Not worth the trouble of having different accounts. Use something like gishpuppy or spamgourmet, which allow creation of aliases that forward to your normal email. If an alias starts sending you lots of crap, just disable it. Use a different alias for each site, and you stay in control.
Scuba divers drive around with aluminum cylinders containing air at 3,000 PSI. Safety "burst" discs are built into the regulator of the cylinders so that if over pressurization occurs they rupture. The results are frightening and embarrassing but its only air and not shrapnel since the cylinder remains intact. I expect there are similar technologies in the pressure vessels in these cars.
And scuba divers have also been badly injured by defective tanks that couldn't even hold their rated pressure. Apparently the tanks get regular inspections and tests as well. Want to trust that they used high-quality tanks in your vehicle?
If it's holding 5000 PSI it will be pretty difficult to crush.
Now there's an idea! If crushed in a wreck, it would be holding more energy. Storing the energy of wrecks could become the new eco-friendly feature in cars.
I was forced to purchase a 64 bit copy of Windoze just to get the amount of memory I wanted. Even though they knew I was going to wipe whatever they put on the disk drive as soon as it arrived I still had to pay the ransom/extortion fee.
How do any of these words apply? It's just that they offered you a crappy deal: we will only sell you this memory upgrade as a package deal with a copy of Windows. Companies offer crappy deals all the time, but they aren't forcing you to do anything, demanding a ransom for something that's yours, or obtaining something from you through force or threats. My strategy for dealing with crappy deals is to not accept them, and to buy from businesses that offer good deals. But I have no right to good deals; it's up to the business how they want to sell their property.
But consumers prefer secure software to insecure software. Isn't that preference enough to create an incentive for companies to focus on security?
Wouldn't that be great? The problem is that right now people can't figure out whether software is secure. They buy software based on what's asserted and take companies at their face values.
If you look at the five-star rating on automobiles, you don't have to be an expert to make a decision about safety. You can appraise the risk you're purchasing based on that rating. Today almost all the cars on the road are four or five star rated: The market has chosen more safe cars because the safety rating is visible.
OK, so have a private certification company so you can see their rating on the product. Why is a tax needed? The example he cites, of automobiles, gives the buyer the choice of how safe the vehicle must be.
How would you measure software vulnerability?
The types of attacks we've seen over the past four years haven't changed. [The U.S. Department of Homeland Security] keeps a repository of attack patterns. So just as we run cars in various crash tests to see how they respond, we can run these attack patterns on software, judge how it performs and give it a security rating.
If determining software vulnerability were as simple as running some automated tests, it wouldn't be a problem in the first place. In his example of testing vehicles, it would be like having to protect them against a near-infinite variety of crash situations. How can you automate this, so as to give a simple rating?
A tax on insecure software would be passed on to the consumer in higher prices. Is that really the goal?
There's a notion in economics of private cost and the social cost of behavior. The results of insecure software--cybercrime and cyber-espionage--are largely social costs, not paid by the individual who's responsible for the behavior.
Vulnerabilities lead a consumer's computer to be hijacked by malicious software that allows the attacker to do practically anything with it. Sometimes the attacker targets the infected machines, like the attacks on the Pentagon last year. But often the machine is used to send out more spam, more phishing attacks, or it becomes one of the hundreds of thousands of machines that are used in "denial of service attacks" like the ones that shut down Estonia's Web last year. Those social costs are very heavy.
If a tax raised the private cost of cybercrime, people would get educated very quickly. When insecure software starts costing more, people will adjust their behavior.
OK, so let's say all software is secure. That doesn't stop people from combining it in ways that leads to insecurities, or even configuring a single piece so that it's insecure. How will this tax help that?
Here he talks of negative externalities and making those responsible pay, so that they educate themselves and avoid creating them. Sounds good, so why not do that? That doesn't involve taxation, it involves making those with vulnerable systems pay. That's the way to make the market respond.
For example, a home user's machine is infected and is now part of a botnet? Charge a fine. He'll quickly clean up his machine, switch/secure his OS, or find an ISP that will detect such a thing and automatically cut his internet connection until he cleans his machine up. Or a business leaks customer information. Fine it. That will encourage it to do what's necessary to secure the data. This way the need for security moves up the chain, from user to supplier, with whatever things are necessary to give it. Leave taxation out of it.
Or like when something toxic is leaking or a person is injured, but nobody is around to notice it and call 911. Summary's comparison with a 911 call is just dumb. It seems the goal was to just make computer security look bad, as if breaches of security could be somehow detected in all cases and reported and dealt with immediately.
You talk as if there was a single advertiser. The situation seems more like a tragedy-of-the-commons. Everyone might start out respecting it, but because the cost to an individual advertiser violating it is less than the benefit, one inevitably does this, and more follow.
I see. I wonder though whether they could all have the same failure mode, given that they are being operated outside specs. It's different when you have 3 (or 7) CPUs that are specified to run in space, where them all failing would be very unlikely, since it would be due to unexpected behavior rather than them all being operated outside specs.
But then users would think this means that the websites simply aren't paying their bandwidth bills. By allowing it to run slowly, that makes it clear to the user that the sites are paying for their, just that the user's ISP is slowing them down intentionally.
You know why studios love 3D? Because it is impossible to pirate while it is in the theatre. It gives them a larger window of exclusivity. It is an incidental form of DRM.
No need to single out a specific board like the Arduino series, which is little more than an off-the-shelf AVR microcontroller, voltage regulator, LED, and perhaps a USB interface.
If they are small enough and cheap enough, you can use massive redundancy to get around the reliability problem. Just stop doing what the Space Shuttle currently does: "One out of the seven computers got a different answer, so we scrubbed the mission."
Talking on seven cellphones at once would be somewhat impractical, I imagine.
I also imagine that consumer stuff has a wide spec margin, so that you may test several phones and they work, but another batch has their specs noticeably different in the areas that matter for operating in space. This spec difference doesn't matter on Earth, because they aren't being pushed near the limit. It's like overclocking CPUs; you test it a lot and it works fine at say 1.5 the rated speed, but then doesn't work on another batch or a later revision.
Once us mortals aren't packed hundreds in a small space where we would justifiably go mad having to listen to inane cellphone conversations of our seatmates.
Ignoring their reasonable requests would be bad for business, for reputation, and most importantly, for politics. If the websites don't comply to a reasonable request from a large number of their constituents, legislators will pass laws to force them.
And you're going to even know that they're tracking you how? They can do it all server-side, and you'll never be the wiser. In fact, those users with this "do not track" flag will be the ones they pay special attention to.
Clearly, it is time to move the security checkpoint out into the parking lot.
That would actually work well in America, where you have each person inside a separate Security Utility Vehicle (SUV). This ensures that the density of people is low enough that only a few people could be harmed at a time.
The proposal here is that if NBC paid off your neighborhood association and CNN did not, any trucks coming into your neighborhood from CNN would be made to take the crappy two-lane road with traffic lights and a 25mph speed limit, whereas the NBC trucks would be allowed to use the highway.
To flesh out the story, remember than NBC, CNN, and the end-user all pay their taxes as well, so they've all paid for the roads already, it's just the gated community the user lives in that is delaying CNN's trucks because they haven't paid extra.
Slashdot Mirror
Wait, I thought a few weeks ago Slashdot was reporting how it's spiked back up since a few weeks before that.
Not worth the trouble of having different accounts. Use something like gishpuppy or spamgourmet, which allow creation of aliases that forward to your normal email. If an alias starts sending you lots of crap, just disable it. Use a different alias for each site, and you stay in control.
Yes, it's called a trial balloon.
I was thinking about that, but what if it just helps spread gasoline out into an even wider area all over everything?
The 1980s called and wants its air-powered toys back.
And scuba divers have also been badly injured by defective tanks that couldn't even hold their rated pressure. Apparently the tanks get regular inspections and tests as well. Want to trust that they used high-quality tanks in your vehicle?
Now there's an idea! If crushed in a wreck, it would be holding more energy. Storing the energy of wrecks could become the new eco-friendly feature in cars.
How do any of these words apply? It's just that they offered you a crappy deal: we will only sell you this memory upgrade as a package deal with a copy of Windows. Companies offer crappy deals all the time, but they aren't forcing you to do anything, demanding a ransom for something that's yours, or obtaining something from you through force or threats. My strategy for dealing with crappy deals is to not accept them, and to buy from businesses that offer good deals. But I have no right to good deals; it's up to the business how they want to sell their property.
Correct me if I'm wrong, but this would be in addition to a tank of explosive liquid.
From the article:
OK, so have a private certification company so you can see their rating on the product. Why is a tax needed? The example he cites, of automobiles, gives the buyer the choice of how safe the vehicle must be.
If determining software vulnerability were as simple as running some automated tests, it wouldn't be a problem in the first place. In his example of testing vehicles, it would be like having to protect them against a near-infinite variety of crash situations. How can you automate this, so as to give a simple rating?
OK, so let's say all software is secure. That doesn't stop people from combining it in ways that leads to insecurities, or even configuring a single piece so that it's insecure. How will this tax help that?
Here he talks of negative externalities and making those responsible pay, so that they educate themselves and avoid creating them. Sounds good, so why not do that? That doesn't involve taxation, it involves making those with vulnerable systems pay. That's the way to make the market respond.
For example, a home user's machine is infected and is now part of a botnet? Charge a fine. He'll quickly clean up his machine, switch/secure his OS, or find an ISP that will detect such a thing and automatically cut his internet connection until he cleans his machine up. Or a business leaks customer information. Fine it. That will encourage it to do what's necessary to secure the data. This way the need for security moves up the chain, from user to supplier, with whatever things are necessary to give it. Leave taxation out of it.
Wait, you mean the US can't use the technology anymore since it's missing? They should steal it back.
Not a good idea, unless the game involves fluffy bunnies and rainbows.
Or like when something toxic is leaking or a person is injured, but nobody is around to notice it and call 911. Summary's comparison with a 911 call is just dumb. It seems the goal was to just make computer security look bad, as if breaches of security could be somehow detected in all cases and reported and dealt with immediately.
You talk as if there was a single advertiser. The situation seems more like a tragedy-of-the-commons. Everyone might start out respecting it, but because the cost to an individual advertiser violating it is less than the benefit, one inevitably does this, and more follow.
I see. I wonder though whether they could all have the same failure mode, given that they are being operated outside specs. It's different when you have 3 (or 7) CPUs that are specified to run in space, where them all failing would be very unlikely, since it would be due to unexpected behavior rather than them all being operated outside specs.
But then users would think this means that the websites simply aren't paying their bandwidth bills. By allowing it to run slowly, that makes it clear to the user that the sites are paying for their, just that the user's ISP is slowing them down intentionally.
And like DRM, 3D makes paying customers suffer.
Duke Nukem Forever has had release dates for the past decade, just as fusion has had for decades.
No need to single out a specific board like the Arduino series, which is little more than an off-the-shelf AVR microcontroller, voltage regulator, LED, and perhaps a USB interface.
Talking on seven cellphones at once would be somewhat impractical, I imagine.
I also imagine that consumer stuff has a wide spec margin, so that you may test several phones and they work, but another batch has their specs noticeably different in the areas that matter for operating in space. This spec difference doesn't matter on Earth, because they aren't being pushed near the limit. It's like overclocking CPUs; you test it a lot and it works fine at say 1.5 the rated speed, but then doesn't work on another batch or a later revision.
Once us mortals aren't packed hundreds in a small space where we would justifiably go mad having to listen to inane cellphone conversations of our seatmates.
And you're going to even know that they're tracking you how? They can do it all server-side, and you'll never be the wiser. In fact, those users with this "do not track" flag will be the ones they pay special attention to.
That would actually work well in America, where you have each person inside a separate Security Utility Vehicle (SUV). This ensures that the density of people is low enough that only a few people could be harmed at a time.
To flesh out the story, remember than NBC, CNN, and the end-user all pay their taxes as well, so they've all paid for the roads already, it's just the gated community the user lives in that is delaying CNN's trucks because they haven't paid extra.