> He's not a valid candidate for the presidency of the united states of america in 2008. You fail.
Actually you fail, I am afraid. The whole point of a write-in is to offer the option of *every citizen* being a valid choice if so desired by the voter(s).
> The write-in vote for Ron Paul will not be counted.
Nonsense. Counted it will be as any other valid vote and write-in. Whether it matters statistically is an entirely different question. I congratulate the GP for his choice of voting his conscience.
> It felt great to throw away your vote childishly
In a true election no vote is wasted as each one makes up the whole. Therefore your opinion is, in all respect, the childish one by belittling and reprimanding a citizen to have the audacity to participate in the affairs of his country according to his own wishes and convictions.
> You had two candidates to choose from when it comes down to reality, and you decided to forfeit your choice.
Your "reality" is absolutely sad and limited in scope. He did not forfeit anything. The only way you can forfeit your vote is by *not* voting at all. Please wake up to the principles of this country, which happens to include the notion, that *everybody* is entitled to voice his opinion. An election is not to confirm the "reality" of the existing Status Quo, but to put before the citizens the true choice of a future representation, whoever they decide should do so.
> almost all the incumbent members of congress went back for another term. > Why is this, when approval ratings are so low?
Because of the lack of viable 3rd, 4th, 5th etc. party candidates. By viable I don't meant the candidates themselves as they have at least as much to offer as anybody else on the ballots but the representation of them. The almost complete lack of coverage of them to the point of people being surprised to see other names they never heard of on the ballots besides the two D/R candidates. This is IMHO a true shame for the nation as a whole and the media in particular. I would welcome alternative views and more than two parties of importance since I believe that the views of well over 100 million voters can not possibly be properly represented by 2 parties.
That's what I did. Changed a 3.5" 10k SCSI drive for a 7200 RPM 2.5" SATA drive, which is suspended on rubber bands in a 3.5 inch bay (some german company made the gadget for mounting). True...the SCSI was a bit faster but noise-wise it's a no-contest. Also the laptop drive has a lot more space to offer. Since it's SATA you don't need any adapters...just any normal SATA cable to connect. For 3.5" drives I like the Zalman heatpipe mounting kit with rubber grommets. It does cut down quite a bit on drive vibration being transferred to the case and due to the heatpipes overheating is not a worry. Only fits into a 5.25" bay though.
True. It's a Good Thing in this day and age, when all kinds of people assume they have a special "right" to see *your* data and activity.
> Negative: > - worse performance
Negligible on modern hardware. Hell, I used encrypted partitions already on a Pentium 1 with no major slowdown.
> - you may forget the password (it has happened before.)
True. That's why IMHO passwords/-phrases *should* be written down (though not on the legendary Post-It:-)). Be creative.
> - has to be mounted manually (or at least type in password each time you need access to the data.)
A keyfile, for example on a USB stick, is a password-less/convenient option.
> - it's painful to backup
No, it's the same as any other drive, assuming it's mounted.
> - it's painful to do a proper file systems check
No, it's the same as any other partition once mounted.
> - if the discs are somehow taken by the authorities > you might have to give up your password (or be sentenced > for whatever they think you have on the discs.)
You could be held in contempt of court if ordered to produce the key/passphrase...true. Your decision though. Depends on the situation/country/amount of voltage on your genitals with a definite YMMV. Research that prior to implementation.
> - discs are only secure if they are not mounted.
True, but they aren't any less secure than unencrypted either.
> So use the same approach as SSH... Silently accept a self-signed cert > for a website that I have had no prior contact with (but do not indicate > that the site is 'secure')
I wonder why it all has to be a black or white approach. How about adding another shade of color (pun intended) into the mix, namely:
HTTPS (CA verified): green HTTPS (self-signed): checker-board-style white-green HTTPS (self-signed but *user-verified fingerprint*..what a concept!!): green HTTP: white
Add SSH-style authentication of tracking certificate changes into it with mild warning on first connection etc. and you got a pretty decent scheme serving just about all needs.
> A false sense of security is worse than no security. > By using a self-signed certificate I have no idea if > I'm encrypting the data to the right recipient.
By not using any encryption you also have no idea if you're sending your data to the right recipient. So did the self-signed cert make anything worse? No, it didn't. At worst you're exactly back to square one where you would have been HTTP'ing from anyway. And the false sense of security for most people starts already when they open the browser or their E-mail program....
> there is a draft specification for using OpenPGP certificates > instead of X.509 certificates with SSL/TLS. And as you might > be aware of, OpenPGP uses a web of trust model.
It's a good idea in theory and one I'd like to like more than the CA setup on principle. A question I'd have though is this: How do you verify via web of trust the key (and now SSL cert as well) of a company? The chain of signatures would have to be very long indeed, I'd imagine, and given the current use of GPG etc. for mail I don't see that happening anytime soon.
Personally I still like the SSH-style approach of showing the fingerprint on first connect and giving you a choice of accepting it/the key or not. If you do accept it a warning gets shown if ever in the future the key is not the same anymore. Seems pretty reasonable to me for most minor to medium threat-scenarios. Never had a different key/fingerprint on first connect via SSH, Instant Messenger (OTR and Pidgin Encryption) or similar...
> I still hate typing my passwords the fifty times a day that I do.
Excellent point. Passwords, though they can be quite secure, suck. Without writing them down somewhere you almost can't get by these days. Why is there a separate passphrase required for every freaking app anyway? My login password should be enough to unlock all applications behind it...SSH, GPG etc..!
Used to think like that too. Still do to some extent. But webmail has one great feature which you describe as a drawback. It IS accessible from a browser. Any browser. Even from your Mom's office computer where you are visiting or the hotel lounge overseas. That is its killer-feature...all other points you made non-withstanding. A plugin-on-the-fly would be nice...like FireGPG + your keys on a USB stick which you could activate without having to install anything.
Personally I believe discouraging webmail is pointless. IMHO it's anyway just an intermediate step from physical location-bound solutions, like your dedicated MUA on your home computer, and the next development of Blackberry-style e-mail on your cell phone (with SMS being the forerunner of that). Focus instead on developing a secure messaging/e-mail app for use on cell phones and other such devices. People want their communication instantly delivered to the recipient, not have to wait until they get home from their 3-weeks Australia trip to "check their e-mail".
> Sadly, at least half the US population don't have a clue > as to how to do anything with their computer except the bare minimum.
That's not an issue of "half the US population" but the implemented technology. A car or a microwave are quite complex too on the inside, yet certainly even your mentioned "half" of the population is quite apt at using them.
> And what do they do? They proceed to show the world that they are still
> a backwards oppressive country with no common sense, jeopardizing much
> of the progress that they've made over a bunch of piss-ass monks and to
> avoid some bad press that 99.9% of the world would have ignored if they
> hadn't tried so hard to supress it.
> Is there no Chinese term for "Bad PR" or are they just that stupid?
They aren't stupid, because they know precisely, that the glorious human-rights-waving West ain't gonna cut economic ties or cancel the next shipments of HappyMeal-Toys "over a bunch of piss-ass monks". With other words, the West will look on as China farks up Tibet(ans) as they've been doing it since 1950, while swinging useless hot-air pseudo-disagreement that look good on TV.
Slashdot Mirror
> He's not a valid candidate for the presidency of the united states of america in 2008. You fail.
Actually you fail, I am afraid. The whole point of a write-in is to offer the option of *every citizen* being a valid choice if so desired by the voter(s).
> The write-in vote for Ron Paul will not be counted.
Nonsense. Counted it will be as any other valid vote and write-in. Whether it matters statistically is an entirely different question.
I congratulate the GP for his choice of voting his conscience.
> It felt great to throw away your vote childishly
In a true election no vote is wasted as each one makes up the whole. Therefore your opinion is, in all respect, the childish one by belittling and reprimanding a citizen to have the audacity to participate in the affairs of his country according to his own wishes and convictions.
> You had two candidates to choose from when it comes down to reality, and you decided to forfeit your choice.
Your "reality" is absolutely sad and limited in scope. He did not forfeit anything. The only way you can forfeit your vote is by *not* voting at all. Please wake up to the principles of this country, which happens to include the notion, that *everybody* is entitled to voice his opinion. An election is not to confirm the "reality" of the existing Status Quo, but to put before the citizens the true choice of a future representation, whoever they decide should do so.
> almost all the incumbent members of congress went back for another term.
> Why is this, when approval ratings are so low?
Because of the lack of viable 3rd, 4th, 5th etc. party candidates. By viable I don't meant the candidates themselves as they have at least as much to offer as anybody else on the ballots but the representation of them. The almost complete lack of coverage of them to the point of people being surprised to see other names they never heard of on the ballots besides the two D/R candidates. This is IMHO a true shame for the nation as a whole and the media in particular. I would welcome alternative views and more than two parties of importance since I believe that the views of well over 100 million voters can not possibly be properly represented by 2 parties.
> buy a laptop hard-drive and a $5 cable adapter
That's what I did. Changed a 3.5" 10k SCSI drive for a 7200 RPM 2.5" SATA drive, which is suspended on rubber bands in a 3.5 inch bay (some german company made the gadget for mounting). True...the SCSI was a bit faster but noise-wise it's a no-contest. Also the laptop drive has a lot more space to offer. Since it's SATA you don't need any adapters...just any normal SATA cable to connect.
For 3.5" drives I like the Zalman heatpipe mounting kit with rubber grommets. It does cut down quite a bit on drive vibration being transferred to the case and due to the heatpipes overheating is not a worry. Only fits into a 5.25" bay though.
> Positive:
> - added security
True. It's a Good Thing in this day and age, when all kinds of people assume they have a special "right" to see *your* data and activity.
> Negative:
> - worse performance
Negligible on modern hardware. Hell, I used encrypted partitions already on a Pentium 1 with no major slowdown.
> - you may forget the password (it has happened before.)
True. That's why IMHO passwords/-phrases *should* be written down (though not on the legendary Post-It :-)). Be creative.
> - has to be mounted manually (or at least type in password each time you need access to the data.)
A keyfile, for example on a USB stick, is a password-less/convenient option.
> - it's painful to backup
No, it's the same as any other drive, assuming it's mounted.
> - it's painful to do a proper file systems check
No, it's the same as any other partition once mounted.
> - if the discs are somehow taken by the authorities
> you might have to give up your password (or be sentenced
> for whatever they think you have on the discs.)
You could be held in contempt of court if ordered to produce the key/passphrase...true. Your decision though. Depends on the situation/country/amount of voltage on your genitals with a definite YMMV. Research that prior to implementation.
> - discs are only secure if they are not mounted.
True, but they aren't any less secure than unencrypted either.
> as a Linux user on dialup, I have to wait
> until an ISO distributor puts out a copy for sale
Even on dial-up you can download it...it's not THAT big. wget -c is your friend. So is rsync --partial.
> So use the same approach as SSH... Silently accept a self-signed cert
> for a website that I have had no prior contact with (but do not indicate
> that the site is 'secure')
I wonder why it all has to be a black or white approach. How about adding another shade of color (pun intended) into the mix, namely:
HTTPS (CA verified): green
HTTPS (self-signed): checker-board-style white-green
HTTPS (self-signed but *user-verified fingerprint*..what a concept!!): green
HTTP: white
Add SSH-style authentication of tracking certificate changes into it with mild warning on first connection etc. and you got a pretty decent scheme serving just about all needs.
> browsers would save the self-signed cert and then alert me
> if it changes the way SSH does, then the result will be very good
So where's that extension for our favorite browser anyway?
> A false sense of security is worse than no security.
> By using a self-signed certificate I have no idea if
> I'm encrypting the data to the right recipient.
By not using any encryption you also have no idea if you're sending your data to the right recipient. So did the self-signed cert make anything worse? No, it didn't. At worst you're exactly back to square one where you would have been HTTP'ing from anyway. And the false sense of security for most people starts already when they open the browser or their E-mail program....
> there is a draft specification for using OpenPGP certificates
> instead of X.509 certificates with SSL/TLS. And as you might
> be aware of, OpenPGP uses a web of trust model.
It's a good idea in theory and one I'd like to like more than the CA setup on principle.
A question I'd have though is this: How do you verify via web of trust the key (and now SSL cert as well) of a company?
The chain of signatures would have to be very long indeed, I'd imagine, and given the current use of GPG etc. for mail I don't see that happening anytime soon.
Personally I still like the SSH-style approach of showing the fingerprint on first connect and giving you a choice of accepting it/the key or not. If you do accept it a warning gets shown if ever in the future the key is not the same anymore. Seems pretty reasonable to me for most minor to medium threat-scenarios. Never had a different key/fingerprint on first connect via SSH, Instant Messenger (OTR and Pidgin Encryption) or similar...
Perhaps a combination of the two would do...
1.
> it's very rare that I run into someone else who uses [GPG]
2.
> It's refreshing to see it making a comeback!
1. Why do you think it is that way?
2. What IYHO has changed compared to 1 and what still needs to happen?
> I still hate typing my passwords the fifty times a day that I do.
Excellent point. Passwords, though they can be quite secure, suck. Without writing them down somewhere you almost can't get by these days. Why is there a separate passphrase required for every freaking app anyway? My login password should be enough to unlock all applications behind it...SSH, GPG etc..!
> Discourage webmail.
Used to think like that too. Still do to some extent. But webmail has one great feature which you describe as a drawback. It IS accessible from a browser. Any browser. Even from your Mom's office computer where you are visiting or the hotel lounge overseas. That is its killer-feature...all other points you made non-withstanding. A plugin-on-the-fly would be nice...like FireGPG + your keys on a USB stick which you could activate without having to install anything.
Personally I believe discouraging webmail is pointless. IMHO it's anyway just an intermediate step from physical location-bound solutions, like your dedicated MUA on your home computer, and the next development of Blackberry-style e-mail on your cell phone (with SMS being the forerunner of that). Focus instead on developing a secure messaging/e-mail app for use on cell phones and other such devices. People want their communication instantly delivered to the recipient, not have to wait until they get home from their 3-weeks Australia trip to "check their e-mail".
> Sadly, at least half the US population don't have a clue
> as to how to do anything with their computer except the bare minimum.
That's not an issue of "half the US population" but the implemented technology. A car or a microwave are quite complex too on the inside, yet certainly even your mentioned "half" of the population is quite apt at using them.
Fedora 9 kernel on first boot crashes hard. Bunch of errors over three pages long. Fedora 8 worked fine. Anybody else run into this?
> the one that's changed the least over the years
Overall I agree, but I wish Pat would remove sendmail already and include a sane MTA like Postfix. Sendmail needs to die.
> And what do they do? They proceed to show the world that they are still > a backwards oppressive country with no common sense, jeopardizing much > of the progress that they've made over a bunch of piss-ass monks and to > avoid some bad press that 99.9% of the world would have ignored if they > hadn't tried so hard to supress it. > Is there no Chinese term for "Bad PR" or are they just that stupid? They aren't stupid, because they know precisely, that the glorious human-rights-waving West ain't gonna cut economic ties or cancel the next shipments of HappyMeal-Toys "over a bunch of piss-ass monks". With other words, the West will look on as China farks up Tibet(ans) as they've been doing it since 1950, while swinging useless hot-air pseudo-disagreement that look good on TV.