that came with additional DRM), and it won't happen again.
It must not be a good shred job if the stuff can be easily put back together.
Consumer level shredders can just use strips about 3/8 of an inch wide. Next level up are some crosscuts which can 1 1/2 inches. From there, you get 1/8" wide cuts of varying crosscuts.
For serious shredding, you get a level 4-6 shredder, or at least a FACTA-compliant one. Those put out pieces small enough that they are more of the size of large glitter, not confetti.
I'm dubious about this too. Most government (city/state/Federal) agencies call the Iron Mountain or other contractor truck (since they do the work and provide a certificate of destruction for CYA reasons), and the shred services don't just use a high quality shredder, they end up pulping the paper in water to ensure that it is not retrievable.
I just wonder how this will play out in the civil courts, with the fact that in CA, burglars have gotten compensation because they tripped and fell in the victim's house.
I also wonder what type of fence is mentioned. In some high security installations, they have stun fences, which are to knock back an intruder as well as sound an alarm inside to alert security, and in prisons, they have kill fences, where the COs are alerted so they can remove the remains.
Of course, there is the "plain old" electric fence that is used to keep the cows in by delivering electric shocks in pulses slow enough to prevent muscle lock and allow the zapped animal to get away from the fence.
Even better, expanding on that idea, why not go with snapshots? if the relevant data is from two bounds of time, then either have that data put on media and sent or allow read-only access to the account, and only data between the two temporal boundaries.
Due to statute of limitations, it means data that is older than 2-3 years (assuming a civil case) would not be able to be fetched because it happened (the actual "transmission") far enough in the past that it is not relevant to any present proceedings.
The physical equivilent would be a bank with safety deposit boxes. If a warrant is served, then the box with the information is drilled, not every single box in the bank's vault belonging to that person or company.
Realistically, the judge should have gotten a subpoena on FB, asked for a snapshot of the records, preferably at the time the incidents happen, or at least one of the current day, and have that sent. That way, the username/password is not involved.
Asking for a password can mean the defendant can always state that they use two factor authentication and their phone happens to be inoperable so no text messages can be received (which isn't destruction of evidence or contempt of court, although the judge is not going to be amused.)
Marijuana is not like cocane or other drugs. There is a reason it is called "weed" -- it can be grown virtually anywhere. This makes the length of how far the stuff has to travel far shorter.
With decriminalization, plus the fact that there are a lot of pot breeds available, it wouldn't be hard to find someone who is offering their stuff directly from their grow room with no middlemen, and nothing being added into what they sell.
To a lesser extent, this is true with meth, but marijuana does not need the solvents and chemicals to make a usable product. All it takes is a small hydroponic room or just some space in the dirt.
In the mid 1990s, it was basically assumed that all E-mail was read/stored. In fact, PRZ said it well -- people don't send their personal correspondance via postcards -- they use envelopes. On the Net, people need to do the same.
Even if it isn't PGP/GPG, at least use S/MIME, which is vulnerable to CAs, but it at least is better than nothing at all.
Of course, the ideal is a PGP web of trust... but it is crazy how difficult it is to get people to get PGP or GPG working, generate a key to keep/use, then teach them what a WoT is.
A web of trust is very secure, barring endpoint compromise, especially if people have met and personally exchanged key IDs and fingerprints.
Some ISPs allow you to relay through their mail servers. You will have to provide your account info, but once that is done, any mail going out goes through their "blessed" SMTP servers.
Barring that, there are always commercial SMTP senders... they do cost, but for a home user, they are not that pricy.
Slashdot Mirror
I am going to be a devil's advocate again: It did work extremely well on the PS3, where a "complete" break wasn't achived until recently, and for a console that is almost five years old, that is a pretty good accomplishment.
Satellite is well protected with no "master cards" available on any black market. So far, no cracks are out there in any form.
The iPhone 5 has yet to have even a single usable JB. The 4S has had only limited windows of time where it was jailbreakable.
Even with e-readers, I've yet to see a cracked AZW file in the past two years. Amazon must be doing something right with their Kindle DRM. (I hope to be proven wrong, but I was curious about this earlier, did some quick searching and found any supposed decoders just were links to malware/Trojans.)
DRM is alive and well.
Tell me about it... there is a whole list of things that I really wish the US would adapt to, such as the metric system [1].
I just don't see what's so wrong about ditching the paper dollar? If people are wanting it for a collection, have the US make a "proof set" with the bill. With how little a dollar buys, we might be better off replacing the dollar, the $5, the $10, and the $20 with coins. Save the $50s and the C-notes for the guys with the grills.
If laws like the DMCA and such can be passed, maybe something constructive but unpopular like a currency revamp using the latest anti-counterfeit measures for coins might be useful in the long term? Maybe sneak in some text on the next omnibus law through Congress requiring the Metric system for all dimensions and measures for Federal contracts as well?
[1]: OK, save the Imperial measurements so people can have their .50 caliber revolvers, and 2x4 planks will be 2x4s... but virtually everything else needs to be in the same units the rest of the world uses.
I will say this: If I come across a "people of Costco" website site, it likely would be something completely different than the one mentioned by the parent poster.
What makes me wonder is what would happen to the standard economic models should nuclear power advance a few generations (such as getting thorium reactors operable), or even fusion.
At the minimum, cheap energy would at least get us multilevel hydroponic farms for intensely dense organic food growth. Even in areas of low to no water, that can be solved by desalination.
As for recycling, given technologies to obtain gasoline from CO2 in the air (although it takes a lot of energy), would be able to keep our petroleum based infrastructure going and actually end up carbon positive.
The biggest limiter on our economy in the US these days is hydrocarbon fuel availability. Since 2010, I've been seeing the cycle of a recovery starting, gas prices going up, said recovery stalls, gas prices fall almost back down, but hit a low at 2-5% more than the last ebb, and the cycle beginning again.
The ironic thing is that the point is moot. I've seen some very well engineered iPod docks, but with the change of connector, they are pretty much useless now.
I still wish the phone industry would make a standard connector that doesn't just provide pins, but a structural support so a device can be attached and stick up vertically. The old 30 pin Apple connector did this extremely well, and was somewhat forgiving of thick cases. The new Lightning adapter is a different beast altogether.
I feel like devil's advocate here, but I've had decent luck with the Ford Sync system. It works well with iOS and Android, and has not given me any real grief.
Only minor issue is that it tells the Bluetooth device that is playing music to start playing when the radio is turned on, even if the radio is turned off.
All and all, it has been pretty decent -- especially with the service of it texting where the wrecks are on my daily commute route.
With the various codes, cards, and such in car stereos, all stealing it would do is give a thief a bezel and some other parts to sell on eBay.
Even a new low-end Honda requires a five digit number typed into the stereo after a battery change, and after too many tries, it then requires a dealer trip for a JTAG programmer.
Personally, I wouldn't mind if the PATS module on a car and the stereo shared info. That way, if the battery was pulled, it could query the engine about the keycode, and if that keycode is validated as one the stereo has worked with previously, just authorize it until the next time power is killed. When the user adds a key to the PATS system, if the radio has not been pulled, it would add the same key to its database.
Result: Good protection, and to the user, they wouldn't have to care about a keycode or not unless they were moving it to a completely different vehicle.
It takes enterprises years to move from one release to another. Heck, I still see businesses still on XP because "it works", even though to bring a new XP install up to speed, it takes hundreds of patches.
Enterprises would not be happy with MS, especially if a service life of a Windows release drops. It takes a lot of time for an OS to work through a company, because it takes training, security, and in some cases, legal approval for anything to be added or modified on a gold corporate image.
MS's bread and butter is the enterprise. Honking those guys off is not a good idea.
What I can see MS doing is splitting Windows into three releases: Server, Consumer, and Client. (This is different from editions.) Server and Client would be released on a four year cycle, while Consumer would feature all the latest bells and whistles and get updates on an annual basis. Presently, the closest it would be like would be XP Pro, and XP Media Center Edition.
Correct. What is so special about the firewall/NAT box I'm mentioning is the form factor -- something of a small size that can be made relatively cheaply that can be easily plugged in between the switch and the device, and be powered off the Ethernet cable.
Of course, the same result could be achieved by putting devices on their own VLAN, but this is a relatively quick and dirty way to accomplish the same thing.
In the past, there was a dongle about the size of 1-2 chewing gum sticks stacked together which had two Ethernet ports on it. On the internal side, it had a very simple, configurable web page, and it did decent firewalling and NAT. Since this was sold before the days where Wi-Fi became common, it was very useful for laptops when plugging into Ethernet.
I don't remember the company that made them, but it would be nice to see that be sold again, but to protect devices.
Even with one SIM card, that can be virtualized as well. Skype and Google Voice do a good job at giving one a usable number.
I can see cellphone providers jumping on the bandwagon as well with this and offering a passthrough service, so the only thing the SIM card is used for is authorizing network usage.
ARM chips have "world" support (TrustZone). This is pretty much most of a hypervisor except for the filesystem redirects. However, it allows two completely separate VMs to run without them seeing or affecting each other on a CPU die basis.
Since this is done at a low level, it is a lot harder to bypass than just having a hypervisor in software.
Some hypervisors are extremely efficient. The one on IBM's POWER7 series is extremely thrifty at watts/CPU usage, especially when handling numerous virtual machines with their virtual processors.
It could also be something as simple as having multiple cores, several being lower speed/lower power, and the virtual machines that are not in use being scheduled to run on those. When they gain the user's attention, the VM in use gets moved to the faster CPU. Combine this with some power management (no apps running == VM is essentially taking no CPU overhead), and this wouldn't be too hard on battery life.
However, if the VM is completely isolated, similar to a Bochs VM, turning on and off power becomes a lot harder.
Devil's advocate here. Having a low level hypervisor on the phone is something I've wanted for a long time. There are reasons that having two OS stacks that don't "see" each other on a level 1 hypervisor system would be , and it is less to deal with technical than legal reasons.
Reason 1: I can fire off a "kill" command from Exchange, and the business part gets zonked. The phone still is trackable and locatable. I can do this with a text message and TouchDown, but this way, all data related to work (or even perhaps a client) is gone, and assuming everything is encrypted with a key, I can be sure that the data is rendered unrecoverable, not just deleted or "wiped" (overwriting three times does not work with flash media due to wear levelling unless the low level controller is told to zap the individual cells themselves.)
Reason 2: Separation. I can sign off on the fact that there is absolutely -zero- mingling of personal and work/client data other than being on the same physical hardware (the same way a mainframe can separate LPARs). Confidential stuff never touches the same filesystem as personal data, so a rogue app that gets root would not be able to rummage inside the latest TPS reports.
With how contacts get slurped up by apps, someone storing work related contacts on their phone is likely going to have them vacuumed up by an app, which will aid greatly for spamming, as well as directed attacks (from a contact list with titles, org structures can be deduced, etc.) So, keeping business contacts completely away from personal ones, or contacts addressible by Facebook [1].
Having stuff completely separate minimizes the chance of "leakage". I can sort of do this with Android, but on the iPhone, there is no app like RoadSync or Touchdown to keep the Exchange stuff separate.
Reason 3: Legal/tax reasons. Having stuff separate also makes the legal eagles happy.
Of course, hypervisors are not perfect, but what they provide is separation that is useful in a legal sense (separate filesystems, separate CPU usage, separate RAM images.) It is easier to explain complete separation/isolation to a jury who hates your guts than to explain how unlikely it would be for a root exploit that would allow user "a" in a multi-user system to access user "b"'s stuff, from happening.
So, even though keeping work stuff in a single app is a working solution, the best from both a technical and legal viewpoint would be a level 1 hypervisor.
[1]: If I remember right, there was a bug in the FB app that might alter contacts about a year ago, and that would not be good with work stuff.
Someone needs to invent a fairly simple device. It would have two Ethernet ports and a USB port. The USB port is used for programming it, perhaps then used for power. The Ethernet ports would be used for bridging/routing.
You put the device between whatever device and the rest of the network, select what purpose the device does, (or manually specify ports), and call it done, with the thing automatically proxying/masquerading. Print job hits port 515 on the device, the device sends the packets to the printer.
This way, even if there is some unknown port, it gets shut off.
Of course, the next step for backdoors would be backdoors in protocols (such as unique packets that normally would get ignored), but that can be found by DPI.
One clarification: The old Bioware treated their buyers as customers. I'm not impressed with the Bioware now that EA has had it, or the big names making the regurgitated crap for consoles.
All DRM is going to get broken on a PC. This is why there is a push for Secure Boot, hardware DRM stacks, and so on. However, even then, all that does is annoy legit customers who will just find better things to do than buy games, period. Worst case, one goes to the bookstore, grabs some friends, pull out the PnP version and does that.
Want to balance piracy versus usability? Use CD keys for online access. No CD key means that single user stuff might be usable, but patches are doable, but harder, online servers are inaccessible, and it becomes difficult to find online content. This way, someone playing a single player game can do it without worrying about always-on DRM, but if they want to get on the Net and grab levels/scenarios/creatures/skins/guns/etc., they need to have their CD key to pass the gatekeeper.
Now, this doesn't mean an account, although an account can store CD keys. This way, a game can be traded, but still be useful for the next buyer.
This happens with e-books all the time, but since Amazon re-did their DRM system about 6-9 months ago, there seems to have been nobody bothering to break their new AZW files.
It is a part of life. Generally, if someone buys a book, they are not interested in pirated online copy, so the full content PDF is a nice bonus.
Depends on the CD key. I like using NWN 1 as the best example of DRM working right, after they patched out CD-ROM protection:
You received a CD key. Yes, one can run a keygen for the client, but to get onto multiplayer, so you can play on PWs, grab modules, etc., the keys were stored in an individual database, and even if the NWN client was happy, the CD key wouldn't get you onto the online network.
Since Bioware (RIP) offered plenty of modules for the game, it was worth a legit copy for play hours and ease of grabbing/reviewing stuff to play.
The latest copy-protection, be it activation, poking at the CD-ROM drive, etc. always get patched, or if the game sucks enough, it just ensures that one will never play anything from that maker again. I made that mistake once with Ubisoft (and to boot, it was a Steam game that came with additional DRM), and it won't happen again.
It must not be a good shred job if the stuff can be easily put back together.
Consumer level shredders can just use strips about 3/8 of an inch wide. Next level up are some crosscuts which can 1 1/2 inches. From there, you get 1/8" wide cuts of varying crosscuts.
For serious shredding, you get a level 4-6 shredder, or at least a FACTA-compliant one. Those put out pieces small enough that they are more of the size of large glitter, not confetti.
I'm dubious about this too. Most government (city/state/Federal) agencies call the Iron Mountain or other contractor truck (since they do the work and provide a certificate of destruction for CYA reasons), and the shred services don't just use a high quality shredder, they end up pulping the paper in water to ensure that it is not retrievable.
I just wonder how this will play out in the civil courts, with the fact that in CA, burglars have gotten compensation because they tripped and fell in the victim's house.
I also wonder what type of fence is mentioned. In some high security installations, they have stun fences, which are to knock back an intruder as well as sound an alarm inside to alert security, and in prisons, they have kill fences, where the COs are alerted so they can remove the remains.
Of course, there is the "plain old" electric fence that is used to keep the cows in by delivering electric shocks in pulses slow enough to prevent muscle lock and allow the zapped animal to get away from the fence.
Even better, expanding on that idea, why not go with snapshots? if the relevant data is from two bounds of time, then either have that data put on media and sent or allow read-only access to the account, and only data between the two temporal boundaries.
Due to statute of limitations, it means data that is older than 2-3 years (assuming a civil case) would not be able to be fetched because it happened (the actual "transmission") far enough in the past that it is not relevant to any present proceedings.
The physical equivilent would be a bank with safety deposit boxes. If a warrant is served, then the box with the information is drilled, not every single box in the bank's vault belonging to that person or company.
Realistically, the judge should have gotten a subpoena on FB, asked for a snapshot of the records, preferably at the time the incidents happen, or at least one of the current day, and have that sent. That way, the username/password is not involved.
Asking for a password can mean the defendant can always state that they use two factor authentication and their phone happens to be inoperable so no text messages can be received (which isn't destruction of evidence or contempt of court, although the judge is not going to be amused.)
Marijuana is not like cocane or other drugs. There is a reason it is called "weed" -- it can be grown virtually anywhere. This makes the length of how far the stuff has to travel far shorter.
With decriminalization, plus the fact that there are a lot of pot breeds available, it wouldn't be hard to find someone who is offering their stuff directly from their grow room with no middlemen, and nothing being added into what they sell.
To a lesser extent, this is true with meth, but marijuana does not need the solvents and chemicals to make a usable product. All it takes is a small hydroponic room or just some space in the dirt.
In the mid 1990s, it was basically assumed that all E-mail was read/stored. In fact, PRZ said it well -- people don't send their personal correspondance via postcards -- they use envelopes. On the Net, people need to do the same.
Even if it isn't PGP/GPG, at least use S/MIME, which is vulnerable to CAs, but it at least is better than nothing at all.
Of course, the ideal is a PGP web of trust... but it is crazy how difficult it is to get people to get PGP or GPG working, generate a key to keep/use, then teach them what a WoT is.
A web of trust is very secure, barring endpoint compromise, especially if people have met and personally exchanged key IDs and fingerprints.
I just wish more people would do this.
Some ISPs allow you to relay through their mail servers. You will have to provide your account info, but once that is done, any mail going out goes through their "blessed" SMTP servers.
Barring that, there are always commercial SMTP senders... they do cost, but for a home user, they are not that pricy.