regardless of the growing lack of return on that investment
You're nuts.
Average lifetime salary of a person with a high school diploma: $1.3M
Average lifetime salary of a person with some college: $1.6M
Average lifetime salary of a person with a four-year degree: $2.3M
Average lifetime salary of a person with a master's degree: $2.7M
Average lifetime salary of a person with a doctorate: $3.3M
Average lifetime salary of a person with a professional degree (MD, JD, etc.): $3.7M
These are overall averages, but the variation based on field of study is large. STEM degrees are particularly lucrative, and the average STEM graduate with a four-year degree out-earns the average person with a master's or doctorate in the social sciences, education, etc.
or the personal impact of massive debt.
Debt is not required to get an education. There are plenty of inexpensive colleges and universities. With a little hard work it's not hard to get partial or full tuition waivers at the undergraduate level, and scholarships and stipends are the norm at the PhD level and in many Master's programs.
Of course, this requires picking a school based on practical requirements and affordability (including cost of living... you may need to live at home and attend a local commuter school, for example), rather than the quality of the football program or the awesomeness of the party scene. And it requires working hard to maintain high grades (to get tuition waivers), rather than partying, etc.
Personally, I got a BS in Math and CS and not only graduated without any debt at all (never borrowed a penny for school), but with some savings accumulated while in school. I went to a local university so I could live with my parents, joined the Air Force Reserves to get the GI Bill, kept my grades high to get and stay on an academic tuition waiver (my high school grades were too bad to qualify for a scholarship) and worked 20-25 hours per week throughout my education.
In hindsight, I should have taken an education loan or two, because there was a GI Bill program that would have made payments on the loans... and there's nothing saying you need to actually spend the money on education. I should have borrowed the money and invested it, letting the military make the payments. I left money on the table.
Of course, that was all some 25-30 years ago... but I have two sons who are doing much the same thing now. They didn't do the military thing, and don't (yet) have the tuition waivers, but they're working part time and able to pay for school themselves by living at home and attending an inexpensive university (same one I went to). One of my sons just got married and moved out, so his costs are increasing but his wife has a decent (for now) full-time job, so she's going to support them while he finishes his education, then he'll go to work and she'll go to school. It will be a lot of work, but they'll both have educations and no debt.
Getting a higher education is very much worth it, and needn't come with a heavy debt burden. You just need to be smart about it.
There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
I think this is an old (older than the US as a nation) reaction to the pro-intellectuallism of the Northeastern states -- Yankeedom. The culture of this region has always been very pro-education, to the point that during the Puritan era social status was primarily determined by education level. The southern part of the country, of course, had constant economic and ideological conflict with the north. The north was aggressively egalitarian and prized communitarian notions of freedom and community self-government. The south was aristocratic and prized the individual liberty of the aristocrats. Social status in the south was based on wealth and heritage; education was largely irrelevant, though some sub-cultures in the south lionized classical education as a sign of and means to culture and gentility.
I think anti-intellectualism arose primarily as a straightforward rejection by the south of all things northern. As history rolled on, this view became deeply embedded in the conservative culture, and was regularly reinforced by the fact that intellectuals always want to apply their knowledge and theories to change society, while conservatives obviously don't want change.
WRONG! We need less sheeple. We need MORE independent thought which is the true nature of a higher education.
That's exactly the point of the post you responded to. WE need more educated and independent thinkers. But our "LEADERS" want less-educated and less-independent thinkers who they can more easily manipulate.
Set up 2FA. It provides an additional level of authentication that Google will take as proof that you're really you and won't apply the IP-based protection.
I don't care if my already compromised account is compromised. Id turn passwords off in the first place on my email.
Your email account is typically the most important online account you have. Not because your emails are sensitive, but because it's the password reset verification mechanism for all of your other online accounts. Like your online bank account.
If one uses Thunderbird and POP/IMAP will they get prompted every time the client downloads mail or just when done from a "new" system?
If you're using 2FA and want to use POP/IMAP or other protocols that don't know how to deal with 2FA, you have to set up an application-specific password. This is a high-entropy password that Google generates for you, and which should only be used on one machine and one application. You have it generated, copy/paste it into Thunderbird, tell Thunderbird to save the password, then you never see it again. The Google POP/IMAP servers do some additional checking to try to verify that the password only comes from the right app and the right machine.
I truly love it when Google sends me an email to my gmail account telling me that it didn't allow my device to log in to get my gmail because it was coming in from an unknown IP address. This truly is Dilbert levels of customer support.
Nonsense.
Those emails are important. Not when it actually was your device that was prevented from logging in, but when it wasn't. In that case, the email informs you that someone is trying to get into your account, and that they have your password. Which means you should change your password, right the hell now. Unless of course, you recognize the login attempt because you were the one that made it.
If you want to stop getting those emails, turn on 2FA.
Publish a readonly chain of all firmware builds that you have ever produced. Equivalent to a adding the firmware blob of every release version to a git commit history. Encourage other people to monitor that log.
Then have the current firmware verify that its own hash, and the hash of the new firmware is in the commit history for the release log.
Not useful:-)
It doesn't matter how many people are verifying that the official log of releases contains no funny business. It only matters that the device can be convinced to accept an update. The attacker just needs to force the device to download a log of his own creation, with his blob's hash appended. You can try to prevent this by having the device check the TLS server certificate when it downloads, or by signing the log, but the assumed attackers have access to internal, restricted private keys, so we have to assume they could get the TLS or log signing key as well.
Hash chains / blockchains are good for maintaining secure distributed logs, but that's not the problem that needs to be solved here.
The obvious response of technology firms is to structure their encryption so that it becomes impossible for them to decrypt the content because they don't have the keys themselves.
The smart response by users would be to stop relying on technology firms. Encryption software is a free commodity. Putting some "firm" in charge of your software is just a way of adding a point of failure.
it's not *that* much harder to build a system in which no one but the parties communicating have the keys.
It's easier. The problem is that users don't do it / use it. See my first paragraph? I gave great advice, but nobody follows it.
Not even me.
That's because it's actually not so easy. Key management is hard.
Even electric all wheel drive vehicles will have a drive shaft running the length of the car to the rear wheels.
The Model S doesn't. It uses two motors, one on each axle. There's no reason for an electric car to have a drive shaft. Electric motors are inexpensive and compact.
Not true. If Apple (or any other company) were forced to build a government backdoor, most likely it would be the government that holds the keys, so Apple would never be involved in any of the government accesses.
It's quite possible they could do that, but then every other nation-state on Earth would be demanding the same type of access. So in effect, when you choose what region you live in (or traveling too) in iOS, it encrypts with that nations certificate that would allow said nation to access the content on the iPhone upon request.
Perhaps. I don't think that could happen secretly, though.
It might be one of the many reasons Apple is building a datacenter in China in fact.
That makes no sense. They wouldn't need to build a data center in China to include a Chinese backdoor public key in their devices, assuming they were willing to do that.
Try this experiment if you dare: Create a random-sized file full of random 8-bit numbers. Rename it to "TEST.COM" and try to run it. Do this many times. Eventually it'll do something that completely fries your computer
Only if your OS is badly broken. Most hardware these days is also pretty resilient to harm from bad code. That wasn't the case decades ago, when you could do things like slamming disk heads against their stops hard enough to break them.
or at least does something Bad.
Yeah, probably. Crash the machine, sure.. Screw up some of your data, maybe.
What you describe is what security researchers call "fuzzing" and it's a very common (and useful) practice.
That's what I'm afraid of, encoding miscellaneous things like movies into DNA strands.
As opposed to the way nature does it, with random mutations and recombinations? Biologists cab put sequences that stop mRNA copying before their miscellaneous stuff. With "wild" DNA changes, there are no such checks.
At least in the Target case, the breach was done by malware that infected the point of sale systems, where the data is present only transiently (not stored) but available in cleartext. Target was properly encrypting the data at rest, as required by PCI DSS. And, no, their PCI compliance status wasn't revoked, though a bunch of banks that lost money -- because Target's PCI compliance shielded Target from liability, and federal law obviously shielded cardholders, sticking the banks with it -- have sued, alleging that PCI compliance wasn't enough and that Target should have done better. I think they're going to have a hard time with that lawsuit, because it's the banking associations who define PCI. Target has a pretty slam-dunk response: We satisfied the requirements of our contract with you.
I haven't followed any of the other cases closely, so I'm not sure, but I suspect it's similar. Encryption at rest is pretty easy to do, and pretty easy for auditors to check.
Apple does that already. It was an engineering solution to a legal problem.
It's the obvious and predictable response of a security engineer.
However, I don't think Apple has actually fixed that "hole" yet. What the FBI was asking them to do was to provide an updated version of the firmware which bypassed the brute force mitigations on password checks. There was much discussion back then about which iPhone versions have the "secure enclave" and which don't, but the secure enclave also has updatable firmware.
However, there are ways to fix this, and I suspect that Apple is working on one for the iPhone8. I think the best solution (and I should note that my day job is Android crypto security, so I've given it more than a passing thought) is to make the firmware update process require that the user first unlock the device. There are a variety of ways to do that, and make the requirement cryptographically strong.
It should be noted that this is a general-purpose security feature, not one specifically targeted at securing against law enforcement. Without it, the security of user data can never be stronger than the internal access controls around the firmware signing key. Any employee or group of employees who have access to that key (or anyone who can bribe, extort or otherwise coerce said employees) can sign new firmware that can erode the security. The fact that it was a government attempt to coerce them to do it doesn't mean the government is the only entity who could. It's much better for user security if no one can.
Really, if Apple had a backdoor, or was forced to make one for the Gov, I guarantee that Apple would be forced to build an entire building that holds nothing but staff to respond to these requests 24/7.
Not true. If Apple (or any other company) were forced to build a government backdoor, most likely it would be the government that holds the keys, so Apple would never be involved in any of the government accesses.
Honestly, if you had a government agency that you could trust enough, such as the courts themselves, maybe, this might not be such a bad approach. That's a really, really big "if", though. The technical challenges in securing such high-value keys are not insurmountable, but they're very high, and if the keys leak, the damage to the companies who make the affected devices would be huge. Further, at least in the US the organization we would most trust to get the technical design and implementation right, the NSA, is the organization we'd want to keep furthest from the whole thing. And even if all of the technical infrastructure was perfect, then the agency would also have to make sure that its processes for approving access are airtight and have adequate oversight to prevent abuse.
Yeah... let's just not go there. Police work is only easy in a police state, and we don't want a police state.
But... it's not *that* much harder to build a system in which no one but the parties communicating have the keys.
Of course, the obvious response of legislators is then to mandate government-accessible backdoors.
Jesus Christ. Backdoors, smackdoors. Simply have the NSA produce...
Um, what you described is a backdoor. Pretty much exactly the one proposed in 1993, intended to be implemented in the Clipper chip. Notice how well that succeeded. That's what I meant when I said:
That, however, creates an entirely new public perception of the request, making it a very different game, politically.
I'm having a hard time figuring out whether you're saying it's silly for the viewers or for Netflix. I'll assume that you're saying it's silly for Netflix, since viewers are almost universally going to prefer to watch on their own schedule, whatever that may be. Those that want an episode per week can do that. Those that want to binge can do that. Or anything in between.
But it's rather presumptuous of you to assume that you know what's good for Netflix better than Netflix does. I mean, they're investing billions in producing this content. I think it's reasonable to assume that they've given a little bit more thought about how best to deliver it than you have... and they have vastly more data to feed their thinking.
Now if I remember correctly lavabit had a setup like this so they couldn't access the information so the gov't demanded their SSL key so they could pull a MITM and intercept the user's key.
Sort of true. Lavabit did have access to the data the government wanted, but avoided logging it so they had only ephemeral access, and no ability to provide the historical records being requested. They could have worked out a deal to provide the future information about the one account in question (Edward Snowden's as it turned out), but were uncooperative, and fairly stupidly so. After Lavabit's obstructionism, the government didn't trust them to selectively provide the information, so the court agreed to the -- very unusual, in fact apparently singular -- step of ordering Lavabit to provide their private key, so the government could analyze all traffic itself to find the messages they had the legal permission to see.
Lavabit, of course, decided to shut down instead, because obviously their service would no longer be secure if anyone other than them had the private key.
What they should have done is hire a lawyer immediately when the first request came in and respond to court requests in a timely fashion. They might still have ultimately come to the conclusion that they had to shut down but I suspect they probably could have simply shut down Snowden's account, ensuring that no more information of interest would be available, rather than shutting down the whole service. It would have required some thought to find a way to disable the account without tipping off Snowden that it was due to an investigation (though Snowden obviously knew he was being investigated, and was probably smart enough to stopped using the thing by then anyway). The question of the TLS key would never have come up if they'd handled it right.
After flagging the trades as suspicious through data analysis, the SEC traced them back to Yan.
The SEC was already on his trail by the time they found out about his search history.
then it should be safe for you to google "insider trading", right? well, why don't you try it and see? go ahead. we're waiting.
Okay, I did. I got a dictionary definition, plus Investopedia and Wikipedia links to explanations of it. I clicked those. I didn't bother with any of the other links.
Just to be sure I googled "How to get away with insider trading" and "How to cover up evidence of insider trading", and clicked some of those links, too.
No, but Google won't provide that data without a search warrant or subpoena, properly issued by a court. In a criminal case like this, they'd have to have probable cause to think there's evidence in his search history before the court would issue the warrant needed to get it from Google.
It's more likely they got a warrant to search his computer, and found the searches in the browser history.
But working from home all the time? I did that for a while, and even being an introvert, that drove me nuts. After a while you do miss the interaction at the office.
I work from home full time, have been doing it for years. I don't have the option of spending some days each week in the office, because the office is a thousand miles from me (I live in UT, the office is the Googleplex in Mountain View, CA).
I've tried a couple of solutions to the office interaction problem. I agree that you do miss it. The best one (not currently set up for issues of space and layout in the office) was an always-on video conference. We set up a VC station at an unused desk and just kept it logged in 24x7. I had another in my home office which I logged into when I started work in the morning and logged out of at the end of the day.
Most of the time I kept my side muted so they didn't have to hear the noises in my house, and I kept the volume low to reduce distraction, but I could still catch bits of interesting office conversations and join in, etc. I also waved hello to people when I noticed them walking by, etc. It worked quite well. I will get that set up again when conditions in the office permit. I still have the VC system in my office because that's how I do all of my meetings (all the conference rooms in the offices have VC setups).
My other method is occasional visits. I try to get to CA about every other month, usually for a week. My weeks there end up being wall to wall meetings, a fair number of them not with any specific agenda but just to hang out with various people for a while to see what's on their mind, and to share what I'm thinking about. Lots of lunch meetings, too. I also often socialize with my co-workers in the evenings. I've had dinner at several of their houses, with their families. One co-worker is interested in guns so we went shooting one afternoon. Another likes SCUBA, so we took a day and went down to Monterrey. And so on. All of this helps to build good personal relationships for when stuff gets stressful.
I find my on-site time draining because it's so much interaction. But I do it anyway because it does help.
One other thing I do is to carry on a lot of "water cooler" conversations via IM and, to a lesser extent, email, about both personal and professional topics. My first grandchild was born early this week, so I IM'd several of them and emailed the whole team. When I get frustrated or annoyed or unusually impressed by some bit of code or design work, I vent/celebrate via IM with one or two of them. Occasionally we rant about politics, etc.
I think this all works out great. I get to live where I want, have the flexibility that working from home provides (e.g. on Wednesday I skipped out for the afternoon to go see the new Spiderman movie with my sons), and I can use technology to satisfy my need for interaction with my colleagues. Not that I need that much interaction; I'm an introvert.
I'm a big fan of working from home. I actually did it for most of a decade at my previous employer (IBM) as well. You have to figure out how to make it work, but it's awesome. Work/life balance can be tricky for some people. Personally, I just don't draw a sharp line between "working" and "not working" but instead go back and forth between work and personal stuff throughout the day. Others do need that sharp division and have to set strict schedules for themselves. It works if you work it.
The obvious response of technology firms is to structure their encryption so that it becomes impossible for them to decrypt the content because they don't have the keys themselves. The security guys at pretty much every such company would prefer to build such systems anyway. They generally don't because doing so adds some additional layers of complexity. It's simpler and more cost-effective to instead build a key management system that is secure against compromise even by internal attackers, relying on the typical tools (secure hardware, affirmative control, responsibility splitting, etc.).
But... it's not *that* much harder to build a system in which no one but the parties communicating have the keys. Compared to the legal and administrative costs involved in having to deal with an unending stream of government requests for data (which governments almost always expect companies to comply with at their own expense, as a cost of doing business), it's a no-brainer. Much cheaper to build the more complicated decentralized security model, enabling the company to respond to government requests with "Can't. Here's our security design. You can see that we have no access to the decryption keys."
Of course, the obvious response of legislators is then to mandate government-accessible backdoors. That, however, creates an entirely new public perception of the request, making it a very different game, politically.
Slashdot Mirror
If you think about it, the whole reason for having a Bill of Rights as the highest law in the land is mistrust of government - including judges.
This makes zero sense. If you can't trust any branch of government, including judges, who will enforce the application of the Bill of Rights?
I think much of the anti-intellectualism in the united states is a reaction to the 'intellectual elite' who claim there is no God
No. It's much older than that.
regardless of the growing lack of return on that investment
You're nuts.
Average lifetime salary of a person with a high school diploma: $1.3M
Average lifetime salary of a person with some college: $1.6M
Average lifetime salary of a person with a four-year degree: $2.3M
Average lifetime salary of a person with a master's degree: $2.7M
Average lifetime salary of a person with a doctorate: $3.3M
Average lifetime salary of a person with a professional degree (MD, JD, etc.): $3.7M
These are overall averages, but the variation based on field of study is large. STEM degrees are particularly lucrative, and the average STEM graduate with a four-year degree out-earns the average person with a master's or doctorate in the social sciences, education, etc.
or the personal impact of massive debt.
Debt is not required to get an education. There are plenty of inexpensive colleges and universities. With a little hard work it's not hard to get partial or full tuition waivers at the undergraduate level, and scholarships and stipends are the norm at the PhD level and in many Master's programs.
Of course, this requires picking a school based on practical requirements and affordability (including cost of living... you may need to live at home and attend a local commuter school, for example), rather than the quality of the football program or the awesomeness of the party scene. And it requires working hard to maintain high grades (to get tuition waivers), rather than partying, etc.
Personally, I got a BS in Math and CS and not only graduated without any debt at all (never borrowed a penny for school), but with some savings accumulated while in school. I went to a local university so I could live with my parents, joined the Air Force Reserves to get the GI Bill, kept my grades high to get and stay on an academic tuition waiver (my high school grades were too bad to qualify for a scholarship) and worked 20-25 hours per week throughout my education.
In hindsight, I should have taken an education loan or two, because there was a GI Bill program that would have made payments on the loans... and there's nothing saying you need to actually spend the money on education. I should have borrowed the money and invested it, letting the military make the payments. I left money on the table.
Of course, that was all some 25-30 years ago... but I have two sons who are doing much the same thing now. They didn't do the military thing, and don't (yet) have the tuition waivers, but they're working part time and able to pay for school themselves by living at home and attending an inexpensive university (same one I went to). One of my sons just got married and moved out, so his costs are increasing but his wife has a decent (for now) full-time job, so she's going to support them while he finishes his education, then he'll go to work and she'll go to school. It will be a lot of work, but they'll both have educations and no debt.
Getting a higher education is very much worth it, and needn't come with a heavy debt burden. You just need to be smart about it.
There is a cult of ignorance in the United States, and there always has been. The strain of anti-intellectualism has been a constant thread winding its way through our political and cultural life, nurtured by the false notion that democracy means that "my ignorance is just as good as your knowledge."
— Isaac Asimov, 1980
I think this is an old (older than the US as a nation) reaction to the pro-intellectuallism of the Northeastern states -- Yankeedom. The culture of this region has always been very pro-education, to the point that during the Puritan era social status was primarily determined by education level. The southern part of the country, of course, had constant economic and ideological conflict with the north. The north was aggressively egalitarian and prized communitarian notions of freedom and community self-government. The south was aristocratic and prized the individual liberty of the aristocrats. Social status in the south was based on wealth and heritage; education was largely irrelevant, though some sub-cultures in the south lionized classical education as a sign of and means to culture and gentility.
I think anti-intellectualism arose primarily as a straightforward rejection by the south of all things northern. As history rolled on, this view became deeply embedded in the conservative culture, and was regularly reinforced by the fact that intellectuals always want to apply their knowledge and theories to change society, while conservatives obviously don't want change.
WRONG! We need less sheeple. We need MORE independent thought which is the true nature of a higher education.
That's exactly the point of the post you responded to. WE need more educated and independent thinkers. But our "LEADERS" want less-educated and less-independent thinkers who they can more easily manipulate.
Set up 2FA. It provides an additional level of authentication that Google will take as proof that you're really you and won't apply the IP-based protection.
I don't care if my already compromised account is compromised. Id turn passwords off in the first place on my email.
Your email account is typically the most important online account you have. Not because your emails are sensitive, but because it's the password reset verification mechanism for all of your other online accounts. Like your online bank account.
Cite? That contradicts what I've read.
If one uses Thunderbird and POP/IMAP will they get prompted every time the client downloads mail or just when done from a "new" system?
If you're using 2FA and want to use POP/IMAP or other protocols that don't know how to deal with 2FA, you have to set up an application-specific password. This is a high-entropy password that Google generates for you, and which should only be used on one machine and one application. You have it generated, copy/paste it into Thunderbird, tell Thunderbird to save the password, then you never see it again. The Google POP/IMAP servers do some additional checking to try to verify that the password only comes from the right app and the right machine.
I truly love it when Google sends me an email to my gmail account telling me that it didn't allow my device to log in to get my gmail because it was coming in from an unknown IP address. This truly is Dilbert levels of customer support.
Nonsense.
Those emails are important. Not when it actually was your device that was prevented from logging in, but when it wasn't. In that case, the email informs you that someone is trying to get into your account, and that they have your password. Which means you should change your password, right the hell now. Unless of course, you recognize the login attempt because you were the one that made it.
If you want to stop getting those emails, turn on 2FA.
Publish a readonly chain of all firmware builds that you have ever produced. Equivalent to a adding the firmware blob of every release version to a git commit history. Encourage other people to monitor that log.
Then have the current firmware verify that its own hash, and the hash of the new firmware is in the commit history for the release log.
Not useful :-)
It doesn't matter how many people are verifying that the official log of releases contains no funny business. It only matters that the device can be convinced to accept an update. The attacker just needs to force the device to download a log of his own creation, with his blob's hash appended. You can try to prevent this by having the device check the TLS server certificate when it downloads, or by signing the log, but the assumed attackers have access to internal, restricted private keys, so we have to assume they could get the TLS or log signing key as well.
Hash chains / blockchains are good for maintaining secure distributed logs, but that's not the problem that needs to be solved here.
Cool. I contributed a bit to Tahoe for a while. It's been a while since I talked to Zooko, I should email him...
The smart response by users would be to stop relying on technology firms. Encryption software is a free commodity. Putting some "firm" in charge of your software is just a way of adding a point of failure.
It's easier. The problem is that users don't do it / use it. See my first paragraph? I gave great advice, but nobody follows it.
Not even me.
That's because it's actually not so easy. Key management is hard.
Even electric all wheel drive vehicles will have a drive shaft running the length of the car to the rear wheels.
The Model S doesn't. It uses two motors, one on each axle. There's no reason for an electric car to have a drive shaft. Electric motors are inexpensive and compact.
It's quite possible they could do that, but then every other nation-state on Earth would be demanding the same type of access. So in effect, when you choose what region you live in (or traveling too) in iOS, it encrypts with that nations certificate that would allow said nation to access the content on the iPhone upon request.
Perhaps. I don't think that could happen secretly, though.
It might be one of the many reasons Apple is building a datacenter in China in fact.
That makes no sense. They wouldn't need to build a data center in China to include a Chinese backdoor public key in their devices, assuming they were willing to do that.
Try this experiment if you dare: Create a random-sized file full of random 8-bit numbers. Rename it to "TEST.COM" and try to run it. Do this many times. Eventually it'll do something that completely fries your computer
Only if your OS is badly broken. Most hardware these days is also pretty resilient to harm from bad code. That wasn't the case decades ago, when you could do things like slamming disk heads against their stops hard enough to break them.
or at least does something Bad.
Yeah, probably. Crash the machine, sure.. Screw up some of your data, maybe.
What you describe is what security researchers call "fuzzing" and it's a very common (and useful) practice.
That's what I'm afraid of, encoding miscellaneous things like movies into DNA strands.
As opposed to the way nature does it, with random mutations and recombinations? Biologists cab put sequences that stop mRNA copying before their miscellaneous stuff. With "wild" DNA changes, there are no such checks.
At least in the Target case, the breach was done by malware that infected the point of sale systems, where the data is present only transiently (not stored) but available in cleartext. Target was properly encrypting the data at rest, as required by PCI DSS. And, no, their PCI compliance status wasn't revoked, though a bunch of banks that lost money -- because Target's PCI compliance shielded Target from liability, and federal law obviously shielded cardholders, sticking the banks with it -- have sued, alleging that PCI compliance wasn't enough and that Target should have done better. I think they're going to have a hard time with that lawsuit, because it's the banking associations who define PCI. Target has a pretty slam-dunk response: We satisfied the requirements of our contract with you.
I haven't followed any of the other cases closely, so I'm not sure, but I suspect it's similar. Encryption at rest is pretty easy to do, and pretty easy for auditors to check.
Apple does that already. It was an engineering solution to a legal problem.
It's the obvious and predictable response of a security engineer.
However, I don't think Apple has actually fixed that "hole" yet. What the FBI was asking them to do was to provide an updated version of the firmware which bypassed the brute force mitigations on password checks. There was much discussion back then about which iPhone versions have the "secure enclave" and which don't, but the secure enclave also has updatable firmware.
However, there are ways to fix this, and I suspect that Apple is working on one for the iPhone8. I think the best solution (and I should note that my day job is Android crypto security, so I've given it more than a passing thought) is to make the firmware update process require that the user first unlock the device. There are a variety of ways to do that, and make the requirement cryptographically strong.
It should be noted that this is a general-purpose security feature, not one specifically targeted at securing against law enforcement. Without it, the security of user data can never be stronger than the internal access controls around the firmware signing key. Any employee or group of employees who have access to that key (or anyone who can bribe, extort or otherwise coerce said employees) can sign new firmware that can erode the security. The fact that it was a government attempt to coerce them to do it doesn't mean the government is the only entity who could. It's much better for user security if no one can.
Really, if Apple had a backdoor, or was forced to make one for the Gov, I guarantee that Apple would be forced to build an entire building that holds nothing but staff to respond to these requests 24/7.
Not true. If Apple (or any other company) were forced to build a government backdoor, most likely it would be the government that holds the keys, so Apple would never be involved in any of the government accesses.
Honestly, if you had a government agency that you could trust enough, such as the courts themselves, maybe, this might not be such a bad approach. That's a really, really big "if", though. The technical challenges in securing such high-value keys are not insurmountable, but they're very high, and if the keys leak, the damage to the companies who make the affected devices would be huge. Further, at least in the US the organization we would most trust to get the technical design and implementation right, the NSA, is the organization we'd want to keep furthest from the whole thing. And even if all of the technical infrastructure was perfect, then the agency would also have to make sure that its processes for approving access are airtight and have adequate oversight to prevent abuse.
Yeah... let's just not go there. Police work is only easy in a police state, and we don't want a police state.
But... it's not *that* much harder to build a system in which no one but the parties communicating have the keys. Of course, the obvious response of legislators is then to mandate government-accessible backdoors.
Jesus Christ. Backdoors, smackdoors. Simply have the NSA produce...
Um, what you described is a backdoor. Pretty much exactly the one proposed in 1993, intended to be implemented in the Clipper chip. Notice how well that succeeded. That's what I meant when I said:
This all at once system is silly.
I'm having a hard time figuring out whether you're saying it's silly for the viewers or for Netflix. I'll assume that you're saying it's silly for Netflix, since viewers are almost universally going to prefer to watch on their own schedule, whatever that may be. Those that want an episode per week can do that. Those that want to binge can do that. Or anything in between.
But it's rather presumptuous of you to assume that you know what's good for Netflix better than Netflix does. I mean, they're investing billions in producing this content. I think it's reasonable to assume that they've given a little bit more thought about how best to deliver it than you have... and they have vastly more data to feed their thinking.
Now if I remember correctly lavabit had a setup like this so they couldn't access the information so the gov't demanded their SSL key so they could pull a MITM and intercept the user's key.
Sort of true. Lavabit did have access to the data the government wanted, but avoided logging it so they had only ephemeral access, and no ability to provide the historical records being requested. They could have worked out a deal to provide the future information about the one account in question (Edward Snowden's as it turned out), but were uncooperative, and fairly stupidly so. After Lavabit's obstructionism, the government didn't trust them to selectively provide the information, so the court agreed to the -- very unusual, in fact apparently singular -- step of ordering Lavabit to provide their private key, so the government could analyze all traffic itself to find the messages they had the legal permission to see.
Lavabit, of course, decided to shut down instead, because obviously their service would no longer be secure if anyone other than them had the private key.
What they should have done is hire a lawyer immediately when the first request came in and respond to court requests in a timely fashion. They might still have ultimately come to the conclusion that they had to shut down but I suspect they probably could have simply shut down Snowden's account, ensuring that no more information of interest would be available, rather than shutting down the whole service. It would have required some thought to find a way to disable the account without tipping off Snowden that it was due to an investigation (though Snowden obviously knew he was being investigated, and was probably smart enough to stopped using the thing by then anyway). The question of the TLS key would never have come up if they'd handled it right.
After flagging the trades as suspicious through data analysis, the SEC traced them back to Yan.
The SEC was already on his trail by the time they found out about his search history.
then it should be safe for you to google "insider trading", right? well, why don't you try it and see? go ahead. we're waiting.
Okay, I did. I got a dictionary definition, plus Investopedia and Wikipedia links to explanations of it. I clicked those. I didn't bother with any of the other links.
Just to be sure I googled "How to get away with insider trading" and "How to cover up evidence of insider trading", and clicked some of those links, too.
Now what?
Look at https://myactivity.google.com/... if given a user name does not look like it is hard for google to display what you did.
No, but Google won't provide that data without a search warrant or subpoena, properly issued by a court. In a criminal case like this, they'd have to have probable cause to think there's evidence in his search history before the court would issue the warrant needed to get it from Google.
It's more likely they got a warrant to search his computer, and found the searches in the browser history.
But working from home all the time? I did that for a while, and even being an introvert, that drove me nuts. After a while you do miss the interaction at the office.
I work from home full time, have been doing it for years. I don't have the option of spending some days each week in the office, because the office is a thousand miles from me (I live in UT, the office is the Googleplex in Mountain View, CA).
I've tried a couple of solutions to the office interaction problem. I agree that you do miss it. The best one (not currently set up for issues of space and layout in the office) was an always-on video conference. We set up a VC station at an unused desk and just kept it logged in 24x7. I had another in my home office which I logged into when I started work in the morning and logged out of at the end of the day.
Most of the time I kept my side muted so they didn't have to hear the noises in my house, and I kept the volume low to reduce distraction, but I could still catch bits of interesting office conversations and join in, etc. I also waved hello to people when I noticed them walking by, etc. It worked quite well. I will get that set up again when conditions in the office permit. I still have the VC system in my office because that's how I do all of my meetings (all the conference rooms in the offices have VC setups).
My other method is occasional visits. I try to get to CA about every other month, usually for a week. My weeks there end up being wall to wall meetings, a fair number of them not with any specific agenda but just to hang out with various people for a while to see what's on their mind, and to share what I'm thinking about. Lots of lunch meetings, too. I also often socialize with my co-workers in the evenings. I've had dinner at several of their houses, with their families. One co-worker is interested in guns so we went shooting one afternoon. Another likes SCUBA, so we took a day and went down to Monterrey. And so on. All of this helps to build good personal relationships for when stuff gets stressful.
I find my on-site time draining because it's so much interaction. But I do it anyway because it does help.
One other thing I do is to carry on a lot of "water cooler" conversations via IM and, to a lesser extent, email, about both personal and professional topics. My first grandchild was born early this week, so I IM'd several of them and emailed the whole team. When I get frustrated or annoyed or unusually impressed by some bit of code or design work, I vent/celebrate via IM with one or two of them. Occasionally we rant about politics, etc.
I think this all works out great. I get to live where I want, have the flexibility that working from home provides (e.g. on Wednesday I skipped out for the afternoon to go see the new Spiderman movie with my sons), and I can use technology to satisfy my need for interaction with my colleagues. Not that I need that much interaction; I'm an introvert.
I'm a big fan of working from home. I actually did it for most of a decade at my previous employer (IBM) as well. You have to figure out how to make it work, but it's awesome. Work/life balance can be tricky for some people. Personally, I just don't draw a sharp line between "working" and "not working" but instead go back and forth between work and personal stuff throughout the day. Others do need that sharp division and have to set strict schedules for themselves. It works if you work it.
The obvious response of technology firms is to structure their encryption so that it becomes impossible for them to decrypt the content because they don't have the keys themselves. The security guys at pretty much every such company would prefer to build such systems anyway. They generally don't because doing so adds some additional layers of complexity. It's simpler and more cost-effective to instead build a key management system that is secure against compromise even by internal attackers, relying on the typical tools (secure hardware, affirmative control, responsibility splitting, etc.).
But... it's not *that* much harder to build a system in which no one but the parties communicating have the keys. Compared to the legal and administrative costs involved in having to deal with an unending stream of government requests for data (which governments almost always expect companies to comply with at their own expense, as a cost of doing business), it's a no-brainer. Much cheaper to build the more complicated decentralized security model, enabling the company to respond to government requests with "Can't. Here's our security design. You can see that we have no access to the decryption keys."
Of course, the obvious response of legislators is then to mandate government-accessible backdoors. That, however, creates an entirely new public perception of the request, making it a very different game, politically.