With what I was talking about, it doesn't matter how flawed the GMR-2 cipher is, or any underlying communications structure for that matter, because what I am suggesting could be layered entirely on top of that just by software running at the endpoints.
Obviously, this would require a firmware update, but it should still be doable with the existing hardware. You talk into the phone, it goes through the software and gets mangled by a secret key, and *THEN* gets sent... the receiver picks up, it gets mutated back into the original through the software (easily done in real time by participating in a key-exchange at the beginning of a session), and they listen to the original. Someone communicating with a device that has not been upgraded could bypass the software encryption so that backwards compatibility is achieved.
Any existing flaws in the security of the communications system, even if they are in the hardware itself, would be entirely irrelevant, because what I am suggesting would be layered over top of that. At no time during a communication would any vulnerability in the underlying communication structure compromise the communication, even if one tried to snoop during the key exchange itself (unless one had a quantum computer, or was utilizing a MitM attack). Quantum proof algorithms exist as well, although admittedly these are probably less likely to work in real time on older hardware. MitM attacks are infeasible with wireless communication, so that's why I suggested it.
I know exactly what this is... what I am suggesting could be quite easily layered over top of that by software running on the end point devices, and that is still able to effectively perform its tasks in real time,.using encryption bit widths that would take longer than the lifetime of the solar system to decrypt using current technology (let alone real time), the software taking full responsibility for its own encryption and decryption at the end points, exclusively.
And any failure of the underlying technology or communications infrastructure to be properly secured against snooping would not impact the privacy of such a communication unless you could intercept the communication as a MitM.
Ciphertext attacks aren't going to do diddly squat at solving a problem that is no less difficult than factoring numbers that are the product of two unknown large primes. As quantum computing comes into the forefront, slightly more expensive algorithms could be employed which are resistant even to quantum computing efforts.
The networks will air whatever the people that pay them air... I can't count how many times I have seen what looked like a promising show cancelled before a dozen episodes, or after just one intriguing season, on an alleged claim of "poor ratings" when a cursory look at the actual ratings shows that the show had actually performed quite well.
The weaknesses of GMR2 is irrelevant. it is entirely possible to have a secured key exchange even over an entirely *PUBLICLY* visible communications channel, as long as you can somehow guarantee that the communication between two points cannot be intercepted. You get that guarantee for free with wireless communication, so you have the sender create a secret key that will be used to encrypt the communication, encrypt it locally via one-half of an asymmetric key that it has created or chosen for this session, and send the encrypted data (so encrypted data is on the channel), the receiver re-encrypts it with one of an asymmetric key that it has created or chosen for the session and sends it back (so encrypted data is still on the channel), the sender then decrypts that content with the other half of its own key, and sends that back (so encrypted data is still on the channel), and then the receiver decrypts with the other half of its own key to obtain the original secret. This does require that both the encryption and decryption keys chosen by each side be commutative not only with respect to themselves but also with all other possible keys, but it is not that computationally intensive to find such a pair, and it only needs to be done once at the beginning of a session. It does not matter how easy it is to see what the content is that passes between the sender and receiver because at no point is any unencrypted data ever visible to anyone who might try and eavesdrop. The only systems that ever contain uncrypted data are the sender and receiver.
As long as the key length used for this encryption is wide enough, which is again entirely independent of how easy it might be to eavesdrop on data that is being sent, there are only two ways to currently decrypt this kind of communication in real time: 1) Either utilize a MitM to intercept the entire above key exchange and subsequent communication, or 2) to use a quantum computer. There are quantum-computing proof variants of the algorithm as well, however, although they are somewhat more expensive. As more powerful cpu's become ubiquitous, however, the only remaining weakness would be having a MitM. You cannot generlaly implement MitM attacks against wireless communication, however, so it's really quite perfect for wireless communication.
Even over a pstn, there's no reason that the data needs to be unencrypted on it. Any data sent could be encrypted in real time directly by the sending phone and decrypted in real time directly by the receiving phone with a very simple algorithm. The secret key to be shared between the sender and receiver for encrypting the communication could itself be encrypted using a commutatve encryption scheme that guarantees that x enc A enc B dec A dec B == x, and the data stream is not decryptable in real time without a quantum computer, or unless you can intercept the communication. Intercepting wireless communication isn't possible, and unless you compromise the pstn itself to act as a MitM, the communication can be quite safe from eavesdropping in real time.
Sorry, no. The attack described is on the GMR-2 stream cipher itself, not the key exchange. Because of a weakness in the key schedule of the cipher, and the underlying structure of the encrypted data frame related to the key schedule, they can actually recover the key directly from they encrypted data frame ignoring the session key exchange entirely.
Uhmmm... that would be the point of using DHKE or one its variants, so that you *CAN'T* recover the unencrypted data without first intercepting the key exchange itself that occurs at the beginning of the communication. This is quite trivially susceptible to MitM attacks without adding authentication steps to the process, but with wireless communication, setting up a man-in-the-middle to intercept the communication is not feasible, so authentication is moot.
Some variant of Diffie-Helman key exchange would probably do quite nicely... MitM attacks are typically considered the biggest weakness of DHKE, but with wireless communication, there's no opportunity for a man in the middle attack.
It may involve a firmware update, but it still seems doable.
Of course, if somebody installs some malicious software on the satellite, then snooping via MitM attack becomes possible that way.... Ideally, the people that run the satellite have secured it against such intrusion, and that they themselves will not install such software at any time in the future.
To be frank, it probably has... in fact, probably more often than not.
The reason you don't hear about it is because the people who are busy actually *following* what their scriptures actually say about how to treat other people, you know... "love your neighbor as yourself" and all that shit, aren't typically going around causing harm to anyone else.
And it's hardly inconceivable in that context that their belief system and their belief in God plays a significant role in the formation of how they treat other people.
So again, to answer your question... almost certainly, yes.
... the javascript engine that it is bundled with is sure nice. I've been working on a project that will require an embedded javascript engine, and I've been looking very seriously at using ChakraCore.
... to at least be able to read everything. I can appreciate preventing privilege escalation exploits from writing to a filesystem that it had no business modifying, but when I'm doing backups, I expect to be able to read the entire drive's contents without issue.
Stick to user-level authorization for reading... but having application whitelists writing to folders may help the situation somewhat for the moment, or at least until the malware author learns how to masquerade their creation as some ordinarily trusted application on the user's machine.
If it's illegal to pay less than $15 for an hour of labor, what the hell do people who don't generate $15/hr in value do? They lose their job.
In practice, no... what happens is that because of an increase in the lowest rate wages, those were below the new wage enjoy a larger amount of disposable income each pay period, which they spend, and in turn infuse the economy, spurring business growth, which in turn enables the companies to more readily pay the higher wage.
There is a limit to this effect, however... The increase needs to be kept fairly modest for this to occur. Occasional larger jumps in lowest tier wages are okay, as long as they are sufficiently infrequent such that the annual average increase is still quite small. The long term impact of this tends to produce a net benefit to society and does not result in mass unemployment, as frequently predicted by people who look at the data only very superficially.. It is true that there are some who lose their jobs right away, but most will find alternative work within a few months at an increased rate of pay, so in general, more people are still better off in the long run.
The study to which this slashdot article refers is one of the only studies I've heard of that contradicts this. That doesn't mean it's come to incorrect conclusions based on the data that it analyzed, but I think the method of this study's analysis needs to be examined carefully, because there are many more studies that are saying almost exactly the opposite to this one, and which have repeatedly held up under objective scrutiny.
To be honest, I have no idea what the handicapped usage is like when the lot is not full, but given that vehicles used by the handicapped represent some real percentage of the total number of cars, one would tend to think that the actual number of handicapped stalls in use in a lot at any given time is going to be similarly roughly proportional to the total number of cars in the lot, that is, the more other cars there are in the lot, the more handicapped stalls will tend to be used as well. Even when the lot is virtually full, however, my observation is that many of the handicapped spots are still open. I suppose there might be an inverse correlation, but I find that dubious.
I was, however, generally agreeing with the previous poster in that more parking in grocery stores would be greatly desirable.
Most of them when I go to the grocery store, the lot is often very nearly full, but at least half of the eight or ten or so handicapped stalls always seem to be available at any one time, regardless of how full the lot is.
The big difference here is that the USA is economically powerful enough to that others will cater to the USA where the US wants because it makes the most economic sense for most other industrialized countries to do so..... Canada has about a tenth of the US's population, and is not nearly as significant on the global scale.
In general, pornography is legal in the USA. Certain classes of it are not (most notably if minors or depiction of minors are involved), and I'll concede the point that free spech is not entirely as absolute in the USA as I had said it was... but my point remains, the guarantee of free speech in the USA is *vastly* stronger than it is in Canada.
You may want to read up on that a little more carefully.... there is *HUGE* difference between the freedom of speech as protected by the Bill of Rights in the USA and freedom of speech in Canada.
Section 1 of the Constitution Act 1982 gives Canadians the right to free speech, but only with "reasonable limits.". This is quite far removed from the absolute right that the US constitution has.
Section 13 bans the communication of any so-called "hate messages", which disparage certain groups of people, even if the communication was made in absence of any evident intent to cause physical harm (ordinarily a prerequisite for something to qualify as "hate speech" within the USA).
Any appearance of free speech that Canadians might believe themselves to enjoy is just an illusion, and only serves as evidence that the Canadians who think they actually have it simply haven't offended anybody badly enough yet.
I mean, putting aside the fact that Canada does not have any constitutionally protected rights to freedom of speech like the USA does, what's Canada going to do if Google decides to ignore the worldwide scope of the court order? Start fining Google? How will they collect it? Google is a USA company, not a Canadian one. Will Canada criminalize the use of Google services within Canada? (that'll be interesting, if they try it) As far as I can see there is virtually nothing that Canada can actually do to enforce the worldwide scope of this directive, so it impacts free speech about as much as it does if I tell somebody else to shut the fuck up.
I didn't say I wasn't fine with it.... I only suggested how one might not find it funny that someone is unable to recover their lost data, even if they *DO* pay.
I don't abide paying the ransom for a second, but that doesn't mean I don't feel bad for the people that it happens to.
. These people who are now considered productive members of society, would suddenly be in jail costing the rest of us money....
They wouldn't go to jail.... they would just have to pay a fine. Much like speeding, in some respects, actually.
It's unwise for a society to criminalize so much that everyone is a criminal
Well, first of all... not everyone smokes. In fact, not even a majority of people smoke. I believe the statistics in North America are currently that fewer than one in six people smoke... and this number is steadily dropping lower and lower every decade.
And rather than making one out of every six or seven people into criminals, only some percentage of them that chose to break the law thereafter would be. I do not believe that this percentage would be very high. Driving impaired is illegal too, and it this single fact *alone* that tends to discourage at least most people from attempting it (the danger aspect does not factor in that highly, since one may believe they are capable of driving safely even when they are over the legal limit). I believe one would observe something similar with cigarettes, if they were outlawed.
There are better ways of getting people to quit than making it illegal.
Perhaps... but the next obvious one of denying medical coverage to people that smoke carries another can of worms.
I wasn't suggesting that making them illegal would be some kind of magical silver bullet anyways... only suggestiing that it would likely be helpful to no small number of people that *do* wish to quit, but merely lack the independent resolve to do. The law, being something external to themselves, might be a sufficient impetus in many cases to drive them to actually quit.
You could achieve identical goals if you were somehow simply able to make these people *believe* that cigarettes were illegal, and were somehow able to mask all evidence of their legal availability from them. There is no magical way to accomplish this, however.
One file, randomly placed on a disk, is not statistically likely to serve as any sort of honeypot before other significant damage has occurred. On average, I suppose you could argue that it would mitigate the damages to roughly half... but that's an overall average. It would be virtually equal to useless just as often as it might save a good percentage of your data. It's like having a life guard on duty at a beach who *might* bother to swim out to save you if you need help, but then again, he might not. So what's the point of him being there? Better than nothing? I guess.. but probably only a lot more likely to just create a false sense of security.
A healthy backup policy is the only real workable solution... and considering it is even automatable, I can't say I understand the resistance to practicing it.
Although I've not been hit by ransomware, having an automated backup policy in place on my system has still saved my data on more than one occasion, whether it was due to disk drive failure or because of human error.
Smokers have been told all their lives that it's bad for them, yet they started anyways.
They started anyways because they didn't believe that it would actually be hard to quit if it became problematic. This belief undergoes a radical shift once you actually start smokiing and then try to quit.
I know of nobody who ever started smoking thinking at they time that they know that later, they are going to be almost hopelessly addicted to having cigarettes, and wouldn't be able to quit later even if they wanted to. Yet, this is exactly what happens... people start, get addicted, and through no real failing of their own, simply do not possess the independent resolve to quit.
If it were illegal, there would be an additional barrier that may impact their cravings more than their own willpower might.
would your friend stop if they were illegal tomorrow?
I bet not.
Not the OP here, but if they were illegal, I can imagine this would pose generally present a significantly greater inconvenience for him to get them, and it's not remotely inconceivable that the added inconvenience, coupled with the fact that he would also have to knowingly have to break the law to even get the cigarettes, might exceed the extents to which he is willing to go to satisfy his addiction. The result is that he might go a very long time without cigarettes, and discover that within a few months, he no longer even has any cravings for them.
Of course, some would likely still find ways around the system, illegally smuggling them into their area and taking sufficient measures to not get caught, but I would expect that the people who are smuggling them into a region where they are illegal are often not even addicted themselves, but are simply wanting to exploit other people's addction, selling them under the table at a profit to parties in their region, but this kind of activity happens "off the radar" and isn't something that a person who isn't actively trying to look for such sources of their addiction (and is quite willing to disregard the law in the process) is going to tend to know how to get. It's certainly not something that you're going to be able to find in your local yellow pages, at any rate... any would-be business or entrepreneurship that attempts to advertise their illegal activity so publicly would be shut down long before they could hope to turn a profit.
The reason people who use illegal drugs are often willing to resort to illegal measures to get them is because they *already* have a disregard for the law, or else they would not be using the illegal drug in the first place. Existing smokers, addicted to nicotine, which is legally available through cigarettes, do not necessarily have that disregard, so no assumptions about one's indifference to the legality of its availability can be made as it might otherwise apply to drugs that are illegal.
When a government of some country wants something from a company that practices business there, and the company does not provide it (not because they cannot, but because the will not), why doesn't the government just suspend the company's license to practice business in that country until they cooperate?
They are, after all, the fricken government.... the data might not be under US jurisidction, but those who are within the USA certainly are... unless they can show that it is not feasible for them to obtain the data remotely without express cooperation by parties over which the USA has no jurisdiction, or that they otherwise do not possess the lawful authorization to retrieve the data from the other country, I don't know how they have any choice in the matter.
Slashdot Mirror
With what I was talking about, it doesn't matter how flawed the GMR-2 cipher is, or any underlying communications structure for that matter, because what I am suggesting could be layered entirely on top of that just by software running at the endpoints.
Obviously, this would require a firmware update, but it should still be doable with the existing hardware. You talk into the phone, it goes through the software and gets mangled by a secret key, and *THEN* gets sent... the receiver picks up, it gets mutated back into the original through the software (easily done in real time by participating in a key-exchange at the beginning of a session), and they listen to the original. Someone communicating with a device that has not been upgraded could bypass the software encryption so that backwards compatibility is achieved.
Any existing flaws in the security of the communications system, even if they are in the hardware itself, would be entirely irrelevant, because what I am suggesting would be layered over top of that. At no time during a communication would any vulnerability in the underlying communication structure compromise the communication, even if one tried to snoop during the key exchange itself (unless one had a quantum computer, or was utilizing a MitM attack). Quantum proof algorithms exist as well, although admittedly these are probably less likely to work in real time on older hardware. MitM attacks are infeasible with wireless communication, so that's why I suggested it.
I know exactly what this is... what I am suggesting could be quite easily layered over top of that by software running on the end point devices, and that is still able to effectively perform its tasks in real time,.using encryption bit widths that would take longer than the lifetime of the solar system to decrypt using current technology (let alone real time), the software taking full responsibility for its own encryption and decryption at the end points, exclusively.
And any failure of the underlying technology or communications infrastructure to be properly secured against snooping would not impact the privacy of such a communication unless you could intercept the communication as a MitM.
Ciphertext attacks aren't going to do diddly squat at solving a problem that is no less difficult than factoring numbers that are the product of two unknown large primes. As quantum computing comes into the forefront, slightly more expensive algorithms could be employed which are resistant even to quantum computing efforts.
The networks will air whatever the people that pay them air... I can't count how many times I have seen what looked like a promising show cancelled before a dozen episodes, or after just one intriguing season, on an alleged claim of "poor ratings" when a cursory look at the actual ratings shows that the show had actually performed quite well.
The weaknesses of GMR2 is irrelevant. it is entirely possible to have a secured key exchange even over an entirely *PUBLICLY* visible communications channel, as long as you can somehow guarantee that the communication between two points cannot be intercepted. You get that guarantee for free with wireless communication, so you have the sender create a secret key that will be used to encrypt the communication, encrypt it locally via one-half of an asymmetric key that it has created or chosen for this session, and send the encrypted data (so encrypted data is on the channel), the receiver re-encrypts it with one of an asymmetric key that it has created or chosen for the session and sends it back (so encrypted data is still on the channel), the sender then decrypts that content with the other half of its own key, and sends that back (so encrypted data is still on the channel), and then the receiver decrypts with the other half of its own key to obtain the original secret. This does require that both the encryption and decryption keys chosen by each side be commutative not only with respect to themselves but also with all other possible keys, but it is not that computationally intensive to find such a pair, and it only needs to be done once at the beginning of a session. It does not matter how easy it is to see what the content is that passes between the sender and receiver because at no point is any unencrypted data ever visible to anyone who might try and eavesdrop. The only systems that ever contain uncrypted data are the sender and receiver.
As long as the key length used for this encryption is wide enough, which is again entirely independent of how easy it might be to eavesdrop on data that is being sent, there are only two ways to currently decrypt this kind of communication in real time: 1) Either utilize a MitM to intercept the entire above key exchange and subsequent communication, or 2) to use a quantum computer. There are quantum-computing proof variants of the algorithm as well, however, although they are somewhat more expensive. As more powerful cpu's become ubiquitous, however, the only remaining weakness would be having a MitM. You cannot generlaly implement MitM attacks against wireless communication, however, so it's really quite perfect for wireless communication.
Even over a pstn, there's no reason that the data needs to be unencrypted on it. Any data sent could be encrypted in real time directly by the sending phone and decrypted in real time directly by the receiving phone with a very simple algorithm. The secret key to be shared between the sender and receiver for encrypting the communication could itself be encrypted using a commutatve encryption scheme that guarantees that x enc A enc B dec A dec B == x, and the data stream is not decryptable in real time without a quantum computer, or unless you can intercept the communication. Intercepting wireless communication isn't possible, and unless you compromise the pstn itself to act as a MitM, the communication can be quite safe from eavesdropping in real time.
Uhmmm... that would be the point of using DHKE or one its variants, so that you *CAN'T* recover the unencrypted data without first intercepting the key exchange itself that occurs at the beginning of the communication. This is quite trivially susceptible to MitM attacks without adding authentication steps to the process, but with wireless communication, setting up a man-in-the-middle to intercept the communication is not feasible, so authentication is moot.
I wasn't suggesting that they weren't... but I felt I should acknowledge the point as a at least a theoretical vulnerability.
Some variant of Diffie-Helman key exchange would probably do quite nicely... MitM attacks are typically considered the biggest weakness of DHKE, but with wireless communication, there's no opportunity for a man in the middle attack.
It may involve a firmware update, but it still seems doable.
Of course, if somebody installs some malicious software on the satellite, then snooping via MitM attack becomes possible that way.... Ideally, the people that run the satellite have secured it against such intrusion, and that they themselves will not install such software at any time in the future.
To be frank, it probably has... in fact, probably more often than not.
The reason you don't hear about it is because the people who are busy actually *following* what their scriptures actually say about how to treat other people, you know... "love your neighbor as yourself" and all that shit, aren't typically going around causing harm to anyone else.
And it's hardly inconceivable in that context that their belief system and their belief in God plays a significant role in the formation of how they treat other people.
So again, to answer your question... almost certainly, yes.
... the javascript engine that it is bundled with is sure nice. I've been working on a project that will require an embedded javascript engine, and I've been looking very seriously at using ChakraCore.
Stick to user-level authorization for reading... but having application whitelists writing to folders may help the situation somewhat for the moment, or at least until the malware author learns how to masquerade their creation as some ordinarily trusted application on the user's machine.
In practice, no... what happens is that because of an increase in the lowest rate wages, those were below the new wage enjoy a larger amount of disposable income each pay period, which they spend, and in turn infuse the economy, spurring business growth, which in turn enables the companies to more readily pay the higher wage.
There is a limit to this effect, however... The increase needs to be kept fairly modest for this to occur. Occasional larger jumps in lowest tier wages are okay, as long as they are sufficiently infrequent such that the annual average increase is still quite small. The long term impact of this tends to produce a net benefit to society and does not result in mass unemployment, as frequently predicted by people who look at the data only very superficially.. It is true that there are some who lose their jobs right away, but most will find alternative work within a few months at an increased rate of pay, so in general, more people are still better off in the long run.
The study to which this slashdot article refers is one of the only studies I've heard of that contradicts this. That doesn't mean it's come to incorrect conclusions based on the data that it analyzed, but I think the method of this study's analysis needs to be examined carefully, because there are many more studies that are saying almost exactly the opposite to this one, and which have repeatedly held up under objective scrutiny.
To be honest, I have no idea what the handicapped usage is like when the lot is not full, but given that vehicles used by the handicapped represent some real percentage of the total number of cars, one would tend to think that the actual number of handicapped stalls in use in a lot at any given time is going to be similarly roughly proportional to the total number of cars in the lot, that is, the more other cars there are in the lot, the more handicapped stalls will tend to be used as well. Even when the lot is virtually full, however, my observation is that many of the handicapped spots are still open. I suppose there might be an inverse correlation, but I find that dubious. I was, however, generally agreeing with the previous poster in that more parking in grocery stores would be greatly desirable.
Most of them when I go to the grocery store, the lot is often very nearly full, but at least half of the eight or ten or so handicapped stalls always seem to be available at any one time, regardless of how full the lot is.
The big difference here is that the USA is economically powerful enough to that others will cater to the USA where the US wants because it makes the most economic sense for most other industrialized countries to do so..... Canada has about a tenth of the US's population, and is not nearly as significant on the global scale.
In general, pornography is legal in the USA. Certain classes of it are not (most notably if minors or depiction of minors are involved), and I'll concede the point that free spech is not entirely as absolute in the USA as I had said it was... but my point remains, the guarantee of free speech in the USA is *vastly* stronger than it is in Canada.
You may want to read up on that a little more carefully.... there is *HUGE* difference between the freedom of speech as protected by the Bill of Rights in the USA and freedom of speech in Canada.
Section 1 of the Constitution Act 1982 gives Canadians the right to free speech, but only with "reasonable limits.". This is quite far removed from the absolute right that the US constitution has.
Section 13 bans the communication of any so-called "hate messages", which disparage certain groups of people, even if the communication was made in absence of any evident intent to cause physical harm (ordinarily a prerequisite for something to qualify as "hate speech" within the USA).
Any appearance of free speech that Canadians might believe themselves to enjoy is just an illusion, and only serves as evidence that the Canadians who think they actually have it simply haven't offended anybody badly enough yet.
How is this in any way a threat to free speech?
I mean, putting aside the fact that Canada does not have any constitutionally protected rights to freedom of speech like the USA does, what's Canada going to do if Google decides to ignore the worldwide scope of the court order? Start fining Google? How will they collect it? Google is a USA company, not a Canadian one. Will Canada criminalize the use of Google services within Canada? (that'll be interesting, if they try it) As far as I can see there is virtually nothing that Canada can actually do to enforce the worldwide scope of this directive, so it impacts free speech about as much as it does if I tell somebody else to shut the fuck up.
I didn't say I wasn't fine with it.... I only suggested how one might not find it funny that someone is unable to recover their lost data, even if they *DO* pay.
I don't abide paying the ransom for a second, but that doesn't mean I don't feel bad for the people that it happens to.
They wouldn't go to jail.... they would just have to pay a fine. Much like speeding, in some respects, actually.
Well, first of all... not everyone smokes. In fact, not even a majority of people smoke. I believe the statistics in North America are currently that fewer than one in six people smoke... and this number is steadily dropping lower and lower every decade.
And rather than making one out of every six or seven people into criminals, only some percentage of them that chose to break the law thereafter would be. I do not believe that this percentage would be very high. Driving impaired is illegal too, and it this single fact *alone* that tends to discourage at least most people from attempting it (the danger aspect does not factor in that highly, since one may believe they are capable of driving safely even when they are over the legal limit). I believe one would observe something similar with cigarettes, if they were outlawed.
Perhaps... but the next obvious one of denying medical coverage to people that smoke carries another can of worms.
I wasn't suggesting that making them illegal would be some kind of magical silver bullet anyways... only suggestiing that it would likely be helpful to no small number of people that *do* wish to quit, but merely lack the independent resolve to do. The law, being something external to themselves, might be a sufficient impetus in many cases to drive them to actually quit.
You could achieve identical goals if you were somehow simply able to make these people *believe* that cigarettes were illegal, and were somehow able to mask all evidence of their legal availability from them. There is no magical way to accomplish this, however.
One file, randomly placed on a disk, is not statistically likely to serve as any sort of honeypot before other significant damage has occurred. On average, I suppose you could argue that it would mitigate the damages to roughly half... but that's an overall average. It would be virtually equal to useless just as often as it might save a good percentage of your data. It's like having a life guard on duty at a beach who *might* bother to swim out to save you if you need help, but then again, he might not. So what's the point of him being there? Better than nothing? I guess.. but probably only a lot more likely to just create a false sense of security.
A healthy backup policy is the only real workable solution... and considering it is even automatable, I can't say I understand the resistance to practicing it.
Although I've not been hit by ransomware, having an automated backup policy in place on my system has still saved my data on more than one occasion, whether it was due to disk drive failure or because of human error.
Because of this thing called compassion. It's not unheard of, you know.
They started anyways because they didn't believe that it would actually be hard to quit if it became problematic. This belief undergoes a radical shift once you actually start smokiing and then try to quit.
I know of nobody who ever started smoking thinking at they time that they know that later, they are going to be almost hopelessly addicted to having cigarettes, and wouldn't be able to quit later even if they wanted to. Yet, this is exactly what happens... people start, get addicted, and through no real failing of their own, simply do not possess the independent resolve to quit.
If it were illegal, there would be an additional barrier that may impact their cravings more than their own willpower might.
Not the OP here, but if they were illegal, I can imagine this would pose generally present a significantly greater inconvenience for him to get them, and it's not remotely inconceivable that the added inconvenience, coupled with the fact that he would also have to knowingly have to break the law to even get the cigarettes, might exceed the extents to which he is willing to go to satisfy his addiction. The result is that he might go a very long time without cigarettes, and discover that within a few months, he no longer even has any cravings for them.
Of course, some would likely still find ways around the system, illegally smuggling them into their area and taking sufficient measures to not get caught, but I would expect that the people who are smuggling them into a region where they are illegal are often not even addicted themselves, but are simply wanting to exploit other people's addction, selling them under the table at a profit to parties in their region, but this kind of activity happens "off the radar" and isn't something that a person who isn't actively trying to look for such sources of their addiction (and is quite willing to disregard the law in the process) is going to tend to know how to get. It's certainly not something that you're going to be able to find in your local yellow pages, at any rate... any would-be business or entrepreneurship that attempts to advertise their illegal activity so publicly would be shut down long before they could hope to turn a profit.
The reason people who use illegal drugs are often willing to resort to illegal measures to get them is because they *already* have a disregard for the law, or else they would not be using the illegal drug in the first place. Existing smokers, addicted to nicotine, which is legally available through cigarettes, do not necessarily have that disregard, so no assumptions about one's indifference to the legality of its availability can be made as it might otherwise apply to drugs that are illegal.
When a government of some country wants something from a company that practices business there, and the company does not provide it (not because they cannot, but because the will not), why doesn't the government just suspend the company's license to practice business in that country until they cooperate?
They are, after all, the fricken government.... the data might not be under US jurisidction, but those who are within the USA certainly are... unless they can show that it is not feasible for them to obtain the data remotely without express cooperation by parties over which the USA has no jurisdiction, or that they otherwise do not possess the lawful authorization to retrieve the data from the other country, I don't know how they have any choice in the matter.