It never ceases to amaze me that web designers will take a page that contains utilitarian information
(like sports scores) that needs to presented in legible, dense, organized fashion and insist on bloating
it with useless junk until it's unusable crap that takes forever to load, eats resources, doesn't work
in a lot of browsers, and inflicts their idea of "style", no matter how hideous, on users.
This is one of those cases. Yahoo Sports has apparently failed to notice that the ideal design
model for a sports page can be found in any decent newspaper: scores up front,
box scores inside, stories to follow. Simple. Easy. Fast-loading. Quick to code.
Works in any browser including the text-only ones. Easy to generate from
scripts. Easy to parse. Fast to update. Dirt-simple and thus hard to break.
In other words, the antithesis of this crap, which looks like something an art-school sophomore
just in from an all-night binge would cook up....and is, unfortunately increasingly typical of sites
that aren't content to just use designs that work, but feel the need to change things...because change.
You know, we had a "free" Internet long before the advertising filth showed up and began polluting it. They
are expendable, although they would certainly like you to believe that they're not. "Oh noooes the
free sites could go away with advertising!!"
Yes, they could. So what?
Newcomers (anyone who didn't have an address ending in.ARPA is new) are directed to study the history
of the 'net. Those of adequate perception will quickly realize that it was flourishing WITHOUT the hordes
of imbeciles, WITHOUT the masses of illiterates, WITHOUT the tracking and ads and spam. Our mistake
was not crushing these out of existence with ruthless ferocity as soon as they appeared: every ignorant
newbie should have been flamed to oblivion, every spammer's business destroyed. We were far too nice
and far too tolerant, and thus...look at what we have now. But it didn't have to turn out that way. And it
still doesn't. The situation is fixable.
Ads don't reach because I have those sites firewalled or null-routed. I don't care to look at them or have
my extremely valuable time and resources wasted by them. Nor do I wish to be exposed to the malware
and other attacks carried by an increasing number of them. I recommend this same approach to others:
block them at your network perimeter: ALL of them. Yes, this will have consequences -- good consequences.
It passes the "what if everyone did it? test because if that happened it would starve the ad networks of
revenue and deprive of the resources they require to engage in ever-more-intrusive tracking and data
collection on Internet users. Everyone won't do that, of course: but those who do will reap at least
some of the benefits. Perhaps that will be enough. I certainly hope so.
Let's put aside for a moment that Twitter is one of the very stupidest things to come along in
quite some time: a service for illiterate chimpanzees with attention-deficit disorder, as nobody
of worth or value would bother reading or writing 140 characters at a time. Let's just pretend,
for the sake of argument, that it's a useful service worth defending.
First, putting money into the pockets of its adversaries is idiotic.
Second, pretending that content/context filtering based on examination of their CURRENT
methods will work TOMORROW is equally idiotic. (This is a recurring mistake among
many wanna-be anti-spammers: they blithely presume that spammers will sit on their
hands while countermeasures are developed and deployed, even though the multi-decade
history of spammers demonstrates conclusively that they will not.)
Third, pretending that countermeasures which may be temporarily successful against
a subset of spammers will enjoy long-term success against a significantly larger set
of spammers is wishful thinking. (This is another recurring mistake among the wanna-be's:
they don't realize that they've targeted the least-competent spammers. They're too busy
patting themselves on the back to realize that all they've really accomplished is to
clear the playing field for the professionals.)
Fourth, these researchers have failed -- completely -- to account for the presence
of spammer allies inside Twitter. It is of course short-sighted, naive and
very stupid to neglect this, since it's obvious on inspection that a nonzero number
of Twitter staff are complicit in spamming activities. (And why not? The chances they'll
be caught are tiny. The extra income is tax-free. And they can take multiple payoffs
from multiple people for doing the same thing. Unless one wishes to make the patently
absurd argument that 100.000% of Twitter employees are incorruptible, which of course
is laughable and instantly disqualifies the speaker from serious conversation.)
The bottom line is that Twitter made a fundamental error before they even launched:
they failed to perform an adversarial analysis, to ask themselves "how can our
service be abused?" and then modify the design to deal with as many answers to
that as possible. (This is hardly unique: many others have made the exact same
mistake. Some are making it today.) Their failure to perform this analysis BEFORE
finalizing design and deployment means that they're now left trying to backfill it.
That has never worked. It's not working now. It's not going to work. So this little
endeavor represents merely some feeble half-hearted attempt to deal with a tiny
piece of an enormous problem...and event that attempt is doomed to fail as soon
as spammers find it to be an inconvenience.
Your are making the mistake of imagining that the person who discovered this flaw owes Xerox something.
He does not.
He discovered the information, and he is free to (a) remain silent (b) tell Xerox (c) tell the press (d) tell everyone
(e-z) anything else he likes. He might CHOOSE (b) but he is certainly under no obligation to do so, and it is of
course incorrect for anyone to fault him if he does not choose (b).
We see this same mistake being made by the inferior minds who advocate the farsical concept
of "responsible disclosure" when it comes to security issues. There is no such thing. There never
has been. It's simply a fabrication by the mouthpieces of corporations who fret about bad publicity
or negative impact on their stock price. Those who say they practice it are conceited and arrogant:
they are making the foolish mistake of presuming that they, and they alone, possess this information,
even though that's almost certainly not true. (What one can discover, another can discover.)
In all these cases, what we find are people who are afraid of the truth. They are afraid to speak it,
afraid to hear it, afraid to have it propagated, afraid that others may have it: afraid, afraid, afraid.
This is antithetical to the scientific method, to free speech, to forward progress: we must have
the truth, no matter how inconvenient or unpleasant, if we're going to get anywhere.
I'm sure that some of the people at Xerox are furious about this. That's just too damn bad.
If they want to find the root cause of their anger, they should look in a mirror, as it is their
incompetence, sloppiness, laziness and negligence that has made all this happen.
Cloud providers always had (at least) one glaring security problem: their own employees.
Those people always have some kind of access to customer instances -- logical,
physical, network, something. Yes, those accesses can be restricted, logged,
audited and so on...but anyone who has observed US business practices knows
that costly measures like that are the first to be jettisoned when the race to the
bottom begins. Managers will make the calculation that it's cheaper to risk an
incident than to continuously pay the costs to avoid one, and they'll rely on lawyers
to make it go away if/when it happens.
Now there's quite clearly a second threat: demands from federal agencies that are
intrusive, exhaustive, secret, all-encompassing, (nearly) unchallengeable.
And that brings with it a third threat: this past week's disclosures have shown that
numerous federal (and state) (and local) agencies are aware that the NSA and the
DEA and others are clandestinely gathering data...and they alllllll want a piece of it.
Eventually they're going to get it. (How do I know? Because it's never turned out
any other way.) And some of them have absolutely horrible security track records
of their own, which means they're going to leak it, lose it, and surrender it to the
first bored hacker who comes along.
If you can't compute securely, you can't compute PERIOD. And we now find
ourselves with multiple existence proofs showing that cloud computing is most
certainly not secure. I really don't think it's much of a leap to suggest that it's
going to get more insecure every day.
I think it would be wise to consider that perhaps the reason you had no warning was that Lavabit's
operators also had no warning. (That is, no warning of the specific event which caused them to make
the decision to shut down. Obviously they knew something was afoot, as we can see by the posted
message from them.)
The operators of Lavabit have gone waaaaaay out on a limb for you today. They're risking ten years
of work, their livelihood, their finances, and their freedom. I think -- even though this obviously
inconveniences you and others -- you might want to give them a little slack. I think it's obvious
on inspection that they're doing this on principle, and THAT is worthy of respect -- doubly so when many of
their peers have chosen otherwise, as is now becoming more clear every day.
This is as beautiful an example of idiotic, worthless, counterproductive security theater as we've seen.
For starters, the implementation is something I'd expect from a drunk college sophomore who's
been pulling C grades in CS courses. It's miserable. The most significant effects it's had have
been to alarm, confuse, annoy and distract people -- some of whom were driving. Great idea,
that last one: cause their cell phone to make a noise they've heard before so that it increases
the probability they'll pick it up and look at it.
Second, the lack of detail is outrageously stupid. A recipient of this message who just happened
to see such a vehicle might approach it because there's nothing in it warning them not to.
Third, sending it 24 hours later is idiotic. Any competent murdered would be in a different vehicle
by then. (Once again, police assume that everyone is as stupid as they are. Most people
aren't.)
Fourth, sending it multiple times ensures that many people will disable it. Way to go, alleged
public safety officials.
Finally, the entire concept behind this is insane. Untrained civilians are poor observers (as anyone
who's studied trial witness dynamics for even an hour knows). How many blue cars got reported
because they might be Nissan Versas? (I have no idea what one of those looks like; hell, I didn't
even know there was such a model.) How much manpower got diverted to deal with all those
false reports instead of being used to pursue leads based on hard evidence?
This is just another case of lazy, sloppy, incompetent police work -- like we saw in Boston
when they closed down the entire city and rolled armored vehicles through the streets to
catch one frightened teenager and STILL couldn't manage to pull it off. It seems that the
pigs in California only know how to drink coffee and shoot helpless unarmed civilians in
the back -- something challenging, like tracking down a murderer, is far beyond their
pitifully feeble minds.
Certainly nobody who's serious about security should use ANY closed-source OS;
and Windows, having spent its entire lifetime proving repeatedly that it's incredibly
brittle and incapable of withstanding even rudimentary attacks without numerous add-ons,
should be the first to go.
But, that said: nothing that's happened this week has altered the situation. That is,
this was all true last month and last year and last decade. NOBODY should have been
using Windows then; nobody should be using it now.
Of course that's not how it's played out. Too many peoople are too unwilling to learn,
to change, to grow, to use something different. They're not even willing to make trivial
changes like (say) IE to Firefox. They want they want, and even if using their Windows
system set them on fire once a month, they'd still want it.
There's no hope for those people. We need to stop trying. They're a lost cause. They
will inevitably be hacked and phished, spammed and compromised. There's nothing
we can do about it except stay clear of the damage. Our efforts need to be focused on
the superior people with open minds, the people who can actually (gasp!) LEARN and
THINK, the people who will adapt to change -- and not just today's changes, which
might be "switch to Linux" but tomorrow's changes, which will be...well, we don't
know what they'll be yet since it hasn't arrived.
The sad part of all this is that the movie's not new. It's the same-old same-old. It
always ends the same way, yet the stubborn keep doggedly replaying it hoping for
some other outcome.
No, not a troll, just very aggravated that this conversation is apparently necessary.
The lack of cognitive and research skiils among defenders of captchas is appalling;
how can ANYONE be so amazingly ignorant as to not recognize that the only captchas
that haven't been thoroughly defeated are those that aren't worth defeating -- because
what they "defend" is so pitiful that not even spammers care about it?
As to your incorrect speculation on my background: I go back to ARPAnet days,
kid. So I've earned the right to be a little snotty from time to time when faced
with the kind of monumental ignorance on display in this discussion.
But you know what? If you want to blindly persist with your pathetic captchas
and your laughable belief that they have any value at all: go right ahead. Just keep
holding up tissue paper in front of a tank and hoping it'll work. I'm sure that'll
work out just great for you.
There's a missing comment upthread which included half a dozen or so links
(including one back to Slashdot) about projects that have quite, quite effectively
demonstrated that captchas are worthless.
Of course anyone of even modest intelligence would be capable of doing their
own homework and searching the web for things like "captchas defeated", then
reading what they find. It's old news (years-old, in fact) by now, so there's plenty
to read about. But then again, nobody of modest intelligence would even consider
using captchas: that's the province of the lazy, the stupid, the ignorant, the worthless.
Vastly superior methods for stopping spam have existed since well before captchas were invented.
They still exist today. I've written about them at great length (elsewhere), as have others.
The problem is not that these methods don't exist, or aren't effective, or aren't well-understood;
the problem is that people refuse to invest the effort to learn them. Captchas are a cheap, easy way
out for those same people, and they take it because they're too lazy to bother actually (gasp!) LEARNING.
But you know what? Let's forget that I have more experience in this area than you could possibly
guess. Don't take my word for it. Don't read the references I provided. Instead,
why don't you consult the people who make it their business to defeat captchas: the spammers,
the phishers, the malware distributors, the bad guys. Go read their mailing lists, their web sites,
their message boards. I don't mean just one or two postings: I mean several thousand over
several years, so that you can actually begin to get a sense of where they're at. You will find,
if you actually do this modest bit of informal research, that they're way past all this. Captchas
are merely a dot in their rear-view mirror, fading away into the distance.
Nobody who actually understands the nature of the threat would even CONSIDER using
captchas at this point.
Now...every now and then some poor naive fool stands up and says "But but but...they're
working for us." No. They are not. You are simply not worthy of attack...yet. If you ever become
a target, because someone has a grudge against you, or because you have an important resource,
or merely because someone is bored, then if they are are at least minimally competent attackers, they will go right through your alleged "captcha"
defenses without the slightest problem.
...I'm done. It's a pity, really; for all their misteps, Sun did some interesting,
useful, innovative things. And during those parts of my career when I was working
in education, they were generous with hardware, software, and time -- even when it
wasn't clear that it would have a short-term benefit for Sun. They knew that down
the road, we'd remember, and we'd spec their gear in proposals -- and we did.
But now? I've spent the last year excising Oracle products. I've decomissioned
and sold off hardware, I've deinstalled software, I've cancelled support contract
after support contract, I've done everything possible to remove all traces of Oracle
from the operation. One might think that Oracle would care that a 30-year customer
is leaving...but they don't. One might think Oracle would care that a multi-million
dollar account is leaving...but they don't. One might think Oracle would care that they are
poisoning the well (since I'm teaching everyone who works for me to avoid them,
and why)...but they don't.
Oracle is well on its way to destroying, in a few short years, the work of decades.
The last time I was in her office (which was many years ago) I noticed
the sign on her desk:
Don't postpone joy.
She didn't. From the gusto with which she threw herself into her work to the
whimsy that led her to recycle a jet fighter's cockpit canopy as a window in her
improvised mountain home, she never hesitated to find a smile or a laugh.
So if we've lost her -- and I hope we haven't -- then we've not only
lost someone who's been the mentor to an entire generation of system admins,
we've lost a unique, wonderful, fascinating person.
p.s. I'm well aware that there are co-authors of those books. I'm equally
well aware that Evi did the heavy lifting.
You're correct that it should have been a criminal case, but I must take issue
with your choice of punishmnent. Clearly, mere prison is inadequate; I recommend
execution -- because it's the only way to guarantee they'll never do this again.
Otherwise, while they're busy appealling this slap-on-the-wrist fine, they'll be
setting up their next company, laundering the assets of their current one,
and getting ready to shift operations so that they can pick up where they've left off.
Either your reading comprehension or reasoning skills are poor -- or both. If you
read her story carefully, you should be able to count 9 distinct pieces of evidence
that are mentioned, most of which have already been confirmed by independent
third parties. You should also be able to intuit the existence of additional pieces of
as-yet-uncollected evidence -- most of which, unfortunately, are probably
never going to be collected due to the incompetence and laziness of the
responding police department. AND, once you're done doing all that, you should
be able to apply Occam's Razor to this story and rather quickly conclude that there
is absolutely no reason whatsoever for her to falsify any portion of it BECAUSE
SHE HAS NOTHING TO GAIN FROM IT AND EVERYTHING TO LOSE.
By contrast, there is no evidence which exculpates the attacker. And, once again
applying Occam's Razor, the attacker has every reason in the world to lie and no
reason whatsoever to tell the truth.
This is NOT "her word against his". It's "her word and a substantial pile
of evidence" against "his word and no evidence".
Anyone who thinks for even a moment that this will make guns MORE safe has clearly not
considered the threat model and thought through the consequences.
This is going to end very badly. It's only a matter of time.
Gateways are NOT a "compromise": they are total failure. That say to the world "we care about the
appearance of security/privacy/integrity; we just can't trouble ourselves to actually, really, truly, provide those things."
Speaking as someone who's taught Gladys from accounting how to use mutt and GPG -- several thousand Gladys, actually -- it CAN be done. It requires effort, it requires time, it requires budget: but it can be done. Consider it an investment: is it better to spend these resources on Gladys, our valued employee, or is it better to spend these resources on a vendor?
You cannot outsource security and expect to succeed. (Consider, for example, Vendor X. Do you think that every single employee of Vendor X is absolutely trustworthy? Really? You don't think that ANY of them are struggling financially, or maybe having an affair, or perhaps amenable to a payoff in crisp folding tax-free income? Because if there exists a non-empty set of Vendor X employees who are less than absolutely trustworthy, you are completely screwed: eventually someone will figure out which one(s) and which lever(s) to pull to subvert them. And note that this is even before we consider that Vendor X will, if sufficiently successful, inevitably be targeted by attackers, since of course hacking Vendor X comes with a very high payoff. And note that this is also before we even consider what governments armed with extrajudicial wiretaps and NSLs and such will do. In both these latter cases, Vendor X will be highly motivated not to inform you -- and that's optimistically presuming they even know.)
You MUST do security in-house, which means you need to do it with open software and open standards that are fully subject to peer review.
The same refrain echoed over and over again by spammers and other sociopaths: "we're going to lie
to you, we're going to abuse you, we're going to compromise your security, we're going to invade your
privacy, we're going to harass you, we're going to steal from you...but hey...you can opt-out."
I am sure that when Mark Shuttleworth et.al. install the next anti-security anti-privacy mechanism
that they'll say you can opt out of that one too. And the next...and the one after that.
This is a path we've seen heavily traveled before. It always leads to the same place. And
Ubuntu has now committed itself, irrevocably, to the first step. it is clearly time to recognize,
as Stallman has, that Ubuntu == spyware.
We need more illiterate, incompetent morons on the Teh Intarwebs -- so let's make everything
sparkly and shiny and full of large friendly buttons. Let's hide the inner workings, let's seal them
up, let's replace simple and elegant command line interfaces with hideous and opaque singing
dancing graphical ones that make it impossible to see what's going on. Let's make EVERY
web page an exercise in Flash (the technology of choice for inferior primates who think that
every time they press a button the screen, a banana-flavored pellet will drop into their laps) and
let's bloat all the applications to the point of bursting. Let's cater to the stupid, the careless,
the ignorant, the mouth-breathing knuckle-dragging assholes who click on every shiny thing
they see just to find out what it does. Let's give up any pretense that one should actually
LEARN something and (gasp!) THINK about what one is doing with a computer. Let's just
join in an orgy of stupidity, led by Roberto Lim, imbecile-in-chief.
If your users can't see the whole thread, or if they're engaging in excessive quoting, the problem isn't Mailman nor is it the use of a traditional mailing list: the problem is their choice of client and their inability to use it propertly. Solid email clients combined with best practices facilitate both these tasks, as we see everyday on many mailing lists.
To put it another way: mailing lists (and Usenet) are still, far and away, the very best discussion vehicles we have. They work beauitfully, which is why all the serious work of running and developing the 'net happens on them (e.g., linux-kernel, nanog, and so on). But making this happen requires a sensible choice of client and a small investment in learning how to use it in order to communicate effectively. Otherwise we find top-posting, full-quoting imbeciles who are often the same people whining about their lack of utility, when the problem is staring them in the mirror every morning.
Web forums -- and I have used hundreds of them, including this one, since web forums have existed to use -- are vastly less useful. For example: how shall I CC myself a copy of my own comments here today so that I can reference it in the future?
Mailman is not without its faults (which is why 3.X is under development and
shows considerable promise) but 2.X is stable, scalable, portable, easy to use
from both the web-based GUI and the command line (my preference), complies
with relevant standards (such as RFCs 2142, 2369 and 2919), behaves sensibly
under duress, integrates well with multiple MTAs, and makes it easy to handle
migrations such as yours (by doing a mass invite followed by confirmed opt-in).
This is why it's largely supplanted its competitors, particularly majordomo, which
was the tool of choice for many years for a LOT of mailing lists. I suspect that
it will further eat into the mindshare of similar packages once 3.X is out.
Yahoogroups is a poor choice: it's notoriously unstable, completely insecure,
and relies on Yahoo's horribly-maintained email infrastructure, which has been
completely overrun by abusers for a decade. Googlegroups is marginally better,
although it is also a massive source of spam (best practice on Usenet is to
drop all Google-originated articles), it does not comply with standards, and
attempts to contact a competent, responsive postmaster yield nothing.
Your best course of action is likely to lease the cheapest (reputable) host that
you can find and install Mailman on it. This not only keeps control firmly in
yours hands (thus insulating you from the vagaries of third parties) but it also
keeps your options open for the future.
Slashdot Mirror
It never ceases to amaze me that web designers will take a page that contains utilitarian information (like sports scores) that needs to presented in legible, dense, organized fashion and insist on bloating it with useless junk until it's unusable crap that takes forever to load, eats resources, doesn't work in a lot of browsers, and inflicts their idea of "style", no matter how hideous, on users.
This is one of those cases. Yahoo Sports has apparently failed to notice that the ideal design model for a sports page can be found in any decent newspaper: scores up front, box scores inside, stories to follow. Simple. Easy. Fast-loading. Quick to code. Works in any browser including the text-only ones. Easy to generate from scripts. Easy to parse. Fast to update. Dirt-simple and thus hard to break.
In other words, the antithesis of this crap, which looks like something an art-school sophomore just in from an all-night binge would cook up....and is, unfortunately increasingly typical of sites that aren't content to just use designs that work, but feel the need to change things...because change.
You know, we had a "free" Internet long before the advertising filth showed up and began polluting it. They are expendable, although they would certainly like you to believe that they're not. "Oh noooes the free sites could go away with advertising!!"
.ARPA is new) are directed to study the history
of the 'net. Those of adequate perception will quickly realize that it was flourishing WITHOUT the hordes
of imbeciles, WITHOUT the masses of illiterates, WITHOUT the tracking and ads and spam. Our mistake
was not crushing these out of existence with ruthless ferocity as soon as they appeared: every ignorant
newbie should have been flamed to oblivion, every spammer's business destroyed. We were far too nice
and far too tolerant, and thus...look at what we have now. But it didn't have to turn out that way. And it
still doesn't. The situation is fixable.
Yes, they could. So what?
Newcomers (anyone who didn't have an address ending in
Ads don't reach because I have those sites firewalled or null-routed. I don't care to look at them or have my extremely valuable time and resources wasted by them. Nor do I wish to be exposed to the malware and other attacks carried by an increasing number of them. I recommend this same approach to others: block them at your network perimeter: ALL of them. Yes, this will have consequences -- good consequences. It passes the "what if everyone did it? test because if that happened it would starve the ad networks of revenue and deprive of the resources they require to engage in ever-more-intrusive tracking and data collection on Internet users. Everyone won't do that, of course: but those who do will reap at least some of the benefits. Perhaps that will be enough. I certainly hope so.
Let's put aside for a moment that Twitter is one of the very stupidest things to come along in quite some time: a service for illiterate chimpanzees with attention-deficit disorder, as nobody of worth or value would bother reading or writing 140 characters at a time. Let's just pretend, for the sake of argument, that it's a useful service worth defending.
First, putting money into the pockets of its adversaries is idiotic.
Second, pretending that content/context filtering based on examination of their CURRENT methods will work TOMORROW is equally idiotic. (This is a recurring mistake among many wanna-be anti-spammers: they blithely presume that spammers will sit on their hands while countermeasures are developed and deployed, even though the multi-decade history of spammers demonstrates conclusively that they will not.)
Third, pretending that countermeasures which may be temporarily successful against a subset of spammers will enjoy long-term success against a significantly larger set of spammers is wishful thinking. (This is another recurring mistake among the wanna-be's: they don't realize that they've targeted the least-competent spammers. They're too busy patting themselves on the back to realize that all they've really accomplished is to clear the playing field for the professionals.)
Fourth, these researchers have failed -- completely -- to account for the presence of spammer allies inside Twitter. It is of course short-sighted, naive and very stupid to neglect this, since it's obvious on inspection that a nonzero number of Twitter staff are complicit in spamming activities. (And why not? The chances they'll be caught are tiny. The extra income is tax-free. And they can take multiple payoffs from multiple people for doing the same thing. Unless one wishes to make the patently absurd argument that 100.000% of Twitter employees are incorruptible, which of course is laughable and instantly disqualifies the speaker from serious conversation.)
The bottom line is that Twitter made a fundamental error before they even launched: they failed to perform an adversarial analysis, to ask themselves "how can our service be abused?" and then modify the design to deal with as many answers to that as possible. (This is hardly unique: many others have made the exact same mistake. Some are making it today.) Their failure to perform this analysis BEFORE finalizing design and deployment means that they're now left trying to backfill it. That has never worked. It's not working now. It's not going to work. So this little endeavor represents merely some feeble half-hearted attempt to deal with a tiny piece of an enormous problem...and event that attempt is doomed to fail as soon as spammers find it to be an inconvenience.
Your are making the mistake of imagining that the person who discovered this flaw owes Xerox something.
He does not.
He discovered the information, and he is free to (a) remain silent (b) tell Xerox (c) tell the press (d) tell everyone (e-z) anything else he likes. He might CHOOSE (b) but he is certainly under no obligation to do so, and it is of course incorrect for anyone to fault him if he does not choose (b).
We see this same mistake being made by the inferior minds who advocate the farsical concept of "responsible disclosure" when it comes to security issues. There is no such thing. There never has been. It's simply a fabrication by the mouthpieces of corporations who fret about bad publicity or negative impact on their stock price. Those who say they practice it are conceited and arrogant: they are making the foolish mistake of presuming that they, and they alone, possess this information, even though that's almost certainly not true. (What one can discover, another can discover.)
In all these cases, what we find are people who are afraid of the truth. They are afraid to speak it, afraid to hear it, afraid to have it propagated, afraid that others may have it: afraid, afraid, afraid. This is antithetical to the scientific method, to free speech, to forward progress: we must have the truth, no matter how inconvenient or unpleasant, if we're going to get anywhere.
I'm sure that some of the people at Xerox are furious about this. That's just too damn bad. If they want to find the root cause of their anger, they should look in a mirror, as it is their incompetence, sloppiness, laziness and negligence that has made all this happen.
Cloud providers always had (at least) one glaring security problem: their own employees. Those people always have some kind of access to customer instances -- logical, physical, network, something. Yes, those accesses can be restricted, logged, audited and so on...but anyone who has observed US business practices knows that costly measures like that are the first to be jettisoned when the race to the bottom begins. Managers will make the calculation that it's cheaper to risk an incident than to continuously pay the costs to avoid one, and they'll rely on lawyers to make it go away if/when it happens.
Now there's quite clearly a second threat: demands from federal agencies that are intrusive, exhaustive, secret, all-encompassing, (nearly) unchallengeable.
And that brings with it a third threat: this past week's disclosures have shown that numerous federal (and state) (and local) agencies are aware that the NSA and the DEA and others are clandestinely gathering data...and they alllllll want a piece of it. Eventually they're going to get it. (How do I know? Because it's never turned out any other way.) And some of them have absolutely horrible security track records of their own, which means they're going to leak it, lose it, and surrender it to the first bored hacker who comes along.
If you can't compute securely, you can't compute PERIOD. And we now find ourselves with multiple existence proofs showing that cloud computing is most certainly not secure. I really don't think it's much of a leap to suggest that it's going to get more insecure every day.
I think it would be wise to consider that perhaps the reason you had no warning was that Lavabit's operators also had no warning. (That is, no warning of the specific event which caused them to make the decision to shut down. Obviously they knew something was afoot, as we can see by the posted message from them.)
The operators of Lavabit have gone waaaaaay out on a limb for you today. They're risking ten years of work, their livelihood, their finances, and their freedom. I think -- even though this obviously inconveniences you and others -- you might want to give them a little slack. I think it's obvious on inspection that they're doing this on principle, and THAT is worthy of respect -- doubly so when many of their peers have chosen otherwise, as is now becoming more clear every day.
This is as beautiful an example of idiotic, worthless, counterproductive security theater as we've seen.
For starters, the implementation is something I'd expect from a drunk college sophomore who's been pulling C grades in CS courses. It's miserable. The most significant effects it's had have been to alarm, confuse, annoy and distract people -- some of whom were driving. Great idea, that last one: cause their cell phone to make a noise they've heard before so that it increases the probability they'll pick it up and look at it.
Second, the lack of detail is outrageously stupid. A recipient of this message who just happened to see such a vehicle might approach it because there's nothing in it warning them not to.
Third, sending it 24 hours later is idiotic. Any competent murdered would be in a different vehicle by then. (Once again, police assume that everyone is as stupid as they are. Most people aren't.)
Fourth, sending it multiple times ensures that many people will disable it. Way to go, alleged public safety officials.
Finally, the entire concept behind this is insane. Untrained civilians are poor observers (as anyone who's studied trial witness dynamics for even an hour knows). How many blue cars got reported because they might be Nissan Versas? (I have no idea what one of those looks like; hell, I didn't even know there was such a model.) How much manpower got diverted to deal with all those false reports instead of being used to pursue leads based on hard evidence?
This is just another case of lazy, sloppy, incompetent police work -- like we saw in Boston when they closed down the entire city and rolled armored vehicles through the streets to catch one frightened teenager and STILL couldn't manage to pull it off. It seems that the pigs in California only know how to drink coffee and shoot helpless unarmed civilians in the back -- something challenging, like tracking down a murderer, is far beyond their pitifully feeble minds.
Certainly nobody who's serious about security should use ANY closed-source OS; and Windows, having spent its entire lifetime proving repeatedly that it's incredibly brittle and incapable of withstanding even rudimentary attacks without numerous add-ons, should be the first to go.
But, that said: nothing that's happened this week has altered the situation. That is, this was all true last month and last year and last decade. NOBODY should have been using Windows then; nobody should be using it now.
Of course that's not how it's played out. Too many peoople are too unwilling to learn, to change, to grow, to use something different. They're not even willing to make trivial changes like (say) IE to Firefox. They want they want, and even if using their Windows system set them on fire once a month, they'd still want it.
There's no hope for those people. We need to stop trying. They're a lost cause. They will inevitably be hacked and phished, spammed and compromised. There's nothing we can do about it except stay clear of the damage. Our efforts need to be focused on the superior people with open minds, the people who can actually (gasp!) LEARN and THINK, the people who will adapt to change -- and not just today's changes, which might be "switch to Linux" but tomorrow's changes, which will be...well, we don't know what they'll be yet since it hasn't arrived.
The sad part of all this is that the movie's not new. It's the same-old same-old. It always ends the same way, yet the stubborn keep doggedly replaying it hoping for some other outcome.
No, not a troll, just very aggravated that this conversation is apparently necessary. The lack of cognitive and research skiils among defenders of captchas is appalling; how can ANYONE be so amazingly ignorant as to not recognize that the only captchas that haven't been thoroughly defeated are those that aren't worth defeating -- because what they "defend" is so pitiful that not even spammers care about it?
As to your incorrect speculation on my background: I go back to ARPAnet days, kid. So I've earned the right to be a little snotty from time to time when faced with the kind of monumental ignorance on display in this discussion.
But you know what? If you want to blindly persist with your pathetic captchas and your laughable belief that they have any value at all: go right ahead. Just keep holding up tissue paper in front of a tank and hoping it'll work. I'm sure that'll work out just great for you.
There's a missing comment upthread which included half a dozen or so links (including one back to Slashdot) about projects that have quite, quite effectively demonstrated that captchas are worthless.
Of course anyone of even modest intelligence would be capable of doing their own homework and searching the web for things like "captchas defeated", then reading what they find. It's old news (years-old, in fact) by now, so there's plenty to read about. But then again, nobody of modest intelligence would even consider using captchas: that's the province of the lazy, the stupid, the ignorant, the worthless.
Here, I'll get you started: https://freedom-to-tinker.com/blog/felten/cheap-captcha-solving-changes-security-game/
That's one of MANY. You should be able to find some of the rest in a few moments without further assistance from me.
Vastly superior methods for stopping spam have existed since well before captchas were invented. They still exist today. I've written about them at great length (elsewhere), as have others.
The problem is not that these methods don't exist, or aren't effective, or aren't well-understood; the problem is that people refuse to invest the effort to learn them. Captchas are a cheap, easy way out for those same people, and they take it because they're too lazy to bother actually (gasp!) LEARNING.
But you know what? Let's forget that I have more experience in this area than you could possibly guess. Don't take my word for it. Don't read the references I provided. Instead, why don't you consult the people who make it their business to defeat captchas: the spammers, the phishers, the malware distributors, the bad guys. Go read their mailing lists, their web sites, their message boards. I don't mean just one or two postings: I mean several thousand over several years, so that you can actually begin to get a sense of where they're at. You will find, if you actually do this modest bit of informal research, that they're way past all this. Captchas are merely a dot in their rear-view mirror, fading away into the distance.
They have precisely zero security value. Please see, for a brief introduction:
http://phys.org/news/2011-11-stanford-outsmart-captcha-codes.html
http://cintruder.sourceforge.net/
http://arstechnica.com/security/2012/05/google-recaptcha-brought-to-its-knees/
http://arstechnica.com/security/2008/04/gone-in-60-seconds-spambot-cracks-livehotmail-captcha/
http://www.troyhunt.com/2012/01/breaking-captcha-with-automated-humans.html
among others.
Nobody who actually understands the nature of the threat would even CONSIDER using captchas at this point.
Now...every now and then some poor naive fool stands up and says "But but but...they're working for us." No. They are not. You are simply not worthy of attack...yet. If you ever become a target, because someone has a grudge against you, or because you have an important resource, or merely because someone is bored, then if they are are at least minimally competent attackers, they will go right through your alleged "captcha" defenses without the slightest problem.
...I'm done. It's a pity, really; for all their misteps, Sun did some interesting, useful, innovative things. And during those parts of my career when I was working in education, they were generous with hardware, software, and time -- even when it wasn't clear that it would have a short-term benefit for Sun. They knew that down the road, we'd remember, and we'd spec their gear in proposals -- and we did.
But now? I've spent the last year excising Oracle products. I've decomissioned and sold off hardware, I've deinstalled software, I've cancelled support contract after support contract, I've done everything possible to remove all traces of Oracle from the operation. One might think that Oracle would care that a 30-year customer is leaving...but they don't. One might think Oracle would care that a multi-million dollar account is leaving...but they don't. One might think Oracle would care that they are poisoning the well (since I'm teaching everyone who works for me to avoid them, and why)...but they don't.
Oracle is well on its way to destroying, in a few short years, the work of decades.
They don't care.
The last time I was in her office (which was many years ago) I noticed the sign on her desk:
Don't postpone joy.
She didn't. From the gusto with which she threw herself into her work to the whimsy that led her to recycle a jet fighter's cockpit canopy as a window in her improvised mountain home, she never hesitated to find a smile or a laugh.
So if we've lost her -- and I hope we haven't -- then we've not only lost someone who's been the mentor to an entire generation of system admins, we've lost a unique, wonderful, fascinating person.
p.s. I'm well aware that there are co-authors of those books. I'm equally well aware that Evi did the heavy lifting.
You're correct that it should have been a criminal case, but I must take issue with your choice of punishmnent. Clearly, mere prison is inadequate; I recommend execution -- because it's the only way to guarantee they'll never do this again. Otherwise, while they're busy appealling this slap-on-the-wrist fine, they'll be setting up their next company, laundering the assets of their current one, and getting ready to shift operations so that they can pick up where they've left off.
Go back and read her ENTIRE blog post this time. Every word of it. Slowly.
Now read it again.
Now THINK.
Then post.
Either your reading comprehension or reasoning skills are poor -- or both. If you read her story carefully, you should be able to count 9 distinct pieces of evidence that are mentioned, most of which have already been confirmed by independent third parties. You should also be able to intuit the existence of additional pieces of as-yet-uncollected evidence -- most of which, unfortunately, are probably never going to be collected due to the incompetence and laziness of the responding police department. AND, once you're done doing all that, you should be able to apply Occam's Razor to this story and rather quickly conclude that there is absolutely no reason whatsoever for her to falsify any portion of it BECAUSE SHE HAS NOTHING TO GAIN FROM IT AND EVERYTHING TO LOSE.
By contrast, there is no evidence which exculpates the attacker. And, once again applying Occam's Razor, the attacker has every reason in the world to lie and no reason whatsoever to tell the truth.
This is NOT "her word against his". It's "her word and a substantial pile of evidence" against "his word and no evidence".
Anyone who thinks for even a moment that this will make guns MORE safe has clearly not considered the threat model and thought through the consequences.
This is going to end very badly. It's only a matter of time.
There's no way the security electronics/software could be hacked.
There's no way that an underground economy in gun hacking could arise.
There's no way the scanner, computer, electronics, or batteries could fail.
There's no way someone could create a localized EMP sufficient to fry the electronics in all the guns in the immediate vicinity.
There's no way that grafting untested devices of unknown efficacy onto lethal weapons could result in unexpected or tragic outcomes.
Gateways are NOT a "compromise": they are total failure. That say to the world "we care about the appearance of security/privacy/integrity; we just can't trouble ourselves to actually, really, truly, provide those things."
Speaking as someone who's taught Gladys from accounting how to use mutt and GPG -- several thousand Gladys, actually -- it CAN be done. It requires effort, it requires time, it requires budget: but it can be done. Consider it an investment: is it better to spend these resources on Gladys, our valued employee, or is it better to spend these resources on a vendor?
This. THIS.
You cannot outsource security and expect to succeed. (Consider, for example, Vendor X. Do you think that every single employee of Vendor X is absolutely trustworthy? Really? You don't think that ANY of them are struggling financially, or maybe having an affair, or perhaps amenable to a payoff in crisp folding tax-free income? Because if there exists a non-empty set of Vendor X employees who are less than absolutely trustworthy, you are completely screwed: eventually someone will figure out which one(s) and which lever(s) to pull to subvert them. And note that this is even before we consider that Vendor X will, if sufficiently successful, inevitably be targeted by attackers, since of course hacking Vendor X comes with a very high payoff. And note that this is also before we even consider what governments armed with extrajudicial wiretaps and NSLs and such will do. In both these latter cases, Vendor X will be highly motivated not to inform you -- and that's optimistically presuming they even know.) You MUST do security in-house, which means you need to do it with open software and open standards that are fully subject to peer review.
The same refrain echoed over and over again by spammers and other sociopaths: "we're going to lie to you, we're going to abuse you, we're going to compromise your security, we're going to invade your privacy, we're going to harass you, we're going to steal from you...but hey...you can opt-out."
I am sure that when Mark Shuttleworth et.al. install the next anti-security anti-privacy mechanism that they'll say you can opt out of that one too. And the next...and the one after that.
This is a path we've seen heavily traveled before. It always leads to the same place. And Ubuntu has now committed itself, irrevocably, to the first step. it is clearly time to recognize, as Stallman has, that Ubuntu == spyware.
We need more illiterate, incompetent morons on the Teh Intarwebs -- so let's make everything sparkly and shiny and full of large friendly buttons. Let's hide the inner workings, let's seal them up, let's replace simple and elegant command line interfaces with hideous and opaque singing dancing graphical ones that make it impossible to see what's going on. Let's make EVERY web page an exercise in Flash (the technology of choice for inferior primates who think that every time they press a button the screen, a banana-flavored pellet will drop into their laps) and let's bloat all the applications to the point of bursting. Let's cater to the stupid, the careless, the ignorant, the mouth-breathing knuckle-dragging assholes who click on every shiny thing they see just to find out what it does. Let's give up any pretense that one should actually LEARN something and (gasp!) THINK about what one is doing with a computer. Let's just join in an orgy of stupidity, led by Roberto Lim, imbecile-in-chief.
What could possibly go wrong?
If your users can't see the whole thread, or if they're engaging in excessive quoting, the problem isn't Mailman nor is it the use of a traditional mailing list: the problem is their choice of client and their inability to use it propertly. Solid email clients combined with best practices facilitate both these tasks, as we see everyday on many mailing lists.
To put it another way: mailing lists (and Usenet) are still, far and away, the very best discussion vehicles we have. They work beauitfully, which is why all the serious work of running and developing the 'net happens on them (e.g., linux-kernel, nanog, and so on). But making this happen requires a sensible choice of client and a small investment in learning how to use it in order to communicate effectively. Otherwise we find top-posting, full-quoting imbeciles who are often the same people whining about their lack of utility, when the problem is staring them in the mirror every morning.
Web forums -- and I have used hundreds of them, including this one, since web forums have existed to use -- are vastly less useful. For example: how shall I CC myself a copy of my own comments here today so that I can reference it in the future?
Mailman is not without its faults (which is why 3.X is under development and shows considerable promise) but 2.X is stable, scalable, portable, easy to use from both the web-based GUI and the command line (my preference), complies with relevant standards (such as RFCs 2142, 2369 and 2919), behaves sensibly under duress, integrates well with multiple MTAs, and makes it easy to handle migrations such as yours (by doing a mass invite followed by confirmed opt-in). This is why it's largely supplanted its competitors, particularly majordomo, which was the tool of choice for many years for a LOT of mailing lists. I suspect that it will further eat into the mindshare of similar packages once 3.X is out.
Yahoogroups is a poor choice: it's notoriously unstable, completely insecure, and relies on Yahoo's horribly-maintained email infrastructure, which has been completely overrun by abusers for a decade. Googlegroups is marginally better, although it is also a massive source of spam (best practice on Usenet is to drop all Google-originated articles), it does not comply with standards, and attempts to contact a competent, responsive postmaster yield nothing.
Your best course of action is likely to lease the cheapest (reputable) host that you can find and install Mailman on it. This not only keeps control firmly in yours hands (thus insulating you from the vagaries of third parties) but it also keeps your options open for the future.