I'm currently sitting in a cottage on the beach on vacation. Just up the beach around the bend you can see piles of wind generators. Two nights ago we had a storm roll in with a minimum 60 miles per hour wind. All the wind turbines got shut off because they can't handle it. So all that energy was wasted.
Amazon.com provides public services over the Internet by design. It would be pointless for them not to, as the whole point of the company existing is to do so. A car's purpose is to move its occupants from point A to point B. It has zero need to provide any public Internet services, so why the hell does it need to be publicly accessible over the Internet?
While I wouldn't say Rook Security is a household name, I know I've heard of them before. ( Although I admit, I can't think of where, and I don't exactly know anything about them. It could very well turn out that you're right.)
A real car analogy is you buy a car that has a tracking device in it, but later decide you don't want the tracking. You have the car maker disable the radio, only to find that they are still tracking you. For some reason, probably because you are an idiot, you are pissed off about this.
Okay, I'm a software developer and I see where the usability problem is. The problem is that the program didn't make it clear that the backup was a system option and not a local option.
How do you know this? This sound like an "I'm an idiot and do things I don't understand! Why didn't you protect me from myself?!" kind of question. If the user had been even moderately intelligent about this stuff, then they should have known why it did what it did, and added that into the summary. They didn't, and made it quite clear that they think this is Google trying to steal their photos, rather than themselves making a mistake with their settings.
It could have been a 40 point font warning that required the entire thing to be read before dismissing, and a lot of users would still not remember seeing it. I hardly think that because the user didn't realize what was going on, that it makes this a usability problem.
A voice controlled smart TV switched on with no picture because the satellite/cable box is off is both non-obvious, and a privacy issue. Is this the fault of the manufacturer of the TV, because they didn't put up a huge "NO SIGNAL, BUT YOUR TV IS STILL ON, IDIOT!!!1!!!1" banner on the display when there's no signal detected? Or is it the idiot user's fault because they didn't turn off the fscking TV?
But the program isn't doing something. You said that yourself. Some other program, which hasn't been uninstalled, is doing something. Of course it's going to continue to do that thing after you uninstall some other program on the device.
It's not multiple engines. That's the stupidest analogy I've ever heard.
It's more like this:
You have a car. Your speedometer says you're doing 60 in a 50 zone, so in order to prevent yourself from getting a speeding ticket, you remove the speedometer from the car. Then, you're both surprised it still moves, and surprised that you get a speeding ticket for doing 60 in a 50 zone, when your speedometer obviously didn't say you were doing that, so you couldn't possibly have been speeding.
Your speedometer isn't making the car move, and Google Photos isn't doing the backup. Google Photos is an app that runs only when you run it. If you set Google Sync to backup your photos, don't be surprised when it backs up your photos.
So... for the first production run, the vendor decrypted the data, then emailed it back to the entire project team to see if it was right. This was names,family members/relationships, addresses and SSNs for about ten thousand people.
One of my clients is a medical practice. They've got an internal, non-cloud practice management database, which is stored on a computer right in the office. They got an upgrade from the provider, as part of their service contract, which had a slightly different database format, which for some reason, the provider hadn't written the program to upgrade by itself; it had to be run through an upgrade process at the provider's location.
So, the provider's tech connects up using GoToMyPC, or something similar, goes into the program, exports the data, zips it up.......and then transfers the entire fucking thing over an unencrypted FTP connection. I should have been paying more attention, as it was almost finished the transfer, when I looked and realized he was using plain FTP. I asked him if the zip file was password protected, and he kind of hummed and hawed, before saying no. So, I tore a strip of him over the phone, and said if they ever did anything so stupid again, they'd get sued. Since they're not actually a cloud provider, with some indemnity terms in a contract, this seemed to hit home to him. At least the transfer back of the updated data was done over an encrypted connection.
But this is exactly it. The third party provider doesn't give a shit, as it's not their data. Even this company I dealt with, that deals _only_ in medical software, and knows the regulations regarding protection of related data, as they bake lots of password protections and such into the software itself, didn't give a crap when dealing with the actual data themselves.
Cloud providers are in the business of making money for cloud providers, while minimizing expenses in all areas. They are not in the business of securing your data, unless they can charge you extra for it. They are not in the business of ensuring your particular business succeeds. They are in the business of extracting money from you; that's all.
Of course it's important. Jack Thompson (of anti-Grand Theft Auto fame) is perpetually trying to prevent people from playing video games. As it's now known that playing video games improves your preparedness for terror attacks, logically, it means that preventing people from playing video games reduces their preparedness for terror attacks. This is what Jack Thompson is doing, therefore, he's supporting terrorists.
Throw the fucker in Guantanamo.
(Of course, I'm kidding, but this is the only possible positive I could really get out of this. Otherwise, my sibling posters are right. It's just "Oooohh...be scaaarrred! Evil Al Shabib is coming to get you!!!!"
Certainly funny. However, I can say I've never had it happen to me. Of course, I'm not in the US, so I don't have to deal with the right wing extremes that even the left wing of your society subscribes to.
Usually I wait a couple of minutes on hold, then get somebody on a much clearer line, with a completely different voice and accent, who actually knows what they're talking about, so I know it's a different person.
Of course in the REAL WORLD you have to put up with the crap along with all the others:(
No. The real code word is a phrase:
"Give me second level support."
Usually it goes something like this:
Support: "Hello, this is Ranjit/Deepak/Rakesh/George Washington at tech support. Can I get your name/account number please." Me: "Yes, my account is 12345. Can I get second level support, please?" Support: "Do you have a ticket or reference number?" Me: "No, but I'm a network engineer/software developer/I.T. professional, and I know everything you're going to ask me to try, I've already done. So, rather than waste both your time and mine, it'll be a lot easier if you just put me through to second level." Support: "Ok, I can do that. Hold please."
Of course, be polite, and don't have a tone of voice that states you think the person you're talking to is an idiot. Smile while you talk. It really does affect how you come across, even over the phone.
Only once, in however many dozen/hundreds of calls I've made to tech support, have I ever had this not work. The time it didn't, we went through the script, and at the end, this happened:
Support: "I'll transfer you to second level support." Me: "So, if you'd just done as I asked in the first place, we both could have saved a bunch of time here, couldn't we?" Support: "Yes, I guess we could. Next time I'll do that."
So, even the one time it didn't work, the first level support guy was educated that when somebody knows enough to ask for second level, they probably know enough to have done what the first level script says, too.
Yes, you can have more than one. But then you're not "doing multiple transactions securely in the future using that one time pad" which is what the original poster stated.
Now, as to using a single, long OTP to encrypt several shorter messages....Ok, I'll give you that it's a single OTP retrieval from the bank, however, as far as the encryption is concerned, it's a bunch of OTPs that just happen to reside within a single file. You also have to coordinate starting position within the file for every transaction using that OTP string.
And if the OTP is much longer than a single transaction (which would work, I give you, although it's not really a single OTP then; it's more like a bunch of OTPs run through cat.) then you've got to coordinate somehow between you and the bank the position within the OTP where you actually start.
I'm going to call bullshit. Unless you've checked the box for "Allow Google to do absolutely anything with absolutely anything of mine, for absolutely any reason whatsoever." I've never actually seen this option in Google's settings, so I doubt it's that.
I've already posted this, so here's the short version: I've got an Android phone, Gmail account (which is linked to said Android phone), 2 YouTube accounts, both with videos uploaded, use Picasa for organizing my photos taken with both my Android phone and my camera.
I just checked Google Photos, and there is absolutely nothing there. I have never had Google automatically copy files to my phone, even when I replaced my last Android phone with my current one, or the previous time I upgraded my phone, either. All 3 were Android devices, all linked to the same Gmail account.
So, what the hell are you doing, that Google copies undeletable photos to your new Android phone?
What the hell are you doing with your stuff? I've got an Android phone. I've got a Gmail account. I've got a 2 YouTube accounts. I take photos with my phone all the time, all of which are still on said phone. I have videos uploaded onto both YouTube accounts. I use Picasa on my PC to organize and tag photos that I took with both my phone, and my more expensive camera.
I just checked Google Photos. Squat. There's nothing there. All my photos are safely restricted to my phone and computer.
What the heck are you doing, or what settings have you configured, that have photos from over 5 years ago automatically stored in Google Photos?
A one time pad allows me to get the one time pad from the bank, and do multiple transactions securely in the future using that one time pad.
Are you seeing the problem here? Please don't talk about encryption if you have no clue what you're talking about. It's called a one time pad for reason.
We must develop a new deep AI which will attempt to do what is best for our country and people.
So then we pass control of the country to some corruptible, bribable idiots we have a hope of voting out to some small group of corruptible, bribable AI developers who we may not even know who they are. Sounds like a great idea. Pretty sure SHODAN wouldn't do very well running the country, either.
What's your point? Considering all of my calculations were approximate, some rounded high and some low, they'll balance out reasonably well. Regardless, GGP calculated an amount of travel per hour, and tried to pass it off as a per minute travel, making it seem much worse than it is. Whether it was an accident, or a "WE'RE ALL GOING TO DIIIIIEEE!!!1111" alarmist statement, I have no idea, but it was flat out wrong. My calculations are much more accurate, regardless of my approximations.
You're wasting your breath. To an AGWer, "historical" starts at about 1750. Nothing before that exists. No amount of pointing out that what we're seeing now is a repeat of innumerable previous changes will do anything, because they can't see back that far.
Slashdot Mirror
SSH has many advantages besides encryption. Passwordless login, tunnelling, etc.
I'm currently sitting in a cottage on the beach on vacation. Just up the beach around the bend you can see piles of wind generators. Two nights ago we had a storm roll in with a minimum 60 miles per hour wind. All the wind turbines got shut off because they can't handle it. So all that energy was wasted.
Amazon.com provides public services over the Internet by design. It would be pointless for them not to, as the whole point of the company existing is to do so.
A car's purpose is to move its occupants from point A to point B. It has zero need to provide any public Internet services, so why the hell does it need to be publicly accessible over the Internet?
While I wouldn't say Rook Security is a household name, I know I've heard of them before. ( Although I admit, I can't think of where, and I don't exactly know anything about them. It could very well turn out that you're right.)
That's a fucking idiotic analogy.
A real car analogy is you buy a car that has a tracking device in it, but later decide you don't want the tracking. You have the car maker disable the radio, only to find that they are still tracking you. For some reason, probably because you are an idiot, you are pissed off about this.
FTFY.
Just tried it. Your exact quote, copied and pasted. Worked fine. Gave me a bunch of listings from the correct site. Even HTTPS, too.
Okay, I'm a software developer and I see where the usability problem is. The problem is that the program didn't make it clear that the backup was a system option and not a local option.
How do you know this? This sound like an "I'm an idiot and do things I don't understand! Why didn't you protect me from myself?!" kind of question. If the user had been even moderately intelligent about this stuff, then they should have known why it did what it did, and added that into the summary. They didn't, and made it quite clear that they think this is Google trying to steal their photos, rather than themselves making a mistake with their settings.
It could have been a 40 point font warning that required the entire thing to be read before dismissing, and a lot of users would still not remember seeing it. I hardly think that because the user didn't realize what was going on, that it makes this a usability problem.
A voice controlled smart TV switched on with no picture because the satellite/cable box is off is both non-obvious, and a privacy issue.
Is this the fault of the manufacturer of the TV, because they didn't put up a huge "NO SIGNAL, BUT YOUR TV IS STILL ON, IDIOT!!!1!!!1" banner on the display when there's no signal detected?
Or is it the idiot user's fault because they didn't turn off the fscking TV?
But the program isn't doing something. You said that yourself. Some other program, which hasn't been uninstalled, is doing something. Of course it's going to continue to do that thing after you uninstall some other program on the device.
It's not multiple engines. That's the stupidest analogy I've ever heard.
It's more like this:
You have a car. Your speedometer says you're doing 60 in a 50 zone, so in order to prevent yourself from getting a speeding ticket, you remove the speedometer from the car. Then, you're both surprised it still moves, and surprised that you get a speeding ticket for doing 60 in a 50 zone, when your speedometer obviously didn't say you were doing that, so you couldn't possibly have been speeding.
Your speedometer isn't making the car move, and Google Photos isn't doing the backup. Google Photos is an app that runs only when you run it. If you set Google Sync to backup your photos, don't be surprised when it backs up your photos.
Just out of curiosity, what do you think the proper homonym phrase is for this?
You do realize Assange and Snowden are two different people, right?
So... for the first production run, the vendor decrypted the data, then emailed it back to the entire project team to see if it was right. This was names,family members/relationships, addresses and SSNs for about ten thousand people.
One of my clients is a medical practice. They've got an internal, non-cloud practice management database, which is stored on a computer right in the office. They got an upgrade from the provider, as part of their service contract, which had a slightly different database format, which for some reason, the provider hadn't written the program to upgrade by itself; it had to be run through an upgrade process at the provider's location.
So, the provider's tech connects up using GoToMyPC, or something similar, goes into the program, exports the data, zips it up.... ...and then transfers the entire fucking thing over an unencrypted FTP connection.
I should have been paying more attention, as it was almost finished the transfer, when I looked and realized he was using plain FTP. I asked him if the zip file was password protected, and he kind of hummed and hawed, before saying no. So, I tore a strip of him over the phone, and said if they ever did anything so stupid again, they'd get sued. Since they're not actually a cloud provider, with some indemnity terms in a contract, this seemed to hit home to him. At least the transfer back of the updated data was done over an encrypted connection.
But this is exactly it. The third party provider doesn't give a shit, as it's not their data. Even this company I dealt with, that deals _only_ in medical software, and knows the regulations regarding protection of related data, as they bake lots of password protections and such into the software itself, didn't give a crap when dealing with the actual data themselves.
Cloud providers are in the business of making money for cloud providers, while minimizing expenses in all areas. They are not in the business of securing your data, unless they can charge you extra for it. They are not in the business of ensuring your particular business succeeds. They are in the business of extracting money from you; that's all.
Of course it's important. Jack Thompson (of anti-Grand Theft Auto fame) is perpetually trying to prevent people from playing video games. As it's now known that playing video games improves your preparedness for terror attacks, logically, it means that preventing people from playing video games reduces their preparedness for terror attacks. This is what Jack Thompson is doing, therefore, he's supporting terrorists.
Throw the fucker in Guantanamo.
(Of course, I'm kidding, but this is the only possible positive I could really get out of this. Otherwise, my sibling posters are right. It's just "Oooohh...be scaaarrred! Evil Al Shabib is coming to get you!!!!"
Certainly funny. However, I can say I've never had it happen to me. Of course, I'm not in the US, so I don't have to deal with the right wing extremes that even the left wing of your society subscribes to.
Usually I wait a couple of minutes on hold, then get somebody on a much clearer line, with a completely different voice and accent, who actually knows what they're talking about, so I know it's a different person.
Of course in the REAL WORLD you have to put up with the crap along with all the others :(
No. The real code word is a phrase:
"Give me second level support."
Usually it goes something like this:
Support: "Hello, this is Ranjit/Deepak/Rakesh/George Washington at tech support. Can I get your name/account number please."
Me: "Yes, my account is 12345. Can I get second level support, please?"
Support: "Do you have a ticket or reference number?"
Me: "No, but I'm a network engineer/software developer/I.T. professional, and I know everything you're going to ask me to try, I've already done. So, rather than waste both your time and mine, it'll be a lot easier if you just put me through to second level."
Support: "Ok, I can do that. Hold please."
Of course, be polite, and don't have a tone of voice that states you think the person you're talking to is an idiot. Smile while you talk. It really does affect how you come across, even over the phone.
Only once, in however many dozen/hundreds of calls I've made to tech support, have I ever had this not work. The time it didn't, we went through the script, and at the end, this happened:
Support: "I'll transfer you to second level support."
Me: "So, if you'd just done as I asked in the first place, we both could have saved a bunch of time here, couldn't we?"
Support: "Yes, I guess we could. Next time I'll do that."
So, even the one time it didn't work, the first level support guy was educated that when somebody knows enough to ask for second level, they probably know enough to have done what the first level script says, too.
Yes, you can have more than one. But then you're not "doing multiple transactions securely in the future using that one time pad" which is what the original poster stated.
Now, as to using a single, long OTP to encrypt several shorter messages....Ok, I'll give you that it's a single OTP retrieval from the bank, however, as far as the encryption is concerned, it's a bunch of OTPs that just happen to reside within a single file. You also have to coordinate starting position within the file for every transaction using that OTP string.
And if the OTP is much longer than a single transaction (which would work, I give you, although it's not really a single OTP then; it's more like a bunch of OTPs run through cat.) then you've got to coordinate somehow between you and the bank the position within the OTP where you actually start.
So basically, what you're saying is: "I uploaded a bunch of stuff to Google, and now GOOGLE'S GOT IT!!!!1!!111!1!1eleventy!1!!!"
I'm going to call bullshit.
Unless you've checked the box for "Allow Google to do absolutely anything with absolutely anything of mine, for absolutely any reason whatsoever."
I've never actually seen this option in Google's settings, so I doubt it's that.
I've already posted this, so here's the short version:
I've got an Android phone, Gmail account (which is linked to said Android phone), 2 YouTube accounts, both with videos uploaded, use Picasa for organizing my photos taken with both my Android phone and my camera.
I just checked Google Photos, and there is absolutely nothing there.
I have never had Google automatically copy files to my phone, even when I replaced my last Android phone with my current one, or the previous time I upgraded my phone, either. All 3 were Android devices, all linked to the same Gmail account.
So, what the hell are you doing, that Google copies undeletable photos to your new Android phone?
What the hell are you doing with your stuff? I've got an Android phone. I've got a Gmail account. I've got a 2 YouTube accounts. I take photos with my phone all the time, all of which are still on said phone. I have videos uploaded onto both YouTube accounts. I use Picasa on my PC to organize and tag photos that I took with both my phone, and my more expensive camera.
I just checked Google Photos. Squat. There's nothing there. All my photos are safely restricted to my phone and computer.
What the heck are you doing, or what settings have you configured, that have photos from over 5 years ago automatically stored in Google Photos?
A one time pad allows me to get the one time pad from the bank, and do multiple transactions securely in the future using that one time pad.
Are you seeing the problem here? Please don't talk about encryption if you have no clue what you're talking about. It's called a one time pad for reason.
We must develop a new deep AI which will attempt to do what is best for our country and people.
So then we pass control of the country to some corruptible, bribable idiots we have a hope of voting out to some small group of corruptible, bribable AI developers who we may not even know who they are. Sounds like a great idea. Pretty sure SHODAN wouldn't do very well running the country, either.
What's your point? Considering all of my calculations were approximate, some rounded high and some low, they'll balance out reasonably well.
Regardless, GGP calculated an amount of travel per hour, and tried to pass it off as a per minute travel, making it seem much worse than it is. Whether it was an accident, or a "WE'RE ALL GOING TO DIIIIIEEE!!!1111" alarmist statement, I have no idea, but it was flat out wrong. My calculations are much more accurate, regardless of my approximations.
You're wasting your breath. To an AGWer, "historical" starts at about 1750. Nothing before that exists. No amount of pointing out that what we're seeing now is a repeat of innumerable previous changes will do anything, because they can't see back that far.