The only secure client side encryption is the one you provide. If Mega is doing it in-browser, its useless: they could simply change the JS to provide them with the key, or not actually encrypt.
Then you are free to willingly supply that information to them,
Thats not what Im saying, at all. Im pretty anti-authoritarian. Im just not crazy. If North Korean spies know a bunch of stuff about me, I would rather that the NSA ALSO know that info, and that those spies know it. I would much prefer that noone has that info, but sometimes that isnt an option.
The rest of your post is strawman building, not gonna address that. You want to choose to ignore key words, dont try to have a disucssion.
Its not really as big a problem as you're making it, though. Everyone already knows that foreign agencies will try to spy on us, and honestly I'd rather the NSA have that info than not, if someone else already has it. At least the NSA is more "on our side" than the BND is.
The reason domestic spying is such a problem is because the NSA has huge leverage and access that the BND does not. A US company is going to have a pretty easy time securing itself from foreign agencies if it uses a bit of common sense and proper security. That is not the case vs the NSA, as they have access to do things like install taps at ISP levels.
At this point if you're looking for full disk encryption, the most obvious choice is Bestcrypt. Its been around for ages, it operates very similar to Truecrypt, and its notably not incorporated in the US but in Switzerland.
In December, it got rid of the measure which notified Chinese users when keywords they were searching for would trigger the country's Great Firewall content blocking system – without telling its users
Sorry, thats not "cooperating" with China. They still do not provide any assistance for the Chinese government looking for dissident info, which is the source of continued strained relationships between the CCP and Google. In fact, China just this month has completly cut the cord to all Google services from mainland China because of Google's continued non-cooperation; there IS no "google.cn", becuase they moved all of their servers to Hong Kong (which still has some semblence of freedom), and apparently people outside of Hong Kong cant reach it. All they stopped doing in December 2012 is notifying users when their Google search terms were tripping the GFW-- and as I recall there were technical reasons for that.
Microsoft, on the other hand, continues to cooperate with China, particularly with their Skype program. The TOM group collaborates with them to release a backdoored version of Skype in China (bolstered by a DNS redirect for www.skype.com to skype.tom.com) that reports everything you do back to big brother.
There is no other big company out there which fights tooth and nail like Google does. Yahoo was the first to kow tow to China's demands, and at this point all of the major providers except for Google are in full cooperation.
I dont think anyone is 100% sure on any of it, but as I recall...
* There were a number of indications that the OpenBSD IPSec flaw was intentional. There were also rumors flying around about an informant who claimed to have been involved in the backdooring
* Windows 2000's debug symbols included reference to an _NSAKEY. Microsoft provided an explanation for what it was, but of course theyre not exactly a neutral party.
* AFAIK everyone is pretty sure that the RSA PRNG backdoor was intentional, and orchestrated by the NSA.
* The Bitlocker "backdoor" is an unsubstantiated-but-not-inconceivable rumor.
I dont think he has to "discourage" people from forking it. AFAIK the license its under means it cannot be forked, especially not without his blessing.
Its not even remotely crazy at this point. TLAs are strongly suspected of having backdoored Windows 2000, OpenBSD's IPSec stack, and the PRNG used by RSA. There are some slides floating around on the internet indicating that there is already a backdoor in Bitlocker.
At this point you would have to be crazy NOT to expect a TLA to have an "answer" to Truecrypt-- thats exactly why theres a code audit being done.
well, do you have a word for it? And then being a dick about someone asking the question?
People get testy about this because there seems to be an underlying assumption that if "diversity" is not an even split, there is a problem, and that we have to fix it.
The issue with that is that it completely ignores human factors. It assumes for instance that men and women have the exact same hobbies, skills, and interests-- which is a heck of a leap to make, and personal experience indicates that it is wrong. It ignores that, perhaps people from one culture or another prefer certain fields-- so maybe its not a problem if STEM fields have a ton of Asian people, and perhaps it doesnt indicate that whites are being discriminated against.
But it seems like PC crowds want to INSIST that hiring practices be changed to try and "fix" a problem that may not exist. Im not really clear why a company should need to prove anything to anyone; who they hire and why really doesnt seem to be anyone's business except theirs unless someone has a specific accusation to make.
True, but the null hypothesis is that men and women are equally capable at CS, however you measure that.
That would be begging the question. Unless YOU have data to prove otherwise, you cant simply claim that Yahoo MUST be discriminating because clearly they are rejecting equally qualified applicants based on race. Since the natural business incentive would be to hire the best applicants at the most competitive rate, you have the burden of proof to show that they are doing otherwise "because discrimination".
A loaded question, sure. Did you murder several schoolchildren in 1990? Im not actually saying that you did, I just think its worth you addressing the question.
Slashdot Mirror
It certainly sounds like you dont.
The only secure client side encryption is the one you provide. If Mega is doing it in-browser, its useless: they could simply change the JS to provide them with the key, or not actually encrypt.
I can also sync folders, if I want, via BitTorrent Sync. Again, no third party involved.
AFAIK BT Sync does involve a third party. Cut your connection to the internet and it mysteriously doesnt seem to sync with other devices on your LAN.
Then you are free to willingly supply that information to them,
Thats not what Im saying, at all. Im pretty anti-authoritarian. Im just not crazy. If North Korean spies know a bunch of stuff about me, I would rather that the NSA ALSO know that info, and that those spies know it. I would much prefer that noone has that info, but sometimes that isnt an option.
The rest of your post is strawman building, not gonna address that. You want to choose to ignore key words, dont try to have a disucssion.
Bettridge's first exception:
Any headline whose question contains thinly veiled skepticism, will instead be best answered with a "yes".
In what way exactly is Merkel an american lapdog? Or is that just a fancy way of saying "you dont like her"?
Its not really as big a problem as you're making it, though. Everyone already knows that foreign agencies will try to spy on us, and honestly I'd rather the NSA have that info than not, if someone else already has it. At least the NSA is more "on our side" than the BND is.
The reason domestic spying is such a problem is because the NSA has huge leverage and access that the BND does not. A US company is going to have a pretty easy time securing itself from foreign agencies if it uses a bit of common sense and proper security. That is not the case vs the NSA, as they have access to do things like install taps at ISP levels.
Its GNU/Busybox, thank you very much.
Those are pretty valid concerns.
At this point if you're looking for full disk encryption, the most obvious choice is Bestcrypt. Its been around for ages, it operates very similar to Truecrypt, and its notably not incorporated in the US but in Switzerland.
Because noone wants to start a gratis OSS project with the spectre of a lawsuit hanging over their head?
In December, it got rid of the measure which notified Chinese users when keywords they were searching for would trigger the country's Great Firewall content blocking system – without telling its users
Sorry, thats not "cooperating" with China. They still do not provide any assistance for the Chinese government looking for dissident info, which is the source of continued strained relationships between the CCP and Google. In fact, China just this month has completly cut the cord to all Google services from mainland China because of Google's continued non-cooperation; there IS no "google.cn", becuase they moved all of their servers to Hong Kong (which still has some semblence of freedom), and apparently people outside of Hong Kong cant reach it. All they stopped doing in December 2012 is notifying users when their Google search terms were tripping the GFW-- and as I recall there were technical reasons for that.
Microsoft, on the other hand, continues to cooperate with China, particularly with their Skype program. The TOM group collaborates with them to release a backdoored version of Skype in China (bolstered by a DNS redirect for www.skype.com to skype.tom.com) that reports everything you do back to big brother.
There is no other big company out there which fights tooth and nail like Google does. Yahoo was the first to kow tow to China's demands, and at this point all of the major providers except for Google are in full cooperation.
Microsoft also records everything, and last time I checked their privacy policy was MUCH less robust than Google's.
And for the record Google offers you the option to opt out of targetted advertising. You'll still get ads, but they stop tracking all of that info.
I dont think anyone is 100% sure on any of it, but as I recall...
* There were a number of indications that the OpenBSD IPSec flaw was intentional. There were also rumors flying around about an informant who claimed to have been involved in the backdooring
* Windows 2000's debug symbols included reference to an _NSAKEY. Microsoft provided an explanation for what it was, but of course theyre not exactly a neutral party.
* AFAIK everyone is pretty sure that the RSA PRNG backdoor was intentional, and orchestrated by the NSA.
* The Bitlocker "backdoor" is an unsubstantiated-but-not-inconceivable rumor.
There is a point in every conversation on the NSA where it goes from "reasonable concerns" to "irrational and crazy".
You've hit that point.
I dont think he has to "discourage" people from forking it. AFAIK the license its under means it cannot be forked, especially not without his blessing.
Its not even remotely crazy at this point. TLAs are strongly suspected of having backdoored Windows 2000, OpenBSD's IPSec stack, and the PRNG used by RSA. There are some slides floating around on the internet indicating that there is already a backdoor in Bitlocker.
At this point you would have to be crazy NOT to expect a TLA to have an "answer" to Truecrypt-- thats exactly why theres a code audit being done.
Does Truecrypt use elliptic curve cryptography?
No.
In either event the code is basically tainted and shouldn't be used for any future projects.
Given that the author has sworn it off, thatd probably be wise.
Except that theyre the only one not cooperating with governments like China these days. Microsoft has been in agreements with them for years.
Its amazing the spin that people put on reality, whre Google is the one you need to worry about/
well, do you have a word for it? And then being a dick about someone asking the question?
People get testy about this because there seems to be an underlying assumption that if "diversity" is not an even split, there is a problem, and that we have to fix it.
The issue with that is that it completely ignores human factors. It assumes for instance that men and women have the exact same hobbies, skills, and interests-- which is a heck of a leap to make, and personal experience indicates that it is wrong. It ignores that, perhaps people from one culture or another prefer certain fields-- so maybe its not a problem if STEM fields have a ton of Asian people, and perhaps it doesnt indicate that whites are being discriminated against.
But it seems like PC crowds want to INSIST that hiring practices be changed to try and "fix" a problem that may not exist. Im not really clear why a company should need to prove anything to anyone; who they hire and why really doesnt seem to be anyone's business except theirs unless someone has a specific accusation to make.
Sort of like how everyone warned the republicans not to use the nuclear option in Senate, because Dems would be able to use it later if they did.
Of course, democrats used the nuclear option regardless, so I guess we see how that works.
Sony immediately stopped the "rootkitting", which sort of proves my point.
Your test makes a huge number of unproven assumptions, such as their hiring criteria being similar.
Everyone seems to love "just asking questions" with no actual basis for their concerns.
True, but the null hypothesis is that men and women are equally capable at CS, however you measure that.
That would be begging the question. Unless YOU have data to prove otherwise, you cant simply claim that Yahoo MUST be discriminating because clearly they are rejecting equally qualified applicants based on race. Since the natural business incentive would be to hire the best applicants at the most competitive rate, you have the burden of proof to show that they are doing otherwise "because discrimination".
Where I work, a huge portion of HR is both black and female.
Thats some pretty nasty discrimination, all right.
I'm just asking the question
A loaded question, sure. Did you murder several schoolchildren in 1990? Im not actually saying that you did, I just think its worth you addressing the question.
IT, at least if you listen to the media and the politicians, is currently one of the most important industries that the US has.
Right up there with medicine, manufacturing, cars, education, and the arts.