Google Toolbar itself is not much better than outright spyware - so you may want to rethink suggesting that one; Google corp is changing for the worse, so it's only a matter of time before they "enhance" their toolbar with more "features".
"privacy verses security"... it's not quite that simple...
Say for a moment, anyone can quickly determine the identity of anyone else in their sight... how does that make one more secure? Say the person is a murderer - does that mean they will murder someone on the plane... perhaps the quiet lone guy back in 14C is who one should worry about, but because they don't have a criminal record, one is left with a false sense of security - sound familiar... yep, some of the 911 hijackers had "clean" criminal records.
More to the point, if anyone can exactly determine who anyone else is, including their occupation, etc, then that would present a big problem to folks in the witness protection program (already increasingly having problems being "outed"), undercover security, etc.
Some privacy/obscurity is a good thing (you must tend to agree being that you posted as an AC)... there are always tradeoffs... giving up all privacy for *perceived* security isn't the answer.
Most people in the U.S. it seems will accept most anything the government tells them to.
Been to an airport lately? They now do patdown searches on folks... and in a few years they plan to do full-body scans of all passengers... and yet most folks, while some bitch at first, don't really fight back - instead rationalize such actions as being worth it in the name of security.
In a nutshell, my bet is that national ID card is coming - in a sense it already has with driver licenses / state IDs that slowly being standardized across all states; database sharing.
Say someone steals (copies) your fingerprint, then what? You get a new finger? Biometrics alone is not good security; worse actually since many folks still believe biometrics to be infallible.
Another point to consider is that the on-line adult industry, which collectively often finds innovative solutions to problems, has evolved from paying affiliates (sponsors) on a per click basis to other methods, such as pay per signup (pay per action) and revenue sharing.
In a nutshell, if the adult industry, as a whole, can't make pay per click work, why does Google think they can?... so far they've been able to hide the extent/absorb the cost of excess/duplicate clicks, but Google can't forever, especially in a post-IPO environment.
While the solution may seem simple to many folks, when one examines the issue in-depth, there's nothing simple about it...
* What constitutes a "valid" click?
* What constitutes a duplicate click?
* How many clicks from a source is too many?
* How does one define a "source" of a click?
* Filter clicks based on IP, Computer, User ID, Cookie, etc?...
* How does one deal with proxies, such as folks coming in on AOL?
* What is the threshold for filtering? Allow one click per IP per day?, or per hour?, etc... or combination of IP, cookie, etc; the permutations are endless!
* Assuming a click is considered valid, is it truly valid? -getting into the issue of bots, etc.
* Are bots ok? Seems obvious they wouldn't be, but no so fast... what about folks, such as those with limited time, using an automated shopping script/website/applet to shop on-line vendors on their behalf.
* Is sending emails to friends (say double opt-in even) with pay per click (affiliate) links in them ok? -then further, is asking them to click on such links ok?; a growing underground web business is built around such an approach... for example pay folks who opt-in like 1 cent one-time for each unique link they click in such emails.
I could go on and on... Google should be looking at alternatives, if they're not already, to PPC advertising.
Pay Per Click (PPC) advertising, in my view, always seemed to be more a fad anyways.
Impression based advertising, or even better yet a hybrid of flat-rate advertising priced based on an estimated, not guaranteed, number of impressions expected during a particular period of time, such over the course of a month.
Prime example of this type of pricing scheme is seen with traditional magazine advertising. I personally have been using a similar pricing setup for years for various on-line services I operate... an example can be seen here:
Long time visitors to the Marihemp Network sites know clicking on ads is pointless *unless* they truly are interested in the product/service advertised, and advertisers know upfront what their costs are - don't have to worry about their ads ending prematurely nor unexpected ad cost overruns.
And from an operational standpoint, selling flatrate advertising, as explained above, is much easier to manage both now, as well as well into the future.
On a related item, even if a visitor is interested in a specific product/service, that doesn't mean the visitor is ready to buy right then and there... many advertisers, in particular larger ones it seems, recognize the value of impression advertising and branding.
Registrar-Lock (domain "locking") offers ZERO protection in regards to one's domain possibly being suspended / deleted due to a "Whois Problem Report" merely being filed.
Think transfer security is a problem... there's a security problem far worse:
(a post of mine reposted from ICANNWatch http://www.icannwatch.org/ - slashdot.org rejected it, but I'm used to that LOL!)
-----
Bogus "Whois Problem Reports" are increasingly going from being an annoyance to being a real security risk. Some recent incidents I've experienced due to Whois Problem Reports *merely* being filed:
* Dotster, about two weeks ago, threatened to delete a domain if I didn't respond.
* BulkRegister, just yesterday, threatened to suspend a domain if I didn't respond within 5 calendar days.
What good are Whois Problem Reports when anyone can file one and there is virtually no screening performed to ensure such reports have any validitity to them; reports filed on some of my domains claimed everything was wrong, including the expiration date - what!? Talk about pure nonsense!
As of now, if one wants to cause a registrant problems, all they need to do is file bogus reports at the Internic link below (it's so easy, it's frightening!) - heck, if someone really wanted to be deviant, they could spread a virus that sends bogus Whois Problem Reports from hijacked computers...
In addition, some registrars, such as GoDaddy, charge a fee to the registrant for *merely* reviewing a Whois Problem Report for a particular domain, regardless of whether the report is valid - see links below for more details:
There is much talk about the transfer policy changes and security, yet bogus Whois Problem Reports is a security risk many times worse.
Some ICANN policy changes are needed pronto regarding Whois Problem Reports...
1. Requiring more than just a name and email for people making complaints - they should have to provide a postal address that's verifyable and/or some other information.
2. Screening of such reports - permit registrars, if they're not already, to toss out Whois Problem Reports that they feel are invalid without involving the registrant; stop wasting their time over this nonsense.
3. A standard on how registrars handle Whois Problem Reports
* including a reasonable time for the registrant to respond, such as 30 calendar days, before any action is taken... as of now, some registrars do little while others suspend domains within only a few days - so if one goes away on holiday, they could very likely come back and find their domains suspended/deleted.
Something needs to be done before bogus Whois Problem Reports get any further out of hand...
Most all vote returns used to be processed with the night / next day after the Presidential election.
Now it takes weeks? Welcome to the 19th century - though I think by the tail end of that century (late 1800s), votes were counted relatively quickly compared to how long votes in 2004 will likely take to count.
Digressing a bit here... but it seems various parts of American (U.S.) society are going backwords; how is it that many "third world" countries, some with populations rivaling that of the U.S., can conduct an election on ONE day (as opposed to the 30 days some Americans have; totally unnecessary - whatever happen to voting being a civic duty in which one dedicated part of their day to perform, but I digress) and have most, if not all, votes counted within a day or two. For example, the recent election in Afganistan (with a population of about 28 million) didn't take weeks to count despite how primative the country is - how did they do it so fast? Well, the same way many other countries do... simple ballots, and a lot of people counting (or machines for scan countable ballots) - simple, fast, and verifiable.
Voting in the U.S. has degenerated into something that even a decade or so ago was unimaginable to most folks - vote monitors from other countries watching our elections, allowing people to vote over many weeks instead of one day, numerous flawed/corrupt voting systems, and vote counting that take weeks, and possibly longer...
This is progress? And to think many older people still speak of the Dewey / Truman election and how long it took to get results... yep, a whole whopping night... and they thought that was slow. In 2004, it will likely take much, much longer to determine who the President is than it did in 1948 or maybe even longer than in 1888!
Speaking of confusion... why is does the Dept of Homeland Security include numerous functions that have little to nothing to do with homeland security? That's really the crux of the issue.
DHS should be an organization designed to focus on real terror threats, and leave the rest to other separate agencies - yes, communication can be a problem between agencies, but misallocation of resources by an oversized organization is likekly to be an even greater problem...
DHS likely will be split up eventually... as big corporate mergers have illustrated well, once an organization becomes too large, they nearly always end up going out of business (being acquired, sold off, etc) or spinning off pieces and become more focused, but I digress.
Really getting my monies worth from TM registrations, such as for CANNABIS.COM, Marihemp, and HempNation - and is so reassuring [sarcasm] to know the Dept of Homeland security, in light of heighten alert and numerous terror threats, is proactively working 24x7 to protect trademarks and patents; author of the article confused the two.
Poor editing, or should I say the apparent total lack of, is among the reasons Slashdot will always remain relegated to a novelty site of sorts; among the reasons I won't buy a membership here.
I don't understand why the Slashdot staff doesn't at least briefly research considered submissions to ensure they're are not dups and, more importantly, are accurate; spell checking submissions before posting them would be helpful too.
End of my rant... now relaxing knowing the pole reversal is likely not going to happen anytime soon.
For Google to index files, their software must both store the names of all the files AND READ THE FILE CONTENTS of all of them too... would you trust Google, or more aptly, the U.S. government, advertisers, spammers, etc to read all the files on your computer?
From the article, it appears Google plans to sell data gleamed from their file search tool to advertisers, etc.
Google File searching (GFile?) has privacy problems going way beyond the privacy concerns of GMail... it's all truly akin to spyware quite really.
1 GB sounds like a lot...and I guess for semi-temporary storage will be fine...but Google's spokeperson says:
"The idea is that your mail can stay in there forever," said Wayne Rosing, vice president of engineering at Google. "You can always index it, always search it, and always find things from the past."
Forever? Perhaps if there was no spam...with the level of spam and other nonsense out there, no way...try about a year tops for many folks.
And most folks I know with email delete all of it from time to time anyways; lose it all when they do their seasonal reformat of Windows.
Do most people really want to keep their email for a year or two, let alone forever...I doubt it.
Lastly, while gmail may be a April Fool's joke, the economics behind it aren't really that crazy when one considers the low cost of HDs these days - for example Hotmail has been around for what 5 years or more...look at how little it cost them to provide each 1 MB of storage now verses way back then.
You really think that 128 bit SSL can't be cracked in real-time...nonsense?...maybe not?...given various mathematical shorcuts combined with large amounts of memory, SSL may not be as secure as most folks are led to believe.
But even if 128 bit SSL is as secure as folks believe, unless one encrypts everything, they are still likely vulnerable.
For example, you may check your email from a SSL secure site, but I'd bet much of that email you receive was sent in the "clear" at some point...and how do you send encrypted email...or don't you? Unless you are encrypting most everything, eventually enough little bits and pieces will leak out in the "clear". Do you encrypt your URLs...if not, that alone will reveal a lot about you to eavesdroppers.
In short, the only real answer is for people to rise up and demand better legal protections of their rights for technical measures alone won't do it...
Ron
Perhaps that explains the "You're Fired!" spam...
on
Fired Via Instant Message
·
· Score: 5, Insightful
Sure others received similar spam awhile back titled "You're Fired". While I realize SMS is different, and more secure...I still wonder about the security...
What's to stop some spoofer/hacker/etc from sending out bogus, legit looking "You're Fired!" SMS - say from a stolen/borrowed/hacked cellphone or computer, etc of the company.
Even if it later is revealed the "You're Fired!" SMS were bogus, the damage is already done...
It's not truly a crack in my view, since one still has to buy the bottle to obtain the complete, usable code; I bet Pepsi really doesn't care since they're still moving product.
Verified By VISA Pop-Up Window Blocked Too?
on
IE To Block Pop-Ups
·
· Score: 1
From my understanding, folks who shop at Verified by VISA enabled merchants will a get pop-up window at check out in which they enter their VISA card password to complete the transaction.
Verified by VISA is flawed in my view for many reasons, and pop-up blocking isn't exactly going to help customers nor merchants - both will have problems...customers getting declined and merchants losing sales.
Acacia claims numerous patents covering the use of streaming media, such as video files and audio/MP3s, including original content, and is currently targeting the adult industry with thousands of patent infringement legal notices and lawsuits.
Note this issue has nothing to do with copyrights whatsoever...this affects all use of any streaming media by anyone.
Acacia has chosen to target the adult industry first, since they are an easy legal target, but make no mistake, Acacia is targeting everyone who uses, or even merely links, to any streaming media content, including individuals.
Acacia isn't the only company on the prowl...if Acacia is sucessful, there's a whole swarm of other entities that have zillions
of other questionable "business method" patents ready to pounce on both industry and individuals alike with their patent infringement claims and manditory licensing for widely used "open" computer formats that they didn't even develop!
Yes, but the point the thread poster was making, and myself emphasizing, is that one could purposedly create huge a huge number of email addresses and then add them all to the "Do Not Email List" in protest...
...I've thought of generating a bunch of legal addresses and putting them on a CD-ROM, to show to my congresswoman with the message 'Here are 60 million of my legal e-mail addresses. This disk is full. How many more should I make?...
Likely something they have not really given much thought to...as you point out one could generate a huge number of email addresses...could be an interesting protest tool...for example one could submit something like this...used the 1st Amendment below as an example of how could do this.
Legislating spam isn't as simple as many people think.
With that said, a law on forged headers and unuauthorized use of email relays and related resources, while complicated, would be a better approach and likely much more effective at stemming the tide of spam than a "Do Not Email List".
According to the article, there would be a "Do Not Email List" component to the law...
A "Do Not Email List" would cause a further loss of privacy...government (and its contracters, some of which are sketchy) would be able to associate email addresses with IPs and possibly other information...
If implemented, it's very likely one would be asked to not only supply the email address(es) they wish to add, but would also asked for their real name, postal address, and phone number too.
Now anyone who thinks that information will remain confidential is kidding themselves. Did you know most U.S. states sell driver license information, including DL pictures to private entities...even those states that have laws against such actions share the information too due to various loopholes in their respective state laws; information also shared with other government agencies, including the Feds (don't think for a second it's not).
Ok, got on a tangent there, but to make a point...
If the government were to compile a "Do Not Email List"...the following will *likely* occur...
* Email and associated collected information would be stored and added to other unrelated government/private databases too.
* Government and other private entities will use the list to help track/monitor people - ie. "Deadbeat Dads"... while one can debate the issue of child support, the fact of the matter is that much privacy is being lost in the process; an excuse to further erode the rights of all Americans.
* The email addresses and likely their related information will be used by politicians for sending out spam...yep, there's likely an exception for that; there is for the national do not call list.
* Various private entities, mostly offshore, will obtain the "Do Not Email List" and use it in the exact opposite way for which it was intended...that is they'll send spam to those addresses.
Opt-Out doesn't work for email; its debatable whether it works for phone numbers either, but that another topic for another day.
Bottom line is that any decent anti-spam bill should NOT have a "Do Not Email List" component, but rather instead require companies, non-profits, politicians, etc to use double-verified OPT-IN email lists for sending ubsolicited email.
Slashdot Mirror
Google Toolbar itself is not much better than outright spyware - so you may want to rethink suggesting that one; Google corp is changing for the worse, so it's only a matter of time before they "enhance" their toolbar with more "features".
Ron Bennett
"privacy verses security" ... it's not quite that simple...
... how does that make one more secure? Say the person is a murderer - does that mean they will murder someone on the plane ... perhaps the quiet lone guy back in 14C is who one should worry about, but because they don't have a criminal record, one is left with a false sense of security - sound familiar ... yep, some of the 911 hijackers had "clean" criminal records.
... there are always tradeoffs ... giving up all privacy for *perceived* security isn't the answer.
Say for a moment, anyone can quickly determine the identity of anyone else in their sight
More to the point, if anyone can exactly determine who anyone else is, including their occupation, etc, then that would present a big problem to folks in the witness protection program (already increasingly having problems being "outed"), undercover security, etc.
Some privacy/obscurity is a good thing (you must tend to agree being that you posted as an AC)
Ron Bennett
Most people in the U.S. it seems will accept most anything the government tells them to.
... and in a few years they plan to do full-body scans of all passengers ... and yet most folks, while some bitch at first, don't really fight back - instead rationalize such actions as being worth it in the name of security.
Been to an airport lately? They now do patdown searches on folks
In a nutshell, my bet is that national ID card is coming - in a sense it already has with driver licenses / state IDs that slowly being standardized across all states; database sharing.
Ron Bennett
Say someone steals (copies) your fingerprint, then what? You get a new finger? Biometrics alone is not good security; worse actually since many folks still believe biometrics to be infallible.
Ron Bennett
Another point to consider is that the on-line adult industry, which collectively often finds innovative solutions to problems, has evolved from paying affiliates (sponsors) on a per click basis to other methods, such as pay per signup (pay per action) and revenue sharing.
... so far they've been able to hide the extent/absorb the cost of excess/duplicate clicks, but Google can't forever, especially in a post-IPO environment.
...
...
... or combination of IP, cookie, etc; the permutations are endless!
... what about folks, such as those with limited time, using an automated shopping script/website/applet to shop on-line vendors on their behalf.
... for example pay folks who opt-in like 1 cent one-time for each unique link they click in such emails.
... Google should be looking at alternatives, if they're not already, to PPC advertising.
In a nutshell, if the adult industry, as a whole, can't make pay per click work, why does Google think they can?
While the solution may seem simple to many folks, when one examines the issue in-depth, there's nothing simple about it
* What constitutes a "valid" click?
* What constitutes a duplicate click?
* How many clicks from a source is too many?
* How does one define a "source" of a click?
* Filter clicks based on IP, Computer, User ID, Cookie, etc?
* How does one deal with proxies, such as folks coming in on AOL?
* What is the threshold for filtering? Allow one click per IP per day?, or per hour?, etc
* Assuming a click is considered valid, is it truly valid? -getting into the issue of bots, etc.
* Are bots ok? Seems obvious they wouldn't be, but no so fast
* Is sending emails to friends (say double opt-in even) with pay per click (affiliate) links in them ok? -then further, is asking them to click on such links ok?; a growing underground web business is built around such an approach
I could go on and on
Ron Bennett
Pay Per Click (PPC) advertising, in my view, always seemed to be more a fad anyways.
... an example can be seen here:
... many advertisers, in particular larger ones it seems, recognize the value of impression advertising and branding.
Impression based advertising, or even better yet a hybrid of flat-rate advertising priced based on an estimated, not guaranteed, number of impressions expected during a particular period of time, such over the course of a month.
Prime example of this type of pricing scheme is seen with traditional magazine advertising. I personally have been using a similar pricing setup for years for various on-line services I operate
Marihemp Network Ad Pricing Info:
http://www.marihemp.com/advertising/
Long time visitors to the Marihemp Network sites know clicking on ads is pointless *unless* they truly are interested in the product/service advertised, and advertisers know upfront what their costs are - don't have to worry about their ads ending prematurely nor unexpected ad cost overruns.
And from an operational standpoint, selling flatrate advertising, as explained above, is much easier to manage both now, as well as well into the future.
On a related item, even if a visitor is interested in a specific product/service, that doesn't mean the visitor is ready to buy right then and there
Ron Bennett
Addendum:
Registrar-Lock (domain "locking") offers ZERO protection in regards to one's domain possibly being suspended / deleted due to a "Whois Problem Report" merely being filed.
Think transfer security is a problem ... there's a security problem far worse:
h readid=328696&perpage=15&pagenumber=1
... as of now, some registrars do little while others suspend domains within only a few days - so if one goes away on holiday, they could very likely come back and find their domains suspended/deleted.
...
(a post of mine reposted from ICANNWatch http://www.icannwatch.org/ - slashdot.org rejected it, but I'm used to that LOL!)
-----
Bogus "Whois Problem Reports" are increasingly going from being an annoyance to being a real security risk. Some recent incidents I've experienced due to Whois Problem Reports *merely* being filed:
* Dotster, about two weeks ago, threatened to delete a domain if I didn't respond.
* BulkRegister, just yesterday, threatened to suspend a domain if I didn't respond within 5 calendar days.
What good are Whois Problem Reports when anyone can file one and there is virtually no screening performed to ensure such reports have any validitity to them; reports filed on some of my domains claimed everything was wrong, including the expiration date - what!? Talk about pure nonsense!
As of now, if one wants to cause a registrant problems, all they need to do is file bogus reports at the Internic link below (it's so easy, it's frightening!) - heck, if someone really wanted to be deviant, they could spread a virus that sends bogus Whois Problem Reports from hijacked computers...
http://wdprs.internic.net/
In addition, some registrars, such as GoDaddy, charge a fee to the registrant for *merely* reviewing a Whois Problem Report for a particular domain, regardless of whether the report is valid - see links below for more details:
http://www.dnforum.com/showthread.php?t=67862
http://www.webhostingtalk.com/showthread.php?s=&t
There is much talk about the transfer policy changes and security, yet bogus Whois Problem Reports is a security risk many times worse.
Some ICANN policy changes are needed pronto regarding Whois Problem Reports...
1. Requiring more than just a name and email for people making complaints - they should have to provide a postal address that's verifyable and/or some other information.
2. Screening of such reports - permit registrars, if they're not already, to toss out Whois Problem Reports that they feel are invalid without involving the registrant; stop wasting their time over this nonsense.
3. A standard on how registrars handle Whois Problem Reports
* including a reasonable time for the registrant to respond, such as 30 calendar days, before any action is taken
Something needs to be done before bogus Whois Problem Reports get any further out of hand
Ron Bennett
Most all vote returns used to be processed with the night / next day after the Presidential election.
... but it seems various parts of American (U.S.) society are going backwords; how is it that many "third world" countries, some with populations rivaling that of the U.S., can conduct an election on ONE day (as opposed to the 30 days some Americans have; totally unnecessary - whatever happen to voting being a civic duty in which one dedicated part of their day to perform, but I digress) and have most, if not all, votes counted within a day or two. For example, the recent election in Afganistan (with a population of about 28 million) didn't take weeks to count despite how primative the country is - how did they do it so fast? Well, the same way many other countries do ... simple ballots, and a lot of people counting (or machines for scan countable ballots) - simple, fast, and verifiable.
... yep, a whole whopping night ... and they thought that was slow. In 2004, it will likely take much, much longer to determine who the President is than it did in 1948 or maybe even longer than in 1888!
Now it takes weeks? Welcome to the 19th century - though I think by the tail end of that century (late 1800s), votes were counted relatively quickly compared to how long votes in 2004 will likely take to count.
Digressing a bit here
Voting in the U.S. has degenerated into something that even a decade or so ago was unimaginable to most folks - vote monitors from other countries watching our elections, allowing people to vote over many weeks instead of one day, numerous flawed/corrupt voting systems, and vote counting that take weeks, and possibly longer...
This is progress? And to think many older people still speak of the Dewey / Truman election and how long it took to get results
Ron Bennett
Speaking of confusion ... why is does the Dept of Homeland Security include numerous functions that have little to nothing to do with homeland security? That's really the crux of the issue.
...
... as big corporate mergers have illustrated well, once an organization becomes too large, they nearly always end up going out of business (being acquired, sold off, etc) or spinning off pieces and become more focused, but I digress.
DHS should be an organization designed to focus on real terror threats, and leave the rest to other separate agencies - yes, communication can be a problem between agencies, but misallocation of resources by an oversized organization is likekly to be an even greater problem
DHS likely will be split up eventually
Ron Bennett
Really getting my monies worth from TM registrations, such as for CANNABIS.COM, Marihemp, and HempNation - and is so reassuring [sarcasm] to know the Dept of Homeland security, in light of heighten alert and numerous terror threats, is proactively working 24x7 to protect trademarks and patents; author of the article confused the two.
Ron Bennett
Poor editing, or should I say the apparent total lack of, is among the reasons Slashdot will always remain relegated to a novelty site of sorts; among the reasons I won't buy a membership here.
... now relaxing knowing the pole reversal is likely not going to happen anytime soon.
I don't understand why the Slashdot staff doesn't at least briefly research considered submissions to ensure they're are not dups and, more importantly, are accurate; spell checking submissions before posting them would be helpful too.
End of my rant
For Google to index files, their software must both store the names of all the files AND READ THE FILE CONTENTS of all of them too ... would you trust Google, or more aptly, the U.S. government, advertisers, spammers, etc to read all the files on your computer?
... it's all truly akin to spyware quite really.
From the article, it appears Google plans to sell data gleamed from their file search tool to advertisers, etc.
Google File searching (GFile?) has privacy problems going way beyond the privacy concerns of GMail
Ron
I posted the above...I had cookies blocked so Slashdot dropped my login info when I posted.
While on this topic...
Three good alternatives are:
e-gold
http://www.e-gold.com/
merchant account
http://www.authorize.net/
(url above is a gateway service - works with many banks; has a listing)
Western Union
http://www.westernunion.com/
Ron Bennett
Given the newspaper's turnished reputation of late, they should refrain from publishing any story that even seems suspect.
Ron
Forever? Perhaps if there was no spam...with the level of spam and other nonsense out there, no way...try about a year tops for many folks.
And most folks I know with email delete all of it from time to time anyways; lose it all when they do their seasonal reformat of Windows.
Do most people really want to keep their email for a year or two, let alone forever...I doubt it.
Lastly, while gmail may be a April Fool's joke, the economics behind it aren't really that crazy when one considers the low cost of HDs these days - for example Hotmail has been around for what 5 years or more...look at how little it cost them to provide each 1 MB of storage now verses way back then.
Ron
You really think that 128 bit SSL can't be cracked in real-time...nonsense?...maybe not?...given various mathematical shorcuts combined with large amounts of memory, SSL may not be as secure as most folks are led to believe.
But even if 128 bit SSL is as secure as folks believe, unless one encrypts everything, they are still likely vulnerable.
For example, you may check your email from a SSL secure site, but I'd bet much of that email you receive was sent in the "clear" at some point...and how do you send encrypted email...or don't you? Unless you are encrypting most everything, eventually enough little bits and pieces will leak out in the "clear". Do you encrypt your URLs...if not, that alone will reveal a lot about you to eavesdroppers.
In short, the only real answer is for people to rise up and demand better legal protections of their rights for technical measures alone won't do it...
Ron
Sure others received similar spam awhile back titled "You're Fired". While I realize SMS is different, and more secure...I still wonder about the security...
What's to stop some spoofer/hacker/etc from sending out bogus, legit looking "You're Fired!" SMS - say from a stolen/borrowed/hacked cellphone or computer, etc of the company.
Even if it later is revealed the "You're Fired!" SMS were bogus, the damage is already done...
Ron
It's not truly a crack in my view, since one still has to buy the bottle to obtain the complete, usable code; I bet Pepsi really doesn't care since they're still moving product.
Ron
..."smart" birds avoid running Windows ;)
Ron
From my understanding, folks who shop at Verified by VISA enabled merchants will a get pop-up window at check out in which they enter their VISA card password to complete the transaction.
Verified by VISA is flawed in my view for many reasons, and pop-up blocking isn't exactly going to help customers nor merchants - both will have problems...customers getting declined and merchants losing sales.
Ron
Speaking of crazy patents...
. htm
Acacia claims numerous patents covering the use of streaming media, such as video files and audio/MP3s, including original content, and is currently targeting the adult industry with thousands of patent infringement legal notices and lawsuits.
Note this issue has nothing to do with copyrights whatsoever...this affects all use of any streaming media by anyone.
Acacia has chosen to target the adult industry first, since they are an easy legal target, but make no mistake, Acacia is targeting everyone who uses, or even merely links, to any streaming media content, including individuals.
Acacia Reaching To Affiliate Sites 10-24-2003
Patent holder unplugs porn network
Hustler, Vivid, Wicked Sign Acacia Patent Licenses
See more details regarding Acacia's crazy and legally abusive "business method" patents: http://www.acaciatechnologies.com/technology_main
Acacia isn't the only company on the prowl...if Acacia is sucessful, there's a whole swarm of other entities that have zillions of other questionable "business method" patents ready to pounce on both industry and individuals alike with their patent infringement claims and manditory licensing for widely used "open" computer formats that they didn't even develop!
Yes, but the point the thread poster was making, and myself emphasizing, is that one could purposedly create huge a huge number of email addresses and then add them all to the "Do Not Email List" in protest...
Ron
Likely something they have not really given much thought to...as you point out one could generate a huge number of email addresses...could be an interesting protest tool...for example one could submit something like this...used the 1st Amendment below as an example of how could do this.
0.Congress.shall.make.no.law@example.com
1.res
2.of.religio
3.the.free.exercise.
4.or.abridging.the.freedom@ex
5.of.speech.or.of.the.press@example.com
6.or.the.right.of.the.people@example.com
7.peac
8.to.petition.t
9.for.a.redress.of.grie
Lovely isn't -;)
Legislating spam isn't as simple as many people think.
With that said, a law on forged headers and unuauthorized use of email relays and related resources, while complicated, would be a better approach and likely much more effective at stemming the tide of spam than a "Do Not Email List".
Ron Bennett
According to the article, there would be a "Do Not Email List" component to the law...
... while one can debate the issue of child support, the fact of the matter is that much privacy is being lost in the process; an excuse to further erode the rights of all Americans.
A "Do Not Email List" would cause a further loss of privacy...government (and its contracters, some of which are sketchy) would be able to associate email addresses with IPs and possibly other information...
If implemented, it's very likely one would be asked to not only supply the email address(es) they wish to add, but would also asked for their real name, postal address, and phone number too.
Now anyone who thinks that information will remain confidential is kidding themselves. Did you know most U.S. states sell driver license information, including DL pictures to private entities...even those states that have laws against such actions share the information too due to various loopholes in their respective state laws; information also shared with other government agencies, including the Feds (don't think for a second it's not).
Ok, got on a tangent there, but to make a point...
If the government were to compile a "Do Not Email List"...the following will *likely* occur...
* Email and associated collected information would be stored and added to other unrelated government/private databases too.
* Government and other private entities will use the list to help track/monitor people - ie. "Deadbeat Dads"
* The email addresses and likely their related information will be used by politicians for sending out spam...yep, there's likely an exception for that; there is for the national do not call list.
* Various private entities, mostly offshore, will obtain the "Do Not Email List" and use it in the exact opposite way for which it was intended...that is they'll send spam to those addresses.
Opt-Out doesn't work for email; its debatable whether it works for phone numbers either, but that another topic for another day.
Bottom line is that any decent anti-spam bill should NOT have a "Do Not Email List" component, but rather instead require companies, non-profits, politicians, etc to use double-verified OPT-IN email lists for sending ubsolicited email.
Ron Bennett