Lets see here. We're waging robo war in Pakistan, Afganistan, Iraq Yemen - virtually surrounded their whole country - some 100K troops near their borders. We're beating the drums of "Those Iranians are the worst since Hitler..." We're probably assassinating their scientists. We've invaded multiple countries without provocation for a long time, and waged countless covert wars and actions against those we don't like. We supported a proxy war [using our best friend Saddam Hussain - (where have I heard that name before?)] using weapons of mass destruction against the Iranians, using US intelligence. And less than sixty years ago we helped overthrow a democratically elected government in Iran and put in place the Shah. [Who was evil in ways that Hitler *would* understand.]...and if I understand you, you're complaining that the Iranians used some props you find offensive.
You sir, have a most misplaced sense of decency [or a most woefully inadequate knowledge of the history of the dealings of your country].
Of all the offenses betwixt the USA and Iran, I'd posit that the balance isn't even close to parity. The Iranians have a lot of IOU's due against the US. [Like enough to use one every day for a century.]
Look at ubiquiti's stuff. M5 Wireless bridges out to to the AP's and UniFi [normal or long-range] for the clients. www.ubnt.com Nanostation M5 [5Ghz]: http://ubnt.com/nanostationm UniFi: http://ubnt.com/unifi
Not as slick as Ruckus or some other stuff, but incredibly cheap. [Bridges are about $200 for a pair - and super solid, massive through-put. UniFi is about $70 per AP.]
You also get the ability to help pay for the system via UniFi. [Paypal subs, no admin reqd. Vouchers for "free" use etc.] That's all included for "free" in their system. Plus you can use Pico's for outdoor use. Already weather-proof.
Here's the explaination I heard recently, and I think it's the best I've ever heard.
You want to train a dog to come when you call.
So, you take a 1 kilo steak and call him - and you feed him the whole kilo at once.
OR
You cut the 1kg into 200 pieces. Then you call him to you and give him once of the pieces. Repeat 200 times.
The first got a BIG reward, but only once. The dog's going to be sated for quite a while. The second gave a small but substantial reward very often. And better yet, the dog will want another almost instantly.
The second method will "train" your brain to respond in the "desired" way lots faster than the first.
Smoking is a small hit, many times a day, perhaps many times an hour. Heroin is a BIG hit a few times a day.
Smoking will condition the neurons in your brain a lot faster and more reliably than heroin will.
I've posted this before, but thought I'd do so again...
And the problem is that, for all the compliments that others pay me, calling me "talented" and "intelligent," I feel paralyzed, like everyone is always expecting something great to come out of me, and all I ever do is disappoint when I don't meet those expectations. So I stop trying.
In short, there may be some upper limit to raw brain power, but for most, that limit isn't ever reached.
So, claiming that "intelligence" is some inherent trait and, like most, assuming that failure equals non-intelligence causes a whole range of problems.
People can sharpen their skills and those skills are usually viewed as intelligence.
The real rub is this: When kids think they are "intelligent" or not, then nothing they do can impact that inherent trait. They will do all sorts of odd things to avoid failure and being labeled "stupid." [The inverse of intelligent.]
When they are told they can learn, and that "intelligence" is not a fixed trait, they do much better, and the odd behaviors of attempting to either gain entry into the "intelligent" club, futility of being in the stupid club, or working to avoid losing the "intelligent" club card vanish.
No, CIH was a virus that trashed the BIOS as part of it's payload.
On some systems it was unable to modify the BIOS and so the *payload* wasn't delivered - so to speak. But it never "infected" the BIOS - in that there was never any attempt to get running code in the BIOS.
And if somewhere somehow it placed running code in the BIOS, it should be viewed as like a million monkeys at a million keyboards. Eventually one will type something readable.
That's a FAR, FAR cry from writing code that intentionally infects the BIOS and does "useful" things in that code.
A vendor could easily offer a service to customers that would be the expert in choosing the notary's who are trustworthy, perhaps offering their own notary service as well. Now the vendor selling this service has an incentive to actually protect the user - since if they don't, they lose trust and then lose the customer and their dollars.
And given a little time I'd guess there would be several stable notaries out there and would be well trusted. There would be services that would help the user choose a reliable bundle of notaries who can be trusted - given the users comforts and needs.
So, yes - at this point in time, it does require a knowledgeable user. But that wouldn't *have* to be the case at all, and in fact having vendors who have their primary purpose in serving the user and maintaining their trust - is exactly what would decrease the need for end user knowledge. They would provide a service who's interests are aligned with the user, rather than screwing everyone for the most cash. [Either by selling certs to any warm body, or by terrible security because it might cut into profit, or simply because they're too stupid to know better...]
There are certainly some things that will need fine tuning and it's a system that will need critical mass - but that's true of any replacement. And this one appears to be one that could co-exist with the current system until critical mass is reached.
But the whole framework behind certificates and CA's is the problem. This is just a symptom of the problem.
Moxiespike: "Who are you going to trust, and for how long?" If the answer to how-long, is forever - then you probably have a problem.
The problem is there's no real way to handle problem CA's - and you don't get much choice, and the system is too moribund and static to respond to problems like this.
So, yes we can fix this *specific* problem by getting every browser to re-work the trusted CA's and then get everyone to install the new browser with the new set of trusted CA's.
But that will still leave a small group of people making choices about YOUR trusted CA's. And the latency to make those changes is *very* high.
Not much of a solution, IMO.
Truly, everyone should take the time to listen or read Marlin Moxiespike's proposal.
Show me ONE example (real or hypothetical) where a DNS record has been altered (with or without the cooperation of the DNS provider) by someone other than the legitimate domain owner (e.g. hackers, government etc) where storing certificates in DNS would make things worse than if the site was using current CA-issued certificates and I will accept your arguments.
Seriously? Sex.com was totally hijacked. There are literally thousands of cases where domains get owned. [And once you own the domain its DNS is certainly available for tampering.]
Next, if you are willing to tamper with the whole chain, then nothing will help the user. Easily within reach for a government or serious party handling DNS - and there's no protection.
Why settle for a half measure at best. We're going to have to redesign a whole set of things - lets really try to do it right and make the replacement agile. As MM points out. "Who are you going to trust and for how long." If you can't easily/gracefully [or even ever] change who you trust, then you probably have a problem.
where storing certificates in DNS would make things worse than if the site was using current CA-issued certificates
Man, what a high bar you have there for a "better" solution. 'It's better than the totally broken current system.' Your argument amounts to: "Well, yeah, rape sucks. We think you ought to get mugged and violently assaulted instead."
Huh? Really?! Let's just assume CA's *are* worse than DNSSEC - just for the sake of argument. In that case that DNSSEC would be better than the sketchy CA's. But simply being a little better than what's currently in place shouldn't be where we set our aspirations in coming up with something new and better.
How about, instead of aspiring to get violently assaulted, you work for something a LOT better.
If you won't trust the SSL authorities, and I don't - then one would assume that trusting the registrars/TLD's/root/or country TLD's would be even more crazy.
IMO, DNSSEC simply doesn't really solve the problem, and shouldn't be the "solution." We should look for and design something better.
And when the DNS servers are subverted to point to bogus SSL certificates, then what?
You do happen to know that you'll have to trust the government [ISP etc] not to mess with DNS, and a one-stop shop to subvert both your domain and your PKI is just what they'd like to have.
SSL certs authenticated/served by DNS is not a fix, IMO - because DNS isn't any more secure from powerful interests than SSL is. [And it may even be less secure.]
This truly is a hard nut to crack, and knee-jerk solutions like "tie it to DNS" won't solve the problem in any robust way.
MS: "Yeah, your home is like Fort Knox - no one will break in through the new stuff we built. Mumble mumble mumble" Me: "What was that mumbling?" MS: "Well, everything is really secure, except the old stuff - like, you know, the doors and windows. That's old stuff. You can't hold us responsible, even if we built it. Only the new stuff matters and it's like a rock! No one will break in through the roof or walls!" Me: "Ah, yeah - I feel so much better already!"
Sheesh.
If the new stuff is SO much better, and it's all that old crap code, then go back and fix it. Until then, I'll assume security doesn't matter much to you since while they can't break the "new" code - there's loads of old code that's full of holes. The practical experience is "it's full of holes." I don't much care where they come from.
[And even then, I don't yet buy the "Well the new stuff is so much better." because I don't see much evidence of it.]
'It's taken Microsoft 10 years to turn security from a weakness into a strength"
Really? A strength? Seriously?
Is that why we got the ping of death back in Vista/Win7/2008 because of a forked TCP stack?.... Because Security is a "Strength" for Microsoft?
Honestly, while security *may* be better [and I'm not sure that's true] at MS, it certainly IS NOT a strength of theirs.
If that's the view of the moron who wrote this - I'll trust everything else written with the same level of massive skepticism. [i.e. It's clear a moron wrote this - so I'll trust everything else in here just as much as I'd trust any other moron.]
Logical? I don't really consider skewing the facts as "logical." [And skewing the facts is the most charitable description I can use for his "truthiness."]
Re: His arguments against Google and it's dispute with Sun/Oracle about Java. The examples he used of infringing files was just total BS.
And that's just the first example.
Every time I read his dreck, I think. Man, what axe does this guy have to grind. Every time, if I take the time to drill down through the layers of crap, I find there really wasn't anything to begin with.
So, when that happens more than a few times one starts to simply say - "Ah, yeah that troll. I wish someone would check him into a mental institution - or worse."
Sure, the boy who cried wolf all those times - we was eventually right. But by that point everyone had learned to ignore him. And probably more than a few were overjoyed that he got eaten. [Provided he did, which I assume is the outcome. Pity if it was only his sheep.]
Moral: it '...shows that this is how liars are rewarded: even if they tell the truth, no one believes them.'
Your link really does nothing to prove we utilize more than 10% of our brains.
Facts are, we really have no idea what fraction of total capacity we use - but I think examples like like Jamie Escalante make it clear we often vastly under estimate the capacity of others.
Let me quote... --- In 1982, Escalante came into the national spotlight when 18 of his students passed the challenging Advanced Placement Calculus exam. The Educational Testing Service found these scores to be suspicious, because all of the students made exactly the same math error on problem #6, and also used the same unusual variable names. 14 of those who passed were asked to take the exam again. 12 of the 14 agreed to retake the test and all 12 did well enough to have their scores reinstated. In 1983, the number of students enrolling and passing the A.P. calculus test more than doubled. That year 33 students took the exam and 30 passed.... At the height of Escalante's influence, Garfield graduates were entering the University of Southern California in such great numbers that they outnumbered all the other high schools in the working-class East Los Angeles region combined. Even students who failed the AP went on to become star students at California State-Los Angeles in large numbers
---
These kids were performing on a par with elite private school kids that were were exceedingly highly self selected. [Only the "smartest" of kids were allowed into these elite private schools and only the best were their math whizzes. I believe Mindset has more details, but I can't dig them up right this second...]
These kids were performing at a level that virtually no-one would have said they were capable of performing at. So, clearly their mental plasticity was a lot higher than we usually give credit for. They were able to perform at levels which allowed MANY students to pass the math AP exams - no small feat.
So, while I don't know how much of our brains most of us use, it's pretty clear that those that are encouraged to try either get a lot of "built" brains to work with, or they had a lot of untapped potential.
So, I pretty much disagree that, what virtually anyone would define as, "intelligence" is a fixed capacity - we either built more, or we really under-utilize what we have.
Your link really does nothing to prove we utilize more than 10% of our brains.
Facts are, we really have no idea what fraction of total capacity we use - but I think examples like like Jamie Escalante make it clear we often vastly under estimate the capacity of others.
See: http://en.wikipedia.org/wiki/Jaime_Escalante
Let me quote...
---
In 1982, Escalante came into the national spotlight when 18 of his students passed the challenging Advanced Placement Calculus exam. The Educational Testing Service found these scores to be suspicious, because all of the students made exactly the same math error on problem #6, and also used the same unusual variable names. 14 of those who passed were asked to take the exam again. 12 of the 14 agreed to retake the test and all 12 did well enough to have their scores reinstated. In 1983, the number of students enrolling and passing the A.P. calculus test more than doubled. That year 33 students took the exam and 30 passed....
At the height of Escalante's influence, Garfield graduates were entering the University of Southern California in such great numbers that they outnumbered all the other high schools in the working-class East Los Angeles region combined. Even students who failed the AP went on to become star students at California State-Los Angeles in large numbers
---
These kids were performing on a par with elite private school kids that were were exceedingly highly self selected. [Only the "smartest" of kids were allowed into these elite private schools and only the best were their math whizzes.
[I believe Mindset has more details, but I can't dig them up right this second...]
These kids were performing at a level that virtually no-one would have said they were capable of performing at.
So, clearly their mental plasticity was a lot higher than we usually give credit for. They were able to perform at levels which allowed MANY students to pass the math AP exams - no small feat.
So, while I don't know how much of our brains most of us use, it's pretty clear that those that are encouraged to try either get a lot of "built" brains to work with, or they had a lot of untapped potential.
So, I pretty much disagree that what virtually anyone would class "intelligence" is a fixed capacity - we either built more, or we really under-utilize what we have.
BTW, I have her Mindset book and would be glad to place it on loan if you're really interested in reading it.
For me, it explained a lot of my own "quirky" behavior. I'm quite sure I have raw processing power substantially above the "average" - however I think that mindset of "intelligence" was seriously detrimental to me - and to some degree, still is.
I'm working very hard to give alternative views to my peers, parents and children. I think the reasoning is really fairly obvious and the research certainly appears to back it up.
BTW: I have the mindset book in an E-book format and can loan it to you if you're truly interested.
-Greg
I've got some quotes, but the Slashfilter is screwing me...perhaps I'll post in sections...
In short, there may be some upper limit to raw brain power, but for most, that limit isn't ever reached.
So, claiming that "intelligence" is some inherent trait and, like most, assuming that failure equals non-intelligence causes a whole range of problems.
People can sharpen their skills and those skills are usually viewed as intelligence.
The real rub is this: When kids think they are "intelligent" or not, then nothing they do can impact that inherent trait. They will do all sorts of odd things to avoid failure and being labeled "stupid." [The inverse of intelligent.]
When they are told they can learn, and that "intelligence" is not a fixed trait, they do much better, and the odd behaviors of attempting to either gain entry into the "intelligent" club, futility of being in the stupid club, or working to avoid losing the "intelligent" club card vanish.
...and Monopoly Enforced NON net neutrality will be so very much better?
Ah, I see. [Sarcasm] They'll innovate! [Like innovate you out of all your cash, and screw you over.] Ah, but those monopolies will screw you over SO MUCH BETTER THAN THE GOVERMENT CAN.
I can hardly wait. [/sarcasm]
You already kissed privacy and anonimity and other basic stuff away. Let me guess, you voted for the Shrub, and thought Gitmo, smoke-'em-out, torture and such were great things - but now when the massive economic interests of a few monopolies are at stake, you're all for "smaller government?"
[I have no respect for Obama on these issues either - he's been a serious failure on torture, accountability and don't get me started on "look forward, not backward"... but Shrub was way worse.] I feel like ripping my eyes out when I see someone like you claim we need to protect our privacy by keeping the government out of the internet.
The freeking government was already IN the internet a LONG time ago, and virtually all "small government" republicans thought it was just fine since it was just going to target them brown evil-doer forriners.
The whole charade is incredible. Do nothing while our civil liberties are eviscerated under Bush. Then, in the very next breath, complain how our privacy will be ripped away if we support a bill that is going to prevent huge greedy interests from deciding what you get to access on the internet.
Talk about chutzpah.
It's like... That fireman that's extinguishing the flames at your house - well he *might* take something from your garage - so rather than keeping a watch on the guy, be sure to shoot him and let the whole house burn down. That's your solution to the problem, huh? [And never mind that you actually watched him rob everything of value from one neighbors house and actually helped him carry off the stuff from another - and never said "boo" about it till now.]
It goes way beyond cutting off your nose to spite your face.
And scanning through a book to find a passage you want to re-read.
Clicking through single pages isn't a problem at all for me - and I've got a K1. But moving 15 pages - checking to see if I'm where I wanted to be, then doing it again - we'll that's a serious PITA for the Kindle 1.
[And don't get me started about searches - they're slow and almost useless.]
The problem with the US is that we are so hung up on "OMG PROFILING RAWR" and "waah we can't let muslims think we're against them"
So, exactly how do we racially profile? You understand [I hope] that Muslim people can be peaceful, as well as radical. You understand that Christians can be peaceful as well as radical. You understand that Hindu can be peaceful as well as radical.
Any group, religious or not can be peaceful or radical and violent.
Next, you understand that Muslims, as well as Christians, as well as pretty much any other religion can be white, black, latino, asian, etc.
So, just how exactly are you going to "group" those people so we can scrutinize them? Perhaps you've developed the "mind scanner" where we can examine your thoughts and determine if you're a threat or not.
Short of that, "racial profiling" is the hugest waste of time imaginable.
What you're advocating is exactly what is always done when you want to remove any barrier to treating some arbitrary group wrongly.
Those [jews/muslims/mormons/cathloics/protestants/insert target group here] are fundamentally different than us. They don't respect us, and need to be [bombed/gassed/forced into slavery/sent back to mexico/insert desired treatment here.]
In short, you are the perfect moron who either are sly like a fox, and want to treat others with no dignity and respect and this is a great way to do it, or you're just misguided, and shouldn't be allowed to reproduce, at least in a just world.
You need some way to constructively handle your anger - and I find it sad that you've chosen to let it come out in portraying whole groups of people in totally bogus caricatures .
You haven't used obvious racist language, such as naming black people, latinos etc, but pretty much any one can certainly hear that dog-whistle very clearly.
People are people.
Undocumented immigrants, blacks, latinos, and white people *all* have those individuals who care and those that don't.
Rather than grouping your ire for whole groups of people, how about addressing individual behavior.
[And that's not even focusing on the fallacious nature of your arguments...but I felt the "racial" and "group" intolerance needed addressing.]
Slashdot Mirror
Lets see here. We're waging robo war in Pakistan, Afganistan, Iraq Yemen - virtually surrounded their whole country - some 100K troops near their borders. ...and if I understand you, you're complaining that the Iranians used some props you find offensive.
We're beating the drums of "Those Iranians are the worst since Hitler..."
We're probably assassinating their scientists.
We've invaded multiple countries without provocation for a long time, and waged countless covert wars and actions against those we don't like.
We supported a proxy war [using our best friend Saddam Hussain - (where have I heard that name before?)] using weapons of mass destruction against the Iranians, using US intelligence.
And less than sixty years ago we helped overthrow a democratically elected government in Iran and put in place the Shah. [Who was evil in ways that Hitler *would* understand.]
You sir, have a most misplaced sense of decency [or a most woefully inadequate knowledge of the history of the dealings of your country].
Of all the offenses betwixt the USA and Iran, I'd posit that the balance isn't even close to parity. The Iranians have a lot of IOU's due against the US. [Like enough to use one every day for a century.]
Look at ubiquiti's stuff. M5 Wireless bridges out to to the AP's and UniFi [normal or long-range] for the clients.
www.ubnt.com
Nanostation M5 [5Ghz]: http://ubnt.com/nanostationm
UniFi: http://ubnt.com/unifi
Not as slick as Ruckus or some other stuff, but incredibly cheap. [Bridges are about $200 for a pair - and super solid, massive through-put. UniFi is about $70 per AP.]
You also get the ability to help pay for the system via UniFi. [Paypal subs, no admin reqd. Vouchers for "free" use etc.] That's all included for "free" in their system.
Plus you can use Pico's for outdoor use. Already weather-proof.
[I've not run the Pico's - so check it out in the forum: http://www.ubnt.com/forum/forumdisplay.php?f=48 - you should be able to get your answers there.]
It's really some of the best bang-for-the-buck for non super-high-density WiFi use around, IMO>
-Greg
+1 for the parent
or simply shoot the pages with a digital camera and if needed do some post-processing.
You can even have full color if you need it.
This is overkill for your project, but may lead some interesting places.
http://www.diybookscanner.org/
-Greg
Lastpass - and a sealed envelope with your master password.
Or, last pass and share passwords you can allow.
While Last pass is likely to vanish after x years, there will be some similar solution in the future.
The sealed envelope is pretty good, provided you can leave it somewhere someone else [and not everyone else] can get to it.
-Greg
Here's the explaination I heard recently, and I think it's the best I've ever heard.
You want to train a dog to come when you call.
So, you take a 1 kilo steak and call him - and you feed him the whole kilo at once.
OR
You cut the 1kg into 200 pieces. Then you call him to you and give him once of the pieces. Repeat 200 times.
The first got a BIG reward, but only once. The dog's going to be sated for quite a while.
The second gave a small but substantial reward very often. And better yet, the dog will want another almost instantly.
The second method will "train" your brain to respond in the "desired" way lots faster than the first.
Smoking is a small hit, many times a day, perhaps many times an hour.
Heroin is a BIG hit a few times a day.
Smoking will condition the neurons in your brain a lot faster and more reliably than heroin will.
HTH
I've posted this before, but thought I'd do so again...
Read Carol Dweck
Here's what I've posted before...
---.
http://en.wikipedia.org/wiki/Carol_Dweck
In short, there may be some upper limit to raw brain power, but for most, that limit isn't ever reached.
So, claiming that "intelligence" is some inherent trait and, like most, assuming that failure equals non-intelligence causes a whole range of problems.
People can sharpen their skills and those skills are usually viewed as intelligence.
The real rub is this: When kids think they are "intelligent" or not, then nothing they do can impact that inherent trait. They will do all sorts of odd things to avoid failure and being labeled "stupid." [The inverse of intelligent.]
When they are told they can learn, and that "intelligence" is not a fixed trait, they do much better, and the odd behaviors of attempting to either gain entry into the "intelligent" club, futility of being in the stupid club, or working to avoid losing the "intelligent" club card vanish.
Read this: [It's from Dweck herself. Her book "Mindset" is an excellent start too.]
http://web.me.com/dianamadsen/Walden_Webpage/Parent_Resources_files/The%20Perils%20and%20Promise%20of%20Praise.pdf
---
Seriously - I think this is a MUST read for any parent. Not just parents of talented kids - ANY PARENT - ALL PARENTS.
I think many of us see the truth in this work and appreciate it more because we can see these forces at work in our own lives.
-Greg
No, CIH was a virus that trashed the BIOS as part of it's payload.
On some systems it was unable to modify the BIOS and so the *payload* wasn't delivered - so to speak. But it never "infected" the BIOS - in that there was never any attempt to get running code in the BIOS.
And if somewhere somehow it placed running code in the BIOS, it should be viewed as like a million monkeys at a million keyboards. Eventually one will type something readable.
That's a FAR, FAR cry from writing code that intentionally infects the BIOS and does "useful" things in that code.
CIH is/was not even close.
Really, when was the last time you talked to an insurance company and thought: "They really attempt to be the best they can at their job.
Ah, me neither.
-Greg
But it doesn't have to stay that way.
A vendor could easily offer a service to customers that would be the expert in choosing the notary's who are trustworthy, perhaps offering their own notary service as well. Now the vendor selling this service has an incentive to actually protect the user - since if they don't, they lose trust and then lose the customer and their dollars.
And given a little time I'd guess there would be several stable notaries out there and would be well trusted.
There would be services that would help the user choose a reliable bundle of notaries who can be trusted - given the users comforts and needs.
So, yes - at this point in time, it does require a knowledgeable user.
But that wouldn't *have* to be the case at all, and in fact having vendors who have their primary purpose in serving the user and maintaining their trust - is exactly what would decrease the need for end user knowledge. They would provide a service who's interests are aligned with the user, rather than screwing everyone for the most cash. [Either by selling certs to any warm body, or by terrible security because it might cut into profit, or simply because they're too stupid to know better...]
There are certainly some things that will need fine tuning and it's a system that will need critical mass - but that's true of any replacement. And this one appears to be one that could co-exist with the current system until critical mass is reached.
-Greg
True enough....
But the whole framework behind certificates and CA's is the problem. This is just a symptom of the problem.
Moxiespike: "Who are you going to trust, and for how long?"
If the answer to how-long, is forever - then you probably have a problem.
The problem is there's no real way to handle problem CA's - and you don't get much choice, and the system is too moribund and static to respond to problems like this.
So, yes we can fix this *specific* problem by getting every browser to re-work the trusted CA's and then get everyone to install the new browser with the new set of trusted CA's.
But that will still leave a small group of people making choices about YOUR trusted CA's. And the latency to make those changes is *very* high.
Not much of a solution, IMO.
Truly, everyone should take the time to listen or read Marlin Moxiespike's proposal.
Moxiespike at BlackHat USA 2011 here .
Read about it.
Seriously? Sex.com was totally hijacked. There are literally thousands of cases where domains get owned. [And once you own the domain its DNS is certainly available for tampering.]
Next, if you are willing to tamper with the whole chain, then nothing will help the user. Easily within reach for a government or serious party handling DNS - and there's no protection.
Why settle for a half measure at best. We're going to have to redesign a whole set of things - lets really try to do it right and make the replacement agile. As MM points out. "Who are you going to trust and for how long." If you can't easily/gracefully [or even ever] change who you trust, then you probably have a problem.
Man, what a high bar you have there for a "better" solution. 'It's better than the totally broken current system.'
Your argument amounts to: "Well, yeah, rape sucks. We think you ought to get mugged and violently assaulted instead."
Huh? Really?!
Let's just assume CA's *are* worse than DNSSEC - just for the sake of argument.
In that case that DNSSEC would be better than the sketchy CA's. But simply being a little better than what's currently in place shouldn't be where we set our aspirations in coming up with something new and better.
How about, instead of aspiring to get violently assaulted, you work for something a LOT better.
Go ahead and actually read or listen to the talk.
If you won't trust the SSL authorities, and I don't - then one would assume that trusting the registrars/TLD's/root/or country TLD's would be even more crazy.
IMO, DNSSEC simply doesn't really solve the problem, and shouldn't be the "solution." We should look for and design something better.
-Greg
And when the DNS servers are subverted to point to bogus SSL certificates, then what?
You do happen to know that you'll have to trust the government [ISP etc] not to mess with DNS, and a one-stop shop to subvert both your domain and your PKI is just what they'd like to have.
SSL certs authenticated/served by DNS is not a fix, IMO - because DNS isn't any more secure from powerful interests than SSL is. [And it may even be less secure.]
This truly is a hard nut to crack, and knee-jerk solutions like "tie it to DNS" won't solve the problem in any robust way.
-Greg
Pardon me if I'm not overwhelmed.
MS: "Yeah, your home is like Fort Knox - no one will break in through the new stuff we built. Mumble mumble mumble"
Me: "What was that mumbling?"
MS: "Well, everything is really secure, except the old stuff - like, you know, the doors and windows. That's old stuff. You can't hold us responsible, even if we built it. Only the new stuff matters and it's like a rock! No one will break in through the roof or walls!"
Me: "Ah, yeah - I feel so much better already!"
Sheesh.
If the new stuff is SO much better, and it's all that old crap code, then go back and fix it. Until then, I'll assume security doesn't matter much to you since while they can't break the "new" code - there's loads of old code that's full of holes. The practical experience is "it's full of holes." I don't much care where they come from.
[And even then, I don't yet buy the "Well the new stuff is so much better." because I don't see much evidence of it.]
-Greg
'It's taken Microsoft 10 years to turn security from a weakness into a strength"
Really? A strength? Seriously?
Is that why we got the ping of death back in Vista/Win7/2008 because of a forked TCP stack?....
Because Security is a "Strength" for Microsoft?
Honestly, while security *may* be better [and I'm not sure that's true] at MS, it certainly IS NOT a strength of theirs.
If that's the view of the moron who wrote this - I'll trust everything else written with the same level of massive skepticism. [i.e. It's clear a moron wrote this - so I'll trust everything else in here just as much as I'd trust any other moron.]
Logical? I don't really consider skewing the facts as "logical." [And skewing the facts is the most charitable description I can use for his "truthiness."]
Re: His arguments against Google and it's dispute with Sun/Oracle about Java. The examples he used of infringing files was just total BS.
And that's just the first example.
Every time I read his dreck, I think. Man, what axe does this guy have to grind. Every time, if I take the time to drill down through the layers of crap, I find there really wasn't anything to begin with.
So, when that happens more than a few times one starts to simply say - "Ah, yeah that troll. I wish someone would check him into a mental institution - or worse."
Sure, the boy who cried wolf all those times - we was eventually right. But by that point everyone had learned to ignore him. And probably more than a few were overjoyed that he got eaten. [Provided he did, which I assume is the outcome. Pity if it was only his sheep.]
Moral: it '...shows that this is how liars are rewarded: even if they tell the truth, no one believes them.'
-Greg
Perhaps
[Slash mangled things - here's a repost.]
Your link really does nothing to prove we utilize more than 10% of our brains.
Facts are, we really have no idea what fraction of total capacity we use - but I think examples like like Jamie Escalante make it clear we often vastly under estimate the capacity of others.
See: http://en.wikipedia.org/wiki/Jaime_Escalante
Let me quote... ...
---
In 1982, Escalante came into the national spotlight when 18 of his students passed the challenging Advanced Placement Calculus exam. The Educational Testing Service found these scores to be suspicious, because all of the students made exactly the same math error on problem #6, and also used the same unusual variable names. 14 of those who passed were asked to take the exam again. 12 of the 14 agreed to retake the test and all 12 did well enough to have their scores reinstated. In 1983, the number of students enrolling and passing the A.P. calculus test more than doubled. That year 33 students took the exam and 30 passed.
At the height of Escalante's influence, Garfield graduates were entering the University of Southern California in such great numbers that they outnumbered all the other high schools in the working-class East Los Angeles region combined. Even students who failed the AP went on to become star students at California State-Los Angeles in large numbers
---
These kids were performing on a par with elite private school kids that were were exceedingly highly self selected.
[Only the "smartest" of kids were allowed into these elite private schools and only the best were their math whizzes. I believe Mindset has more details, but I can't dig them up right this second...]
These kids were performing at a level that virtually no-one would have said they were capable of performing at. So, clearly their mental plasticity was a lot higher than we usually give credit for. They were able to perform at levels which allowed MANY students to pass the math AP exams - no small feat.
So, while I don't know how much of our brains most of us use, it's pretty clear that those that are encouraged to try either get a lot of "built" brains to work with, or they had a lot of untapped potential.
So, I pretty much disagree that, what virtually anyone would define as, "intelligence" is a fixed capacity - we either built more, or we really under-utilize what we have.
Your link really does nothing to prove we utilize more than 10% of our brains. Facts are, we really have no idea what fraction of total capacity we use - but I think examples like like Jamie Escalante make it clear we often vastly under estimate the capacity of others. See: http://en.wikipedia.org/wiki/Jaime_Escalante Let me quote... --- In 1982, Escalante came into the national spotlight when 18 of his students passed the challenging Advanced Placement Calculus exam. The Educational Testing Service found these scores to be suspicious, because all of the students made exactly the same math error on problem #6, and also used the same unusual variable names. 14 of those who passed were asked to take the exam again. 12 of the 14 agreed to retake the test and all 12 did well enough to have their scores reinstated. In 1983, the number of students enrolling and passing the A.P. calculus test more than doubled. That year 33 students took the exam and 30 passed. ...
At the height of Escalante's influence, Garfield graduates were entering the University of Southern California in such great numbers that they outnumbered all the other high schools in the working-class East Los Angeles region combined. Even students who failed the AP went on to become star students at California State-Los Angeles in large numbers
---
These kids were performing on a par with elite private school kids that were were exceedingly highly self selected. [Only the "smartest" of kids were allowed into these elite private schools and only the best were their math whizzes.
[I believe Mindset has more details, but I can't dig them up right this second...]
These kids were performing at a level that virtually no-one would have said they were capable of performing at.
So, clearly their mental plasticity was a lot higher than we usually give credit for. They were able to perform at levels which allowed MANY students to pass the math AP exams - no small feat.
So, while I don't know how much of our brains most of us use, it's pretty clear that those that are encouraged to try either get a lot of "built" brains to work with, or they had a lot of untapped potential.
So, I pretty much disagree that what virtually anyone would class "intelligence" is a fixed capacity - we either built more, or we really under-utilize what we have.
BTW, I have her Mindset book and would be glad to place it on loan if you're really interested in reading it.
For me, it explained a lot of my own "quirky" behavior. I'm quite sure I have raw processing power substantially above the "average" - however I think that mindset of "intelligence" was seriously detrimental to me - and to some degree, still is.
I'm working very hard to give alternative views to my peers, parents and children. I think the reasoning is really fairly obvious and the research certainly appears to back it up.
BTW: I have the mindset book in an E-book format and can loan it to you if you're truly interested.
-Greg
I've got some quotes, but the Slashfilter is screwing me...perhaps I'll post in sections...
See this up-thread.
http://news.slashdot.org/comments.pl?sid=2274818&cid=36589960
In short, I think what most consider "intelligence" is not a fixed trait and I think it's born out by science.
Further, even if it IS a fixed trait, treating it as such has VERY destructive outcomes for those trying to learn.
-Greg
Read Carol Dweck.
http://en.wikipedia.org/wiki/Carol_Dweck
In short, there may be some upper limit to raw brain power, but for most, that limit isn't ever reached.
So, claiming that "intelligence" is some inherent trait and, like most, assuming that failure equals non-intelligence causes a whole range of problems.
People can sharpen their skills and those skills are usually viewed as intelligence.
The real rub is this: When kids think they are "intelligent" or not, then nothing they do can impact that inherent trait. They will do all sorts of odd things to avoid failure and being labeled "stupid." [The inverse of intelligent.]
When they are told they can learn, and that "intelligence" is not a fixed trait, they do much better, and the odd behaviors of attempting to either gain entry into the "intelligent" club, futility of being in the stupid club, or working to avoid losing the "intelligent" club card vanish.
Read this: [It's from Dweck herself. Her book "Mindset" is an excellent start too.]
http://web.me.com/dianamadsen/Walden_Webpage/Parent_Resources_files/The%20Perils%20and%20Promise%20of%20Praise.pdf
Cheers,
Greg
...and Monopoly Enforced NON net neutrality will be so very much better?
Ah, I see.
[Sarcasm]
They'll innovate! [Like innovate you out of all your cash, and screw you over.]
Ah, but those monopolies will screw you over SO MUCH BETTER THAN THE GOVERMENT CAN.
I can hardly wait.
[/sarcasm]
You already kissed privacy and anonimity and other basic stuff away.
Let me guess, you voted for the Shrub, and thought Gitmo, smoke-'em-out, torture and such were great things - but now when the massive economic interests of a few monopolies are at stake, you're all for "smaller government?"
[I have no respect for Obama on these issues either - he's been a serious failure on torture, accountability and don't get me started on "look forward, not backward" ... but Shrub was way worse.] I feel like ripping my eyes out when I see someone like you claim we need to protect our privacy by keeping the government out of the internet.
The freeking government was already IN the internet a LONG time ago, and virtually all "small government" republicans thought it was just fine since it was just going to target them brown evil-doer forriners.
The whole charade is incredible.
Do nothing while our civil liberties are eviscerated under Bush.
Then, in the very next breath, complain how our privacy will be ripped away if we support a bill that is going to prevent huge greedy interests from deciding what you get to access on the internet.
Talk about chutzpah.
It's like ... That fireman that's extinguishing the flames at your house - well he *might* take something from your garage - so rather than keeping a watch on the guy, be sure to shoot him and let the whole house burn down. That's your solution to the problem, huh? [And never mind that you actually watched him rob everything of value from one neighbors house and actually helped him carry off the stuff from another - and never said "boo" about it till now.]
It goes way beyond cutting off your nose to spite your face.
-Greg
And scanning through a book to find a passage you want to re-read.
Clicking through single pages isn't a problem at all for me - and I've got a K1. But moving 15 pages - checking to see if I'm where I wanted to be, then doing it again - we'll that's a serious PITA for the Kindle 1.
[And don't get me started about searches - they're slow and almost useless.]
The problem with the US is that we are so hung up on "OMG PROFILING RAWR" and "waah we can't let muslims think we're against them"
So, exactly how do we racially profile?
You understand [I hope] that Muslim people can be peaceful, as well as radical.
You understand that Christians can be peaceful as well as radical.
You understand that Hindu can be peaceful as well as radical.
Any group, religious or not can be peaceful or radical and violent.
Next, you understand that Muslims, as well as Christians, as well as pretty much any other religion can be white, black, latino, asian, etc.
So, just how exactly are you going to "group" those people so we can scrutinize them?
Perhaps you've developed the "mind scanner" where we can examine your thoughts and determine if you're a threat or not.
Short of that, "racial profiling" is the hugest waste of time imaginable.
What you're advocating is exactly what is always done when you want to remove any barrier to treating some arbitrary group wrongly.
Those [jews/muslims/mormons/cathloics/protestants/insert target group here] are fundamentally different than us. They don't respect us, and need to be [bombed/gassed/forced into slavery/sent back to mexico/insert desired treatment here.]
In short, you are the perfect moron who either are sly like a fox, and want to treat others with no dignity and respect and this is a great way to do it, or you're just misguided, and shouldn't be allowed to reproduce, at least in a just world.
-Greg
Dude. Seriously.
You need some way to constructively handle your anger - and I find it sad that you've chosen to let it come out in portraying whole groups of people in totally bogus caricatures .
You haven't used obvious racist language, such as naming black people, latinos etc, but pretty much any one can certainly hear that dog-whistle very clearly.
People are people.
Undocumented immigrants, blacks, latinos, and white people *all* have those individuals who care and those that don't.
Rather than grouping your ire for whole groups of people, how about addressing individual behavior.
[And that's not even focusing on the fallacious nature of your arguments...but I felt the "racial" and "group" intolerance needed addressing.]