If the encryption is that easily crackable, then it signals a need for increased encryption. What you are advocating is security through obscurity. Sorry.
There is nothing wrong with security through obscurity, as long as that isn't your ONLY security.
In addition, you are correct in that current encryption is difficult to crack. It takes a lot of computing resources and time. Plus access to the stream of encrypted data.
I offer no argument at all that being targeted in this way is likely, only possible.
As one far extreme (that really is a bad example): I would postulate that most 1st world governments DO have the resources do crack encryption given enough time. As their resources are expanded, the amount of time shrinks. However they also have time to spend. I would almost be willing to say "If the government wants your encrypted data, they WILL get it"
Now, of course that is a horrible example since most governments wouldn't bother brute forcing your encryption if you happen to live in the same country as that government. They will simply arrest/disappear you, and beat you until you give them working decryption keys.
The other end of the extreme would be Johnny script kiddie in his moms basement. This kid does NOT have limitless resources of his own, however it is probably safe to say he has plenty of time and nothing better to do with his life. Unless you do really stupid things, this attacker should not be able to brute force your encryption before his own death.
However there is a HUGE area of attackers somewhere in the middle. I would rather not make assumptions about other groups time and processing power, and instead would prefer to assume the worst and plan ahead for that. If the worst happens, I'd be ready. If not, oh well, the goal is still achieved even if some effort was spent that didn't need to be.
As a final thought, even johnny script kiddie might be a decent threat. You know he doesn't have a super computer cluster in his basement, however he may very well have (or have access to) a large botnet of compromised machines that possibly could raise the available computing power to 'enough' to be a threat.
There is no 'line' to cross where encryption turns from strong to weak. Encryption methods and key size just determines how long it would take to brute force. Sometimes this number is low and measured in seconds, other times it is very high and measured in centuries. This number always goes down over time as computing power increases.
All you can hope for is the length of time it would take to break your strong flawless encryption is greater than the time you need the data to remain secret. It is not obscurity, it is simply the fact of how encryption works.
I don't know, I think there are some things that don't need encryption. I don't think I will ever need encryption to read google news, for example, or to watch youtube movies.
Actually yes you need to encrypt that too.
If you are selective about what you encrypt, then the best assumption to make is that the things you don't want/need to hide are plain text, and the things you want/need to hide are encrypted.
Now when I am watching your data stream and see some google news, a youtube video, and finally an encrypted block of data, it is almost certain that whatever is in that encrypted block of data is worth my while to try and crack, as it is clearly data you want hidden.
If you encrypt everything all the time, then I would always wonder what you are hiding (if anything!) I could take some of your encrypted data and try to crack it. Say it works once or twice, and all I see are you reading your daily news, and some video of a kitten falling over on youtube. Well hell, suddenly not only did I waste a lot of time cracking that encryption for nothing, but I would assume (possibly mistakenly) that you very well might not have anything to hide, and there is no reason to specifically look into anything you are doing. Even if I don't assume that, and either assume or just know that you DO have something to hide... Well as a hacker, where would I start? I don't have all the time and processing power in the world to brute force everything you do. I would always be very behind your 'now' traffic. By the time I eventually did get to decrypting the part you really wanted hidden, it could be years or decades later. How much use would that data be so long after the fact? More often than not, the older the data, the less useful it is.
Encrypt everything. Nothing looks suspicious and out of the norm, so if/when you do something that you do want/need hidden from hackers, a hacker wouldn't even know it happened let alone know where to start looking for it.
Not encrypting everything just paints a huge target on the exact data you are wanting to hide in the first place.
Why not make large (in terms of expected bandwidth use) files available through BitTorrent in order to take load off the Wikileaks servers?
Because the ultimate end result of that would be that eventually some powerful company, who can't reach over seas to take down wikileaks, can (and does) sue everyone seeding the torrent.
Remember, it's $80,000 USD for each copy of the document you upload to someone if you are in the USA!
So after said company sues a bunch of 'smart asses that deserve it', and the other seeders run scared, you are back to one seed on wikileaks seed box, thus one copy to DL from, and thus nearly all of the bandwidth will still come from wikileaks.
The minor 'free' bandwidth they would get from downloaders (While they are downloading anyway) would not offset any costs that would matter.
If you have a question for a lawyer and you can't afford one, stop what you're doing.
In other words, everybody who isn't rich enough to see a lawyer should commit suicide because ultimately, everybody has questions. I hope this isn't what you meant.
Wow. If that is the logic you use in life, then perhaps that would be good advice for you. But no, nobody here except you means that.
If you want legal advice, you get it from a lawyer. It's that simple. If you aren't rich, there is no need for any mass suicides, it just means you can not afford the proper legal advice, and will be moving forward with potential risk of running up on the law or someone elses rights (Or perceived rights anyway)
As a car example, I can not afford to have a second car sitting around as a standby. No need to kill myself as you think. It just means I run the risk of being stranded without any car if my current only car breaks down.
This is a risk I accept, and I will deal with the consequences of that risk if and when they come up. If you choose to not seek proper legal advice, just realize it is a risk you are taking, and might have to deal with. If that level of risk is acceptable to you, then there is no problems here.
Did you just type "obscure game" into the USPTO's web site?
If I type each of the companies that developed and published the game into the "Assignee Name" field and nothing on the list is relevant, is that enough?
God no!
As one example, the company you search for might have licensed software from another company, one you might not know about and definitely did not search for in your above example. Just because the game company licensed it for distribution, does not mean you get those same rights.
It might not be software that was licensed, but a name, or a particular look and feel of part of the game. Short of speaking with the original company, it's not entirely obvious what deals like this were made.
This is why copyright and patent layers are used and needed for this. Learning all the details of the laws quite literally takes a lifetime career in law study to get (And often times even that is not enough!)
And this is why you're in deep crap, you have a limited and incorrect idea of what copyright is.
Could you explain further? As far as I can tell given information published by the U.S. Copyright Office [copyright.gov] as well as the opinion in Capcom v. Data East, copyright doesn't apply to the rules of a game as such.
Rules of a game can not be copyrighted, however 'look and feel' is, as well as the name of the game. Using a similar, even if unrelated, name will land you in trouble.
Remember not a year ago the online game Scrabulous based of Scrable? They used all their own artwork, only copying the rules. They were successfully sued by choosing a name they argued would purposely cause confusion and liken their software to scrable. This is not legal, there is plenty of case law to show this is the result that will come out of the court case, and the article submitter specifically said this was one thing they are doing.
Just another sign of your ignorance and why you really really need to find the money for a lawyer.
Any idea how to raise this sort of capital?
The rest of us get and work at what is called a 'day job' for that sort of thing. Sorry if having one cuts into you doing the things you want to in a day, but I have the exact same complaint with work and do it none the less, as I like to have money with which to do the things I enjoy (Such as this)
which was fine for terminal applications 30+ years ago
Which is why Windows Mobile has really over taken the market with its lack of modularity and all of it's custom development targeted specifically to the platform... Oh wait
Is a lot like building an abacus using 3-D software and then manipulating your 3-D abacus to add 1 plus 3 to get four while chewing away millions of computational cycles...
We need a better way to simulate the effect of a neuron without having to re-create everything down to the last protein and lipid in a nerve cell....
While you are correct, we should probably first focus on a functional prototype, and then we can worry about making it more efficient:}
I agree, but that's not what this guy is doing. He's saying that he doesn't want to notify vendors at all, which I feel isn't responsible. I believe that you should notify the vendor and then release it in a reasonable time frame (TFA suggests 60-90 days).
Well, you could always apply for that job:}
You get paid nothing, to email vendors about their security flaws, and wait for a reply that will never be sent to you.
Oh, and you aren't allowed to 'quit' this job, else we will say on the internet that you are immoral unethical and not reasonable.
Especially after you do this for years, get not a single reply, and realize just how futile the whole process is. Definitely can not quit after that!
Seriously, if you won't take that position for no pay and no rewards even of a job well done, then you are only part of the problem!
It is terrible that someone would judge others by something as simple as an email address.
At least for most of us here, we are quite deep in IT, and most any hiring aspects will be centered around IT.
What this means is that pre-interview, if you demonstrate that you do not have the IT skills to have an email address above the ease of 'AOL', then discarding that application will 99 times out of 100 simply remove someone who is very disqualified.
Yes there is that one time out of a hundred you throw away a gem with the rest, but the over all idea is that from the total number of applications you have, the odds are you have more than one gem in the pile, and tossing one aside on something trivial is not much loss to the company, as another one will pop up. In our current economy this is even more true.
It might not be fair to that one in a hundred application, but it is really no different than the pre-scanning HR will do based on degrees and certifications that we all know don't matter. Then there are the other 'personal bias' issues that are part of every human in the hiring process.
If you work in IT, in this day and age, there is absolutely no excuse to not know the stigma attached with AOL and thus their email accounts. Keeping your AOL account is one thing, but advertising it to the world (especially via your resume) is another, and is a choice.
If I was hiring the person to do sales, their email address would not ever come into play, because they are not being hired to know or need to know anything about email that one wouldn't be able to do via AOL.
Hiring the person for IT, you simply expect a bare minimum set of skills and knowledge, one piece of which is that using an AOL email will look very bad on your part. If you want to go that route anyway, knowing how bad it would look that is of course your call, but there is no excuse to not realize what that is saying to others that do not know you, your skill sets, or your personality quirks.
I may be wrong, but I was under the impression that the PIN is used to pair, and pairing establishes link keys that are then used to secure the communications. My assumption is that there's a randomized element to these keys, such that someone eavesdropping the pairing process would probably be able to get them, but not someone who eavesdrops a session after the devices have been paired.
No, the "PIN" (actually the bluetooth spec calls that 4 digit number a "passkey") is exchanged between two paired devices each time they establish their connection.
There is a higher level of encryption that can be added after that fact, which does use a separate unrelated key pair (Similar to how SSL stores host keys), however the bluetooth spec calls this 'bonding', which is done after 'pairing'
I think the bonding and higher encryption features were introduced to the bluetooth protocol around version 2 or so (Admittedly, that was about 2 years ago now)
Plus bonded devices take quite a bit longer to handshake. This means either your headset device will not be able to use any power saving functionality at all, or you will just simply miss every call assuming 4 rings until voice mail.
If your devices just pair and not bond, thus use a 4-6 digit number instead of an alphanumeric key, then any time during the communication you can intercept and decrypt all the data.
You can't get an unbridled, roving commission to go about doing good,' said U.S. Court of Appeals for the District of Columbia Circuit Chief Judge David Sentelle during an oral argument.
But one CAN get unbridled roving commission to go about doing evil! Judges allow that all the time.
While bluetooth the protocol does support a form of encryption, bluetooth the phone headsets pretty much do not. While the stream IS encrypted, keeping your unchangeable password of '0000' secret is the real trick.
It makes it easier to pay than to steal. Nothing's going to stop thieves from thievery.
Get with the times, this is the 21st century! Even theft is an extremely hard option compared to others.
Why should I go down to the store to steal a CD, when I can just stay home and download it from a torrent site instead? Odds are much more in my favor to not get caught committing copyright violations than getting caught stealing.
Only downside is that now, copyright violation carries a much much higher penalty than theft does, so you will definitely go to jail for less time (weeks vs years) and be fined less (couple hundred to a thousand, vs a couple million) for going down to the store and stealing it instead of just downloading it from a torrent site.
Well, I guess every parent (myself included) is in violation of child porn laws. Every parent takes bath time photos of their kids. These aren't "sexually suggestive" in any way, just kids playing in a tub. And, since they're in the bathtub, they have no clothes on. My parents took them of me, I took them of my kids and I'm sure my kids will take them of my future grandchildren.
Exactly correct. These days people are being arrested for doing exactly that.
A 60 year old grandmother took some pictures to walmart to develop, same type of pictures you describe. Walmart workers turned her in and she was arrested. Fortunately after a year and a half or so they dropped the charges and let her go, but holy fuck.
I'm not sure the estate has shot itself in the foot.
Only in that there is no possibility for a counter-suit against the dick estate and their should-be-crimes.
They are still pressing a frivolous lawsuit against a huge company that has over 100 years of legal president stating they are in the right, but costing them tons of legal fees.
If (as seems likely to me, but IANAL) the estate has no legal ground, who cares? This wasn't necessarily about winning the case.
If that was true, you would be the one putting up the money that is now required to be wasted to fight this frivolous lawsuit, not to mention all the time stolen from our legal system where it might actually have been put to good use instead (Ok, not very likely on that last one, but still...)
So... By your logic. Who should be able to contribute.... I haven't really found a good OS yet...
Those people and companies who either plan to, or do, already support the standard they want on the board to submit changes to.
Why should Microsoft get a say-so in how SVG development goes when they openly state they will not add it to IE?
Let them update IE to something more recent than 10 year old tech, and people MIGHT listen a little more to their opinions and desires (Thou probably not many more)
I don't get it. Why would a jaywalker run from police?
Well, parent poster said he wanted cops to shoot any criminal on sight, no matter what the crime.
If I was jayawlking, and knew a cop saw me, I would run too not wanting to be shot to death. As would anyone who isn't suicidal or something.
For the actual answer, you'll have to ask SmallFurryCreature, as I personally don't understand the desire to have cops shoot to death anyone they feel might have broken a law.
How fast will this lifeboat be traveling? If this lifeboat is to be escaping a black hole.. it'd have to be moving pretty fast.
Well, since the black hole will have the exact same mass as the Earth, and thus will have the exact same gravitational pull, if the Earth was turned into a black hole, you will still only need to overcome 1G.
So basically, you can move about the speed of any satellite we already put in orbit, or the space station. Thou one would probably want to go a little faster than that.. We are trying to escape after all, not stay in orbit.
In fact, the ISS space station will be unaffected, as it is already in orbit right now, so nothing different will need to be done to remain there. Granted it needs to fire boosters to remain in orbit now, but as I said, that just won't change as it will still need to boost back in orbit around the black hole in our place.
Either way, you would have to be lacking any senses, or really stupid, to think we do not exist right now and have been swallowed by a black hole a few trillion times over already... Which is exactly what you are arguing if you think the LHC with its extremely low power particles will create black holes with more freqency than the already existing much much more energetic particles we have on earth right now.
In a political way, it might really have been better to spend these billions of dollars on finding a way to hold our particle detectors up in the atmosphere. Then we could have an LHC that is a few thousand times more powerful than the one we just built, and no one would really be able to bitch.
Sure, idiots can try to get a judge to shut down the LHC due to non-existent fears, but I would love to watch some judge try to sue the sun to shut down!
It may be costly - but put it this way - how much is your mothers life worth? Your wife? Child? yourself?
Obviously they are not worth very much if any of them step outdoors, or drive a car, or are present in a metro city, or do any of the hundreds of daily activities that have a much much MUCH higher chance of killing you.
In 2008, the number of American who died from a terrorist attack was about 260. All of those except 4 were NOT in the USA. [1]
4 deaths from terrorist attacks in an entire year on US soil.
Also in the whole year of 2008, there were 37,261 deaths from auto accidents. [2]
You are 9315 times more likely to die from an auto accident, be it one you caused, one someone caused into you, or you are walking down the street and two other motorists bring the accident to you on the sidewalk.
That is almost 4 orders of magnitude higher!
For every person killed by a terrorist in this country, nearly 10,000 people are killed by a car in the exact same amount of time.
If you willingly put yourself and mother and wife and child in the situation of 'being out doors' then clearly you value them and yourself 1000 times less than if a terrorist attack was your only concern.
My question to you is, why are you so willing to spend a million dollars to stop a terrorist attack, without spending the equally valid and necessary ten billion dollars to have all cars banned and removed from the roadways?
Slashdot Mirror
If the encryption is that easily crackable, then it signals a need for increased encryption. What you are advocating is security through obscurity. Sorry.
There is nothing wrong with security through obscurity, as long as that isn't your ONLY security.
In addition, you are correct in that current encryption is difficult to crack.
It takes a lot of computing resources and time. Plus access to the stream of encrypted data.
I offer no argument at all that being targeted in this way is likely, only possible.
As one far extreme (that really is a bad example): I would postulate that most 1st world governments DO have the resources do crack encryption given enough time. As their resources are expanded, the amount of time shrinks.
However they also have time to spend. I would almost be willing to say "If the government wants your encrypted data, they WILL get it"
Now, of course that is a horrible example since most governments wouldn't bother brute forcing your encryption if you happen to live in the same country as that government. They will simply arrest/disappear you, and beat you until you give them working decryption keys.
The other end of the extreme would be Johnny script kiddie in his moms basement. This kid does NOT have limitless resources of his own, however it is probably safe to say he has plenty of time and nothing better to do with his life.
Unless you do really stupid things, this attacker should not be able to brute force your encryption before his own death.
However there is a HUGE area of attackers somewhere in the middle. I would rather not make assumptions about other groups time and processing power, and instead would prefer to assume the worst and plan ahead for that.
If the worst happens, I'd be ready. If not, oh well, the goal is still achieved even if some effort was spent that didn't need to be.
As a final thought, even johnny script kiddie might be a decent threat.
You know he doesn't have a super computer cluster in his basement, however he may very well have (or have access to) a large botnet of compromised machines that possibly could raise the available computing power to 'enough' to be a threat.
There is no 'line' to cross where encryption turns from strong to weak.
Encryption methods and key size just determines how long it would take to brute force.
Sometimes this number is low and measured in seconds, other times it is very high and measured in centuries. This number always goes down over time as computing power increases.
All you can hope for is the length of time it would take to break your strong flawless encryption is greater than the time you need the data to remain secret.
It is not obscurity, it is simply the fact of how encryption works.
I don't know, I think there are some things that don't need encryption. I don't think I will ever need encryption to read google news, for example, or to watch youtube movies.
Actually yes you need to encrypt that too.
If you are selective about what you encrypt, then the best assumption to make is that the things you don't want/need to hide are plain text, and the things you want/need to hide are encrypted.
Now when I am watching your data stream and see some google news, a youtube video, and finally an encrypted block of data, it is almost certain that whatever is in that encrypted block of data is worth my while to try and crack, as it is clearly data you want hidden.
If you encrypt everything all the time, then I would always wonder what you are hiding (if anything!)
I could take some of your encrypted data and try to crack it. Say it works once or twice, and all I see are you reading your daily news, and some video of a kitten falling over on youtube. Well hell, suddenly not only did I waste a lot of time cracking that encryption for nothing, but I would assume (possibly mistakenly) that you very well might not have anything to hide, and there is no reason to specifically look into anything you are doing.
Even if I don't assume that, and either assume or just know that you DO have something to hide... Well as a hacker, where would I start? I don't have all the time and processing power in the world to brute force everything you do. I would always be very behind your 'now' traffic. By the time I eventually did get to decrypting the part you really wanted hidden, it could be years or decades later. How much use would that data be so long after the fact? More often than not, the older the data, the less useful it is.
Encrypt everything. Nothing looks suspicious and out of the norm, so if/when you do something that you do want/need hidden from hackers, a hacker wouldn't even know it happened let alone know where to start looking for it.
Not encrypting everything just paints a huge target on the exact data you are wanting to hide in the first place.
Why not make large (in terms of expected bandwidth use) files available through BitTorrent in order to take load off the Wikileaks servers?
Because the ultimate end result of that would be that eventually some powerful company, who can't reach over seas to take down wikileaks, can (and does) sue everyone seeding the torrent.
Remember, it's $80,000 USD for each copy of the document you upload to someone if you are in the USA!
So after said company sues a bunch of 'smart asses that deserve it', and the other seeders run scared, you are back to one seed on wikileaks seed box, thus one copy to DL from, and thus nearly all of the bandwidth will still come from wikileaks.
The minor 'free' bandwidth they would get from downloaders (While they are downloading anyway) would not offset any costs that would matter.
And what "_exactly_" is that, exactly? Do you really think they want to kill humans?
That IS what they said, yes.
It doesn't at all matter if they WANT to. It matters that THEY ARE.
And yes, even only one set of research is showing it is deadly. 1 > 0 no matter how hard you try to argue otherwise.
If you have a question for a lawyer and you can't afford one, stop what you're doing.
In other words, everybody who isn't rich enough to see a lawyer should commit suicide because ultimately, everybody has questions. I hope this isn't what you meant.
Wow. If that is the logic you use in life, then perhaps that would be good advice for you.
But no, nobody here except you means that.
If you want legal advice, you get it from a lawyer. It's that simple.
If you aren't rich, there is no need for any mass suicides, it just means you can not afford the proper legal advice, and will be moving forward with potential risk of running up on the law or someone elses rights (Or perceived rights anyway)
As a car example, I can not afford to have a second car sitting around as a standby. No need to kill myself as you think. It just means I run the risk of being stranded without any car if my current only car breaks down.
This is a risk I accept, and I will deal with the consequences of that risk if and when they come up.
If you choose to not seek proper legal advice, just realize it is a risk you are taking, and might have to deal with. If that level of risk is acceptable to you, then there is no problems here.
Did you just type "obscure game" into the USPTO's web site?
If I type each of the companies that developed and published the game into the "Assignee Name" field and nothing on the list is relevant, is that enough?
God no!
As one example, the company you search for might have licensed software from another company, one you might not know about and definitely did not search for in your above example.
Just because the game company licensed it for distribution, does not mean you get those same rights.
It might not be software that was licensed, but a name, or a particular look and feel of part of the game.
Short of speaking with the original company, it's not entirely obvious what deals like this were made.
This is why copyright and patent layers are used and needed for this. Learning all the details of the laws quite literally takes a lifetime career in law study to get (And often times even that is not enough!)
And this is why you're in deep crap, you have a limited and incorrect idea of what copyright is.
Could you explain further? As far as I can tell given information published by the U.S. Copyright Office [copyright.gov] as well as the opinion in Capcom v. Data East, copyright doesn't apply to the rules of a game as such.
Rules of a game can not be copyrighted, however 'look and feel' is, as well as the name of the game.
Using a similar, even if unrelated, name will land you in trouble.
Remember not a year ago the online game Scrabulous based of Scrable? They used all their own artwork, only copying the rules. They were successfully sued by choosing a name they argued would purposely cause confusion and liken their software to scrable. This is not legal, there is plenty of case law to show this is the result that will come out of the court case, and the article submitter specifically said this was one thing they are doing.
Just another sign of your ignorance and why you really really need to find the money for a lawyer.
Any idea how to raise this sort of capital?
The rest of us get and work at what is called a 'day job' for that sort of thing.
Sorry if having one cuts into you doing the things you want to in a day, but I have the exact same complaint with work and do it none the less, as I like to have money with which to do the things I enjoy (Such as this)
which was fine for terminal applications 30+ years ago
Which is why Windows Mobile has really over taken the market with its lack of modularity and all of it's custom development targeted specifically to the platform... Oh wait
Is a lot like building an abacus using 3-D software and then manipulating your 3-D abacus to add 1 plus 3 to get four while chewing away millions of computational cycles...
We need a better way to simulate the effect of a neuron without having to re-create everything down to the last protein and lipid in a nerve cell....
While you are correct, we should probably first focus on a functional prototype, and then we can worry about making it more efficient :}
You got stuck on the DROP DATABASE, didn't you. Happens to a lot of db developers. :P
Poor little Bobby Tables...
I agree, but that's not what this guy is doing. He's saying that he doesn't want to notify vendors at all, which I feel isn't responsible. I believe that you should notify the vendor and then release it in a reasonable time frame (TFA suggests 60-90 days).
Well, you could always apply for that job :}
You get paid nothing, to email vendors about their security flaws, and wait for a reply that will never be sent to you.
Oh, and you aren't allowed to 'quit' this job, else we will say on the internet that you are immoral unethical and not reasonable.
Especially after you do this for years, get not a single reply, and realize just how futile the whole process is. Definitely can not quit after that!
Seriously, if you won't take that position for no pay and no rewards even of a job well done, then you are only part of the problem!
It is terrible that someone would judge others by something as simple as an email address.
At least for most of us here, we are quite deep in IT, and most any hiring aspects will be centered around IT.
What this means is that pre-interview, if you demonstrate that you do not have the IT skills to have an email address above the ease of 'AOL', then discarding that application will 99 times out of 100 simply remove someone who is very disqualified.
Yes there is that one time out of a hundred you throw away a gem with the rest, but the over all idea is that from the total number of applications you have, the odds are you have more than one gem in the pile, and tossing one aside on something trivial is not much loss to the company, as another one will pop up.
In our current economy this is even more true.
It might not be fair to that one in a hundred application, but it is really no different than the pre-scanning HR will do based on degrees and certifications that we all know don't matter.
Then there are the other 'personal bias' issues that are part of every human in the hiring process.
If you work in IT, in this day and age, there is absolutely no excuse to not know the stigma attached with AOL and thus their email accounts. Keeping your AOL account is one thing, but advertising it to the world (especially via your resume) is another, and is a choice.
If I was hiring the person to do sales, their email address would not ever come into play, because they are not being hired to know or need to know anything about email that one wouldn't be able to do via AOL.
Hiring the person for IT, you simply expect a bare minimum set of skills and knowledge, one piece of which is that using an AOL email will look very bad on your part.
If you want to go that route anyway, knowing how bad it would look that is of course your call, but there is no excuse to not realize what that is saying to others that do not know you, your skill sets, or your personality quirks.
I may be wrong, but I was under the impression that the PIN is used to pair, and pairing establishes link keys that are then used to secure the communications. My assumption is that there's a randomized element to these keys, such that someone eavesdropping the pairing process would probably be able to get them, but not someone who eavesdrops a session after the devices have been paired.
No, the "PIN" (actually the bluetooth spec calls that 4 digit number a "passkey") is exchanged between two paired devices each time they establish their connection.
There is a higher level of encryption that can be added after that fact, which does use a separate unrelated key pair (Similar to how SSL stores host keys), however the bluetooth spec calls this 'bonding', which is done after 'pairing'
I think the bonding and higher encryption features were introduced to the bluetooth protocol around version 2 or so (Admittedly, that was about 2 years ago now)
Plus bonded devices take quite a bit longer to handshake.
This means either your headset device will not be able to use any power saving functionality at all, or you will just simply miss every call assuming 4 rings until voice mail.
If your devices just pair and not bond, thus use a 4-6 digit number instead of an alphanumeric key, then any time during the communication you can intercept and decrypt all the data.
Here's some software that will let you test this yourself:
http://trifinite.org/trifinite_stuff_blooover.html
http://www.alighieri.org/project.html (The bluesnarfer project)
http://bluetooth-pentest.narod.ru/
You can't get an unbridled, roving commission to go about doing good,' said U.S. Court of Appeals for the District of Columbia Circuit Chief Judge David Sentelle during an oral argument.
But one CAN get unbridled roving commission to go about doing evil! Judges allow that all the time.
Same with Bluetooth.
While bluetooth the protocol does support a form of encryption, bluetooth the phone headsets pretty much do not. While the stream IS encrypted, keeping your unchangeable password of '0000' secret is the real trick.
It makes it easier to pay than to steal. Nothing's going to stop thieves from thievery.
Get with the times, this is the 21st century! Even theft is an extremely hard option compared to others.
Why should I go down to the store to steal a CD, when I can just stay home and download it from a torrent site instead? Odds are much more in my favor to not get caught committing copyright violations than getting caught stealing.
Only downside is that now, copyright violation carries a much much higher penalty than theft does, so you will definitely go to jail for less time (weeks vs years) and be fined less (couple hundred to a thousand, vs a couple million) for going down to the store and stealing it instead of just downloading it from a torrent site.
Well, I guess every parent (myself included) is in violation of child porn laws. Every parent takes bath time photos of their kids. These aren't "sexually suggestive" in any way, just kids playing in a tub. And, since they're in the bathtub, they have no clothes on. My parents took them of me, I took them of my kids and I'm sure my kids will take them of my future grandchildren.
Exactly correct. These days people are being arrested for doing exactly that.
A 60 year old grandmother took some pictures to walmart to develop, same type of pictures you describe. Walmart workers turned her in and she was arrested.
Fortunately after a year and a half or so they dropped the charges and let her go, but holy fuck.
http://reason.com/blog/2009/05/04/grandma-arrested-for-child-por
I'm not sure the estate has shot itself in the foot.
Only in that there is no possibility for a counter-suit against the dick estate and their should-be-crimes.
They are still pressing a frivolous lawsuit against a huge company that has over 100 years of legal president stating they are in the right, but costing them tons of legal fees.
If (as seems likely to me, but IANAL) the estate has no legal ground, who cares? This wasn't necessarily about winning the case.
If that was true, you would be the one putting up the money that is now required to be wasted to fight this frivolous lawsuit, not to mention all the time stolen from our legal system where it might actually have been put to good use instead (Ok, not very likely on that last one, but still...)
This is probably because Phillip K Dick is not in the cell phone nor computer markets, thus their trademark does not apply to this field what so ever.
Personally I'd be in favour of any solution that didn't involve burning stuff you had to dig up out of the dirt.
Hmm, perhaps I should do more market research before finishing production of my dead hooker electrical generator...
Grr, I meant:
I'm just shocked the FTC is seemingly saying that easy access for law enforcement is a bad thing.
I'm just shocked the FTC is seemingly saying that easy access for law enforcement is a good thing.
Sanity in a government agency?! Cats and dogs living together? Mass hysteria?
So... By your logic. Who should be able to contribute.... I haven't really found a good OS yet...
Those people and companies who either plan to, or do, already support the standard they want on the board to submit changes to.
Why should Microsoft get a say-so in how SVG development goes when they openly state they will not add it to IE?
Let them update IE to something more recent than 10 year old tech, and people MIGHT listen a little more to their opinions and desires (Thou probably not many more)
I don't get it. Why would a jaywalker run from police?
Well, parent poster said he wanted cops to shoot any criminal on sight, no matter what the crime.
If I was jayawlking, and knew a cop saw me, I would run too not wanting to be shot to death. As would anyone who isn't suicidal or something.
For the actual answer, you'll have to ask SmallFurryCreature, as I personally don't understand the desire to have cops shoot to death anyone they feel might have broken a law.
How fast will this lifeboat be traveling? If this lifeboat is to be escaping a black hole.. it'd have to be moving pretty fast.
Well, since the black hole will have the exact same mass as the Earth, and thus will have the exact same gravitational pull, if the Earth was turned into a black hole, you will still only need to overcome 1G.
So basically, you can move about the speed of any satellite we already put in orbit, or the space station. Thou one would probably want to go a little faster than that.. We are trying to escape after all, not stay in orbit.
In fact, the ISS space station will be unaffected, as it is already in orbit right now, so nothing different will need to be done to remain there. Granted it needs to fire boosters to remain in orbit now, but as I said, that just won't change as it will still need to boost back in orbit around the black hole in our place.
Either way, you would have to be lacking any senses, or really stupid, to think we do not exist right now and have been swallowed by a black hole a few trillion times over already... Which is exactly what you are arguing if you think the LHC with its extremely low power particles will create black holes with more freqency than the already existing much much more energetic particles we have on earth right now.
In a political way, it might really have been better to spend these billions of dollars on finding a way to hold our particle detectors up in the atmosphere. Then we could have an LHC that is a few thousand times more powerful than the one we just built, and no one would really be able to bitch.
Sure, idiots can try to get a judge to shut down the LHC due to non-existent fears, but I would love to watch some judge try to sue the sun to shut down!
Get this and get this straight, he was shot because he ran and he ran because he was a criminal.
So by your logic, a person jay walking should be shot on sight?
After all, he is a criminal, and so would run from the police, and that is reason enough to shoot him in the head 7 times...
It may be costly - but put it this way - how much is your mothers life worth? Your wife? Child? yourself?
Obviously they are not worth very much if any of them step outdoors, or drive a car, or are present in a metro city, or do any of the hundreds of daily activities that have a much much MUCH higher chance of killing you.
In 2008, the number of American who died from a terrorist attack was about 260.
All of those except 4 were NOT in the USA. [1]
4 deaths from terrorist attacks in an entire year on US soil.
Also in the whole year of 2008, there were 37,261 deaths from auto accidents. [2]
You are 9315 times more likely to die from an auto accident, be it one you caused, one someone caused into you, or you are walking down the street and two other motorists bring the accident to you on the sidewalk.
That is almost 4 orders of magnitude higher!
For every person killed by a terrorist in this country, nearly 10,000 people are killed by a car in the exact same amount of time.
If you willingly put yourself and mother and wife and child in the situation of 'being out doors' then clearly you value them and yourself 1000 times less than if a terrorist attack was your only concern.
My question to you is, why are you so willing to spend a million dollars to stop a terrorist attack, without spending the equally valid and necessary ten billion dollars to have all cars banned and removed from the roadways?
References:
1 - http://www.infoplease.com/ipa/A0001454.html
2 - http://www-fars.nhtsa.dot.gov/Main/index.aspx