Why limit it to banning P2P? If someone is running an FTP server on a wide-area wireless network shouldn't that be banned too? Or downloading anything big, youtube should be blocked too.
Or they could just put a hard cap on usage so that if you use up all your bandwidth in the first 3 days torrenting Lost it's your problem.
Because one person sending a mailshot to a hundred or so people looks a lot like a botnet. One person mailing their CV to 200 companies can look a lot like a botnet. One teenage girl telling everyone about a party can look a lot like a spammer.
Sure if the botnet isn't well written then it'll just blast spam out of every node 24/7 but the really good ones are going to try hard to evade detection. Hell if you've got enough compromised PC's and you're organised as modern botnet herders are then you can collect a lot of good data on how regular users send email and make sure the nodes of your botnet avoid going far outside the curve.
An 1883 article in the weekly medical journal the Sanitarian argued that schools "exhaust the children's brains and nervous systems with complex and multiple studies, and ruin their bodies by protracted imprisonment." Meanwhile, excessive study was considered a leading cause of madness by the medical community.
Person A doesn't steal because they are healthy, fed, comfortable and nobody they care about is at risk. Person B does steal because they aren't healthy, fed, comfortable and/or people they care about are at risk (say there's medical bills to pay).
Now if you switched person A and person B around they will probably do exactly the same things. Person B would act just like person A used to and doesn't steal because they no longer have good reason to. Person A acts just like person B used to and steals because now they have very very good reason to.
Never the less a person A who isn't facing the prospect of being switched with B will still harp on about how much better they are than person B, how you can't trust person B, how person B is a scumbag and how it's all free will and choice. And to make it even more funny person A freely admits that he'd probably act just like person B with the right incentives.
What you fail to get is that if there was a decent system in place then you wouldn't have to deal with that kind of shit.
All the problems you experienced above -All of them- are a result of a combination of incompetent staff and trying to stick a crappy patch on a terrible system.
Lets run through them:
1: VISA freaking out when you use your card abroad. If the cards weren't trivial to rip and clone then they wouldn't have to assume fraud if your card appears to be physically present somewhere unexpected. If the CC system was really more than a 1 factor system then this shouldn't be a problem. but it is because the cc system is shit.
2: "Your card was compromised in Holland, we are cancelling it and sending you a new one." It should not be possible to compromise your card without physical access and physically damaging the card. If your card couldn't be stolen without litterally physically being stolen then you would not have had this problem. but you had a problem because the cc system is shit.
3: "Why didn't you do this the first time I called?" incompetence.
4: "We can't change accounts without the old number." With a better system with some hard crypto etc it should be perfectly possible to confirm that while you changed cards you're the same person.
5: "So, no, I don't think the system should be fixed because the system becomes unusable when the security becomes tight." No. none of your problems were caused by security. every one except those caused by idiots was caused by shitty security. They have a shitty poorly built system which they don't want to spend money on fixing and so they make you pay in inconvenience and that kind of crap. If they got off their arses and put hard security in place then they wouldn't have to fuck around with workaround and patches like calling you whenever you make a charge which doesn't fit the normal pattern.
6: "Security and convenience is a trade-off. " It can be. What you're missing is that in the case of the CC system they haven't traded anything. They started with fuck all security and because people are gaming the system to the hilt they throw more and more extra inconvenience into the mix by calling you, locking your account etc etc etc. it should be perfectly possible to make a system which is far more secure and is far more convenient than the current system as it is right now.
When you utterly disregard security when designing the system and money is involved soon enough you're going to have to add security somehow just like the CC companies have tried to do and it's going to be a shitty hack of a patch on the system.
"After a promising start as a security consultant who did volunteer work for the U.S. Federal Bureau of Investigation, Butler was arrested for writing malicious software that installed a back-door program on computers -- including some on federal government networks -- that were susceptible to a security hole."
It's ambiguous.
It says he was arrested for writing malicious software that installed a back-door program on computers. Not for using it. In reality he was probably arrested for using it. It's a poorly written piece.
But there's always a few self righteous cunts around who haven't read the linked articles themselves either and jump in with insults.
"After a promising start as a security consultant who did volunteer work for the U.S. Federal Bureau of Investigation, Butler was arrested for writing malicious software that installed a back-door program on computers -- including some on federal government networks -- that were susceptible to a security hole."
It's ambiguous.
It says he was arrested for writing malicious software that installed a back-door program on computers. Not for installing it. In reality he was probably arrested for installing it. It's a poorly written piece.
But there's always a few cunts around who haven't read the linked articles themselves either and jump in with insults.
Given that people can sue for lost earnings when they lose legs, eyes, hands etc or suffer some other kind of serious damage I don't think assiging an approximate cash value is unexplored teritory. These aren't magical things which can't be quantified. Sure you can't say "it's worth 53,062 dollars and 45 cent" with certainty but courts approximate damages all the time.
but under a US-style system as described by spun, unless you can link those things directly back to the comments concerned, prove malice, and quantify the damage caused in some meaningful way, it sounds like the law offers no protection from this.
You claimed that it was somehow unreasonable to have to show these 3 things: 1: That there be a provable link between the comments and whatever effect/consequence/harm you claim to have suffered. 2: That it be possible to prove malice. 3: That the damage be quantified in some meaningful way.
so let me get this straight: You don't actually have a problem with requiring people to prove that the harm is in fact a direct result of whatever was said. You don't seem to have a problem with quantifying the damages or at least trying for an approximation of the damages.
So unless you have a problem with having to prove malice(without which everyone is pretty much walking on eggshells and free speach is out the window since even a compliment could get you sued) then what is your problem with the US system?
ok. So if you say something, lets say I convince a class of local children that you pushed Santa Clause off your roof. It's untrue(obviously) It's maclicious. And it may be credibly damaging if some of those kids egg your house.
So you have no problem with being required to prove that the egging is credibly linked to my claims that you pushed santa clause off a roof but if you then sue me for 500,000 dollars damages rather than the fifty bucks it cost to clean the egg off you don't think you should also have to prove that 500,000 dollars worth of damage was actually done in order to go after me for that amount?
That strikes me as absurd.
I find it remarkable, and more than a little disturbing, that some adults apparently can't see that that's absurd.
exactly as it should otherwise say I call you mean names or say nasty things about you. They do no harm whatsoever but the next day you crash your car and fuck up at work and get fired.
If there's no requirement to prove that the losses are in any way a result of the insult/statement then what's to stop you from blaming all your problems on me and extracting money for nothing? It would be utterly retarded to not require that there be a provable link back to the comments concerned.
The law should not offer wildcards to blame everything that goes wrong on people who piss you off.
Losing an eye or losing your house is a hell of a lot worse than some randomer calling you mean names.
Deal with it. and man up a little.
Unless you lead a very sheltered life and never learned to deal with other people being unpleasant. Feelings are the absolute least serious kind of harm, verging on the trivial.
People do work like that, and the law should be about the physical and financial world, not how life makes you feel.
Yes, I laugh but in an odd way that's a really good description. I've heard people say they find 4chan scary but it's only scary in the same way that tornados are scary. Sure it suddenly might focus on you and really really ruin your day, it might randomly cause some destruction but it will never bring down a government or wage a real war because it has the attention span of a squirrel on caffine and all the focus of a reflection in a rusty spoon.
anonymous is kinda interesting when you think about it. With no real membership just a huge number of random people who may take part in it's activities whenever they feel like it with no real leadership and as such no concrete goals or objectives. it could be described as an expreassion of discontent or possibly boredom or just an expression of whatever a lot of people feel but can't openly express. I'm sure there's some projects in there for some psych students.
Ok I'm overthinking this way too much. it's just 4chan and their mob mentality.
From reading TFA I'm fairly sure no pen-testing will be involved. By the look of it it's going to be a beurocratic drill rather than a technical one. No actuall hacking, just a load of suits in a room being given fictional reports of the progress of the "cyber attack" against them. They pretend to know anything at all about it, they make fictional descisions and then some consultants go over it all afterwards with them and try to guess which chocies wouldn't have been good ones had it been a real situation.
the last point I have to disagree with. Look at first world countries. when standard of living gets higher and people have more control over their lives they tend to have less children. There are even countries where the birth rate has dropped bellow 2.0 .
Get everyone to that level, gag the pope and watch as the population gradually shrinks slightly.
combined with the fact that trojans can be just a layer. Simple trojan infects a machine, on it's own it does nothing but execute arbitrary code on the target. Trojan downloads code from it's controller which is an actual virus or code for a botnet etc etc...
it's not really an important distinction since the lines have become more blured as virus writers have tended towards hybrids or outsourced different parts of the infection process to others.
I would like to state that I had no knowledge of what party he was or what right/left/liberal/consercvative affiliation he was, merely that he was the oposition and that his views were crazy and that some day his guys will be in power with a blacklist they can add whatever they want to.
Look at it from the crazy far *anything* perspective. I was going for an example that would appeal to the most slashdotters. But yes. it's equally true for pretty much any group.
1: Asuuming you have contact info for the site owners and that they have time,care or can afford to give up anonymity to appeal. This is a big deal for political speach, with a focus on the kind where people feel the need to remain anonymous to avoid becoming part of amnesty internationals statistics.
2: Assuming that people who type in an address and see a "The site you are trying to access has been blacklisted for containing child pornography, your IP has been logged, remain where you are until officers collect you" message will be willing to publicly state that they ever saw that message ever.
3: Lets say the appeal turns out to be a kangaroo court setup. How exactly will the owners or people who liked to read about Tiananmen Square go about publicising that they've been wronged? Publishing the address of a site on the blacklist is illegal.
4: Who's double checking? when some random user emails to complain that some forum they use got blacklisted who exactly is responsible for double checking it? the same people who added it in the first place? their friends?
Slashdot Mirror
Why limit it to banning P2P?
If someone is running an FTP server on a wide-area wireless network shouldn't that be banned too?
Or downloading anything big, youtube should be blocked too.
Or they could just put a hard cap on usage so that if you use up all your bandwidth in the first 3 days torrenting Lost it's your problem.
P2P isn't the problem.
Because one person sending a mailshot to a hundred or so people looks a lot like a botnet.
One person mailing their CV to 200 companies can look a lot like a botnet.
One teenage girl telling everyone about a party can look a lot like a spammer.
Sure if the botnet isn't well written then it'll just blast spam out of every node 24/7 but the really good ones are going to try hard to evade detection.
Hell if you've got enough compromised PC's and you're organised as modern botnet herders are then you can collect a lot of good data on how regular users send email and make sure the nodes of your botnet avoid going far outside the curve.
An 1883 article in the weekly medical journal the Sanitarian argued that schools "exhaust the children's brains and nervous systems with complex and multiple studies, and ruin their bodies by protracted imprisonment." Meanwhile, excessive study was considered a leading cause of madness by the medical community.
hmmm... I think they may be onto something....
I think the point he was trying to make is that
Person A doesn't steal because they are healthy, fed, comfortable and nobody they care about is at risk.
Person B does steal because they aren't healthy, fed, comfortable and/or people they care about are at risk (say there's medical bills to pay).
Now if you switched person A and person B around they will probably do exactly the same things.
Person B would act just like person A used to and doesn't steal because they no longer have good reason to.
Person A acts just like person B used to and steals because now they have very very good reason to.
Never the less a person A who isn't facing the prospect of being switched with B will still harp on about how much better they are than person B, how you can't trust person B, how person B is a scumbag and how it's all free will and choice.
And to make it even more funny person A freely admits that he'd probably act just like person B with the right incentives.
What you fail to get is that if there was a decent system in place then you wouldn't have to deal with that kind of shit.
All the problems you experienced above -All of them- are a result of a combination of incompetent staff and trying to stick a crappy patch on a terrible system.
Lets run through them:
1:
VISA freaking out when you use your card abroad.
If the cards weren't trivial to rip and clone then they wouldn't have to assume fraud if your card appears to be physically present somewhere unexpected.
If the CC system was really more than a 1 factor system then this shouldn't be a problem.
but it is because the cc system is shit.
2:
"Your card was compromised in Holland, we are cancelling it and sending you a new one."
It should not be possible to compromise your card without physical access and physically damaging the card.
If your card couldn't be stolen without litterally physically being stolen then you would not have had this problem.
but you had a problem because the cc system is shit.
3:
"Why didn't you do this the first time I called?"
incompetence.
4:
"We can't change accounts without the old number."
With a better system with some hard crypto etc it should be perfectly possible to confirm that while you changed cards you're the same person.
5:
"So, no, I don't think the system should be fixed because the system becomes unusable when the security becomes tight."
No.
none of your problems were caused by security.
every one except those caused by idiots was caused by shitty security.
They have a shitty poorly built system which they don't want to spend money on fixing and so they make you pay in inconvenience and that kind of crap.
If they got off their arses and put hard security in place then they wouldn't have to fuck around with workaround and patches like calling you whenever you make a charge which doesn't fit the normal pattern.
6:
"Security and convenience is a trade-off. "
It can be.
What you're missing is that in the case of the CC system they haven't traded anything.
They started with fuck all security and because people are gaming the system to the hilt they throw more and more extra inconvenience into the mix by calling you, locking your account etc etc etc.
it should be perfectly possible to make a system which is far more secure and is far more convenient than the current system as it is right now.
When you utterly disregard security when designing the system and money is involved soon enough you're going to have to add security somehow just like the CC companies have tried to do and it's going to be a shitty hack of a patch on the system.
From the fucking article.
"After a promising start as a security consultant who did volunteer work for the U.S. Federal Bureau of Investigation, Butler was arrested for writing malicious software that installed a back-door program on computers -- including some on federal government networks -- that were susceptible to a security hole."
It's ambiguous.
It says he was arrested for writing malicious software that installed a back-door program on computers. Not for using it.
In reality he was probably arrested for using it.
It's a poorly written piece.
But there's always a few self righteous cunts around who haven't read the linked articles themselves either and jump in with insults.
Actually I did RTFA.
"After a promising start as a security consultant who did volunteer work for the U.S. Federal Bureau of Investigation, Butler was arrested for writing malicious software that installed a back-door program on computers -- including some on federal government networks -- that were susceptible to a security hole."
It's ambiguous.
It says he was arrested for writing malicious software that installed a back-door program on computers. Not for installing it.
In reality he was probably arrested for installing it.
It's a poorly written piece.
But there's always a few cunts around who haven't read the linked articles themselves either and jump in with insults.
Short version:
People respond to incentives.
Given that people can sue for lost earnings when they lose legs, eyes, hands etc or suffer some other kind of serious damage I don't think assiging an approximate cash value is unexplored teritory.
These aren't magical things which can't be quantified.
Sure you can't say "it's worth 53,062 dollars and 45 cent" with certainty but courts approximate damages all the time.
You make a good point that the credit card system is retarded but the poeple who steal CC numbers are still filth.
"Butler was arrested for writing malicious software that installed a back-door program on computers "
I hope that's for releasing/using the software rather than the simple act of writing it.
I refer to your earlier post.
but under a US-style system as described by spun, unless you can link those things directly back to the comments concerned, prove malice, and quantify the damage caused in some meaningful way, it sounds like the law offers no protection from this.
You claimed that it was somehow unreasonable to have to show these 3 things:
1: That there be a provable link between the comments and whatever effect/consequence/harm you claim to have suffered.
2: That it be possible to prove malice.
3: That the damage be quantified in some meaningful way.
so let me get this straight:
You don't actually have a problem with requiring people to prove that the harm is in fact a direct result of whatever was said.
You don't seem to have a problem with quantifying the damages or at least trying for an approximation of the damages.
So unless you have a problem with having to prove malice(without which everyone is pretty much walking on eggshells and free speach is out the window since even a compliment could get you sued) then what is your problem with the US system?
In which step exactly is the unfairness?
ok.
So if you say something, lets say I convince a class of local children that you pushed Santa Clause off your roof.
It's untrue(obviously)
It's maclicious.
And it may be credibly damaging if some of those kids egg your house.
So you have no problem with being required to prove that the egging is credibly linked to my claims that you pushed santa clause off a roof but if you then sue me for 500,000 dollars damages rather than the fifty bucks it cost to clean the egg off you don't think you should also have to prove that 500,000 dollars worth of damage was actually done in order to go after me for that amount?
That strikes me as absurd.
I find it remarkable, and more than a little disturbing, that some adults apparently can't see that that's absurd.
exactly as it should otherwise say I call you mean names or say nasty things about you. They do no harm whatsoever but the next day you crash your car and fuck up at work and get fired.
If there's no requirement to prove that the losses are in any way a result of the insult/statement then what's to stop you from blaming all your problems on me and extracting money for nothing?
It would be utterly retarded to not require that there be a provable link back to the comments concerned.
The law should not offer wildcards to blame everything that goes wrong on people who piss you off.
Losing an eye or losing your house is a hell of a lot worse than some randomer calling you mean names.
Deal with it.
and man up a little.
Unless you lead a very sheltered life and never learned to deal with other people being unpleasant.
Feelings are the absolute least serious kind of harm, verging on the trivial.
People do work like that, and the law should be about the physical and financial world, not how life makes you feel.
Toughen up and get over it pussy.
Yes, I laugh but in an odd way that's a really good description.
I've heard people say they find 4chan scary but it's only scary in the same way that tornados are scary.
Sure it suddenly might focus on you and really really ruin your day, it might randomly cause some destruction but it will never bring down a government or wage a real war because it has the attention span of a squirrel on caffine and all the focus of a reflection in a rusty spoon.
anonymous is kinda interesting when you think about it.
With no real membership just a huge number of random people who may take part in it's activities whenever they feel like it with no real leadership and as such no concrete goals or objectives.
it could be described as an expreassion of discontent or possibly boredom or just an expression of whatever a lot of people feel but can't openly express.
I'm sure there's some projects in there for some psych students.
Ok I'm overthinking this way too much.
it's just 4chan and their mob mentality.
From reading TFA I'm fairly sure no pen-testing will be involved.
By the look of it it's going to be a beurocratic drill rather than a technical one.
No actuall hacking, just a load of suits in a room being given fictional reports of the progress of the "cyber attack" against them.
They pretend to know anything at all about it, they make fictional descisions and then some consultants go over it all afterwards with them and try to guess which chocies wouldn't have been good ones had it been a real situation.
Lots of people complain about Endless September.
But those communities are still there. at least many of them are.
they just look small and puny next to the megacorps.
the last point I have to disagree with.
Look at first world countries.
when standard of living gets higher and people have more control over their lives they tend to have less children.
There are even countries where the birth rate has dropped bellow 2.0 .
Get everyone to that level, gag the pope and watch as the population gradually shrinks slightly.
combined with the fact that trojans can be just a layer.
Simple trojan infects a machine, on it's own it does nothing but execute arbitrary code on the target.
Trojan downloads code from it's controller which is an actual virus or code for a botnet etc etc...
it's not really an important distinction since the lines have become more blured as virus writers have tended towards hybrids or outsourced different parts of the infection process to others.
I would like to state that I had no knowledge of what party he was or what right/left/liberal/consercvative affiliation he was, merely that he was the oposition and that his views were crazy and that some day his guys will be in power with a blacklist they can add whatever they want to.
Look at it from the crazy far *anything* perspective.
I was going for an example that would appeal to the most slashdotters.
But yes.
it's equally true for pretty much any group.
1: Asuuming you have contact info for the site owners and that they have time,care or can afford to give up anonymity to appeal.
This is a big deal for political speach, with a focus on the kind where people feel the need to remain anonymous to avoid becoming part of amnesty internationals statistics.
2: Assuming that people who type in an address and see a
"The site you are trying to access has been blacklisted for containing child pornography, your IP has been logged, remain where you are until officers collect you"
message will be willing to publicly state that they ever saw that message ever.
3: Lets say the appeal turns out to be a kangaroo court setup.
How exactly will the owners or people who liked to read about Tiananmen Square go about publicising that they've been wronged?
Publishing the address of a site on the blacklist is illegal.
4: Who's double checking?
when some random user emails to complain that some forum they use got blacklisted who exactly is responsible for double checking it?
the same people who added it in the first place?
their friends?
5: that's a big hopefully.
Oh it's not inevitable.
No absolutes after all.
There's a slim chance.... really really slim.