If you were a very savvy person designing a voting system, and you wanted to build in backdoors, would you make them look like a very clever backdoor, or a really stupid mistake?
It really ought to be pretty darn simple. I'm talking no more than a few weeks of full-time development by experianced engineeres.
Hardware-wise it should support a write-once type memory chip for recording votes. I don't mean flash RAM that a good hacker could alter, I mean fuse memory that cannot be altered (without extraordinary equipment and knowledge) once written.
It should also have to support printing a paper ballot that is viewed by the voter. The voter would not review his choices on screen, he would be required to read the paper ballot to verify the vote, then match a random glyph on the paper to one on the screen to approve the vote (he has to look at the paper to get the glyph, so he's more likely to actually review his vote).
Initial counts would come from the memory chip, recounts would be done off of the paper ballots (which would be formated such that the same encoding could be read by machine or human).
Everything should be traceable back to the specific voting machine from which it came (heck, you could even have the machine use a combination of GPS and accelerometers to record the coordinates and time when the vote was cast).
Given that an overly complicated system would probably actually be a detriment, i wouldn't be suprised at all to see some opensource versions.
Sounds good to me, as long as the router has a capability to deny if I want it to configure it to do so.
I recognize the security problem of allowing any application to put holes in the firewall like this, but the small office/home equipment that supports these features isn't generally installed for its firewall features, its installed for its NAT features. Most home users would consider it a good thing that it lets their apps do what they were designed to do. Perhaps an off by default option to enable it?
Seems like it would be simpler to allow users inside the NAT to request a forward (they have around 50,000 ports to choose from), and inform the game server of the port that the client will be listening on.
NAT really does cause more problems than its worth
If my cable modem provider would give me access without charging extra for every computer I attach, I would be happy to do without NAT. I don't see that happening, even if they have 50 bazillion addresses available, not when they can make another 5 bux a month per machine.
we should withdraw all the A-class networks that are unnecessarily allocated to US companies.
And EDU's too. There are many universities with many tens of thousands of IP addresses, most of which are unused. One I know of has at least one class A, a couple B's and several C's, and they have a grand total of about 6800 addresses in use.
I agree that there are a number of protocols that these places use that simply cannot be NATed, but IMO they need to quit catering to these broken-ass apps, NAT the system and tell the users to get software that plays nice.
We would have plenty of IP addresses for then next decade or so huge chunks weren't being wasted like this.
Ops is desired by many not necessarily because its power over others, but because it is status. Look at the Karma system. High karma doesn't really give you control over other people, and yet people try to gain as much as possible.
In an IRC channel, the most obvious flag of status is +o. If there was a Karma-like rating system that was unlinked from ops and very visible, people would strive to achieve high ratings there too.
I think its kind of a video-game culture thing. There are a lot of people who want their publicly displayed scores to be better than everybody elses, so they will identify the things that look like scores and seek to improve them.
As a parent of small children, I plan on addressing this by equipping them with cell phones with GPS receivers and requiring that they answer that phone any time it rings, and that I can receive their GPS coords at any time. In return they will be allowed to go where they want, when they want (within alloweable hours regarding curfews and school, etc), and I won't badger them about what they were doing. All the better if the phone supports some kind of clandestined 'are you there' signal that would not be easily fooled in the case of abduction or other seperation of the phone from the correct person.
I would have taken this deal myself, gladly. I'm not so much worried about them doing stupid stuff (I did, and I've still got all my limbs and most of my brain cells) as I am about them doing something stupid, getting hurt or stranded, and not having an option for rescue.
I'd agree that stalking type uses are a potential drawback of locator technology, but I kind of lump it in there with the drawback of driving cars (you know, the whole dying-on-the-highway thing).
The 'protecting the children from rapists' thing is a dumb argument anyway, the large majority of assults are by family members or other trusted non-strangers.
Locator technology will be extremely useful, and as technology advances, difficult to avoid. It does kind of open up some sticky privacy issues, mostly if the locators are small enough to be easily hidden. Even if normal consumer devices advertised their presence to any scanner (allowing any person to scan their general area and remove unwanted locators) I can imagine that the government would be pretty keen to have their own version that didn't identify itself. These would both be useful from a law enforcement prespective (unubtrusive monitoring of probationary subjects, warranted tracking of suspects, etc), and easy to abuse if not handled pretty strictly, like wire taps.
One thing that would really, really help is if Mozilla would support MHTML, multi-part html files. IE has supported them (*.mht) since 5.5.
Its just a multi-part mime document that contains the html document and all its images and etc. There is some question as to frame support and whatnot, but IMO mozilla should quit worrying about how it ought to be done and just follow IE's lead here.
Part of the problem with mirroring crap to freenet is that you have to insert each and every file as a seperate document, and they don't stick together, so you have to wait for images and frames and such to be found where ever they happen to fall on the network, which is exceedingly slow.
Freesites would look much better if they could encapsulate everything into a single file that browsers could load natively, like the way mhtml works in IE.
Yes, there are loads of other ways to do web archives, zip, jar, war, whatever. But the current king of browsers supports MHT, at the very least mozilla could embrace this and extend it later.
it's not hard to find enough astronauts. They are practically standing in line.
it's not hard to find enough astronauts. They are practically standing in line.
I just wish we could use some of those fools standing in the government dole lines instead of blowing up perfectly good intelligent people. At least the engineers stay on the ground mostly
It wouldn't matter if you included encryption. The point of p2p networks is to give files to people you do not know and (therefore) do not trust. Just as the RIAA cannot provide DRM music in such a way as to prevent copying, you cannot provide encrypted files without providing a way to decrypt the files.
Even if you did, the RIAA could 'decrypt' (ROT13, whatever) the file and if it isn't theirs, delete it. If it is theirs, they have broken no law, even if they choose to share it on the network. Its theirs, they can do with it what they please.
You cannot use the DMCA against the RIAA. It doesn't apply to you if you are illegally trading copyright materials (for which you are nto the copyright holder).
Entrapment laws are very specific and have nothing to do with this.
The DMCA does not apply because they are the copyright holder and because they would not be circumventing any recognized encryption method (TCP is not an encryption method, regardless of how one tries to twist the definitions of the words).
This is probably quite legal, and IMO as an occasional trader of copyrighted files, fair play. Unfair play would be if they located my IP address, coerced my ISP into providing my physical address, and then came over for a visit.
Of course, all they would find is an 'accidentally' unsecured wireless access point connected to my cable modem and a tinfoil hat.
What you need to do is install a robot behind your door that will very politely take up as much of the spammers time as possible, without clueing him in that you are deliberately taking his time without buying anything.
This is a long term strategy. If spammers have to spend money on bandwidth sending their webpages to everybody who requests it, their profits will go down, hopefully negative.
Make the robot opensource and provide it to all your friends too. Thats what I'm doing (although its a couple days work away from a releasable state still)
Slashdot Mirror
If you were a very savvy person designing a voting system, and you wanted to build in backdoors, would you make them look like a very clever backdoor, or a really stupid mistake?
It really ought to be pretty darn simple. I'm talking no more than a few weeks of full-time development by experianced engineeres.
Hardware-wise it should support a write-once type memory chip for recording votes. I don't mean flash RAM that a good hacker could alter, I mean fuse memory that cannot be altered (without extraordinary equipment and knowledge) once written.
It should also have to support printing a paper ballot that is viewed by the voter. The voter would not review his choices on screen, he would be required to read the paper ballot to verify the vote, then match a random glyph on the paper to one on the screen to approve the vote (he has to look at the paper to get the glyph, so he's more likely to actually review his vote).
Initial counts would come from the memory chip, recounts would be done off of the paper ballots (which would be formated such that the same encoding could be read by machine or human).
Everything should be traceable back to the specific voting machine from which it came (heck, you could even have the machine use a combination of GPS and accelerometers to record the coordinates and time when the vote was cast).
Given that an overly complicated system would probably actually be a detriment, i wouldn't be suprised at all to see some opensource versions.
Do you mean to say that you think that all of the flaws were mistakes?
I fully expect that some of them were intended as 'features' that would only be available to a select few.
If the devices aren't fully open, don't trust them.
If the devices are fully open, don't trust them.
Sounds good to me, as long as the router has a capability to deny if I want it to configure it to do so.
I recognize the security problem of allowing any application to put holes in the firewall like this, but the small office/home equipment that supports these features isn't generally installed for its firewall features, its installed for its NAT features. Most home users would consider it a good thing that it lets their apps do what they were designed to do. Perhaps an off by default option to enable it?
Am I missing a bigger issue with it?
If the port is forwarded, its no longer behind a nat
Not true at all, its still NATed, it just receiving forwarded data.
You said:
you can't download from a nated machine if your machine is behind a nat.
Without qualifying the statement that port forwarding can provide a limited solution to that problem.
Obviously port forwarding isn't a solution for large networks, but your statement, as you made it, is only partially correct without the qualifier.
assessing the intellectual abilities of someone you know nothing about.
[its funny, laugh]
Don't you really mean "assessing the intellectual abilities of someone about whom you know nothing"?
[/its funny, laugh]
you can't download from a nated machine if your machine is behind a nat.
Without the correct ports forwarded.
Seems like it would be simpler to allow users inside the NAT to request a forward (they have around 50,000 ports to choose from), and inform the game server of the port that the client will be listening on.
NAT really does cause more problems than its worth
If my cable modem provider would give me access without charging extra for every computer I attach, I would be happy to do without NAT. I don't see that happening, even if they have 50 bazillion addresses available, not when they can make another 5 bux a month per machine.
we should withdraw all the A-class networks that are unnecessarily allocated to US companies.
And EDU's too. There are many universities with many tens of thousands of IP addresses, most of which are unused. One I know of has at least one class A, a couple B's and several C's, and they have a grand total of about 6800 addresses in use.
I agree that there are a number of protocols that these places use that simply cannot be NATed, but IMO they need to quit catering to these broken-ass apps, NAT the system and tell the users to get software that plays nice.
We would have plenty of IP addresses for then next decade or so huge chunks weren't being wasted like this.
I'd just turn off the phone, and tell you that I was out of the service area./I
I don't take excuses. You'd be grounded for not answering the phone.
Actually the problem was that Suzie L.'s ID had a picture, and the kid would have been better off with Spot.
Ops is desired by many not necessarily because its power over others, but because it is status. Look at the Karma system. High karma doesn't really give you control over other people, and yet people try to gain as much as possible.
In an IRC channel, the most obvious flag of status is +o. If there was a Karma-like rating system that was unlinked from ops and very visible, people would strive to achieve high ratings there too.
I think its kind of a video-game culture thing. There are a lot of people who want their publicly displayed scores to be better than everybody elses, so they will identify the things that look like scores and seek to improve them.
As a parent of small children, I plan on addressing this by equipping them with cell phones with GPS receivers and requiring that they answer that phone any time it rings, and that I can receive their GPS coords at any time. In return they will be allowed to go where they want, when they want (within alloweable hours regarding curfews and school, etc), and I won't badger them about what they were doing. All the better if the phone supports some kind of clandestined 'are you there' signal that would not be easily fooled in the case of abduction or other seperation of the phone from the correct person.
I would have taken this deal myself, gladly. I'm not so much worried about them doing stupid stuff (I did, and I've still got all my limbs and most of my brain cells) as I am about them doing something stupid, getting hurt or stranded, and not having an option for rescue.
I'd agree that stalking type uses are a potential drawback of locator technology, but I kind of lump it in there with the drawback of driving cars (you know, the whole dying-on-the-highway thing).
The 'protecting the children from rapists' thing is a dumb argument anyway, the large majority of assults are by family members or other trusted non-strangers.
Locator technology will be extremely useful, and as technology advances, difficult to avoid. It does kind of open up some sticky privacy issues, mostly if the locators are small enough to be easily hidden. Even if normal consumer devices advertised their presence to any scanner (allowing any person to scan their general area and remove unwanted locators) I can imagine that the government would be pretty keen to have their own version that didn't identify itself. These would both be useful from a law enforcement prespective (unubtrusive monitoring of probationary subjects, warranted tracking of suspects, etc), and easy to abuse if not handled pretty strictly, like wire taps.
One thing that would really, really help is if Mozilla would support MHTML, multi-part html files. IE has supported them (*.mht) since 5.5.
Its just a multi-part mime document that contains the html document and all its images and etc. There is some question as to frame support and whatnot, but IMO mozilla should quit worrying about how it ought to be done and just follow IE's lead here.
Part of the problem with mirroring crap to freenet is that you have to insert each and every file as a seperate document, and they don't stick together, so you have to wait for images and frames and such to be found where ever they happen to fall on the network, which is exceedingly slow.
Freesites would look much better if they could encapsulate everything into a single file that browsers could load natively, like the way mhtml works in IE.
Yes, there are loads of other ways to do web archives, zip, jar, war, whatever. But the current king of browsers supports MHT, at the very least mozilla could embrace this and extend it later.
If you like the idea, make it happen.
If someone else wants to break the law and give you a free or cheap product it's perfectly legal to accept it.
For now. If you want it to stay that way, write your representative and make that clear.
Clear glue on clear plastic, then scan both sides. In software it should be pretty easy to match up the two sides of each piece.
I wouldn't be suprised if they had a method of addressing this already.
You are easily above the bulk of the atmosphere at 50k ft, so a large amount of the work has been done.
I particularly like the idea of using proven, off the shelf equipment like a 747 for reducing launch costs.
it's not hard to find enough astronauts. They are practically standing in line.
I just wish we could use some of those fools standing in the government dole lines instead of blowing up perfectly good intelligent people. At least the engineers stay on the ground mostly
I do hope you realise that you're creating a 'zombie DoS net' which future genertions of script kiddies will be very happy to exploit.
I suppose they could exploit it by becoming spammers, but it seems like a very inefficent way to do so.
it could be argued that TCP is an encryption scheme under the same rules.
You could argue that a cat is a dog too, but you'd still be wrong.
It wouldn't matter if you included encryption. The point of p2p networks is to give files to people you do not know and (therefore) do not trust. Just as the RIAA cannot provide DRM music in such a way as to prevent copying, you cannot provide encrypted files without providing a way to decrypt the files.
Even if you did, the RIAA could 'decrypt' (ROT13, whatever) the file and if it isn't theirs, delete it. If it is theirs, they have broken no law, even if they choose to share it on the network. Its theirs, they can do with it what they please.
You cannot use the DMCA against the RIAA. It doesn't apply to you if you are illegally trading copyright materials (for which you are nto the copyright holder).
You, sir or madam, are full of hooie.
Entrapment laws are very specific and have nothing to do with this.
The DMCA does not apply because they are the copyright holder and because they would not be circumventing any recognized encryption method (TCP is not an encryption method, regardless of how one tries to twist the definitions of the words).
This is probably quite legal, and IMO as an occasional trader of copyrighted files, fair play. Unfair play would be if they located my IP address, coerced my ISP into providing my physical address, and then came over for a visit.
Of course, all they would find is an 'accidentally' unsecured wireless access point connected to my cable modem and a tinfoil hat.
What you need to do is install a robot behind your door that will very politely take up as much of the spammers time as possible, without clueing him in that you are deliberately taking his time without buying anything.
This is a long term strategy. If spammers have to spend money on bandwidth sending their webpages to everybody who requests it, their profits will go down, hopefully negative.
Make the robot opensource and provide it to all your friends too. Thats what I'm doing (although its a couple days work away from a releasable state still)