>the integrity of an election, ANY ELECTION, is dependent SOLELY UPON the integrity of the people who carry it out.
Then the system is inherently broken.
Banks have procedures that prevent a crooked employee from stealing money without getting caught. Elections need procedures so that any party or concerned citizen can detect cheating and send someone to jail. Elections must not depend on the integrity of the people carrying them out, they must contain and detect the damage *when* someone of low integrity enters the process.
This may happen for economic reasons. I went to a talk by someone (was it Dan Kaminsky?) who pointed out that when ISPs intercept web traffic and replace ads with their own, they are cutting revenue for the site operator. Therefore the site operator has an incentive to go SSL just to prevent third parties from tampering with the traffic, even if they don't see a need for confidentiality.
Every part of that is right, but what he's doing might still make sense from a risk analysis point of view.
Any security person is going to hate seeing a vulnerability as gross as a plaintext password when there are zero-cost alternatives, but look at the threats and impacts.
If someone overwrites his backups, he'll detect it via the signatures. So overwrite and deletion have the same impact. The impact is limited by his other backups. The likelihood -- I'd say "certain in the long run", which is also true of defective backup media, which would have the same impact (losing one or more files).
Overlooked risks: FSM help him if he uses the same password anywhere else as he uses for the FTP session. Plus, do a threat analysis. What is going to be the motivation for the attacker here? We're talking someone who is sniffing an ISP's traffic. OP's username/password pair is going to be among the least interesting to an attacker with human limitations. Random vandalism is frowned on by old-school intruders and doesn't bring profit to contemporary financially motivated ones, so though it's going to happen eventually other things are more likely. By the time someone deletes his backup, there will have been multiple incidents of his storage being used as a warez drop or worse. Would the illegal files get "restored" to his working machines? Working from a catalog file and checking the signatures would prevent that.
This kind of analysis is overkill here, but you need it in general for real-life security issues. In summary, he's actually adding protection by making one more backup, unreliable though it will be, at the cost of increasing legal risks and spending time to monitor for unwanted files.
I've seen highly moderated posts advocating any of the following:
Individual firearms ownership rights
Fiscal responsibility
Limited government
Individual responsibility
The rule of law
Traditionally all of these would be considered conservative positions. What's calling itself "conservative" now would not be recognized by Edmund Burke or Barry Goldwater.
For the NiMH battery in the Prius, Toyota says "Toyota has a comprehensive battery recycling program in place and has been recycling nickel-metal hydride batteries since the RAV4 Electric Vehicle was introduced in 1998. Every part of the battery, from the precious metals to the plastic, plates, steel case and the wiring, is recycled. To ensure that batteries come back to Toyota, each battery has a phone number on it to call for recycling information and dealers are paid a $200 "bounty" for each battery."
It would take 5 officers to tail someone 24/7. That is enough to stop almost all frivolous or abusive tracking. Without that deterrent, the only thing that could block abuse would be judicial oversight.
>Another thought is the first thing the christian god did was create light, he didn't create the rules to govern how light behaved, so maybe physics has always existed, even before god did anything.
My favorite T-shirt says
"And God said [Maxwell's equations go here] and there was light"
There's precedent for that. Any system that selects legislators by lot is quite similar, because it turns the legislature into just such a jury. The difference of course is that it mixes advocacy with judgment.
Related, but lacking the concept of a representative sample, is the "blue ribbon jury" of people chosen for special qualifications to address a civic issue.
I can't find a reference for this, but did read once that the concept of a jury once took the form of ad hoc advisers summoned by the government to deliberate on public issues.
>science education is for the most part a dreary business, a burden to student and teacher alike at all levels of American education
It doesn't have to be this way and it's a recall-class bug in our system that it is this way.
Ever been around a preschool child? They want to know the why of everything. They come up with ingenious hypotheses. They test their environment to an extent which jeopardizes domestic tranquility. Science comes naturally to people!
Maybe the answer is to integrate science instruction better with what people know. Explain how you can use a coast-down measurement to find out how much power your car uses at cruise. Then convert those to the same units and compare that to a light bulb, or to the average power consumption of the student's house.
Actually, under constitutional law, the preferred situation is to let the speech happen and hash out any legal issues later. The term for preventing a publication is "prior restraint", and it's very much frowned upon compared to going to court over speech that's already been published.
In this case the judge used a computer intrusion statute. I don't know the terms of it, but some such laws do prohibit trading in passwords or other access devices. Seems like a stretch, and I don't consider it justified, but that might be the reasoning. I'm not a lawyer, but if I were them I'd look out for the highly abusable conspiracy laws.
In the old days, the author of a high-speed worm would have wanted to avoid user interaction, because human beings slow things down. Slammer doubled the number of infections every 8.5 seconds when it took off: hard to do that when you have to wait for a user to figure out how to turn off their antivirus software.
Someone who is targeting corporate systems today, for espionage or to recruit well-connected botnet hosts, is attacking an environment where the users may not be able to turn off their antivirus software.
A pure social engineering attack, with no code obfuscation, would have to work in two stages. The actual payload would have to be delivered after the antivirus got turned off, not before, so there would have to be a first stage containing the UI to persuade the user to disable anti-virus. Hardly impossible, but a nuisance.
Those are a few of the reasons, though your point stands unchallenged: humans are the weakest link, and security people who develop tunnel vision about technical protections and countermeasures are crippling themselves.
"The freedom we enjoy in our government extends also to our ordinary life. There, far from exercising a jealous surveillance over each other, we do not feel called upon to be angry with our neighbor for doing what he likes..."
Thus Pericles described the greatness of Athens in his funeral oration.
>Can you imagine identity theft in this scenario? Oh boy oh boy, someone steals your identity and all of the sudden you lose your life insurance, the doctor _won't_ see you now because you lost your health insurance, and all of that is because someone bought a heart medication with your info and your insurers dropped you immediately.
It's a real-world problem already. Sometimes it's health care industry insiders who have routine access to your records, and there have even been cases of organized crime setting up storefront clinics just to collect people's insurance info.
The motives can include procuring controlled substances, and just imagine having that on your record. Other motives can include billing for nonexistent procedures, leaving you stuck with multiple bogus pre-existing conditions on your record and the potential for criminal prosecution.
There's no simple way to correct your records in all the places where they live, and there's even been a suggestion that you might be prevented from looking at your own records to protect the privacy of the person whose health problems are now on your record.
The shredder is good advice. Also make sure your physmail gets delivered to something that locks, like a PO box or an apartment mailbox. Mail theft from those Leave It To Beaver on-street mailboxes is a real problem.
Hushmail only stores your private key in encrypted form, encrypted with your passphrase. It gets decrypted only on your machine, by the Java applet. Yes, this does mean your security depends entirely on the strength of your passphrase. Use http://www.diceware.com./
As for hashes being easy to crack, please. A dictionary attack isn't a crack of a hash, and reversing a hash algorithm is still beyond the state of the published art. Making collisions, yes, but recovering original text, no.
>In theory, with a few billion dollars you could build a machine capable of cracking AES in months
2**256 is a bigger number than that. Run some order-of-magnitude calculations assuming you can turn the entire universe into a computer and see how long it would take to get through half an AES keyspace even assuming some mathematical breakthroughs that give you a work factor reduction.
>If you want encryption guaranteed against major governments you have to go with a one time pad.
The NSA permits AES for the government's own data.
Google "Venona": a one time pad only protects you if you do everything else right. That's a general lesson: assuming you stick with something semi-respectable, operational doctrine and procedures matter more than your algorithm.
Yoga. An unscientific survey I saw once suggested it's better than anything else for fixing/preventing back problems. It addresses giving you flexibility as well as strength. You'd want to start with a class or two, though, so maybe it's out of the picture, but remember that a beginner's class will be full of people in worse shape than you.
Look up The Hacker's Diet, by John Walker
on
How Do Geeks Exercise?
·
· Score: 3, Informative
Somewhere in fourmilab.ch, there's a free book about weight loss from a geek perspective which includes an exercise program which is o quick, under 15 minutes to complete o private o works with no special equipment o is not suitable if you have back problems, get professional advice if you do.
If you live in a hilly area then walking can get your heart rate into the aerobic training range. Aerobic exercise has cognitive benefits too.
Lots of people have reported good results from Dance Dance Revolution.
Sounds like you've solved the #1 problem, motivation. It's a miracle that any geeks retain any interest in fitness after the physical "education" classes in school. But you're already familiar with the fact that your brain feels better in a body that goes when you step on the gas. The other way to look at it is that your body is like a Swiss Army knife, it's the tool you always have with you, so it might as well be functional.
Making it miss is a matter of nudging its orbit just enough that it doesn't intersect Earth any more. Capturing it requires slowing it down all the way to Earth-orbit speed. In space, just because something goes nearby doesn't mean it's easy to catch.
Invisiblog was a cypherpunk initiative to enable blogging with strong anonymity. It was just what a whistleblower would want, but they don't seem to be in operation any more.
Slashdot Mirror
>the integrity of an election, ANY ELECTION, is dependent SOLELY UPON the integrity of the people who carry it out.
Then the system is inherently broken.
Banks have procedures that prevent a crooked employee from stealing money without getting caught. Elections need procedures so that any party or concerned citizen can detect cheating and send someone to jail. Elections must not depend on the integrity of the people carrying them out, they must contain and detect the damage *when* someone of low integrity enters the process.
This may happen for economic reasons. I went to a talk by someone (was it Dan Kaminsky?) who pointed out that when ISPs intercept web traffic and replace ads with their own, they are cutting revenue for the site operator. Therefore the site operator has an incentive to go SSL just to prevent third parties from tampering with the traffic, even if they don't see a need for confidentiality.
Every part of that is right, but what he's doing might still make sense from a risk analysis point of view.
Any security person is going to hate seeing a vulnerability as gross as a plaintext password when there are zero-cost alternatives, but look at the threats and impacts.
If someone overwrites his backups, he'll detect it via the signatures. So overwrite and deletion have the same impact. The impact is limited by his other backups. The likelihood -- I'd say "certain in the long run", which is also true of defective backup media, which would have the same impact (losing one or more files).
Overlooked risks: FSM help him if he uses the same password anywhere else as he uses for the FTP session. Plus, do a threat analysis. What is going to be the motivation for the attacker here? We're talking someone who is sniffing an ISP's traffic. OP's username/password pair is going to be among the least interesting to an attacker with human limitations. Random vandalism is frowned on by old-school intruders and doesn't bring profit to contemporary financially motivated ones, so though it's going to happen eventually other things are more likely. By the time someone deletes his backup, there will have been multiple incidents of his storage being used as a warez drop or worse. Would the illegal files get "restored" to his working machines? Working from a catalog file and checking the signatures would prevent that.
This kind of analysis is overkill here, but you need it in general for real-life security issues. In summary, he's actually adding protection by making one more backup, unreliable though it will be, at the cost of increasing legal risks and spending time to monitor for unwanted files.
Traditionally all of these would be considered conservative positions. What's calling itself "conservative" now would not be recognized by Edmund Burke or Barry Goldwater.
Curious people may want to read the list of papers and articles about security bug disclosure policy (no longer maintained but full of interesting stuff).
For the NiMH battery in the Prius, Toyota says
"Toyota has a comprehensive battery recycling program in place and has been recycling nickel-metal hydride batteries since the RAV4 Electric Vehicle was introduced in 1998. Every part of the battery, from the precious metals to the plastic, plates, steel case and the wiring, is recycled. To ensure that batteries come back to Toyota, each battery has a phone number on it to call for recycling information and dealers are paid a $200 "bounty" for each battery."
...says the person posting anonymously.
The whole point is that it's the people doing surveillance who need to justify themselves, not the people seeking to preserve their privacy.
"Nothing to hide" answers the wrong question. The right question has the answer "I've got nothing to prove".
"Quantity has a quality all its own".
It would take 5 officers to tail someone 24/7. That is enough to stop almost all frivolous or abusive tracking. Without that deterrent, the only thing that could block abuse would be judicial oversight.
>Another thought is the first thing the christian god did was create light, he didn't create the rules to govern how light behaved, so maybe physics has always existed, even before god did anything.
My favorite T-shirt says
"And God said [Maxwell's equations go here] and there was light"
There's precedent for that. Any system that selects legislators by lot is quite similar, because it turns the legislature into just such a jury. The difference of course is that it mixes advocacy with judgment.
Related, but lacking the concept of a representative sample, is the "blue ribbon jury" of people chosen for special qualifications to address a civic issue.
I can't find a reference for this, but did read once that the concept of a jury once took the form of ad hoc advisers summoned by the government to deliberate on public issues.
>science education is for the most part a dreary business, a burden to student and teacher alike at all levels of American education
It doesn't have to be this way and it's a recall-class bug in our system that it is this way.
Ever been around a preschool child? They want to know the why of everything. They come up with ingenious hypotheses. They test their environment to an extent which jeopardizes domestic tranquility. Science comes naturally to people!
Maybe the answer is to integrate science instruction better with what people know. Explain how you can use a coast-down measurement to find out how much power your car uses at cruise. Then convert those to the same units and compare that to a light bulb, or to the average power consumption of the student's house.
Actually, under constitutional law, the preferred situation is to let the speech happen and hash out any legal issues later. The term for preventing a publication is "prior restraint", and it's very much frowned upon compared to going to court over speech that's already been published.
In this case the judge used a computer intrusion statute. I don't know the terms of it, but some such laws do prohibit trading in passwords or other access devices. Seems like a stretch, and I don't consider it justified, but that might be the reasoning. I'm not a lawyer, but if I were them I'd look out for the highly abusable conspiracy laws.
In the old days, the author of a high-speed worm would have wanted to avoid user interaction, because human beings slow things down. Slammer doubled the number of infections every 8.5 seconds when it took off: hard to do that when you have to wait for a user to figure out how to turn off their antivirus software.
Someone who is targeting corporate systems today, for espionage or to recruit well-connected botnet hosts, is attacking an environment where the users may not be able to turn off their antivirus software.
A pure social engineering attack, with no code obfuscation, would have to work in two stages. The actual payload would have to be delivered after the antivirus got turned off, not before, so there would have to be a first stage containing the UI to persuade the user to disable anti-virus. Hardly impossible, but a nuisance.
Those are a few of the reasons, though your point stands unchallenged: humans are the weakest link, and security people who develop tunnel vision about technical protections and countermeasures are crippling themselves.
"The freedom we enjoy in our government extends also to our ordinary life. There, far from exercising a jealous surveillance over each other, we do not feel called upon to be angry with our neighbor for doing what he likes..."
Thus Pericles described the greatness of Athens in his funeral oration.
>Can you imagine identity theft in this scenario? Oh boy oh boy, someone steals your identity and all of the sudden you lose your life insurance, the doctor _won't_ see you now because you lost your health insurance, and all of that is because someone bought a heart medication with your info and your insurers dropped you immediately.
It's a real-world problem already. Sometimes it's health care industry insiders who have routine access to your records, and there have even been cases of organized crime setting up storefront clinics just to collect people's insurance info.
The motives can include procuring controlled substances, and just imagine having that on your record. Other motives can include billing for nonexistent procedures, leaving you stuck with multiple bogus pre-existing conditions on your record and the potential for criminal prosecution.
There's no simple way to correct your records in all the places where they live, and there's even been a suggestion that you might be prevented from looking at your own records to protect the privacy of the person whose health problems are now on your record.
The shredder is good advice. Also make sure your physmail gets delivered to something that locks, like a PO box or an apartment mailbox. Mail theft from those Leave It To Beaver on-street mailboxes is a real problem.
Hushmail only stores your private key in encrypted form, encrypted with your passphrase. It gets decrypted only on your machine, by the Java applet. Yes, this does mean your security depends entirely on the strength of your passphrase. Use http://www.diceware.com./
As for hashes being easy to crack, please. A dictionary attack isn't a crack of a hash, and reversing a hash algorithm is still beyond the state of the published art. Making collisions, yes, but recovering original text, no.
>In theory, with a few billion dollars you could build a machine capable of cracking AES in months
2**256 is a bigger number than that. Run some order-of-magnitude calculations assuming you can turn the entire universe into a computer and see how long it would take to get through half an AES keyspace even assuming some mathematical breakthroughs that give you a work factor reduction.
>If you want encryption guaranteed against major governments you have to go with a one time pad.
The NSA permits AES for the government's own data.
Google "Venona": a one time pad only protects you if you do everything else right. That's a general lesson: assuming you stick with something semi-respectable, operational doctrine and procedures matter more than your algorithm.
Yoga. An unscientific survey I saw once suggested it's better than anything else for fixing/preventing back problems. It addresses giving you flexibility as well as strength. You'd want to start with a class or two, though, so maybe it's out of the picture, but remember that a beginner's class will be full of people in worse shape than you.
Somewhere in fourmilab.ch, there's a free book about weight loss from a geek perspective which includes an exercise program which is
o quick, under 15 minutes to complete
o private
o works with no special equipment
o is not suitable if you have back problems, get professional advice if you do.
If you live in a hilly area then walking can get your heart rate into the aerobic training range. Aerobic exercise has cognitive benefits too.
Lots of people have reported good results from Dance Dance Revolution.
Sounds like you've solved the #1 problem, motivation. It's a miracle that any geeks retain any interest in fitness after the physical "education" classes in school. But you're already familiar with the fact that your brain feels better in a body that goes when you step on the gas. The other way to look at it is that your body is like a Swiss Army knife, it's the tool you always have with you, so it might as well be functional.
Making it miss is a matter of nudging its orbit just enough that it doesn't intersect Earth any more. Capturing it requires slowing it down all the way to Earth-orbit speed. In space, just because something goes nearby doesn't mean it's easy to catch.
Laughing at evil is one way to reduce its power:
"The Devil, the proud spirit, cannot endure to be mocked." - St. Thomas More
Invisiblog was a cypherpunk initiative to enable blogging with strong anonymity. It was just what a whistleblower would want, but they don't seem to be in operation any more.
Didn't have to, with friends and associates of Bush in charge at Clear Channel:
http://query.nytimes.com/gst/fullpage.html?res=9B02E1DD1230F936A15750C0A9659C8B63