"I joked that the camera had no film (get it, digital, ha-ha), but the security officer was not amused and said he would have to take my camera and arrest me if I took any more pictures. WTH?"
Not to mention that them taking your camera is called "theft", and it can be prosecuted. If they damage your equipment, that is "destruction of private property", if they delete your images from your card, that is also "destruction of private property".
From another site on the matter: "...Taking your film film, asking the following questions directly or indirectly by threatening to use force or call a law enforcement agency can constitute criminal offenses such as theft and coercion."
"If you read these posts you would think that the average slashdotter was planning to overthrow one (or more likely all) governments on a regular basis. Really now. From your respective basements?"
Isn't that the point? Shouldn't we be portraying that EXACT image to the respective governments who are trying to overthrow us? Seriously, isn't that EXACTLY what they're trying to do with the false security theater that is being thrust upon us with each new day of news reports from the Middle East and domestic?
In short, the government SHOULD be afraid of the power of the people, because it is exactly those people, who gives the government their power, not the reverse. We all COULD be harboring plans to overthrow the government, and we should anyway, if they cease to support our rights and needs as a populace. In other words, do what we're expecting of you, or expect to get overthrown. Period.
Re:no encryption that YOU didn't write is safe
on
Is Hushmail Still Safe?
·
· Score: 3, Insightful
"Anyone who thinks the government is a magical entity that can automatically undo the work of independent researchers and mathematicians is deluded."
...and those who think they're the top in their field, are regularly and quickly shown up by those who are smarter than themselves. Just remember that for every person you're beating in any field (math, basketball, chess, whatever), there are people out there MUCH smarter, faster, better than you are.
Just because one brilliant researcher publicly puts his stamp of approval on an algorithm, does not mean that any government doesn't have a team of similarly-brilliant researchers poking holes in that algorithm that are never made public.
"Personally if I want to send encrypted mail I will do so on a PC I have direct control over, I will carry out the encryption before the email goes anywhere. And depending on the type of encryption used, I might even carry out the encryption on a terminal which has no network connections etc and after encrypting the mail will shutdown the PC and leave it shutdown for a while - this setup would have no swap partition etc, or if it did it would be a minimum of baseline encrypted."
Of course you also bring your own bootable ISO cd/dvd to run the OS from which you compose and encrypt that email, and your own keyboard to ensure there are no hardware key loggers installed, right?
We have enough problems getting out of Iraq already, I can't imagine having a troop surge to Mars to protect oil there. Besides, who gets to lay claim to that anyway? Is Mars sovereign territory?
"Information is power, and if they know about your data (it doesn't matter if it's something legal or not), they have power over you."
It's not about the power, it's about the data. The more datapoints they have to correlate, the more they can tie people to events, events to laws, laws to crimes and crimes to people.
The more datapoints you have, the more you can draw conclusions and link things which would normally have been completely unrelated before.
Assuming the data is strongly encrypted (AES256 or higher) on the disk BEFORE and AFTER you rsync+ssh the data over, sure.. I'll buy that, and if, and ONLY if, you're on a dedicated (not shared) hosting plan.
Remember, shared hosting plans where you're using a machine that belongs to someone else (i.e. the hosting provider), the data and everything on that machine belongs to them, and they can legally peruse through it to their hearts content. This just recently came up because a provider was poking around inside a user's SQL database without permission, and the database wasn't the reason for him raising a support request with the provider.
If it's not encrypted with strong encryption on both ends, you've lost all security.. even if you've use ssh/scp/rsync+ssh to transfer it.
You know, this hits too close to home for me. I've been pulled over 57 times in a 4-year span in my life, across 3 different vehicles and when I had long hair all the way up to a shaved head. 17 of those times were all in the same town, by the same cop, in a 30-day span.
I had a scanner in my car also... and I even drove straight to the police department to report the officer after the 17th time. The moment I left the station, my plates were broadcast on the radio to have me "escorted" out of town.
I've been pulled over as a PASSENGER in another friend's car... the cop pulled my friend over, so he could interrogate me. I've never done drugs, excessively speeded, broken any obvious laws that I'm aware of. It was flat-out ludicrous. I even have copies of every single ticket that was issued to me here, because it is so absolutely insane.
I've actually had my car towed because I didn't answer the officer's questions, and they disassembled it... door panels, seats and all. The car was literally 2 weeks old, right off of the showroom floor. They found nothing of course, and caused $3,500 in damage to my power locks, doors, seats, hood, and so on.
Incidentally, only 4 of those tickets "stuck" in court. The rest were thrown out on various dozens of technicalities and illegalities.
I HIGHLY recommend watching Busted: The Citizen's Guide to Surviving Police Encounters if you think you're at risk of getting pulled over. I've used these techniques for the last 20 years and they work beautifully, if you don't mind actually being arrested, and fighting it out in court later to win.
"The truth of the matter is conversations originating overseas from known or suspected terrorist organizations to their contacts in the U.S. may be monitored. Your chats with Grandma about what to get little Jimmy for his birthday are of no interest to anyone and cannot be legally intercepted without a warrant."
Except for the fact that millions of US Citizens with absolutely NO ties to any known or unknown terrorist organizations had their conversations monitored, tapped and either retained or discarded (unknown, due to "State Secrets"), over the last 7+ years.
Once you open the door, the door is open. Retroactive FISA warrants are not a viable excuse for wiretapping innocent US citizens. Who watches the watchers? Where is the oversight? Where is the transparency?
Ugh... the most annoying thing about OSX IS that top menubar. It dramatically decreases productivity and dramatically increases unnecessary mousing "mileage".
Personally, I still run sawfish and have for years, because its GUI is light-years ahead of what OSX and current GNOME/KDE provide in their own window managers. All menus are context-sensitive within the app, desktop or environment with a click, right-click, alt+right-click and so on. Works beautifully and I can get to any option from the window manager's own parameters to the application's modal menus without moving my mouse one single pixel anywhere to "click" on anything.
If I search directly on Wikipedia, the lack of a Wikipedia article means I'll have to repeat that search on Google, or elsewhere -- plus, the Wikipedia search is slower. If I search on Google first, if there's a Wikipedia article, great, it's one click away -- and if there isn't, I've still got a page full of useful results.
They want Apple computers because of marketing and hype.
Apple doesn't sell computers or software, they sell "an experience". Why do you think people will pay MORE money for headphones that are worse in quality and sound reproduction than the competition? Because they are "white" and match the color scheme of their iPod.
Wake me up when I can actually install it on my HP laptop and have the drivers actually work. I'm pretty disillusioned with Hardy Heron on this one.
What did HP Support say when you tried to use their Linux drivers?
Remember, failure of hardware to with with Linux is NEVER a Linux problem, it is a vendor problem. The Linux community (including the Linux kernel developers) have openly pledged to write and maintain the drivers for any piece of hardware for free, if the vendor would provide a suitable public API or some level of documentation.
There's more than enough spare time and exceptional development skill in the Linux and Open Source community to write every driver for every piece of hardware that Linux runs on.
When hardware fails to work with Linux, its because the vendor failed, not Linux. Talk to the vendor and stop blaming Linux.
Enforcing consistency removes choice, and the lack of choice is one major flaw in Apple's design.
Sure, Apple sells pretty hardware and a pretty OS that runs on it, but how much can you customize it? For example, I want that top menu bar GONE. I don't want it there, I don't need it there and it is a major productivity sinkhole (causing MUCH more mousing than is necessary).
How can I change the system fonts to 6pt anti-aliased versions to match what I use on Linux (and aa fonts on Linux look a LOT better than their OS X counterparts, which I can prove with plenty of comparison screenshots)?
How can I change the default system font face to one that is more to my liking? I'm talking about the basic fonts that appear on titlebars and menus, not within applications themselves. Sure, there are third-party "hacks" that can do that (APE and such), but something as basic as being able to change fonts in these areas should be part of the core OS itself. Heck, Microsoft Windows even allows this without resorting to unsupported third-party tools.
Until Apple allows me to configure my UI the way I want, they'll still be behind Linux (and Windows) in this regard. Removing choice is one of the major reasons I primarily use Linux. I can configure how my applications work, what they look like, how they inter-operate, what toolkits they use, and so on... and NONE of that involves opening up the hood and changing one single line of code.
If you want to "be productive" with your computer; run Linux.
If you want to "play" with your computer; run Microsoft Windows.
If you want to "experience" your computer; run Apple OS X.
Problem is when I switch to an XP machine I have to use, press Ctrl-Alt-Left or Right, and the desktop rotates.
XP doesn't do this by default, so you must have some third-party application installed on your XP machine that provides this function. Do you know what it might be? I'd love to have that on my XP machine at work so I can function with as much productivity as my Linux machines at home.
If you returned to the US, landed on US soil and kept those rocks, you would be in violation of Federal law. It's cracked-up, but there is a law on the books that prohibits US citizens from owning moon rocks.
A little-known fact: It is against Federal law for a private citizen to own any piece of a legitimate moon rock. If you own one (or have bought one), you are required by law to contact NASA immediately and hand it over; without delay.
Absolutely they do. The earlier revisions of fingerprint readers (like the "Fingerchip"), used to take a fingerprint and aggregate 57 separate, unique points on it, and used that as the seed. When you scan again, there is a percentage of those 57 points that has to match in order to be considered genuine.
At no point does a key have to "exist" on the machine, and having a list of 57 separate datapoints does not let you extrapolate the fingerprint from that data in any way.
The order of security from Most-Secure to Least-Secure goes like this, for biometric:
Fingerprint
Iris scan
Voiceprint
Facial recognition
Combining any of the above with two additional, non-biometric authenticator is one way to dramatically increase the security, as well as reduce the changes of having someone breach it.
Something you are (biometric)
Something you have (card key, key fob)
Something you know (password, passphrase, key code)
Thanks for the links, but this doesn't get me a single micron closer to the goal... being able to choose the hash and encryption method used to encrypt my data in FileVault or the OS itself.
I searched, scanned and read large relevant sections in that 240-page pdf, and not a single mention of anything related to the encryption algorithms was to be found.
They do mention AES-256 twice, and SHA1 once... but that's just barely scratching the surface of what true encryption can do, and should be used for.
Thanks again, I'll keep scouring the web for solutions. FileVault is great for the general "home" user, but for someone who has important, secure data to transport or maintain (i.e. client data), FileVault falls vastly short of something as comprehensive as say... loop-aes, dm-crypt or TrueCrypt.
What algorithms does FileVault allow me to choose from for my striping?
I'd will be using Whirlpool for the hash algorithm and Serpent-Twofish-AES for the encryption algorithm. Can you show me how to choose those from the FileVault preferences?
Oh, and I need my encryption key to reside on a USB thumbdrive (which is biometrically protected of course). How do I export my key from FileVault to my USB thumbdrive?
There's also a few hundred thousand dead people in another part of the world who would tell you to put things into perspective and realize which is the greater tragedy.
You mean Darfur? Sudan? Some other place where the US has not provoked those deaths intentionally, to solidify its presence?
More people should familiarize themselves with Operation Northwoods and look at the date posted on that article, as well as the date of the original intent of those ideas.
I hope you don't seriously believe that natural gas comes from a barrel of crude. If you do, you need to go back to school and relearn where natural gas comes from.
To whit... the US buys 20% of its natural gas from Canada, and that 20% is 50% of Canada's output. If we doubled our natural gas consumption to 40%, we would be at 100% of Canada's output.
But natural gas most-definitely does not come in a barrel. Ever.
"What do we do in the meantime? I say we increase domestic energy production (drill for oil!) and use the revenues from that to fund the research required to speed these technologies along."
As long as you don't mind continuing to pay $4.50 and up per-gallon of gas. Domestic drilling WILL NOT reduce the current cost of oil by any significant amount. The experts have already weighed in on this and it would reduce the cost-per-barrel by $10.00 at the most. That still leaves us with a barrel of oil that costs 62% more than it costs to produce.
So if your intent is to get the domestic drilling to provide research revenue, while gas prices continue to rise... I might support that vision. If you think domestic drilling for oil is going to reduce what we pay for oil today, you're misled.
"Please give the key to these files, or we will confiscate your PC. The problem is encryption doesn't work. The moment you do not give them the key, you will be put on the 'no-fly' list faster then you can blink."
There's already plenty of case law against that, so you're still safe. One particular case, United States v. Boucher is particularly interesting, because it DOES directly involve contraband.
But you are protected by the 4th and 5th Amendments to the Constitution which prohibits them forcing you to turn over your key/passphrase/etc. Period.
Until they sack the 4th Amendment (and believe me, they're trying!), we're still protected.
Slashdot Mirror
Not to mention that them taking your camera is called "theft", and it can be prosecuted. If they damage your equipment, that is "destruction of private property", if they delete your images from your card, that is also "destruction of private property".
Check out the Legal Rights of Photographers document for this EXACT example (page 4 of the pdf).
From another site on the matter: "...Taking your film film, asking the following questions directly or indirectly by threatening to use force or call a law enforcement agency can constitute criminal offenses such as theft and coercion."
Isn't that the point? Shouldn't we be portraying that EXACT image to the respective governments who are trying to overthrow us? Seriously, isn't that EXACTLY what they're trying to do with the false security theater that is being thrust upon us with each new day of news reports from the Middle East and domestic?
You might find the article "Fascist America, in 10 easy steps" interesting in this context.
In short, the government SHOULD be afraid of the power of the people, because it is exactly those people, who gives the government their power, not the reverse. We all COULD be harboring plans to overthrow the government, and we should anyway, if they cease to support our rights and needs as a populace. In other words, do what we're expecting of you, or expect to get overthrown. Period.
...and those who think they're the top in their field, are regularly and quickly shown up by those who are smarter than themselves. Just remember that for every person you're beating in any field (math, basketball, chess, whatever), there are people out there MUCH smarter, faster, better than you are.
Just because one brilliant researcher publicly puts his stamp of approval on an algorithm, does not mean that any government doesn't have a team of similarly-brilliant researchers poking holes in that algorithm that are never made public.
Of course you also bring your own bootable ISO cd/dvd to run the OS from which you compose and encrypt that email, and your own keyboard to ensure there are no hardware key loggers installed, right?
Please don't tell me they found oil...
We have enough problems getting out of Iraq already, I can't imagine having a troop surge to Mars to protect oil there. Besides, who gets to lay claim to that anyway? Is Mars sovereign territory?
It's not about the power, it's about the data. The more datapoints they have to correlate, the more they can tie people to events, events to laws, laws to crimes and crimes to people.
The more datapoints you have, the more you can draw conclusions and link things which would normally have been completely unrelated before.
Assuming the data is strongly encrypted (AES256 or higher) on the disk BEFORE and AFTER you rsync+ssh the data over, sure.. I'll buy that, and if, and ONLY if, you're on a dedicated (not shared) hosting plan.
Remember, shared hosting plans where you're using a machine that belongs to someone else (i.e. the hosting provider), the data and everything on that machine belongs to them, and they can legally peruse through it to their hearts content. This just recently came up because a provider was poking around inside a user's SQL database without permission, and the database wasn't the reason for him raising a support request with the provider.
If it's not encrypted with strong encryption on both ends, you've lost all security.. even if you've use ssh/scp/rsync+ssh to transfer it.
You know, this hits too close to home for me. I've been pulled over 57 times in a 4-year span in my life, across 3 different vehicles and when I had long hair all the way up to a shaved head. 17 of those times were all in the same town, by the same cop, in a 30-day span.
I had a scanner in my car also... and I even drove straight to the police department to report the officer after the 17th time. The moment I left the station, my plates were broadcast on the radio to have me "escorted" out of town.
I've been pulled over as a PASSENGER in another friend's car... the cop pulled my friend over, so he could interrogate me. I've never done drugs, excessively speeded, broken any obvious laws that I'm aware of. It was flat-out ludicrous. I even have copies of every single ticket that was issued to me here, because it is so absolutely insane.
I've actually had my car towed because I didn't answer the officer's questions, and they disassembled it... door panels, seats and all. The car was literally 2 weeks old, right off of the showroom floor. They found nothing of course, and caused $3,500 in damage to my power locks, doors, seats, hood, and so on.
Incidentally, only 4 of those tickets "stuck" in court. The rest were thrown out on various dozens of technicalities and illegalities.
I HIGHLY recommend watching Busted: The Citizen's Guide to Surviving Police Encounters if you think you're at risk of getting pulled over. I've used these techniques for the last 20 years and they work beautifully, if you don't mind actually being arrested, and fighting it out in court later to win.
Except for the fact that millions of US Citizens with absolutely NO ties to any known or unknown terrorist organizations had their conversations monitored, tapped and either retained or discarded (unknown, due to "State Secrets"), over the last 7+ years.
Once you open the door, the door is open. Retroactive FISA warrants are not a viable excuse for wiretapping innocent US citizens. Who watches the watchers? Where is the oversight? Where is the transparency?
Ugh... the most annoying thing about OSX IS that top menubar. It dramatically decreases productivity and dramatically increases unnecessary mousing "mileage".
Personally, I still run sawfish and have for years, because its GUI is light-years ahead of what OSX and current GNOME/KDE provide in their own window managers. All menus are context-sensitive within the app, desktop or environment with a click, right-click, alt+right-click and so on. Works beautifully and I can get to any option from the window manager's own parameters to the application's modal menus without moving my mouse one single pixel anywhere to "click" on anything.
Let me introduce you to the Googlepedia Firefox Add-on, which solves this in one step.
I don't understand and the project page for "Global GNOME Menu" doesn't make it any clearer. How is this any different from gnome-panel?
Apple doesn't sell computers or software, they sell "an experience". Why do you think people will pay MORE money for headphones that are worse in quality and sound reproduction than the competition? Because they are "white" and match the color scheme of their iPod.
What Apple excels at is marketing, nothing more.
What did HP Support say when you tried to use their Linux drivers?
Remember, failure of hardware to with with Linux is NEVER a Linux problem, it is a vendor problem. The Linux community (including the Linux kernel developers) have openly pledged to write and maintain the drivers for any piece of hardware for free, if the vendor would provide a suitable public API or some level of documentation.
There's more than enough spare time and exceptional development skill in the Linux and Open Source community to write every driver for every piece of hardware that Linux runs on.
When hardware fails to work with Linux, its because the vendor failed, not Linux. Talk to the vendor and stop blaming Linux.
Enforcing consistency removes choice, and the lack of choice is one major flaw in Apple's design.
Sure, Apple sells pretty hardware and a pretty OS that runs on it, but how much can you customize it? For example, I want that top menu bar GONE. I don't want it there, I don't need it there and it is a major productivity sinkhole (causing MUCH more mousing than is necessary).
How can I change the system fonts to 6pt anti-aliased versions to match what I use on Linux (and aa fonts on Linux look a LOT better than their OS X counterparts, which I can prove with plenty of comparison screenshots)?
How can I change the default system font face to one that is more to my liking? I'm talking about the basic fonts that appear on titlebars and menus, not within applications themselves. Sure, there are third-party "hacks" that can do that (APE and such), but something as basic as being able to change fonts in these areas should be part of the core OS itself. Heck, Microsoft Windows even allows this without resorting to unsupported third-party tools.
Until Apple allows me to configure my UI the way I want, they'll still be behind Linux (and Windows) in this regard. Removing choice is one of the major reasons I primarily use Linux. I can configure how my applications work, what they look like, how they inter-operate, what toolkits they use, and so on... and NONE of that involves opening up the hood and changing one single line of code.
It really is that simple.
XP doesn't do this by default, so you must have some third-party application installed on your XP machine that provides this function. Do you know what it might be? I'd love to have that on my XP machine at work so I can function with as much productivity as my Linux machines at home.
If you returned to the US, landed on US soil and kept those rocks, you would be in violation of Federal law. It's cracked-up, but there is a law on the books that prohibits US citizens from owning moon rocks.
A little-known fact: It is against Federal law for a private citizen to own any piece of a legitimate moon rock. If you own one (or have bought one), you are required by law to contact NASA immediately and hand it over; without delay.
Absolutely they do. The earlier revisions of fingerprint readers (like the "Fingerchip"), used to take a fingerprint and aggregate 57 separate, unique points on it, and used that as the seed. When you scan again, there is a percentage of those 57 points that has to match in order to be considered genuine.
At no point does a key have to "exist" on the machine, and having a list of 57 separate datapoints does not let you extrapolate the fingerprint from that data in any way.
The order of security from Most-Secure to Least-Secure goes like this, for biometric:
Combining any of the above with two additional, non-biometric authenticator is one way to dramatically increase the security, as well as reduce the changes of having someone breach it.
Thanks for the links, but this doesn't get me a single micron closer to the goal... being able to choose the hash and encryption method used to encrypt my data in FileVault or the OS itself.
I searched, scanned and read large relevant sections in that 240-page pdf, and not a single mention of anything related to the encryption algorithms was to be found.
They do mention AES-256 twice, and SHA1 once... but that's just barely scratching the surface of what true encryption can do, and should be used for.
Thanks again, I'll keep scouring the web for solutions. FileVault is great for the general "home" user, but for someone who has important, secure data to transport or maintain (i.e. client data), FileVault falls vastly short of something as comprehensive as say... loop-aes, dm-crypt or TrueCrypt.
What algorithms does FileVault allow me to choose from for my striping?
I'd will be using Whirlpool for the hash algorithm and Serpent-Twofish-AES for the encryption algorithm. Can you show me how to choose those from the FileVault preferences?
Oh, and I need my encryption key to reside on a USB thumbdrive (which is biometrically protected of course). How do I export my key from FileVault to my USB thumbdrive?
Can FileVault do this?
You mean Darfur? Sudan? Some other place where the US has not provoked those deaths intentionally, to solidify its presence?
More people should familiarize themselves with Operation Northwoods and look at the date posted on that article, as well as the date of the original intent of those ideas.
I hope you don't seriously believe that natural gas comes from a barrel of crude. If you do, you need to go back to school and relearn where natural gas comes from.
To whit... the US buys 20% of its natural gas from Canada, and that 20% is 50% of Canada's output. If we doubled our natural gas consumption to 40%, we would be at 100% of Canada's output.
But natural gas most-definitely does not come in a barrel. Ever.
As long as you don't mind continuing to pay $4.50 and up per-gallon of gas. Domestic drilling WILL NOT reduce the current cost of oil by any significant amount. The experts have already weighed in on this and it would reduce the cost-per-barrel by $10.00 at the most. That still leaves us with a barrel of oil that costs 62% more than it costs to produce.
So if your intent is to get the domestic drilling to provide research revenue, while gas prices continue to rise... I might support that vision. If you think domestic drilling for oil is going to reduce what we pay for oil today, you're misled.
There's already plenty of case law against that, so you're still safe. One particular case, United States v. Boucher is particularly interesting, because it DOES directly involve contraband.
But you are protected by the 4th and 5th Amendments to the Constitution which prohibits them forcing you to turn over your key/passphrase/etc. Period.
Until they sack the 4th Amendment (and believe me, they're trying!), we're still protected.