Also - it's not meant to protect at that level. Use SSL/HTTPS to avoid MITM attacks.
Unless you've pre-exchanged your keys from an absolutely secure connection with the website in question, when you exchange the keys, the MITM will copy those and replay everything.
So in the end, we'll have no text books, no libraries, and you'll have to own your own iPad or other tablet, or rent it from the school. Isn't it cool that our dystopian future is already here?
This is a great tool to reduce exposure to account compromise, but it fails to secure against Man-in-the-middle attacks. A good way to prevent MITM is out-of-band verification (ie, call the number and type in the 1-time code you see on the screen... this can't be replayed by a MITM without revealing the tap).
The problem with non-password solutions amounts to two issues: Key Portability and Certificate Revocation.
So you have this nice certificate based system with known ecosystem of trusted servers and clients. How do the user add a new client? How does the admin go about revoking a compromised one? Biometrics guarantee a portable, complex private key, but cannot easily be revoked. certificate key files can be revoked but are now not very portable (without compromising security). The fact that the modern internet relies on extremely portable access, the moving of certificates is a big issue.
It's not like Ballmer doens't have tons of options as he was there from the beginning. Why doesn't he just bail on the cash like Steve Jobs, Larry Page and Sergey Brin? It's a wonder this guy is still around, but if he really wanted to do it right he'd lead by example and put some drive back into the company.
For Moto's sake, I sure hope so. With this pricing and wifi policy, it would probably go over more like a lead balloon.
I'm still wondering why Google didn't release a canonical device with the new product category like the G1, Nexus and Nexus-S. That would have set the bar appropriately high enough so that at least the Android/Honeycomb brand wasn't harmed by this kind of leak (even if it's not true, the damage is done).
This is a godsend for those of us with foreign music tastes (at least I could find many French artists). Too bad that Apple is still shackled by the music industry into not allowing cross-border music sharing... then grooveshark it is.
It's really easy really! Just download and install Subsonic to your online server, and stream your own music files from wherever, www, Android, iPhone or Windows 7...
http://www.subsonic.com
(I'm not affiliated with Subsonic, only a massive fan and heavy user)
I think the majority of folks don't want to listen to their "own" music via streaming (that's what flash-memory is for), but want services like Last.fm for streaming from a much larger library with recommendation services (and the occasional purchase option for the best songs).
The court was left with three choices. Apply the law as written and ban the above listed pseudoscience, enraging scores of superstitious Indians across the country. Declare that those subjects were science and continue to all them (what apparently they chose to do). Personally I think, the third choice, declare those practices to be outside the scope of the law, would have been the preferred one. But I can understand why, for political reasons, they ruled the way that they did.
They should have invalidated the law... send it back for edits to deal with the advertising problem and leave sales of medicines and services alone.
The Killer App - the application that made the platform (ie, Halo is a killer app for the XBOX). I heard references to this even back in the 90s... apparently the first known reference was an article in '89 wondering about OS/2 killer applications.
Amazing. Someone found that all the articles in The Daily are also available online... but they didn't' create a TOC, so he went and did that. Wonder how long that ends up lasting...
Microsoft has interesting priorities... "Lets release a plug-in for a third party browser to fix a perceived short coming..." as opposed to "Lets fix the problems and short comings in our products". Slow clap for Microsoft.
One of them did something good and increased choice (at least on Windows).
From this is seems likely that MS can kill Chrome simply by delivering a competitive browser, without the tricks and subterfuge used to kill Navigator.
I think you underestimate the effort that has gone into the open-source project Webkit (the engine for Chrome and Safari) and the corresponding javascript engines (Chrome V8, Safari Nitro).
Microsoft has sat on it's laurels for years, ignoring and impeding web standards and reaping monopoly rents on Windows and Office. Now that they can't hold back the innovation, they've got a whole lot of catch-up to do.
My sister switched because at work, her draconian IT wouldn't give her admin privs and she needed to get away from IE (seriously if an IT dept isn't pre-installing a non-IE browser, they're just doing their users a disservice)... not even an exemption or "I'll install it for you".
So she installed Chrome and is quite happy with it on her work laptop. I have no idea if she's switched from Firefox on her home Mac, but she spends most of computer time at work anyway...
You don't think the "velvet handcuffs" aren't renewed from time to time?
I thought it was the general practice to keep granting appropriate number of ISO/NQSO/RSU for your mid-to-high-performers... at least that's how it was when I was a big-company employee.
Also, it's possible that too-rich, too-old, undermotivated managers are at the heart of Microsoft's apparent stagnation.
This sounds very logical... it would be in-line with the corporate reasoning behind the "streamlining" of the amazing health benefits they used to have (well in addition to the fact that health insurance is outrageously expensive and getting more and more so).
They're doing the equivalent of what you do in the US: claiming copyright/DMCA takedown, effectively because he took the videos inside the Benihana's and then published them.
I honestly think Benihana have done a wrong move here (streissand effect and all), but they may actually have a case against this blogger if he took and published video and that was against the restaurant policies and/or local law.
That said, I do agree that Google needs to step up to the plate and curate their Market, if only to prevent Amazon from stealing all the thunder with their own appstore.
Slashdot Mirror
Also - it's not meant to protect at that level. Use SSL/HTTPS to avoid MITM attacks.
Unless you've pre-exchanged your keys from an absolutely secure connection with the website in question, when you exchange the keys, the MITM will copy those and replay everything.
The UK is looking at massive library closings due to right-wing ideology on how to close their budget shortfall:
http://www.npr.org/2011/02/10/133656983/britain-faces-closing-the-book-on-libraries
Plus, it's also been seen here in the states with the big budget shortfalls in municipalities:
http://www.libraryjournal.com/article/CA6618984.html
http://www.boston.com/news/local/massachusetts/articles/2010/04/10/trustees_vote_yes_on_library_closings/
So in the end, we'll have no text books, no libraries, and you'll have to own your own iPad or other tablet, or rent it from the school.
Isn't it cool that our dystopian future is already here?
This is a great tool to reduce exposure to account compromise, but it fails to secure against Man-in-the-middle attacks.
A good way to prevent MITM is out-of-band verification (ie, call the number and type in the 1-time code you see on the screen... this can't be replayed by a MITM without revealing the tap).
The problem with non-password solutions amounts to two issues: Key Portability and Certificate Revocation.
So you have this nice certificate based system with known ecosystem of trusted servers and clients. How do the user add a new client? How does the admin go about revoking a compromised one? Biometrics guarantee a portable, complex private key, but cannot easily be revoked. certificate key files can be revoked but are now not very portable (without compromising security). The fact that the modern internet relies on extremely portable access, the moving of certificates is a big issue.
Call it e-government or whatever, but I want to see which public entities are paying for what, and meeting with whom.
Without transparency, any e-gov initiative is DOA... a "collaborative" movement with no transparency? Isn't that just like American Idol?
It's a just a password, and I've been using a arbitrary uncommon name since they started asking dozens of years ago.
a) I don't want you to know anything about my mother
b) I know they don't care to check because no one has... it's just a password.
It's not like Ballmer doens't have tons of options as he was there from the beginning. Why doesn't he just bail on the cash like Steve Jobs, Larry Page and Sergey Brin? It's a wonder this guy is still around, but if he really wanted to do it right he'd lead by example and put some drive back into the company.
...be removed, blacklisted, and potentially disappeared.
Justice these days seems to rely on corporate coffers.
For Moto's sake, I sure hope so.
With this pricing and wifi policy, it would probably go over more like a lead balloon.
I'm still wondering why Google didn't release a canonical device with the new product category like the G1, Nexus and Nexus-S. That would have set the bar appropriately high enough so that at least the Android/Honeycomb brand wasn't harmed by this kind of leak (even if it's not true, the damage is done).
This is a godsend for those of us with foreign music tastes (at least I could find many French artists). Too bad that Apple is still shackled by the music industry into not allowing cross-border music sharing... then grooveshark it is.
It's really easy really! Just download and install Subsonic to your online server, and stream your own music files from wherever, www, Android, iPhone or Windows 7...
http://www.subsonic.com
(I'm not affiliated with Subsonic, only a massive fan and heavy user)
I think the majority of folks don't want to listen to their "own" music via streaming (that's what flash-memory is for), but want services like Last.fm for streaming from a much larger library with recommendation services (and the occasional purchase option for the best songs).
The court was left with three choices. Apply the law as written and ban the above listed pseudoscience, enraging scores of superstitious Indians across the country. Declare that those subjects were science and continue to all them (what apparently they chose to do). Personally I think, the third choice, declare those practices to be outside the scope of the law, would have been the preferred one. But I can understand why, for political reasons, they ruled the way that they did.
They should have invalidated the law... send it back for edits to deal with the advertising problem and leave sales of medicines and services alone.
The Killer App - the application that made the platform (ie, Halo is a killer app for the XBOX). I heard references to this even back in the 90s... apparently the first known reference was an article in '89 wondering about OS/2 killer applications.
Amazing.
Someone found that all the articles in The Daily are also available online... but they didn't' create a TOC, so he went and did that.
Wonder how long that ends up lasting...
I thought "interactive" advertisements was Adobe's ballpark?
Microsoft has interesting priorities... "Lets release a plug-in for a third party browser to fix a perceived short coming..." as opposed to "Lets fix the problems and short comings in our products". Slow clap for Microsoft.
One of them did something good and increased choice (at least on Windows).
Reward good behavior, I always say.
I'm sure this will be suppressed somehow, but this is quite appropriate in my opinion.
Not exactly a bastion of free speech.
From this is seems likely that MS can kill Chrome simply by delivering a competitive browser, without the tricks and subterfuge used to kill Navigator.
I think you underestimate the effort that has gone into the open-source project Webkit (the engine for Chrome and Safari) and the corresponding javascript engines (Chrome V8, Safari Nitro).
Microsoft has sat on it's laurels for years, ignoring and impeding web standards and reaping monopoly rents on Windows and Office. Now that they can't hold back the innovation, they've got a whole lot of catch-up to do.
My sister switched because at work, her draconian IT wouldn't give her admin privs and she needed to get away from IE (seriously if an IT dept isn't pre-installing a non-IE browser, they're just doing their users a disservice)... not even an exemption or "I'll install it for you".
So she installed Chrome and is quite happy with it on her work laptop. I have no idea if she's switched from Firefox on her home Mac, but she spends most of computer time at work anyway...
If Microsoft doesn't cannibalize windows, someone else (probably Google) will do it for them... Apple is already taking a large chunk of the high end.
You don't think the "velvet handcuffs" aren't renewed from time to time?
I thought it was the general practice to keep granting appropriate number of ISO/NQSO/RSU for your mid-to-high-performers... at least that's how it was when I was a big-company employee.
Also, it's possible that too-rich, too-old, undermotivated managers are at the heart of Microsoft's apparent stagnation.
This sounds very logical... it would be in-line with the corporate reasoning behind the "streamlining" of the amazing health benefits they used to have (well in addition to the fact that health insurance is outrageously expensive and getting more and more so).
They're doing the equivalent of what you do in the US: claiming copyright/DMCA takedown, effectively because he took the videos inside the Benihana's and then published them.
I honestly think Benihana have done a wrong move here (streissand effect and all), but they may actually have a case against this blogger if he took and published video and that was against the restaurant policies and/or local law.
Apple never ran out and hired a billion people to write apps - yet they have more.
Sure, it wasn't Apple directly, they were definitely involved: http://techcrunch.com/2008/03/06/kleiner-perkins-anounces-100-millioin-ifund-for-iphone-applications/
That said, I do agree that Google needs to step up to the plate and curate their Market, if only to prevent Amazon from stealing all the thunder with their own appstore.