What I'm saying is "PGP is not useful for the masses because PGP's key management is useless".
If you look on the public keyservers and you see three keys for an address, you have no way of knowing which (if any) belong to the person without lots of research and guessing. People forget their passwords for online accounts all the time; if all email were encrypted, then forgetting the password for your key means you lose all past email forever and don't have a good path to say "stop using that old key, use this new key, and you can trust this statement".
CAs suck slightly less than web-of-trust, so in theory x509 mail signing would be more usable, but we've been able to deploy that for a few decades and nobody has done so. So that's will also not work.
I'd love to have end-to-end encrypted mail for everyone, but I have not seen any way of doing that. At least TFA's proposal, which secures and authenticates each network link, will help and is feasible. PGP is not feasible, and I say that as someone who used it for a very long time.
That link implies that email was reliable at some point. It has never been reliable, has only ever been best-effort, and when it fails it requires wizardry and chicken entrails to determine the problem. I was in charge of email for my organization from 1993-2010, and it was the most thankless job imaginable (except, maybe, for printer admin).
I don't have much experience with hotmail/outlook.com, but gmail has been far less likely to stop spam without blocking valid email than anything I could deploy at my own organization or anything that most other organizations can deploy. That whole blog post sounds like someone who has no idea how email started, evolved, and now works, and just likes blaming the "big companies" for universal problems. It should not be held up as an example of anything but uninformed opinion.
Personally, I publish my public key on the "Contact Us" page of my web site and on the public key servers.
Sounds good. For extra safety, I'll also publish "your" private key on the public keyservers. Should be fine, I'm sure everyone will check your web site before sending email to you.
I love PGP, and for 15+ years every email I sent was PGP-signed. But I doubt if a single person ever checked the signatures. PGP's key management is useless; the web-of-trust doesn't scale and is easily compromised. CAs can also be compromised but are at least scalable,
The problem with storing messages encrypted with a key that only you know is either:
* Every time you read a message, you have to enter the key. This makes reading mail painful on a desktop and almost useless on mobile. * Or, a long-term key is stored so you can read the messages, in which case anyone who grabs any of your devices (either physically or with malware) can now decrypt all of your messages. This is still slightly safer than what we have now, but would not slow down government agencies or criminals much. "Bad Guys" don't break into Google; they grab your keys via phishing. and encrypted-at-rest won't help with that.
So, I've responded to the following in this thread:
* Bork was eminently qualified to be on the SCOTUS (no, unless you think that quashing an investigation into the POTUS in exchange for a SC nomination is a good thing) * Nixon was really not so bad (no, unless you think that offering a SC nomination in exchange for quashing an investigation is a good thing) * It's okay that Republicans are corrupt, because Democrats are much much worse (no, I think that looking at the actual things each POTUS did makes the relative corruption pretty clear. Yeah, blowjobs from underlings are kinda creepy and all, but if that's the worst you can come up with...) * Iran-Contra wasn't really illegal, because the Congress didn't object (dear god, how many ways is that wrong?) * And now, Iran-Contra was technically kinda okay, if you look at it really carefully and think that selling weapons to our enemies and giving money to murderous revolutionaries, all while actively avoiding telling Congress, is a good thing.
Look, I understand that you all like to support your team no matter what. I love the Steelers, even though the QB is a rapist and and the team regularly puts opponents in the hospital. I get it. But if you have to lie this hard to yourself just to feel good about your side, maybe you should reconsider. It's not a pointless game where overpaid freaks hit each other for millions; this is our country. This is our democracy, our environment, our culture, our lives. When one side says that science should be ignored; that we should change laws to make voting harder; that the government should control who we can marry; that healthcare is only for the rich; that a lying real-estate billionaire is the best person to lead our country; maybe, just maybe, defending that side isn't quite so important. Maybe the facts matter. Maybe.
Were these laws constitutional? If they were, and the Democrats Congress thought it was they would have challenged it and brought it to the Supreme Court for a decision. Since the Congress did not challenge Reagan their attorneys reviewing the case probably told them that the case wouldn't stand up to judicial review.
Really? Congress did not challenge Reagan? I mean, aside from the many hearings and the indicted (and convicted) folks whom Reagan and Bush pardoned?
I mean, it literally took me 15 seconds to type into Google and prove you wrong. I'm not sure if you are the same person as the AC I replied to earlier, so I'll say the same thing. You are a partisan zealot, sir, who does not let evidence corrupt your pure conclusions. And when you wonder why governmental officials feel that they can lie to the voters without consequences, please look in the mirror. Since you refuse to hold your own party to task, you are the problem.
Just because you think "watergate: bad" and therefore conclude "Bork: bad" because he did something related to it, that just does not make it so.
So, you think that quashing an investigation of the president for a promise of a spot on the Supreme Court is cool and is covered by "very good well-thought-out constitutional reasons". That's fine, I just don't agree with you.
Hint: He did not order the break-in, nor did he know about it in advance. What he DID do was enough to get even the Republicans to help the Democrats remove him from office (a decision that was proper to my way of thinking). Nixon gained NOTHING from the break-in and did not stand to gain anything from it.
As far as I can tell, Nixon didn't know about it in advance (though since his appointees and allies planned it, I'm not sure that lets him off scot-free). But he certainly did all he could to quash the investigation, including bribing Bork to fire the special prosecutor. Was it stupid and guaranteed to fail? Sure. Does that mean that we shouldn't investigate it and prosecute it? Unlike you, I think we should (and am glad we did).
The big-wigs in BOTH parties in the past two decades have made Nixon look like an amateur at corruption. The BIG difference is that modern Democrats will do ANYTHING to cover for their team because, as progressives, they believe the ends justify the means. Having displayed this tendency, you can now bet that no Republicans in congress will ever again help the Democrats remove a bad Republican. Nixon was a pig, but people like Bork who honorably served him and carefully tried to obey the laws very precisely are no different from any honorable person who served Clinton while he was molesting the help, lying under oath in court, using campaign cash from the Chinese army, using the secretaries of nearly all his departments and the secret service to help distract from his abuses, etc.
Nixon's people planted bugs in the offices of their political enemies. Reagan's people did deals with Iran and the Contras in defiance of congressional laws. Bush Jr.'s people lied about weapons of mass destruction.
Against that, Clinton received a blow job and lied about it, and Obama, well, Obama has had the more scandal-free presidency in living memory. The many Benghazi investigations (which all started out trying to blame Obama and only later shifted to Hillary) have all found nothing but some low-level incompetence.
Which is indeed stunning truth that "modern Democrats will do ANYTHING to cover for their team because, as progressives, they believe the ends justify the means". You are a partisan zealot, sir, who does not let evidence corrupt your pure conclusions.
You mean Robert Bork of the Saturday Night Massacre? Firing Nixon's prosecutor in exchange for a seat on the Supreme Court? Wow, you and I have different ideas about what "eminantly qualified" means.
I agree. Thanks, Obama! Don't auction these rights when the price of oil is way down; wait until oil is expensive again and then rake in the cash from the oil companies. (Probably in Hillary's second term.)
I'm quite sure that no matter what environmentalists or science says we'll eventually drill there, so we may as well help the budget rather than just making some oil companies even richer.
When faced with an annoyance, you can either change your behavior (buy some cheap noise-cancelling headphones), or try to force everyone else to change their behaviors (jam their signals, including those who are just browsing the web or texting quietly). One of these makes you a reasonable person, the other makes you an arrogant dick, far ruder than the people talking on their phones. The solution to rudeness is not more rudeness.
How is this suppressing anyone's speech? Seriously? This is mostly saying "if someone is spouting junk science, don't feature them in a science conference". Folks would be just as unhappy if flat-earth folks wanted to sponser the conference, and for the same good reasons.
But you put the blame in the wrong place. Don't blame politicians for not spending on infrastructure. Blame you and me, the voters. We seem to only vote for people who claim that they will lower taxes, and are then amazed when there is no money for infrastructure maintenance much less improvement.
liability insurance for a autonomous object then the rationale like car insurance must be such the vehicles are so likely to be in an accident that I need a method of paying off other individuals before I can recoup my losses from google
Really? I pay homeowners insurance even though 95% of the possible claims would be caused by weather, or natural disasters, or poor wiring done by an electrician, or poor wiring in a device I didn't manufacture. How is self-driving car insurance any different?
So the insurance is paid for by the City who operates the bus and not the passengers.
No, the insurance is paid by you via your fare. In the same way that if you own a house, you pay the property tax directly. If you rent an apartment, you pay the property tax via your rent. If you eat at a restaurant or shop at a store, some tiny part of your bill pays for the insurance and property tax of the restaurant.
The benefit of self-driving cars is that the insurance is likely to be far, far lower than human insurance. But we'll see; insurance companies are quite good at determining risks, so in a few years we'll see how the insurances compare.
But sure, drive yourself. No problem. My self-driving car will recognize the cars driven by unsafe humans and avoid them, so you'll still be much safer (since you'll only be in danger from other idiot humans). Seems like a loss for natural selection but otherwise a win for everyone.
Seriously... I can't think of any way shape or form that the "AI" behind a "self-driving car" is anywhere near ready for full legal responsibility for this.
An AI cannot have legal liability; it is a machine. Depending on how this shakes out, either the auto seller (Google, Toyota) or the auto owner will provide insurance and have legal liability.
And since human drivers are almost universally incompetent, as long as the AI driver is more competent than the average human (a low bar), the insurance will be cheaper than insurance for human drivers.
If we change from "biggest danger is trojans and password-file hacks anywhere in the world" to "biggest danger is someone physically stealing my phone and cracking my PIN", that seems like a really, really big win. Especially if you like Hello Kitty.
Also, if anyone thinks that idiot manufacturers (trying to save a few pennies) will screw up a simple resistor but will not screw up a chip, then I'm not sure what to say. A main reason we need smarts in the cables are because cheap chargers are not made with enough safety features or predate high-charge devices.
It is kind of like ObamaCare - it is for your ow good. So give us your money we will spend them for you.
Like Obamacare? So, you mean "cheaper than expected and working better than expected"? Fantastic! Sign me up.
I have a brother-in-law who has finally been able to get treatment for his high blood pressure because of the ACA. On the other hand, has there been a widely-publicized "Obamacare horror story" which has not been proven to be false? I assume there are a few actual horror stories; there always are in any complex system. But the fact that opponents have only picked fake horror stories says something important.
Getting back to the subject: I will be very happy to prevent unions from participating in government as soon as companies have the same restrictions. Here in the USA, we've got lots of corporate influence and not much union influence, and that is working... poorly.
If most people could save $0.50 buying their toilet paper from known child rapists, they would.
Sociopaths usually assume that most other people are also sociopaths. This says you're wrong.
Indeed. I choose to shop at Costco rather than Sam's Club, even though Sam's Club locations are much more convenient and slightly cheaper, because Costco treats their employees well and Sam's Club doesn't. I want to live in a world where my neighbors are well paid and well treated, not one where they are poor and needy. I can't change the whole world, but I can and do vote with my wallet.
Slashdot Mirror
If I ask Netflix to stream me a movie, how is Netflix a "third party"?
What I'm saying is "PGP is not useful for the masses because PGP's key management is useless".
If you look on the public keyservers and you see three keys for an address, you have no way of knowing which (if any) belong to the person without lots of research and guessing. People forget their passwords for online accounts all the time; if all email were encrypted, then forgetting the password for your key means you lose all past email forever and don't have a good path to say "stop using that old key, use this new key, and you can trust this statement".
CAs suck slightly less than web-of-trust, so in theory x509 mail signing would be more usable, but we've been able to deploy that for a few decades and nobody has done so. So that's will also not work.
I'd love to have end-to-end encrypted mail for everyone, but I have not seen any way of doing that. At least TFA's proposal, which secures and authenticates each network link, will help and is feasible. PGP is not feasible, and I say that as someone who used it for a very long time.
That link implies that email was reliable at some point. It has never been reliable, has only ever been best-effort, and when it fails it requires wizardry and chicken entrails to determine the problem. I was in charge of email for my organization from 1993-2010, and it was the most thankless job imaginable (except, maybe, for printer admin).
I don't have much experience with hotmail/outlook.com, but gmail has been far less likely to stop spam without blocking valid email than anything I could deploy at my own organization or anything that most other organizations can deploy. That whole blog post sounds like someone who has no idea how email started, evolved, and now works, and just likes blaming the "big companies" for universal problems. It should not be held up as an example of anything but uninformed opinion.
Personally, I publish my public key on the "Contact Us" page of my web site and on the public key servers.
Sounds good. For extra safety, I'll also publish "your" private key on the public keyservers. Should be fine, I'm sure everyone will check your web site before sending email to you.
I love PGP, and for 15+ years every email I sent was PGP-signed. But I doubt if a single person ever checked the signatures. PGP's key management is useless; the web-of-trust doesn't scale and is easily compromised. CAs can also be compromised but are at least scalable,
The problem with storing messages encrypted with a key that only you know is either:
* Every time you read a message, you have to enter the key. This makes reading mail painful on a desktop and almost useless on mobile.
* Or, a long-term key is stored so you can read the messages, in which case anyone who grabs any of your devices (either physically or with malware) can now decrypt all of your messages. This is still slightly safer than what we have now, but would not slow down government agencies or criminals much. "Bad Guys" don't break into Google; they grab your keys via phishing. and encrypted-at-rest won't help with that.
So, I've responded to the following in this thread:
* Bork was eminently qualified to be on the SCOTUS (no, unless you think that quashing an investigation into the POTUS in exchange for a SC nomination is a good thing)
* Nixon was really not so bad (no, unless you think that offering a SC nomination in exchange for quashing an investigation is a good thing)
* It's okay that Republicans are corrupt, because Democrats are much much worse (no, I think that looking at the actual things each POTUS did makes the relative corruption pretty clear. Yeah, blowjobs from underlings are kinda creepy and all, but if that's the worst you can come up with...)
* Iran-Contra wasn't really illegal, because the Congress didn't object (dear god, how many ways is that wrong?)
* And now, Iran-Contra was technically kinda okay, if you look at it really carefully and think that selling weapons to our enemies and giving money to murderous revolutionaries, all while actively avoiding telling Congress, is a good thing.
Look, I understand that you all like to support your team no matter what. I love the Steelers, even though the QB is a rapist and and the team regularly puts opponents in the hospital. I get it. But if you have to lie this hard to yourself just to feel good about your side, maybe you should reconsider. It's not a pointless game where overpaid freaks hit each other for millions; this is our country. This is our democracy, our environment, our culture, our lives. When one side says that science should be ignored; that we should change laws to make voting harder; that the government should control who we can marry; that healthcare is only for the rich; that a lying real-estate billionaire is the best person to lead our country; maybe, just maybe, defending that side isn't quite so important. Maybe the facts matter. Maybe.
Were these laws constitutional? If they were, and the Democrats Congress thought it was they would have challenged it and brought it to the Supreme Court for a decision. Since the Congress did not challenge Reagan their attorneys reviewing the case probably told them that the case wouldn't stand up to judicial review.
Really? Congress did not challenge Reagan? I mean, aside from the many hearings and the indicted (and convicted) folks whom Reagan and Bush pardoned?
I mean, it literally took me 15 seconds to type into Google and prove you wrong. I'm not sure if you are the same person as the AC I replied to earlier, so I'll say the same thing. You are a partisan zealot, sir, who does not let evidence corrupt your pure conclusions. And when you wonder why governmental officials feel that they can lie to the voters without consequences, please look in the mirror. Since you refuse to hold your own party to task, you are the problem.
Just because you think "watergate: bad" and therefore conclude "Bork: bad" because he did something related to it, that just does not make it so.
So, you think that quashing an investigation of the president for a promise of a spot on the Supreme Court is cool and is covered by "very good well-thought-out constitutional reasons". That's fine, I just don't agree with you.
Hint: He did not order the break-in, nor did he know about it in advance. What he DID do was enough to get even the Republicans to help the Democrats remove him from office (a decision that was proper to my way of thinking). Nixon gained NOTHING from the break-in and did not stand to gain anything from it.
As far as I can tell, Nixon didn't know about it in advance (though since his appointees and allies planned it, I'm not sure that lets him off scot-free). But he certainly did all he could to quash the investigation, including bribing Bork to fire the special prosecutor. Was it stupid and guaranteed to fail? Sure. Does that mean that we shouldn't investigate it and prosecute it? Unlike you, I think we should (and am glad we did).
The big-wigs in BOTH parties in the past two decades have made Nixon look like an amateur at corruption. The BIG difference is that modern Democrats will do ANYTHING to cover for their team because, as progressives, they believe the ends justify the means. Having displayed this tendency, you can now bet that no Republicans in congress will ever again help the Democrats remove a bad Republican. Nixon was a pig, but people like Bork who honorably served him and carefully tried to obey the laws very precisely are no different from any honorable person who served Clinton while he was molesting the help, lying under oath in court, using campaign cash from the Chinese army, using the secretaries of nearly all his departments and the secret service to help distract from his abuses, etc.
Nixon's people planted bugs in the offices of their political enemies. Reagan's people did deals with Iran and the Contras in defiance of congressional laws. Bush Jr.'s people lied about weapons of mass destruction.
Against that, Clinton received a blow job and lied about it, and Obama, well, Obama has had the more scandal-free presidency in living memory. The many Benghazi investigations (which all started out trying to blame Obama and only later shifted to Hillary) have all found nothing but some low-level incompetence.
Which is indeed stunning truth that "modern Democrats will do ANYTHING to cover for their team because, as progressives, they believe the ends justify the means". You are a partisan zealot, sir, who does not let evidence corrupt your pure conclusions.
You mean Robert Bork of the Saturday Night Massacre? Firing Nixon's prosecutor in exchange for a seat on the Supreme Court? Wow, you and I have different ideas about what "eminantly qualified" means.
I agree. Thanks, Obama! Don't auction these rights when the price of oil is way down; wait until oil is expensive again and then rake in the cash from the oil companies. (Probably in Hillary's second term.)
I'm quite sure that no matter what environmentalists or science says we'll eventually drill there, so we may as well help the budget rather than just making some oil companies even richer.
Buy yourself some noise-cancelling headphones, stop whining about people who annoy you, and please get over yourself.
(I agree that folks in public should use headphones for their music, though.)
When faced with an annoyance, you can either change your behavior (buy some cheap noise-cancelling headphones), or try to force everyone else to change their behaviors (jam their signals, including those who are just browsing the web or texting quietly). One of these makes you a reasonable person, the other makes you an arrogant dick, far ruder than the people talking on their phones. The solution to rudeness is not more rudeness.
I never thought I would call Newt Gingrich "the reasonable one"!
You are correct, it is more accurately defined as a ponzi scheme.
I think you misspelt insurance.
That's because Canadians are too damn polite to riot.
How is this suppressing anyone's speech? Seriously? This is mostly saying "if someone is spouting junk science, don't feature them in a science conference". Folks would be just as unhappy if flat-earth folks wanted to sponser the conference, and for the same good reasons.
Sadly, you're probably right.
But you put the blame in the wrong place. Don't blame politicians for not spending on infrastructure. Blame you and me, the voters. We seem to only vote for people who claim that they will lower taxes, and are then amazed when there is no money for infrastructure maintenance much less improvement.
liability insurance for a autonomous object then the rationale like car insurance must be such the vehicles are so likely to be in an accident that I need a method of paying off other individuals before I can recoup my losses from google
Really? I pay homeowners insurance even though 95% of the possible claims would be caused by weather, or natural disasters, or poor wiring done by an electrician, or poor wiring in a device I didn't manufacture. How is self-driving car insurance any different?
So the insurance is paid for by the City who operates the bus and not the passengers.
No, the insurance is paid by you via your fare. In the same way that if you own a house, you pay the property tax directly. If you rent an apartment, you pay the property tax via your rent. If you eat at a restaurant or shop at a store, some tiny part of your bill pays for the insurance and property tax of the restaurant.
The benefit of self-driving cars is that the insurance is likely to be far, far lower than human insurance. But we'll see; insurance companies are quite good at determining risks, so in a few years we'll see how the insurances compare.
Otherwise I'll do the driving, since I am also better than an average human as well.
See also the Dunning–Kruger effect.
But sure, drive yourself. No problem. My self-driving car will recognize the cars driven by unsafe humans and avoid them, so you'll still be much safer (since you'll only be in danger from other idiot humans). Seems like a loss for natural selection but otherwise a win for everyone.
Seriously... I can't think of any way shape or form that the "AI" behind a "self-driving car" is anywhere near ready for full legal responsibility for this.
An AI cannot have legal liability; it is a machine. Depending on how this shakes out, either the auto seller (Google, Toyota) or the auto owner will provide insurance and have legal liability.
And since human drivers are almost universally incompetent, as long as the AI driver is more competent than the average human (a low bar), the insurance will be cheaper than insurance for human drivers.
If we change from "biggest danger is trojans and password-file hacks anywhere in the world" to "biggest danger is someone physically stealing my phone and cracking my PIN", that seems like a really, really big win. Especially if you like Hello Kitty.
Shhh. All of the anti-Google "rebels" finally have a chance to shine; don't ruin if for the poor dears.
Also, if anyone thinks that idiot manufacturers (trying to save a few pennies) will screw up a simple resistor but will not screw up a chip, then I'm not sure what to say. A main reason we need smarts in the cables are because cheap chargers are not made with enough safety features or predate high-charge devices.
It is kind of like ObamaCare - it is for your ow good. So give us your money we will spend them for you.
Like Obamacare? So, you mean "cheaper than expected and working better than expected"? Fantastic! Sign me up.
I have a brother-in-law who has finally been able to get treatment for his high blood pressure because of the ACA. On the other hand, has there been a widely-publicized "Obamacare horror story" which has not been proven to be false? I assume there are a few actual horror stories; there always are in any complex system. But the fact that opponents have only picked fake horror stories says something important.
Getting back to the subject: I will be very happy to prevent unions from participating in government as soon as companies have the same restrictions. Here in the USA, we've got lots of corporate influence and not much union influence, and that is working... poorly.
If most people could save $0.50 buying their toilet paper from known child rapists, they would.
Sociopaths usually assume that most other people are also sociopaths. This says you're wrong.
Indeed. I choose to shop at Costco rather than Sam's Club, even though Sam's Club locations are much more convenient and slightly cheaper, because Costco treats their employees well and Sam's Club doesn't. I want to live in a world where my neighbors are well paid and well treated, not one where they are poor and needy. I can't change the whole world, but I can and do vote with my wallet.