You missed the more important second part, where it doesnt matter because this affects BIS (the ghetto sort-of-blackberry experience), not BES (the main reason to get a blackberry).
If youre using BES, unlike 99% of other email providers, there is NO WAY to intercept the email in-transit-- not breaking SSL, not forging an SSL cert, not subpoenaing the wireless provider. BES uses symmetric per-device keys, and if you do not have the key for a particular blackberry, you are stuck bruteforcing AES encryption.
Blackberry remains the most secure mobile messaging system out there, even if noone apparently cares about such things anymore and even if they suck at making fancy widget apps.
Because as you said they CANT. Historically if you got a blackberry, you were using BES, and if youre using BES NOONE can spy on your communication without either your device key or a magical AES crack.
The initial demands of the government also included the ability to intercept and monitor emails and messages sent using BlackBerry Enterprise Server, but it seems that this demand have been shelved for now."
...Because for the 8 millionth time, that is not possible since RIM does not possess the encryption keys for any BES setup.
Im not sure if youre aware or are just trolling, but there IS such a thing as communism, it is pretty well defined, and it has been attempted several times to disastrous effect.
I mean I guess if you want to ridicule the US for not embracing communism and going the way of Cuba, Russia, North Korea, and Vietnam, you can do that, but it makes you look pretty silly.
And history has shown plenty of examples of them getting millions killed, and leaving nations in crippled dysfunctional states.
Show me anything on a tenth of the scale of the atrocities of Soviet Russia, DPRK, and Democratic Kampuchea. Until then, dont even pretend the two are on the same scale.
The most screwed up countries outside of Africa tend to have that one thing-- attempted communism-- in common. Why do you suppose that is? On the flip side, most successful countries (by whatever measure) have embraced capitalism, and generally democracy. Why do you suppose that is?
Democracy/capitalism "work" even if you dont have a "pure" implementation.
Communism has never worked in any of its forms; its just gotten millions killed in purges and famines, and left nations in a crippled, dysfuncitonal state even decades later. The cry has always been that it hasnt worked because it wasnt implemented in a pure enough form, hence my "no true scotsman" comment.
Capitalist / democratic states, however, continue to be represented by every major world power. China is becoming a major power precisely by embracing a functioning economic system that looks and smells an awful lot like capitalism.
Communism (n) - an unattainable standard that is constantly held up as a model of perfection despite having no functional real world example past or present. Related entries: No True Scotsman; Ivory Tower Intellectualism.
Im sure it would have gone better if the database restricted itself to ASCII characters; clearly opening a 1GB database in notepad is helpful if you can read the characters, right?
"Binary" is sort of a stupid misnomer anyways; its being contrasted with "ASCII" which is basically binary which restricts itself to a subset of binary and then has to perform wild gyrations to be useful to a program parsing it.
So rather than seeing whether the 8th bit is a 1 or a 0 to determine whether compression should be enabled (and displaying it as "Compression: True" ), the program has to parse for a series of binary digits representing the word "Compression", and checking for mixed case, and then parsing whether you used a dash or a colon, and whether there is a space, and whether you used "true" or "TrUE" or "$true", and then after all of that computational gymnastics we know that compression is indeed enabled.
I dont know about you, but it seems simpler to enforce that a header conform to a certain, simple, binary standard, then build tools which craft strictly conformant headers and tools which convert "10000000" to "Compression: True", since it doesnt really matter how its displayed to us. The important thing to remember is that we are really good about interpreting non-standard data, so it doesnt matter that much if the tool displays "Compression: TRUE" or "Comp: True"; whereas computers really suck at that sort of fuzzy logic, so it matters a HUGE deal.
Doesnt it make sense tho that there will be easy tools to generate those headers, and tools to interpret those headers?
I mean sure I can currently use telnet.exe, connect to google.com, craft a GET header, and get a webpage back, but what is the practical difference if the header is binary and I instead have to use firefox's HTTP2.0Headers addon to generate the same header?
I maybe wasnt being clear. When you use wireshark, you arent looking at the "raw binary", youre looking at data that has been heavily parsed and formatted to make it readable. You can still view the binary if you wish, but theres no real issue with troubleshooting because TCP is a well defined standard and it is simple to have a program interpret the binary in a way that is readable.
Likewise, right now If I looked at the HTTP headers (captured thru wireshark or whatever) they are human readable. But theres really very little difference whether its "readable in the raw", or whether my capture tool (be it wireshark, or a browser plugin) interprets the binary data. Either way, there is no realistic scenario where you would have to piece together what the headers are from binary data; there will be tools to do that, and they will probably be built into whatever tool you are using (firebug, liveheaders, etc).
In other words, the header may be binary, but you will still see something like action: Get Host: 192.168.1.1 Content: index.html
What the underlying format is doesnt really matter that much unless you are fanatically committed to doing all of your testing with telnet-to-port-80.
How does Wireshark help you, when there's binary encrypted by keys you never had access to, and do not have the secrets to apply, if you did?
W3C deals with HTML, which is not the same as HTTP. I also dont think people are regularly trying to decode content streams (ie video) in wireshark, but if you were the presence or lack of DRM wouldnt be significant compared to the other challenges in doing so.
The amount of hysteria in this thread is sadly standard for slashdot, but be comforted: Despite being "binary" since its inception, we still have the ability to decode TCP streams with great ease.
Has the readability of TCP flags ever been a huge problem for anyone? Or have they simply used the bazillion TCP parsing tools out there which do all that heavy lifting?
Do you read the binary bits off of your harddrive, and handle encoding and endianness in your head, or do you use tools that translate from binary to ascii?
Why is it necessary for the binary bits to be arranged in ASCII format so that you can read them, rather than having a header-parsing tool that translates them to ASCII format?
Its a transfer protocol. I dont really care if TCP, or IPSec, or UDP, or SSH are particularly human readable. If I REALLY need to dig down that deep, I imagine there will be parsers (like wireshark, or Firebug 2.0) that will enable me to do that.
There is zero reason we need the protocol to require additional parsing, rather than requiring it at the "debugger" end, other than convenience. And lets face it: The "wireshark scenario" represents the 0.01% of use cases.
Oh but protesting is not free speech, cant we get rid of those protesters, or relegate them to a corner somewhere?
That is not my argument, and I do not agree with it.
It is in fact for that reason that I would oppose a "right not to be advertised to"; it opens the door to further justification of random curtailment of free speech in the name of "I dont like it". Unless you are ready to start putting the nails in the coffin of free political speech, you want to be real careful before you start objecting to speech simply because it is unpleasant to you.
Chrono TRIGGER came out on the PSOne as part of a compilation, but had a nasty bug where pausing or entering a battle scene triggered a literally 10+ second load time which made the game unplayable.
Cross may also have had that problem but I doubt it.
Slashdot Mirror
I say call them "strawmanists"; there arent really that many people who believe in the strawman GP has constructed.
You missed the more important second part, where it doesnt matter because this affects BIS (the ghetto sort-of-blackberry experience), not BES (the main reason to get a blackberry).
If youre using BES, unlike 99% of other email providers, there is NO WAY to intercept the email in-transit-- not breaking SSL, not forging an SSL cert, not subpoenaing the wireless provider. BES uses symmetric per-device keys, and if you do not have the key for a particular blackberry, you are stuck bruteforcing AES encryption.
Blackberry remains the most secure mobile messaging system out there, even if noone apparently cares about such things anymore and even if they suck at making fancy widget apps.
But they do NOT hand over data in bulk
Because as you said they CANT. Historically if you got a blackberry, you were using BES, and if youre using BES NOONE can spy on your communication without either your device key or a magical AES crack.
The initial demands of the government also included the ability to intercept and monitor emails and messages sent using BlackBerry Enterprise Server, but it seems that this demand have been shelved for now."
...Because for the 8 millionth time, that is not possible since RIM does not possess the encryption keys for any BES setup.
Also, this story is only what, 5 years old?
Im not sure if youre aware or are just trolling, but there IS such a thing as communism, it is pretty well defined, and it has been attempted several times to disastrous effect.
I mean I guess if you want to ridicule the US for not embracing communism and going the way of Cuba, Russia, North Korea, and Vietnam, you can do that, but it makes you look pretty silly.
And history has shown plenty of examples of them getting millions killed, and leaving nations in crippled dysfunctional states.
Show me anything on a tenth of the scale of the atrocities of Soviet Russia, DPRK, and Democratic Kampuchea. Until then, dont even pretend the two are on the same scale.
The most screwed up countries outside of Africa tend to have that one thing-- attempted communism-- in common. Why do you suppose that is?
On the flip side, most successful countries (by whatever measure) have embraced capitalism, and generally democracy. Why do you suppose that is?
Then dont spend your time finding vulnerabilities for those companies?
Im not seeing the comparison to a sweatshop here.
Democracy /capitalism "work" even if you dont have a "pure" implementation.
Communism has never worked in any of its forms; its just gotten millions killed in purges and famines, and left nations in a crippled, dysfuncitonal state even decades later. The cry has always been that it hasnt worked because it wasnt implemented in a pure enough form, hence my "no true scotsman" comment.
Capitalist / democratic states, however, continue to be represented by every major world power. China is becoming a major power precisely by embracing a functioning economic system that looks and smells an awful lot like capitalism.
Ive seen RAM modules installed backwards. "Wait!", you say, "Isnt there a notch which prevents that?" Well, yes, there WAS a notch...
Communism (n) - an unattainable standard that is constantly held up as a model of perfection despite having no functional real world example past or present. Related entries: No True Scotsman; Ivory Tower Intellectualism.
Im sure it would have gone better if the database restricted itself to ASCII characters; clearly opening a 1GB database in notepad is helpful if you can read the characters, right?
"Binary" is sort of a stupid misnomer anyways; its being contrasted with "ASCII" which is basically binary which restricts itself to a subset of binary and then has to perform wild gyrations to be useful to a program parsing it.
So rather than seeing whether the 8th bit is a 1 or a 0 to determine whether compression should be enabled (and displaying it as "Compression: True" ), the program has to parse for a series of binary digits representing the word "Compression", and checking for mixed case, and then parsing whether you used a dash or a colon, and whether there is a space, and whether you used "true" or "TrUE" or "$true", and then after all of that computational gymnastics we know that compression is indeed enabled.
I dont know about you, but it seems simpler to enforce that a header conform to a certain, simple, binary standard, then build tools which craft strictly conformant headers and tools which convert "10000000" to "Compression: True", since it doesnt really matter how its displayed to us. The important thing to remember is that we are really good about interpreting non-standard data, so it doesnt matter that much if the tool displays "Compression: TRUE" or "Comp: True"; whereas computers really suck at that sort of fuzzy logic, so it matters a HUGE deal.
Even better, I've heard that Aluminum alloys wonderfully with Gallium.
Doesnt it make sense tho that there will be easy tools to generate those headers, and tools to interpret those headers?
I mean sure I can currently use telnet.exe, connect to google.com, craft a GET header, and get a webpage back, but what is the practical difference if the header is binary and I instead have to use firefox's HTTP2.0Headers addon to generate the same header?
I maybe wasnt being clear. When you use wireshark, you arent looking at the "raw binary", youre looking at data that has been heavily parsed and formatted to make it readable. You can still view the binary if you wish, but theres no real issue with troubleshooting because TCP is a well defined standard and it is simple to have a program interpret the binary in a way that is readable.
Likewise, right now If I looked at the HTTP headers (captured thru wireshark or whatever) they are human readable. But theres really very little difference whether its "readable in the raw", or whether my capture tool (be it wireshark, or a browser plugin) interprets the binary data. Either way, there is no realistic scenario where you would have to piece together what the headers are from binary data; there will be tools to do that, and they will probably be built into whatever tool you are using (firebug, liveheaders, etc).
In other words, the header may be binary, but you will still see something like
action: Get
Host: 192.168.1.1
Content: index.html
What the underlying format is doesnt really matter that much unless you are fanatically committed to doing all of your testing with telnet-to-port-80.
How does Wireshark help you, when there's binary encrypted by keys you never had access to, and do not have the secrets to apply, if you did?
W3C deals with HTML, which is not the same as HTTP. I also dont think people are regularly trying to decode content streams (ie video) in wireshark, but if you were the presence or lack of DRM wouldnt be significant compared to the other challenges in doing so.
The amount of hysteria in this thread is sadly standard for slashdot, but be comforted: Despite being "binary" since its inception, we still have the ability to decode TCP streams with great ease.
If only there were some way to translate binary data into human readable format.
Has the readability of TCP flags ever been a huge problem for anyone? Or have they simply used the bazillion TCP parsing tools out there which do all that heavy lifting?
Do you read the binary bits off of your harddrive, and handle encoding and endianness in your head, or do you use tools that translate from binary to ascii?
Why is it necessary for the binary bits to be arranged in ASCII format so that you can read them, rather than having a header-parsing tool that translates them to ASCII format?
Its a transfer protocol. I dont really care if TCP, or IPSec, or UDP, or SSH are particularly human readable. If I REALLY need to dig down that deep, I imagine there will be parsers (like wireshark, or Firebug 2.0) that will enable me to do that.
There is zero reason we need the protocol to require additional parsing, rather than requiring it at the "debugger" end, other than convenience. And lets face it: The "wireshark scenario" represents the 0.01% of use cases.
You know what else is terrible? I hear that SQL stores its data in a binary (rather than ASCII) format too! And that humans have to work with them!
One day Im sure that someone will come up with a way of approaching this problem.
Oh but protesting is not free speech, cant we get rid of those protesters, or relegate them to a corner somewhere?
That is not my argument, and I do not agree with it.
It is in fact for that reason that I would oppose a "right not to be advertised to"; it opens the door to further justification of random curtailment of free speech in the name of "I dont like it". Unless you are ready to start putting the nails in the coffin of free political speech, you want to be real careful before you start objecting to speech simply because it is unpleasant to you.
Chrono TRIGGER came out on the PSOne as part of a compilation, but had a nasty bug where pausing or entering a battle scene triggered a literally 10+ second load time which made the game unplayable.
Cross may also have had that problem but I doubt it.
There was nothing classic about Chrono Trigger on the PSOne, unless you like mindnumbing load times every time you paused the game.
We need a new right - the right NOT to be advertised to.
Yea! Nuts to free speech! I want a right NOT to hear what others have to say, and an implicit right to gag any speech that bothers me!
Any thoughts as to why a "right not to be advertised to" might have one or two bothersome side-effects?
danke = thank you
bitte = please
hopefully you will be tried for manslaughter.
Luckily for all of us, hopeful thinking doesnt change the law, and what slashdotters think the law says doesnt change how judges rule / have ruled.