The summary of the this Slashdot posting is misleading. It is absolutely clear from the Melbourne Age article that this is not genetic modification. For example, it says:
It is believed to be the first time in Australia that approval has been granted to use IVF in combination with genetic screening and tissue matching to create a "donor" child for a sick sibling.
isn't a private WAN such as this more
susceptible to a "single point of failure"
attack?
It will be less vulnerable because they
will have mandated that communications
use physically separate switching nodes paths.
And you can be sure that they have
thought about this.
After the countersuits, maybe IBM will own the stake in Troll Tech.:)
I didn't know Troll Tech had a stake in it. Come to think of it, it would need to be a seriously heavy duty stake to make an impact on a troll techie:-)
More to the point, it rewards said scummy Caldera executives for their scummy behaviour... and their stupidity in buying out Santa Cruz Operation's worthless IP. Rewarding scumbags is a bad idea!
Maybe this lawsuit it will be enough to convince IBM and few other big IT companies that software patents are bad for the industry and should be abolished.
Unfortunately, the only real way to secure information is to store it in an encrypted form such that the key needed to decrypt the information is physically separated from the machine which contains the data.
Surely, it would be better to redesign the system so that the merchant doesn't get to keep any information that could be used by a hacker.
On the contrary, if MicroSoft were to present techie oriented papers, keynotes, etc at this conference, they would be missing the opportunity to present their case, and they would be missing the point.
This may be unappealing to you, as a techie, but I think that this just means that you should not be attending this conference.
The solution is not legislation, it is the creative use of technology
IMO, the solution is use both legislation and technology. The legislation needs to target people that send spam, and people that cause it to be sent. It needs be broad enough to catch spammers who use off-shore agents to do their dirty work, and companies who get spammers to do their advertising.
The technology needs to be there because no legislation will stop all of the spam. Even
if the legislation was universal across all
jurisdictions (not plausible), and strictly enforced everywhere (not plausible), there
will still be some people who think they can
get away with spamming, or who don't think or care about the consequences.
The legislation needs to be part of the solution
because technical solutions have an inherent risk of
collateral damage; e.g. email being incorrectly labelled
as spam. This is not acceptable for some email users.
Furthermore, spammers will continue
to be a step ahead of anti-spam technology
for the forseeable future. IMO, the only hope is
a "intelligent" email agent that does a better job than a good (human) personal assistant.
I think polititians shouldn't have any filters on their e-mail.
Politicians don't have enough time to read all email (or letters) from constituents. They have staff whose job it is to do this. These staff act as filters. Politicians (and their staffers) are also human beings. Why shouldn't they be allowed to defend themselves against spam, viruses, orchestrated email harassment campaigns and mindless foul-mouthed diatribes from random idiots?
We elect politicians to do a job of representing their electors, NOT to be targets for abuse. Let them filter as they choose. If they decide it is ignore particular kinds of communication directed to/at them, we can always vote them out.
After about 2 weeks of what the average person goes through, we'd see stronger anti-spam legislation/penalties.
Nice idea, but it won't work. The politicians would simply stop reading email... or employ more staff to do the job for them. By the way, given that the "average person" uses some kind filtering, why shouldn't the politician do so too?
This wouldn't be viable because it would have significant performance impact on the routers. Each router would need to examine every packet to see if it is a TCP/IP SYN packet destined for port 25. If the packet matched, it would then need to copy the packet to a special "delayed" packet queue and start a 1 second timer. When the timer expired it would need to reinsert the packet for transmission.
This kind of trick needs to be done in the receiving mail server. But then you've got the problem of convincing enough of the world to upgrade their mailservers. And ultimately the
spammers will combat this by increasing the number of mail senders.... and you are back to square one.
Either this is something that can be done by regulation (ministerial decree, essentially) or the legislation will get through Parliament without much debate (which seems likely if all the States have agreed to it as well, as every single state and territory government is run by the party in opposition federally at the moment).
If legislation on this topic goes through Federal parliament (and that is the most likely route,) then at least the Democrats and Greens will give it a critical look in the senate.
It is not within Federal or State government's
power to do this kind of thing by decree or
regulation without prior enabling legislation
passed by Federal or State parliaments. I've
never heard of such legislation. If it had
been passed, you can bet that NSW would not
have referred this issue to Ellison in the first
place!
They have stuff, both hi- and lo-tech, that does some seriously cool shit, that would blow your socks off...literally and figuratively.
Literally, I'm safe because I don't wear socks. Phew!
The bottom line though is that the government will not be able to control the VoIP "problem" entirely without just pulling the plug on all Internet activity. That would be a steep price and they will face economic pressure to not do it.
If the Panamanian government gets serious about this, they could put a stop to VoIP by making it illegal to use VoIP in Panama. Many countries
have done this kind of thing in the past. In the
UK 20 or so years ago, it was not possible to set
up a public internet because of government rules.
"The biggest problem will probably be that you will not make any real money from letting your CPU be used. Perhaps a good idea would be to let a university supply you with internet access in exchange for CPU time."
Greg Egan (an Autralian Sci Fi author) has written
a really interesting novel ("Permutation City", I
think) which starts out in a near future where
distribued compute cycles are traded. [The main
topic is artificial life and virtual worlds. I
ts a good read.]
Anyway, the trading model Egan describes is based
on barter of CPU cycles. When you let someone
else use your compute cycles, you get credit points
which you can exchange for other peoples' compute
cycles. Trading of cycles for credit points is
by automatic auction; e.g. the exchange rate
depends on the demand for cycles.
Now, this model wouldn't work for the general
public, because most people today have no need
for lots of compute cycles. But todays'
business / scientific commmunity may be a
different matter.
... a CA can easily pass the buck on to the credit industry by simply letting everyone know the only thing required for a signature is a valid Credit card number. Credit cards can easily be tracked. In any event, this is all the security your average hacking programmer needs. Free software does not need anymore security than that. For my Fortune 100 company, I would recommend they use somebody they can sue if the certs are cracked.
It a CA were to issue identity certs to anyone who could
provide a credit card number, those certs would be
worthless. At any given time there are probably
thousands of stolen credit cards / numbers in
circulation whose owners havn't noticed to be
missing. Obtaining a fake cert would be trivially
easy. Even if the cert were revoked, many people
could be tricked.
A CA that did this would have a hard time passing
the blame to a Credit Card company. I'm pretty
sure that the Credit Card company's liability
starts and ends with guaranteeing that financial
transactions are completed as per contract(s).
Frankly, I can't see any point in anyone using
a cert from non-trustworthy CA. You are better
off using a self-signed cert on your web-site.
I would love if OSDN could have their own root certificate and let us public folks buy from them. Any malicious signers will be found out quickly so whats the big deal???
The big deal is that without a cert issued by a
reliable Certification Authority (CA),
you don't know who the signer is, let alone
whether he/she/it has a reputation for maliciousness.
Setting up as a CA in general and a root CA in particular is not simple. There are all sorts of security and auditting requirements that have to be satisfied even before the CA can start issuing certs. And for each Cert, the CA needs to check the identity / bona fides of the cert principal and the agent the CA is issuing the cert to. If the CA doesn't do all of the above, the certs are worthless.
Another problem (previously noted) is getting any new CA's root cert installed in the initial keystores of popular web browsers, JVMs and so on.
Slashdot Mirror
It will be less vulnerable because they will have mandated that communications use physically separate switching nodes paths. And you can be sure that they have thought about this.
I didn't know Troll Tech had a stake in it. Come to think of it, it would need to be a seriously heavy duty stake to make an impact on a troll techie :-)
Maybe this lawsuit it will be enough to convince IBM and few other big IT companies that software patents are bad for the industry and should be abolished.
Send them emails which politely, yet firmly state that they smell like a llama's anus. That's offensive to llamas!
Sun has also released patches for this vulnerability on Solaris.
... does that make it a "toy" operating system?
Surely, it would be better to redesign the system so that the merchant doesn't get to keep any information that could be used by a hacker.
This may be unappealing to you, as a techie, but I think that this just means that you should not be attending this conference.
IMO, the solution is use both legislation and technology. The legislation needs to target people that send spam, and people that cause it to be sent. It needs be broad enough to catch spammers who use off-shore agents to do their dirty work, and companies who get spammers to do their advertising.
The technology needs to be there because no legislation will stop all of the spam. Even if the legislation was universal across all jurisdictions (not plausible), and strictly enforced everywhere (not plausible), there will still be some people who think they can get away with spamming, or who don't think or care about the consequences.
The legislation needs to be part of the solution because technical solutions have an inherent risk of collateral damage; e.g. email being incorrectly labelled as spam. This is not acceptable for some email users. Furthermore, spammers will continue to be a step ahead of anti-spam technology for the forseeable future. IMO, the only hope is a "intelligent" email agent that does a better job than a good (human) personal assistant.
and vice-versa if you take the Bible as
Politicians don't have enough time to read all email (or letters) from constituents. They have staff whose job it is to do this. These staff act as filters.
Politicians (and their staffers) are also human beings. Why shouldn't they be allowed to defend themselves against spam, viruses, orchestrated email harassment campaigns and mindless foul-mouthed diatribes from random idiots?
We elect politicians to do a job of representing their electors, NOT to be targets for abuse. Let them filter as they choose. If they decide it is ignore particular kinds of communication directed to/at them, we can always vote them out.
After about 2 weeks of what the average person goes through, we'd see stronger anti-spam legislation/penalties.
Nice idea, but it won't work. The politicians would simply stop reading email
given that the "average person" uses some kind
filtering, why shouldn't the politician do so too?
This kind of trick needs to be done in the receiving mail server. But then you've got the problem of convincing enough of the world to upgrade their mailservers. And ultimately the spammers will combat this by increasing the number of mail senders .... and you are back to square one.
On the other hand, they lasted a lot longer than mainframes will.
I dunno ... the idea of those little needles is enough to make me wince.
If legislation on this topic goes through Federal parliament (and that is the most likely route,) then at least the Democrats and Greens will give it a critical look in the senate.
It is not within Federal or State government's power to do this kind of thing by decree or regulation without prior enabling legislation passed by Federal or State parliaments. I've never heard of such legislation. If it had been passed, you can bet that NSW would not have referred this issue to Ellison in the first place!
They have stuff, both hi- and lo-tech, that does some seriously cool shit, that would blow your socks off...literally and figuratively. Literally, I'm safe because I don't wear socks. Phew!
If the Panamanian government gets serious about this, they could put a stop to VoIP by making it illegal to use VoIP in Panama. Many countries have done this kind of thing in the past. In the UK 20 or so years ago, it was not possible to set up a public internet because of government rules.
Hmm ... 5 letters, easy to remember ... hmmmm ...
:-)
Got it! "sadam".
Greg Egan (an Autralian Sci Fi author) has written a really interesting novel ("Permutation City", I think) which starts out in a near future where distribued compute cycles are traded. [The main topic is artificial life and virtual worlds. I ts a good read.]
Anyway, the trading model Egan describes is based on barter of CPU cycles. When you let someone else use your compute cycles, you get credit points which you can exchange for other peoples' compute cycles. Trading of cycles for credit points is by automatic auction; e.g. the exchange rate depends on the demand for cycles.
Now, this model wouldn't work for the general public, because most people today have no need for lots of compute cycles. But todays' business / scientific commmunity may be a different matter.
I think you are confusing ideology and rhetoric.
A CA that did this would have a hard time passing the blame to a Credit Card company. I'm pretty sure that the Credit Card company's liability starts and ends with guaranteeing that financial transactions are completed as per contract(s).
Frankly, I can't see any point in anyone using a cert from non-trustworthy CA. You are better off using a self-signed cert on your web-site.
The big deal is that without a cert issued by a reliable Certification Authority (CA), you don't know who the signer is, let alone whether he/she/it has a reputation for maliciousness.
Setting up as a CA in general and a root CA in particular is not simple. There are all sorts of security and auditting requirements that have to be satisfied even before the CA can start issuing certs. And for each Cert, the CA needs to check the identity / bona fides of the cert principal and the agent the CA is issuing the cert to. If the CA doesn't do all of the above, the certs are worthless.
Another problem (previously noted) is getting any new CA's root cert installed in the initial keystores of popular web browsers, JVMs and so on.