Agree, they're really not the same. It's mainly that there hasn't been a lot of good anthology TV since TZ.
What bugs me: Rod Serling's been dead lo these many years, but people started nibbling at his corpse. My first strong memory is the well-intentioned fiction anthology mag "Twilight Zone" from maybe the late 70s/early 80s. Even with Serling's wife involved, it was GOOD, but it was not TZ.
Black Mirror's best innovation might be staking out its own quadrant (personal tech/socmed/dystopia), setting its own course, and not calling itself "Twilight Zone".
Yes, he does, and I thought it was a little contradictory to the earlier passage where he says:
"I have repeatedly urged readers to consider putting a security freeze on their accounts in lieu of or in addition to accepting these free credit monitoring offers, noting that credit monitoring services donâ(TM)t protect you against identity theft (the most you can hope for is they alert you when ID thieves do steal your identity), while security freezes can prevent thieves from taking out new lines of credit in your name."...which drove my thoughts on it.
To have a legally-enforceable 'click-wrap' contract, they have to have given you a 'meaningful opportunity to review the terms' (this per the ABA Cyberlaw working group a few years ago). That may be as little as a link to the terms and conditions page.
You should (per recent news stories) have 30 days to opt out of arbitration in writing, so get on that.
Yes, but what makes this box work is a phony _CA_. If I can verify the CA with a world-verifiable blockchain, then can't I trust the cert? Or at least make a smart decision about doing so?
Seems the size of the CA problem is orders of magnitude smaller.
What I want is to sniff the phony CA(s) and distrust all certs from it.
Yes, but the exposure here is in no way related to the banks choice of a cert provider. The bank doesn't enter into it, except as a place to rob.
Because top-level CAs CAN issue more CAs, some WILL: to governments, and accidentally or on purpose to freelance thugs. The thug sets up an interception box with said CA, and starts DNS poisoning attacks: he's got you.
Would prefer a system where issuance of a CA is a matter of real-time verifiable record, as would be each CA and cert on my machine. The browser could check an immutable public list in real time: blockchain might help here. Who says this CA is real, instead of on a machine in the basement? Everyone. Or no one. The system should be built so it CAN'T work without this record.
The user of the inspection box is INTENTIONALLY looking at my encrypted data, which could include PHI, PCI, or just plain shit I don't want them to see. My security has already been breached.
That these boxes are even possible to create and deploy (i.e. that someone CAN grant a CA for the box (not even that someone will do so)) shows the untenability of the entire "web of trust" for certs that is supposed to make you certain your data isn't being hijacked over TLS.
As long as this is out there, one can have _zero_ confidence any TLS-encrypted session isn't being hijacked.
I hope there's a rebuild of encrypted transport, and that next time, they don't make certificates so horsey. No, I don't know how to do that perfectly. Seems there's no way to do it peer-to-peer if I have to go down to every bank or business with a printout of their cert and match it up.
Maybe there's something blockchain technology could offer to make certs truly verifiable...
Believe it. At least, that the scam worked (though I don't know the guy being discussed here).
I saw the same method, published in a counter-culture magazine (Mother Earth News? I forget...) in the late '70s. The details are familiar to me, and I've known all my adult life that airlines double-book as a result.
The same mag also got my late-teens self off the couch to collect high-tread used tires from gas stations (back when gas stations had mechanics, kids...), load 'em in Mom's station wagon and sell 'em to the tire store in the run down part of town, where they got sold on to folks with not much money.
Useful publication, gave me pocket money all the time.
Slashdot Mirror
Agree, they're really not the same. It's mainly that there hasn't been a lot of good anthology TV since TZ.
What bugs me: Rod Serling's been dead lo these many years, but people started nibbling at his corpse. My first strong memory is the well-intentioned fiction anthology mag "Twilight Zone" from maybe the late 70s/early 80s. Even with Serling's wife involved, it was GOOD, but it was not TZ.
Black Mirror's best innovation might be staking out its own quadrant (personal tech/socmed/dystopia), setting its own course, and not calling itself "Twilight Zone".
CBS providing "BM" quality in a series reboot is a little too on the nose.
It's called "Black Mirror". CBS will have a very hard time indeed outdoing it.
To /dev/null
FOLLOW THESE RULES!
https://www.youtube.com/watch?...
That's just how you access the 3.5mm headphone jack!
Yes, he does, and I thought it was a little contradictory to the earlier passage where he says:
"I have repeatedly urged readers to consider putting a security freeze on their accounts in lieu of or in addition to accepting these free credit monitoring offers, noting that credit monitoring services donâ(TM)t protect you against identity theft (the most you can hope for is they alert you when ID thieves do steal your identity), while security freezes can prevent thieves from taking out new lines of credit in your name." ...which drove my thoughts on it.
To have a legally-enforceable 'click-wrap' contract, they have to have given you a 'meaningful opportunity to review the terms' (this per the ABA Cyberlaw working group a few years ago). That may be as little as a link to the terms and conditions page.
You should (per recent news stories) have 30 days to opt out of arbitration in writing, so get on that.
Don't waste your time or money on their monitoring "services", which don't do much. Instead, freeze your credit with each of the agencies.
Krebs' "Dumpster Fire" post on the Equifax debacle is worth reading.
https://krebsonsecurity.com/20...
If Ms. Rudd thinks end-to-end encryption isn't helping to fight the enemy, I think she's confused about who the enemy is.
She'll need a mirror to find out who.
Send it through an older fax machine. Bet Goodwill has one.
After one great (M8) and one good (M10) flagship HTC smartphone, no headphone jack kills the relationship.
a 3.5mm stereo headphone jack is basic equipment. Take a little note.
Deal breaker.
https://s-media-cache-ak0.pini...
I'd pay for a twitter subscription if I could get it Ad-free, Nazi-free, MRA-free and Tweetdeck-free.
Yes, but what makes this box work is a phony _CA_. If I can verify the CA with a world-verifiable blockchain, then can't I trust the cert? Or at least make a smart decision about doing so?
Seems the size of the CA problem is orders of magnitude smaller.
What I want is to sniff the phony CA(s) and distrust all certs from it.
That sounds promising. Thanks for the heads-up.
Yes, but the exposure here is in no way related to the banks choice of a cert provider. The bank doesn't enter into it, except as a place to rob.
Because top-level CAs CAN issue more CAs, some WILL: to governments, and accidentally or on purpose to freelance thugs. The thug sets up an interception box with said CA, and starts DNS poisoning attacks: he's got you.
Would prefer a system where issuance of a CA is a matter of real-time verifiable record, as would be each CA and cert on my machine. The browser could check an immutable public list in real time: blockchain might help here. Who says this CA is real, instead of on a machine in the basement? Everyone. Or no one. The system should be built so it CAN'T work without this record.
DC
How is this inadvertent?
These tools have been out there for years.
The user of the inspection box is INTENTIONALLY looking at my encrypted data, which could include PHI, PCI, or just plain shit I don't want them to see. My security has already been breached.
That these boxes are even possible to create and deploy (i.e. that someone CAN grant a CA for the box (not even that someone will do so)) shows the untenability of the entire "web of trust" for certs that is supposed to make you certain your data isn't being hijacked over TLS.
As long as this is out there, one can have _zero_ confidence any TLS-encrypted session isn't being hijacked.
I hope there's a rebuild of encrypted transport, and that next time, they don't make certificates so horsey. No, I don't know how to do that perfectly. Seems there's no way to do it peer-to-peer if I have to go down to every bank or business with a printout of their cert and match it up.
Maybe there's something blockchain technology could offer to make certs truly verifiable...
...than the current Psychotic-in-Chief?
You're asking HERE?
... To lose EVERYTHING at once!
Believe it. At least, that the scam worked (though I don't know the guy being discussed here).
I saw the same method, published in a counter-culture magazine (Mother Earth News? I forget...) in the late '70s. The details are familiar to me, and I've known all my adult life that airlines double-book as a result.
The same mag also got my late-teens self off the couch to collect high-tread used tires from gas stations (back when gas stations had mechanics, kids...), load 'em in Mom's station wagon and sell 'em to the tire store in the run down part of town, where they got sold on to folks with not much money.
Useful publication, gave me pocket money all the time.
Assignment Error: not an LVALUE
http://www.theverge.com/2015/8...
C'moon, really? If your high school can cut it on, who can't?