Yeah, I feel the same way about DDG. I really, really want it to be good enough to meet my needs, but it just doesn't. I suspect some of that is because it relies heavily (but not solely) on Bing.
Bing is actually better that Google in returned results. But I do absolutely hate the interface with a fiery passion.
We agree about the interface, but my experience with Bing's returned results is different from yours. I found Bing lacking enough that I gave up on it entirely.
I did say my statement only applies to those affluent enough to have a credit card. Considering a third of Americans don't even have a credit card, and many purchases still must be done with a check / money order (such as rent / mortgage), its not surprising that half of transactions involve cash.
Most people, even those without credit cards, have debit cards that can be used to buy stuff and pay rent just the same as credit cards. According to the FDIC, around 10% of the US population does not have access to debit card services. Indeed, there are a lot more people paying with debit cards than credit cards -- in supermarket purchasing, it's about 2 to 1. The only segment where credit cards are used more than debit cards is with online purchasing.
It isn't completely phased out, but its really close for any affluent enough to have a credit card. For instance less than 3% of my spending is done with cash, and its only that high because my wife loves estate sales.
It's really close for you, but a single point of anecdotal data is meaningless. Let me counter with my own anecdote: I'm reasonably affluent and have credit cards, but I pay in cash for about 80% of my transactions.
But the observation that a gift card is not the same as cash has nothing to do with this. Being given a credit at a particular store is not the same as being given cash, regardless of whether or not that "cash" is in the form of physical currency.
The point is more around "can you spend it in any way you like"? If you're limited to a particular retailer or retailers (even if it's "all of them" -- what if I want to give it to an individual?), then the answer is "no".
That statement and the singular pronoun implies you think "freedom" is an atomic concept. I.e., that any freedom lost is a loss of all freedom.
That's an implication I did not intend.
"If you are going to lose it one way or another" means you put "look at phone messages" in the same loss of freedom category as "you sleep there [...]
I don't at all. They are both very serious limitations, but are different in type and time scales. My point is that they are both losses. Whether or not you should buckle under over access to your phone does not necessarily depend on there being anything of value on the phone. It could very well depend on how much you're willing to put up with constantly increasing government abuse of which this is just one small part.
Deciding that this isn't a hill you're willing to defend is perfectly rational, as you point out. However, deciding it is such a hill is no less rational, and choosing to do so is also fighting for freedom.
How is it different from any other contractual arrangement though? You might as well say "avoid banks" because money is only safe hidden under your mattress.
The nature of the contract doesn't really enter into it, as neither the two primary sources of attacks (criminals and the government) are restricted by a contract.
Your analogy isn't quite on point, in part because there are special banking laws that somewhat mitigate the risk. Cloud providers are not subject to such special regulation.
The analogy would be better if you said "pay only with cash because other payment systems enlarge your attack surface". Which isn't incorrect.
If you're in a situation where the government has proper legal authority to demand decryption, and you believe in the rule of law, then you must decrypt.
Yes, and it's unfair and unrealistic to expect companies to violate the law to protect your data (even if the law is abusive). This is why the services themselves should not have the decryption keys. That allows them to comply with all laws without endangering their clients.
If operating in a secure manner means that cloud services become uneconomical, that is a strong argument that cloud services aren't yet at the point where they should be widely deployed.
1) Is it legal in the US to ask the question of job candidates, "Do you believe that the government should be required to hand over cloud data to the government without a warrant targetted to a particular individual?" I would ask this and reject anyone who said 'yes'.
The problem is that sometimes the key is temporarily present on the providers machines, either sent with API requests for server-side encryption, or present on a VM running client software in provider cloud.
If your key is ever present, even temporarily, on a third party server then your security model is broken, period. You should not be relying on server-side encryption, nor should you be running client software that needs to decrypt sensitive stuff in a VM in the cloud.
I didn't know that so many people actually believe that trailers are a fair representation of the movie they're associated with. Huh, you learn something new every day.
There are exceptions, but generally speaking trailers have only had a very loose connection with the movie they purport to represent for decades, at least. I never assume that they give a real indication of what the movie is like, what the movie is about, or often even what genre a movie is in.
It took me about five minutes to find the link you're referring to. I had no idea that links were provided next to the title on/. -- probably because, at least on my browser, the link is almost entirely covered up by the "Displays" and "Security" icons.
Slashdot Mirror
Yeah, I feel the same way about DDG. I really, really want it to be good enough to meet my needs, but it just doesn't. I suspect some of that is because it relies heavily (but not solely) on Bing.
Bing is actually better that Google in returned results. But I do absolutely hate the interface with a fiery passion.
We agree about the interface, but my experience with Bing's returned results is different from yours. I found Bing lacking enough that I gave up on it entirely.
I did say my statement only applies to those affluent enough to have a credit card. Considering a third of Americans don't even have a credit card, and many purchases still must be done with a check / money order (such as rent / mortgage), its not surprising that half of transactions involve cash.
Most people, even those without credit cards, have debit cards that can be used to buy stuff and pay rent just the same as credit cards. According to the FDIC, around 10% of the US population does not have access to debit card services. Indeed, there are a lot more people paying with debit cards than credit cards -- in supermarket purchasing, it's about 2 to 1. The only segment where credit cards are used more than debit cards is with online purchasing.
It isn't completely phased out, but its really close for any affluent enough to have a credit card. For instance less than 3% of my spending is done with cash, and its only that high because my wife loves estate sales.
It's really close for you, but a single point of anecdotal data is meaningless. Let me counter with my own anecdote: I'm reasonably affluent and have credit cards, but I pay in cash for about 80% of my transactions.
But the observation that a gift card is not the same as cash has nothing to do with this. Being given a credit at a particular store is not the same as being given cash, regardless of whether or not that "cash" is in the form of physical currency.
The point is more around "can you spend it in any way you like"? If you're limited to a particular retailer or retailers (even if it's "all of them" -- what if I want to give it to an individual?), then the answer is "no".
A company wanting to "pay you" to use their product is a company that is admitting their product is failing.
That statement and the singular pronoun implies you think "freedom" is an atomic concept. I.e., that any freedom lost is a loss of all freedom.
That's an implication I did not intend.
"If you are going to lose it one way or another" means you put "look at phone messages" in the same loss of freedom category as "you sleep there [...]
I don't at all. They are both very serious limitations, but are different in type and time scales. My point is that they are both losses. Whether or not you should buckle under over access to your phone does not necessarily depend on there being anything of value on the phone. It could very well depend on how much you're willing to put up with constantly increasing government abuse of which this is just one small part.
Deciding that this isn't a hill you're willing to defend is perfectly rational, as you point out. However, deciding it is such a hill is no less rational, and choosing to do so is also fighting for freedom.
Better be sure whatever you are protecting is worth your life or your freedom because that's what it might cost you.
What you are trying to protect is your freedom. If you're going to lose it one way or another, it seems better to lose it by standing up for yourself.
How is it different from any other contractual arrangement though? You might as well say "avoid banks" because money is only safe hidden under your mattress.
The nature of the contract doesn't really enter into it, as neither the two primary sources of attacks (criminals and the government) are restricted by a contract.
Your analogy isn't quite on point, in part because there are special banking laws that somewhat mitigate the risk. Cloud providers are not subject to such special regulation.
The analogy would be better if you said "pay only with cash because other payment systems enlarge your attack surface". Which isn't incorrect.
Ah, beat me to it!
Also, do you remember knocking the box of punch cards off a desk and watching someone flip out?
Do you remember core memory?
Did you ever optimize code by laying instructions out on a magnetic drum so that the next needed instruction would be under the read head when needed?
Did you ever use Karnaugh maps?
Good times!
Seems to me ppl prefered to use BBS because you could get 'word' or pdf quality files.
My, you're young.
That's actually OK as long as everyone who has an interest in the data is aware that their security is being sacrificed to save a few bucks.
If you're in a situation where the government has proper legal authority to demand decryption, and you believe in the rule of law, then you must decrypt.
Yes, and it's unfair and unrealistic to expect companies to violate the law to protect your data (even if the law is abusive). This is why the services themselves should not have the decryption keys. That allows them to comply with all laws without endangering their clients.
Which is a big part of why cloud services should be generally avoided.
If operating in a secure manner means that cloud services become uneconomical, that is a strong argument that cloud services aren't yet at the point where they should be widely deployed.
1) Is it legal in the US to ask the question of job candidates, "Do you believe that the government should be required to hand over cloud data to the government without a warrant targetted to a particular individual?" I would ask this and reject anyone who said 'yes'.
This would be perfectly legal in the US.
I would argue that Smith v Maryland should be re-considered.
Me too, since the ruling made no sense to begin with.
The storage providing company should not provide any encryption at all, that should be the responsibility of the customer.
Well, I don't know as I'd go that far -- I can think of perfectly fine use cases where that would be handy.
However, nobody should consider such encryption to be secure enough for really sensitive information. It's more like a lock on a screen door.
The problem is that sometimes the key is temporarily present on the providers machines, either sent with API requests for server-side encryption, or present on a VM running client software in provider cloud.
If your key is ever present, even temporarily, on a third party server then your security model is broken, period. You should not be relying on server-side encryption, nor should you be running client software that needs to decrypt sensitive stuff in a VM in the cloud.
Just yesterday some friends and I were talking about how much we miss Gopher. It had some useful advantages that nothing has replaced.
True, but this is not the "new" normal. This has been normal for a very long time.
I didn't know that so many people actually believe that trailers are a fair representation of the movie they're associated with. Huh, you learn something new every day.
There are exceptions, but generally speaking trailers have only had a very loose connection with the movie they purport to represent for decades, at least. I never assume that they give a real indication of what the movie is like, what the movie is about, or often even what genre a movie is in.
I see nuance isn't your thing. Let me help.
The problem is solved for me personally. This is what I stated, and is true.
The problem is not solved in the general case. I never stated that it was.
This could never happen with an analog monitor
True. With an analog monitor, you have to use Van Eck phreaking instead.
It took me about five minutes to find the link you're referring to. I had no idea that links were provided next to the title on /. -- probably because, at least on my browser, the link is almost entirely covered up by the "Displays" and "Security" icons.
The point is that, while your solution may work for some, robo calls in general are fundamentally wrong.
You'll get no argument from me. Pointing out a solution that may work for some people in no way implies that I think the issue is "solved".