That might be a pretty good idea, for several reasons. But it's not a slam dunk; there are problems that would have to be resolved.
What is the total weight of the car batteries? How much energy will be spent physically swapping them? This isn't just a starter battery... If nothing else, this would probably be the end of the self-service gas station (at least until our car-refueling robot overlords sweep in to save the day)... And remember, it's the driver that's going to end up paying for any labor, or any energy expense in general from swapping batteries.
Another poster's concern about some batteries being in better condition than others doesn't seem like a huge deal in and of itself. The battery station is going to have to monitor the condition of the batteries in its inventory to dispose of them when they're no longer usable; so there's going to be some standard minimum: "you will get at least X out of this battery swap." Maybe you get more sometimes -- nice bonus. The station might set tiered pricing -- for an extra $x.xx you get a better guarantee about the condition of your new battery...
However, unless the station can penalize you for degradation of the battery you turn in (relative to the condition in which you got it), there will be no incentive not to mistreat batteries. What exactly that means will depend on the battery technology, but generally some usage patterns are better for overall battery life than others. If the average battery is abused, average overall life goes down, and then cradle-to-grave energy efficiency goes down (as you have to manufacture / recycle more batteries).
There would be overhead on the station's end to keep a sufficient inventory of charged batteries. To keep that to a minimum, there should be pretty tight standards to make all cars' batteries interchangeable. Is that currently the case in electric cars? How practical is it to have one (or at least a small number of) standard battery? (Again, we're no longer talking about the market for starter batteries here...)
Suppose I swap out my batteries and the replacements fail catestrophically; who all has liability exposure? The station? The previous owner? The manufacturer? How do you keep track of a battery's lineage of ownership?
Ooh, crazy Bad Hollywood Plot theory time -- a terrorist quietly assumes control of a battery station. Over the course of a few days, he swaps out the batteries from as many cars as possible, replacing them with packages that are half battery, half explosive. Once his devices are distributed, across the city vehicles start exploding at random. Film at 11.
Legally they are different offenses; that's true. And there is a lot of hand-waving that goes on when copyright infringement is presented to the public as theft.
On the other hand, language is not black and white, and how finely we need to split hairs depends on the context and the audience. Outside the courtroom, I question whether arguing the semantics of what can, or cannot, be called "stealing" is a worthwhile use of energy. There are more efficient lines of argument if you want to fight the current copyright practices. There's a lot wrong with copyright as it exists today, but I hold that none of it will be changed by getting people to say "infringe copyright" instead of "steal".
At one level, the apparent intent of the offender (as seen from the point-of-view of the victim[1]) -- to get something for nothing -- is similar, and I think it's this similarity that made the use of "steal" to mean "infringe copyright" popular.
That's unfortunate, but it's the way people outside the legal profession tend to talk about rights and laws -- they use imprecise terms.
If you do want to be more precise, the real problem is in the understanding of "property" as it applies to copyright.
People like to say that IP is a made-up concept. They like to forget that the idea of proprietary rights to tangible items (i.e. physical property) is also a made-up concept. Both are constructs of law; the latter just happens to be more established (and therefore better-understood). In current societies, both are subject to abridgement for the perceived good of society (though I'd say this is currently done too often for physical property and not often enough for IP). So I discard the notion that one is "more real" than the other.
I think the biggest problem is understanding what the "property" is. It's not a CD. It's not even a collection of 1's and 0's. It might arguably be the informatoin encoded by those 1's and 0's. Along the same line, what does it mean to "use" that property? Listen to it? Not really; that's not the use to which the copyright holder puts it. That's not one of the rights protected as exclusive to the owner.
In that line, I hold that the analogy of copyright infringement as theft is valid if the concepts of property are applied correctly. True, when I copy your CD, you don't lose your ability to listen to the CD -- but then again, the CD isn't what I've "stolen", listening isn't "use", and you aren't the "owner".
The thing I've "stolen" is the distribution opportunity. It is finite and has real economic value (though in the case of a single copy that value is rather small). And while it is very intangible and maybe even unintuitive, it is legally protected and in that sense just as "real" as your exclusive right to drive your car.
"Use", in other words, is exercise of the right to distribute (resulting in economic gain, normally). (Or exercise of any of the other protected rights; of which "listen to" is not one.) If I infringe copyright, I do deprive the copyright owner of the opportunity to use his property.
As your later comment points out, if the degree to which copyright infringement resembles theft were understood clearly, and the punishment made proportional to theft of an equivalent value of tangible property, we'd actually be better off.
[1] And seriously, let's just skip the debate on usage of the word "victim". It's much shorter than "person whose legally-recognized right is violated", or would be if I didn't need this disclaimer, which I wouldn't in an honest discussion of real issues
To be fair, we don't have enough information about how the project to build this system progressed to know exactly how to divide up blame. For example, I'm only guessing that the engineering team just didn't give a thought to securing the switch controls against this type of thing, and you're only guessing that they did.
On the other hand, I cannot support the attitude of "I just built what I was told to build" in a case like this. Just because the engineer may have raised concerns and been shot down, does not make it ethically ok to build something grossly dangerous. Depending on the project, there are matters of degree here; but then this is a pretty serious case of poor design with potentially disasterous consequences.
Suppose this had been figured out by someone with the intent to cause damage, rather than by a kid who thought he was being funny?
If by that you mean that the engineers (responsible for design of the system) and their bosses should also be facing criminal charges, then yes, they should.
That doesn't mean what the boy did was ok, or that he shouldn't be facing charges, though. While he is young and might not be held to the same standard of foresight as an adult, still his behavior cannot be excused as merely impulsive considering the time and effort involved. Even if he isn't held fully accountable for endangering lives, still he had to know he would be causing considerable disruption.
I'm curious, though, about the details of the tram system in question. The article describes a tram operator trying to go one way while the track pushed him the other way... so I assume these are not strictly rail-following vehicles (like trains) that have only an accelerator and a brake?
The law doesn't mandate that you carry the ID at all times. (It only mandates you have one in the sense that there are things you can't do without it.)
So if you're going to a demonstration or "other unpopular activity", and you're worried about being asked for your RealID so your involvement can be logged... then don't take it with you.
Instead of focusing on worst-case scenarios that are easily avoidable, it would be helpful to focus on whether or not the government should impose ID restrictions in any given situation.
Since I don't think "driving a car" is a situation that generally requires this level of certainty about ID, I'd say at a minimum RealID should be decoupled from driver's licenses. Of course, that would mean if you do want to do something RealID is used for, you'd need yet another card...
I don't think such a limit is known. (Well, unless you care to calculate the size of a black hole containing all of the matter and energy in the Universe and count that as a theoretical limit...) But I also don't think we know enough about black holes to say that with any certainty.
I don't think Jarvik is any worse than any of the other direct-to-consumer drug spokesmen, some wearing lab coats and others not. I doubt Random Announcer Guy who narrates commercials for other cholesterol drugs is medically licensed.
And what if Jarvik were licensed in the U.S.? He still wouldn't be speaking to an individual's case, and he'd still be shilling for the drug's maker. Those are the basic problems with all direct-to-consumer drug ads (which may say "your doctor will decide", but bury that where it will have relatively little impact). Doesn't really matter to me who the spokesperson is.
Is it the translation, or is this yet another misleading headline? In English, "decriminalize" and "legalize" do not generally mean the same thing. From m-w.com:
decriminalize : to remove or reduce the criminal classification or status of; especially : to repeal a strict ban on while keeping under some form of regulation
The translation of the article said the only solution is to "decriminalize" file-sharing, which may well not mean "make it legal" (per the headline and summary). Anyone here who can read the original and clarify? Or anyone who has insight into the authors' intent?
It makes a difference to me; I'd be happy to have personal, small-scale copyright infringement decriminalized, but that doesn't mean it should be "ok".
The argument that the reason to decriminalize is that the RIAA/MPAA are zealots who will never be satisfied, though... while it has a poetic justice to it, it's really just a variation on slipperly-slope argument and holds no logical weight. That some people would go too far in one direction doesn't mean you should go as far as possible in the opposite direction. It does mean you should be skeptical of what those "some people" ask for, but as to any specific measure, evaluate it on its own merits instead of blaming the idea for the views of those who hold it.
(That said, on its own merits the idea of ISP's being responsible for copyright enforcement is insane and should be thrown out.)
That is a tough problem, yes. I'm not sure it's solvable.
Best I've come up with is some sort of rule where geographically adjacent communities that tend to vote alike must be placed in the same district (or at least can't be split up if, being split, each part is a minority voting block in its district). Or something to that effect; it would need considerable refinement before it would really work.
Rules preventing obvious contrivances in the shape of a district might also work, though they might do as much harm as good if there weren't a way to account for odd shapes that might exist for a reason (e.g. following natural boundaries in cases where it's relevant).
Geographic representation is pretty pointless in this interconnected world
I'm not so sure about that. Interconnected though the world is, there are still a lot of issues that are either seem differently or seen as more or less important by groups of people who are geographically clustered. A locally-felt issue that needs a voice at the Federal level is only likely to find it with geographic districting.
I've considered ideas like that. Whether it works depends on whether you believe it matters that each representative is accountable to a different district. It's also not clear how you'd set up voting. (Would it still be "1 person 1 vote", or if there are 4 seats does each person vote for 4 candidates? Each approach has its own problems...)
To see why districts might matter, look at a state like Missouri. We have St. Louis and Kansas City, which tend more liberal; and the rest of the state, which is relatively rural and tends more conservative. Under your proposal, it is very possible that every Missouri Representative would be chosen by the two cities.
Any state with a significant minority who are geographically aligned and share political interests (presumably related to their geographic alignment) would have the same problem.
This may have been going on for years in some places -- though keep in mind, this isn's just about the act of scanning the card, it's about what's being done with the information. Do you know, do you only assume, or do you not care whether the store actually stored and later shared your info?
That's really my point: While having my card scanned would make me suspicious, and apparently you as well, that puts us both in the minority. Most people I know wouldn't care about their card being scanned unless someone told them that the information was being kept and used in ways they might not like.
By the way, even just scanning the cards has not been going on for years where I am (MO). Nor anywhere I've had a drink. In fact, I've never run into it. And I'll be happily surprised if I never do.
Anyhow, if you don't go out to drink and don't care about buying alcohol other than your own brew, good for you; this article tells you nothing you need to know. That again puts you in the minority, unfortunately.
Yeah, but that depends on the staff at the bar being cooperative. There is no law that they serve you, either; suppose they feel that your ID looks "tampered with"?
There are plenty of reasons you might, or might not, see this as a privacy violation. But the presence of prior privacy violations doesn't mean that new ones are ok.
Note that many people do indeed consider cookies a privacy violation even though they typically don't have as much potential as these ID scans to cause harm. And those people, if they're informed enough to know, have an option -- turn off cookies. That's minimally what this type of article is about: informing people so they can make a choice. (I certainly wasn't aware that this was going on...)
Can I avoid these scanners if I so choose? Well, I can choose not to drink in places that use them, but might that eventually mean choosing not to drink? Besides, most companies that collect my personal info at least have to tell me what they're collecting, how they use it, how they share it, etc. Typically I can even opt out of most sharing of my info. Why not so with bars?
As to why you might care: Well, suppose you like to drink now and then. Suppose you want to get a job with a small company, run by a person who has religious objections to drinking. Suppose he now adds to his background check routine "see if the candidate drinks". Is that ok with you?
Was he so sure that identity theft isn't a threat, as he said?
Or did he figure "even if the threat is real, an ID thief wouldn't want to prove it by stealing my information in a highly-publicized incident"?
And on the flip side -- will this morAn now admit he was wrong? Or will he claim that this was done by one of his opponents to try to create a high-profile incident?
If a significant number of voters choose the easy-but-insecure method of voting, then the fact that your vote was counted properly isn't going to matter.
"Let's see, 1% of voters are insisting on paper ballots, so I can't rig those. Ok, I'll skew the results I can rig by an extra 1% to compensate. Problem solved!"
Since it seems we could go around forever and we're not getting anywhere, I think this is going to be my last post on the subject.
Fair enough; I don't have much more to add. Like I said before, we apparently disagree about how to apply the concepts, so that's that.
You're also getting a bit nasty.
Oh, so people don't like it when you imply they know nothing because of one error? I never would've guessed.
Give nasty, get nasty. Most people who open with insults don't get a reply from me at all, even if they do say "not to be insulting". Must've been in an off mood yesterday to have even bothered.
Now show me the spectrum analysis for a device that uses spread-spectrum techniques for privacy rather than merely to avoid interfering with conventional wireless signals. You know, since that's the context of this discussion.
Then again, the baby monitor doesn't seem to have a very good FH implementation at all. If I understand the third graph on that page, it would seem that while the monitor doesn't prevent the network card from functioning, it does severly reduce bandwidth.
That's like saying the AES algorithm is security through obscurity because if you have the plaintext you don't need the key
Nope. The set of ports that could be active are not the "plain text". The specific port to which to connect is the plain text, and I don't need to know that in the attack I described. In fact, I discover it without discovering the key, using nothing but information about how the algorithm works.
My argument is more like saying "if you can't implement AES without broadcasting a piece of information with which an attacker who understands AES can circumvent the key to get the plaintext, then AES is security through obscurity". Which is true; the reason that AES isn't security through obscurity is that you can implement it while keeping the key -- and only the key -- secret, and it is secure in such an implementation.
There are several additional features (like the blacklisting) which do not weaken the cryptographic strength of the system,
This appears to be the crux of our disagreement. What, exactly, are you evaluating the security of? Only the part of the system where some function maps a key to one of 16 port numbers? We don't have enough information about that function to debate its particular cryptographic strength -- and certainly you could choose a cryptographically strong function to implement that step -- but in any case that focus is far to narrow to have practical meaning. It's academic.
The other steps don't weaken that one step, but they are critical parts of the overall system and they do make the system as a whole weaker than that single step. The strength of the system as a whole is what has practical importance, and that is what I'm evaluating.
To get back to your AES analogy -- AES is strong. But how would you rate the strength of a system where I use AES to encrypt the shift offset for a ceasar cypher, having used said ceasar cypher to encrypt my message? The "extra steps" involved in the ceasar cypher don't weaken AES, but they do render its strength moot with respect to the strength of my system as a whole. If you know what I'm up to -- i.e. if you understand my algorithm -- then you don't need the key; the security comes only from the secrecy of the overall algorithm. Security through obscurity.
By the way, should I conclude from the fact that your post is illegible (as apparently you posted as HTML Formatted instead of Plain Old Text) that you know nothing about posting to Slashdot?
Hm. Well, it's been about 10 years since I wrote actual socket code without a library doing all the heavy lifting, so it's quite possible my memory on that point is confused.
I "obviously have no idea", eh? I'd hate to be in any situation where your powers of deduction might actually matter.
Slashdot Mirror
That might be a pretty good idea, for several reasons. But it's not a slam dunk; there are problems that would have to be resolved.
What is the total weight of the car batteries? How much energy will be spent physically swapping them? This isn't just a starter battery... If nothing else, this would probably be the end of the self-service gas station (at least until our car-refueling robot overlords sweep in to save the day)... And remember, it's the driver that's going to end up paying for any labor, or any energy expense in general from swapping batteries.
Another poster's concern about some batteries being in better condition than others doesn't seem like a huge deal in and of itself. The battery station is going to have to monitor the condition of the batteries in its inventory to dispose of them when they're no longer usable; so there's going to be some standard minimum: "you will get at least X out of this battery swap." Maybe you get more sometimes -- nice bonus. The station might set tiered pricing -- for an extra $x.xx you get a better guarantee about the condition of your new battery...
However, unless the station can penalize you for degradation of the battery you turn in (relative to the condition in which you got it), there will be no incentive not to mistreat batteries. What exactly that means will depend on the battery technology, but generally some usage patterns are better for overall battery life than others. If the average battery is abused, average overall life goes down, and then cradle-to-grave energy efficiency goes down (as you have to manufacture / recycle more batteries).
There would be overhead on the station's end to keep a sufficient inventory of charged batteries. To keep that to a minimum, there should be pretty tight standards to make all cars' batteries interchangeable. Is that currently the case in electric cars? How practical is it to have one (or at least a small number of) standard battery? (Again, we're no longer talking about the market for starter batteries here...)
Suppose I swap out my batteries and the replacements fail catestrophically; who all has liability exposure? The station? The previous owner? The manufacturer? How do you keep track of a battery's lineage of ownership?
Ooh, crazy Bad Hollywood Plot theory time -- a terrorist quietly assumes control of a battery station. Over the course of a few days, he swaps out the batteries from as many cars as possible, replacing them with packages that are half battery, half explosive. Once his devices are distributed, across the city vehicles start exploding at random. Film at 11.
Copyright infringement is not thieft.
Legally they are different offenses; that's true. And there is a lot of hand-waving that goes on when copyright infringement is presented to the public as theft.
On the other hand, language is not black and white, and how finely we need to split hairs depends on the context and the audience. Outside the courtroom, I question whether arguing the semantics of what can, or cannot, be called "stealing" is a worthwhile use of energy. There are more efficient lines of argument if you want to fight the current copyright practices. There's a lot wrong with copyright as it exists today, but I hold that none of it will be changed by getting people to say "infringe copyright" instead of "steal".
At one level, the apparent intent of the offender (as seen from the point-of-view of the victim[1]) -- to get something for nothing -- is similar, and I think it's this similarity that made the use of "steal" to mean "infringe copyright" popular.
That's unfortunate, but it's the way people outside the legal profession tend to talk about rights and laws -- they use imprecise terms.
If you do want to be more precise, the real problem is in the understanding of "property" as it applies to copyright.
People like to say that IP is a made-up concept. They like to forget that the idea of proprietary rights to tangible items (i.e. physical property) is also a made-up concept. Both are constructs of law; the latter just happens to be more established (and therefore better-understood). In current societies, both are subject to abridgement for the perceived good of society (though I'd say this is currently done too often for physical property and not often enough for IP). So I discard the notion that one is "more real" than the other.
I think the biggest problem is understanding what the "property" is. It's not a CD. It's not even a collection of 1's and 0's. It might arguably be the informatoin encoded by those 1's and 0's. Along the same line, what does it mean to "use" that property? Listen to it? Not really; that's not the use to which the copyright holder puts it. That's not one of the rights protected as exclusive to the owner.
In that line, I hold that the analogy of copyright infringement as theft is valid if the concepts of property are applied correctly. True, when I copy your CD, you don't lose your ability to listen to the CD -- but then again, the CD isn't what I've "stolen", listening isn't "use", and you aren't the "owner".
The thing I've "stolen" is the distribution opportunity. It is finite and has real economic value (though in the case of a single copy that value is rather small). And while it is very intangible and maybe even unintuitive, it is legally protected and in that sense just as "real" as your exclusive right to drive your car.
"Use", in other words, is exercise of the right to distribute (resulting in economic gain, normally). (Or exercise of any of the other protected rights; of which "listen to" is not one.) If I infringe copyright, I do deprive the copyright owner of the opportunity to use his property.
As your later comment points out, if the degree to which copyright infringement resembles theft were understood clearly, and the punishment made proportional to theft of an equivalent value of tangible property, we'd actually be better off.
[1] And seriously, let's just skip the debate on usage of the word "victim". It's much shorter than "person whose legally-recognized right is violated", or would be if I didn't need this disclaimer, which I wouldn't in an honest discussion of real issues
To be fair, we don't have enough information about how the project to build this system progressed to know exactly how to divide up blame. For example, I'm only guessing that the engineering team just didn't give a thought to securing the switch controls against this type of thing, and you're only guessing that they did.
On the other hand, I cannot support the attitude of "I just built what I was told to build" in a case like this. Just because the engineer may have raised concerns and been shot down, does not make it ethically ok to build something grossly dangerous. Depending on the project, there are matters of degree here; but then this is a pretty serious case of poor design with potentially disasterous consequences.
Suppose this had been figured out by someone with the intent to cause damage, rather than by a kid who thought he was being funny?
If by that you mean that the engineers (responsible for design of the system) and their bosses should also be facing criminal charges, then yes, they should.
That doesn't mean what the boy did was ok, or that he shouldn't be facing charges, though. While he is young and might not be held to the same standard of foresight as an adult, still his behavior cannot be excused as merely impulsive considering the time and effort involved. Even if he isn't held fully accountable for endangering lives, still he had to know he would be causing considerable disruption.
I'm curious, though, about the details of the tram system in question. The article describes a tram operator trying to go one way while the track pushed him the other way... so I assume these are not strictly rail-following vehicles (like trains) that have only an accelerator and a brake?
The law doesn't mandate that you carry the ID at all times. (It only mandates you have one in the sense that there are things you can't do without it.)
So if you're going to a demonstration or "other unpopular activity", and you're worried about being asked for your RealID so your involvement can be logged... then don't take it with you.
Instead of focusing on worst-case scenarios that are easily avoidable, it would be helpful to focus on whether or not the government should impose ID restrictions in any given situation.
Since I don't think "driving a car" is a situation that generally requires this level of certainty about ID, I'd say at a minimum RealID should be decoupled from driver's licenses. Of course, that would mean if you do want to do something RealID is used for, you'd need yet another card...
I don't think such a limit is known. (Well, unless you care to calculate the size of a black hole containing all of the matter and energy in the Universe and count that as a theoretical limit...) But I also don't think we know enough about black holes to say that with any certainty.
I don't think creating competition is the purpose of the marketshare cap -- at least not in the "give each consumer more choices" sense.
I think the purpose is to avoid giving one company too much influence over the flow of information throughout the country.
I don't think Jarvik is any worse than any of the other direct-to-consumer drug spokesmen, some wearing lab coats and others not. I doubt Random Announcer Guy who narrates commercials for other cholesterol drugs is medically licensed.
And what if Jarvik were licensed in the U.S.? He still wouldn't be speaking to an individual's case, and he'd still be shilling for the drug's maker. Those are the basic problems with all direct-to-consumer drug ads (which may say "your doctor will decide", but bury that where it will have relatively little impact). Doesn't really matter to me who the spokesperson is.
Is it the translation, or is this yet another misleading headline? In English, "decriminalize" and "legalize" do not generally mean the same thing. From m-w.com:
decriminalize : to remove or reduce the criminal classification or status of; especially : to repeal a strict ban on while keeping under some form of regulation
The translation of the article said the only solution is to "decriminalize" file-sharing, which may well not mean "make it legal" (per the headline and summary). Anyone here who can read the original and clarify? Or anyone who has insight into the authors' intent?
It makes a difference to me; I'd be happy to have personal, small-scale copyright infringement decriminalized, but that doesn't mean it should be "ok".
The argument that the reason to decriminalize is that the RIAA/MPAA are zealots who will never be satisfied, though... while it has a poetic justice to it, it's really just a variation on slipperly-slope argument and holds no logical weight. That some people would go too far in one direction doesn't mean you should go as far as possible in the opposite direction. It does mean you should be skeptical of what those "some people" ask for, but as to any specific measure, evaluate it on its own merits instead of blaming the idea for the views of those who hold it.
(That said, on its own merits the idea of ISP's being responsible for copyright enforcement is insane and should be thrown out.)
So... If I read that right, you said "Yes, you can get what you want... except that you can't get it and it isn't what you want."?
I don't get it.
That is a tough problem, yes. I'm not sure it's solvable.
Best I've come up with is some sort of rule where geographically adjacent communities that tend to vote alike must be placed in the same district (or at least can't be split up if, being split, each part is a minority voting block in its district). Or something to that effect; it would need considerable refinement before it would really work.
Rules preventing obvious contrivances in the shape of a district might also work, though they might do as much harm as good if there weren't a way to account for odd shapes that might exist for a reason (e.g. following natural boundaries in cases where it's relevant).
Geographic representation is pretty pointless in this interconnected world
I'm not so sure about that. Interconnected though the world is, there are still a lot of issues that are either seem differently or seen as more or less important by groups of people who are geographically clustered. A locally-felt issue that needs a voice at the Federal level is only likely to find it with geographic districting.
I've considered ideas like that. Whether it works depends on whether you believe it matters that each representative is accountable to a different district. It's also not clear how you'd set up voting. (Would it still be "1 person 1 vote", or if there are 4 seats does each person vote for 4 candidates? Each approach has its own problems...)
To see why districts might matter, look at a state like Missouri. We have St. Louis and Kansas City, which tend more liberal; and the rest of the state, which is relatively rural and tends more conservative. Under your proposal, it is very possible that every Missouri Representative would be chosen by the two cities.
Any state with a significant minority who are geographically aligned and share political interests (presumably related to their geographic alignment) would have the same problem.
*sigh*
-1 Redundant? No, no. That should be -1 Flamebait. Redundant would be the 3 people who replied with exactly the same response.
Sheesh. Moderators need a dictionary.
This may have been going on for years in some places -- though keep in mind, this isn's just about the act of scanning the card, it's about what's being done with the information. Do you know, do you only assume, or do you not care whether the store actually stored and later shared your info?
That's really my point: While having my card scanned would make me suspicious, and apparently you as well, that puts us both in the minority. Most people I know wouldn't care about their card being scanned unless someone told them that the information was being kept and used in ways they might not like.
By the way, even just scanning the cards has not been going on for years where I am (MO). Nor anywhere I've had a drink. In fact, I've never run into it. And I'll be happily surprised if I never do.
Anyhow, if you don't go out to drink and don't care about buying alcohol other than your own brew, good for you; this article tells you nothing you need to know. That again puts you in the minority, unfortunately.
Well, I do salute the effort...
Yeah, but that depends on the staff at the bar being cooperative. There is no law that they serve you, either; suppose they feel that your ID looks "tampered with"?
There are plenty of reasons you might, or might not, see this as a privacy violation. But the presence of prior privacy violations doesn't mean that new ones are ok.
Note that many people do indeed consider cookies a privacy violation even though they typically don't have as much potential as these ID scans to cause harm. And those people, if they're informed enough to know, have an option -- turn off cookies. That's minimally what this type of article is about: informing people so they can make a choice. (I certainly wasn't aware that this was going on...)
Can I avoid these scanners if I so choose? Well, I can choose not to drink in places that use them, but might that eventually mean choosing not to drink? Besides, most companies that collect my personal info at least have to tell me what they're collecting, how they use it, how they share it, etc. Typically I can even opt out of most sharing of my info. Why not so with bars?
As to why you might care: Well, suppose you like to drink now and then. Suppose you want to get a job with a small company, run by a person who has religious objections to drinking. Suppose he now adds to his background check routine "see if the candidate drinks". Is that ok with you?
I'm not sure what type of arrogance drove this.
Was he so sure that identity theft isn't a threat, as he said?
Or did he figure "even if the threat is real, an ID thief wouldn't want to prove it by stealing my information in a highly-publicized incident"?
And on the flip side -- will this morAn now admit he was wrong? Or will he claim that this was done by one of his opponents to try to create a high-profile incident?
"Some men, you just can't reach..."
To what end?
If a significant number of voters choose the easy-but-insecure method of voting, then the fact that your vote was counted properly isn't going to matter.
"Let's see, 1% of voters are insisting on paper ballots, so I can't rig those. Ok, I'll skew the results I can rig by an extra 1% to compensate. Problem solved!"
How is that of all the other OLPC partner companies, Intel is the only one that just couldn't avoid being caught pulling a fast one?
Fixed.
Since it seems we could go around forever and we're not getting anywhere, I think this is going to be my last post on the subject.
Fair enough; I don't have much more to add. Like I said before, we apparently disagree about how to apply the concepts, so that's that.
You're also getting a bit nasty.
Oh, so people don't like it when you imply they know nothing because of one error? I never would've guessed.
Give nasty, get nasty. Most people who open with insults don't get a reply from me at all, even if they do say "not to be insulting". Must've been in an off mood yesterday to have even bothered.
Hmm.
Now show me the spectrum analysis for a device that uses spread-spectrum techniques for privacy rather than merely to avoid interfering with conventional wireless signals. You know, since that's the context of this discussion.
Then again, the baby monitor doesn't seem to have a very good FH implementation at all. If I understand the third graph on that page, it would seem that while the monitor doesn't prevent the network card from functioning, it does severly reduce bandwidth.
That's like saying the AES algorithm is security through obscurity because if you have the plaintext you don't need the key
Nope. The set of ports that could be active are not the "plain text". The specific port to which to connect is the plain text, and I don't need to know that in the attack I described. In fact, I discover it without discovering the key, using nothing but information about how the algorithm works.
My argument is more like saying "if you can't implement AES without broadcasting a piece of information with which an attacker who understands AES can circumvent the key to get the plaintext, then AES is security through obscurity". Which is true; the reason that AES isn't security through obscurity is that you can implement it while keeping the key -- and only the key -- secret, and it is secure in such an implementation.
There are several additional features (like the blacklisting) which do not weaken the cryptographic strength of the system,
This appears to be the crux of our disagreement. What, exactly, are you evaluating the security of? Only the part of the system where some function maps a key to one of 16 port numbers? We don't have enough information about that function to debate its particular cryptographic strength -- and certainly you could choose a cryptographically strong function to implement that step -- but in any case that focus is far to narrow to have practical meaning. It's academic.
The other steps don't weaken that one step, but they are critical parts of the overall system and they do make the system as a whole weaker than that single step. The strength of the system as a whole is what has practical importance, and that is what I'm evaluating.
To get back to your AES analogy -- AES is strong. But how would you rate the strength of a system where I use AES to encrypt the shift offset for a ceasar cypher, having used said ceasar cypher to encrypt my message? The "extra steps" involved in the ceasar cypher don't weaken AES, but they do render its strength moot with respect to the strength of my system as a whole. If you know what I'm up to -- i.e. if you understand my algorithm -- then you don't need the key; the security comes only from the secrecy of the overall algorithm. Security through obscurity.
By the way, should I conclude from the fact that your post is illegible (as apparently you posted as HTML Formatted instead of Plain Old Text) that you know nothing about posting to Slashdot?
Hm. Well, it's been about 10 years since I wrote actual socket code without a library doing all the heavy lifting, so it's quite possible my memory on that point is confused.
I "obviously have no idea", eh? I'd hate to be in any situation where your powers of deduction might actually matter.