Encryption software will help, but only when it becomes the default option on mail clients. The reason I don't use PGP on a daily basis is because most of my friends and relatives(who are who I email most with) are not tech savvy enough to use encryption. At work, I sometimes use encryption(when I am sending data I want kept secure, like passwords), but because it's not what my client automatically does, I don't always use it for just normal interoffice communication even though I think that I probably should use encryption all the time. When encryption is default, as in ALL email, as in EVERYONE uses it because the lusers don't know how to turn it off because it's the default, then you will see encryption make a difference in basic, personal, privacy. Right now, it's just not worth encrypting everything to me(and I think a lot of people like me who have the desire to use encryption, but don't for other than technical reasons) since it would make my emails unreadable to many of the people I send them to, and I don't care to teach everyone I know what encryption is and how to use it.
Psuedonymous emails are great, and they do contribute to a sense of privacy. I never get spam(except for the shit my luser friends forward to me) because everything I sign up for gets sent to a hotmail account I almost never check. Spam piles up like crazy there, but I never see it. I think this does contribute to a sense of privacy. I feel like my email address is private, and open only to the select few(my friends, relatives, and coworkers) who I choose. Pseudonyms are already making it harder for those who would invade your privacy to associate you with a real person, or even another net identity. Everyone can and should have an email address that they keep as separate as possible from the real me. If the email address that the gov't or a corp is tracking is not related to the real you, you have created a sort of privacy. Admittedly, it would be a hell of a lot better if there was no tracking going on in the first place, but hiding behind pseudonyms is a pretty good way of insuring privacy.
So yes, I do think software can protect privacy. Probably not as well as say, legislation, and proper oversight of programs like Carnivore and echelon, but it's a step in the right direction. If everyone used basic software methods of privacy protection, it would also send a message to the people in charge that privacy is something people value, and when people start trying to protect their privacy, they'll realize just how little they have. So while software privacy protection is hardly the end all of privacy(encryption can be cracked after all), its an important first step.
These are the kinds of questions you need to ask in your columns. Clear, to the point, and thought provoking(although I don't have time right now to really think about this. Sorry, some other time I'll try and give a more complete reply than this hastily written and not very well thought out post.). This particular question has been hashed out a lot, but it's a good start. Try asking a question like this at the beginning of a column, and then answering it yourself with a concrete proposal. You don't seem like a stupid person, Jon, try sharing some of that wisdom with the rest of us in the form of a concrete solution to one of the problems you point out.
I must say, I've tried to stay away from Katz bashing. I always read Katz's articles, and some of the time I don't think they're that bad. But this article, as near as I can tell, spends a long time and uses big confusing words to tell us that privacy is good. Maybe I'm missing the point of the article entirely(if so could someone clue me in?), but as near as I can tell, this article dragged up some old news and drew no interesting conclusions from it. I wish I had something to discuss here. I think privacy issues are important, and that proposals for ensuring personal privacy are a good thing for/. to discuss. I also like it when/. keeps me informed of the latest attempt by corporate America to deprive me of my privacy. However, I don't need to hear about old stories without a useful proposal or conclusion or some kind of insight. I hope that the next installment will propose some concrete alternatives and back them up with some argument.
A few years ago Consumer Reports did a report on alternative fuels, stuff like ethanol, and a basically said that the technology was there, and that everyone should use it. An oil company(Sunoco?) bought up every single newsstand copy they could get. Oil companies have bought out patents to engines that run on alternative fuels. They know that if the word ever really gets out, then they are doomed. I wish I had the link to this stuff, I think it might be on the Consumer Reports website, and maybe FAS? Anyhow, the point is that the reason people don't have a chance to get this stuff is because the oil companies hold it down. If Joe Gaspump starts selling ethanol at his gas station, how long do you think he'll be able to buy gasoline from the big shots? The US mail service has also started using ethanol cars to deliver the mail. The tech is there, its the man thats holding it back.
So the oil companies make less than a penny per barrel. and how many barrels per day do they deal with? 500,000 is a pretty low estimate I think, since a barrel is only 55 gallons of oil if i remember. and if we guess that your "less than a penny" profit is.5 cent, thats $250,000 a day. Damn, those oil companies have it so rough. only making a 7 figures a week. Im not saying Ive got a lot of sympathy for American consumers who do have it good, but oil companies are heartless corporate bastards who manipulate the political system through campaign financing and they are lining their pockets. is your father the oil exec struggling to pay the bills like the millions of Americans who live at or near the poverty level? ok i could rant on for a while longer, but i think i made my point. oil companies hardly the over taxed, struggling companies you make them out to be.
But is this really that libelous? If the kid had yelled something obnoxious in the halls, would they have called the cops? The issue here is that there is an overreaction to the material because of the medium that it is being used. Because this was on a web page, the kid is getting an punishment that is out of proportion to the crime, in essence, getting punished for knowing html.
On a slightly more legal angle(although IANAL), doesn't libel mean that the speech had to cause harm? What actual harm happened because of the web page being up? Did the school administrators get fired because this kid claimed they were drunks? It seems to me that while as immature and obnoxious as writing a nasty web page is, its hardly something you should get arrested and kicked out of the state for.
let me start by saying IANAL. So if i write a virus here in Ohio, and start it here, and it spreads to PA, can i be prosecuted? what about if i wrote it in the phillipines? how bout if i write it here and mail it to someone in the phillipines to start? while i think you should be punished for spreading viruses or any sort of computer crime, i'm very not clear on the details of how these things can be prosecuted. does anyone have a good site that will clear this up for me?
posting these isn't going to hurt security meaures at all. crackers already know all these holes, thats why their crackers, and most network security sites(and hacker/cracker sites) maintain a list of exploits far more comprehensive and specific than this. However, taking the advice in this article will make 90% of those exploits useless, making it that much easier for sysadmins who dont spend a lot of time securing their systems and just want a few tips to help secure their systems. Very good job by sans.org i think.
I dont think that alarmism is a particularly productive response to government intrusion. I think a better way to monitor the government is to have an educated, informed citizenry who are going to protest if the government attempts to work in its own interest instead of its constituents. And isn't it possible that the best way for a government(at least a republic/democracy type) to continue its survival is to be reponsive to its citizens and to encourage freedom? Most of the more stable governments(ie US, western europe, canada) that i can think of have made it a point to keep there citizens educated and involved in the political process.
Slashdot Mirror
Encryption software will help, but only when it becomes the default option on mail clients. The reason I don't use PGP on a daily basis is because most of my friends and relatives(who are who I email most with) are not tech savvy enough to use encryption. At work, I sometimes use encryption(when I am sending data I want kept secure, like passwords), but because it's not what my client automatically does, I don't always use it for just normal interoffice communication even though I think that I probably should use encryption all the time. When encryption is default, as in ALL email, as in EVERYONE uses it because the lusers don't know how to turn it off because it's the default, then you will see encryption make a difference in basic, personal, privacy. Right now, it's just not worth encrypting everything to me(and I think a lot of people like me who have the desire to use encryption, but don't for other than technical reasons) since it would make my emails unreadable to many of the people I send them to, and I don't care to teach everyone I know what encryption is and how to use it.
Psuedonymous emails are great, and they do contribute to a sense of privacy. I never get spam(except for the shit my luser friends forward to me) because everything I sign up for gets sent to a hotmail account I almost never check. Spam piles up like crazy there, but I never see it. I think this does contribute to a sense of privacy. I feel like my email address is private, and open only to the select few(my friends, relatives, and coworkers) who I choose. Pseudonyms are already making it harder for those who would invade your privacy to associate you with a real person, or even another net identity. Everyone can and should have an email address that they keep as separate as possible from the real me. If the email address that the gov't or a corp is tracking is not related to the real you, you have created a sort of privacy. Admittedly, it would be a hell of a lot better if there was no tracking going on in the first place, but hiding behind pseudonyms is a pretty good way of insuring privacy.
So yes, I do think software can protect privacy. Probably not as well as say, legislation, and proper oversight of programs like Carnivore and echelon, but it's a step in the right direction. If everyone used basic software methods of privacy protection, it would also send a message to the people in charge that privacy is something people value, and when people start trying to protect their privacy, they'll realize just how little they have. So while software privacy protection is hardly the end all of privacy(encryption can be cracked after all), its an important first step.These are the kinds of questions you need to ask in your columns. Clear, to the point, and thought provoking(although I don't have time right now to really think about this. Sorry, some other time I'll try and give a more complete reply than this hastily written and not very well thought out post.). This particular question has been hashed out a lot, but it's a good start. Try asking a question like this at the beginning of a column, and then answering it yourself with a concrete proposal. You don't seem like a stupid person, Jon, try sharing some of that wisdom with the rest of us in the form of a concrete solution to one of the problems you point out.
I must say, I've tried to stay away from Katz bashing. I always read Katz's articles, and some of the time I don't think they're that bad. But this article, as near as I can tell, spends a long time and uses big confusing words to tell us that privacy is good. Maybe I'm missing the point of the article entirely(if so could someone clue me in?), but as near as I can tell, this article dragged up some old news and drew no interesting conclusions from it. I wish I had something to discuss here. I think privacy issues are important, and that proposals for ensuring personal privacy are a good thing for /. to discuss. I also like it when /. keeps me informed of the latest attempt by corporate America to deprive me of my privacy. However, I don't need to hear about old stories without a useful proposal or conclusion or some kind of insight. I hope that the next installment will propose some concrete alternatives and back them up with some argument.
A few years ago Consumer Reports did a report on alternative fuels, stuff like ethanol, and a basically said that the technology was there, and that everyone should use it. An oil company(Sunoco?) bought up every single newsstand copy they could get. Oil companies have bought out patents to engines that run on alternative fuels. They know that if the word ever really gets out, then they are doomed. I wish I had the link to this stuff, I think it might be on the Consumer Reports website, and maybe FAS? Anyhow, the point is that the reason people don't have a chance to get this stuff is because the oil companies hold it down. If Joe Gaspump starts selling ethanol at his gas station, how long do you think he'll be able to buy gasoline from the big shots? The US mail service has also started using ethanol cars to deliver the mail. The tech is there, its the man thats holding it back.
So the oil companies make less than a penny per barrel. and how many barrels per day do they deal with? 500,000 is a pretty low estimate I think, since a barrel is only 55 gallons of oil if i remember. and if we guess that your "less than a penny" profit is .5 cent, thats $250,000 a day. Damn, those oil companies have it so rough. only making a 7 figures a week. Im not saying Ive got a lot of sympathy for American consumers who do have it good, but oil companies are heartless corporate bastards who manipulate the political system through campaign financing and they are lining their pockets. is your father the oil exec struggling to pay the bills like the millions of Americans who live at or near the poverty level? ok i could rant on for a while longer, but i think i made my point. oil companies hardly the over taxed, struggling companies you make them out to be.
But is this really that libelous? If the kid had yelled something obnoxious in the halls, would they have called the cops? The issue here is that there is an overreaction to the material because of the medium that it is being used. Because this was on a web page, the kid is getting an punishment that is out of proportion to the crime, in essence, getting punished for knowing html.
On a slightly more legal angle(although IANAL), doesn't libel mean that the speech had to cause harm? What actual harm happened because of the web page being up? Did the school administrators get fired because this kid claimed they were drunks? It seems to me that while as immature and obnoxious as writing a nasty web page is, its hardly something you should get arrested and kicked out of the state for.
let me start by saying IANAL. So if i write a virus here in Ohio, and start it here, and it spreads to PA, can i be prosecuted? what about if i wrote it in the phillipines? how bout if i write it here and mail it to someone in the phillipines to start? while i think you should be punished for spreading viruses or any sort of computer crime, i'm very not clear on the details of how these things can be prosecuted. does anyone have a good site that will clear this up for me?
posting these isn't going to hurt security meaures at all. crackers already know all these holes, thats why their crackers, and most network security sites(and hacker/cracker sites) maintain a list of exploits far more comprehensive and specific than this. However, taking the advice in this article will make 90% of those exploits useless, making it that much easier for sysadmins who dont spend a lot of time securing their systems and just want a few tips to help secure their systems. Very good job by sans.org i think.
I dont think that alarmism is a particularly productive response to government intrusion. I think a better way to monitor the government is to have an educated, informed citizenry who are going to protest if the government attempts to work in its own interest instead of its constituents. And isn't it possible that the best way for a government(at least a republic/democracy type) to continue its survival is to be reponsive to its citizens and to encourage freedom? Most of the more stable governments(ie US, western europe, canada) that i can think of have made it a point to keep there citizens educated and involved in the political process.