More like equals 1% of people not buying anything from those two companies anymore. Most people have no idea what the hell encryption is, how it works, or why we can't just let the FBI do their job.. computers are exactly like cars after all, right? Or door locks or something we understand and just works and we don't need to think about it while we get back to surfing for cats and porn.
And of the people who do understand the issues, switching to a whole different OS, losing all of their familiar apps and a good portion of their data.. it just isn't going to happen for a lot of them either. They might make a token effort and install Linux on a separate partition or something but they'll still spend 3/4 of their life booting back into Windows to get something they "just need."
Never mind phones. You have your choice between Apple, Microsoft and Google. All of which are American companies and subject to US law. Google's probably the best since the actual devices are mostly made and customized by third parties (many of whom aren't US-based) but they still retain a hell of a lot of control over their OS at the fundamental level. They kind of have to in order to keep apps (and ad services!) working across disparate devices.
I guess you could suck it up and get a Blackberry. Though RIM I'm sure has enough ties to the US that they probably wouldn't fight too hard when the FBI hands them a data retrieval request (probably even less than the big three given their already-precarious economic position.) And Canada's not particularly good at protecting our privacy when the government comes knocking either so we're not really a huge step up even if RIM tries to dig their heels in.
Your only real hope is just give up your phone, give up your computer, give up your credit and debit cards and pretty much every other modern convenience and go back to living like its 1916 instead of 2016.
Math, scale of the install base and the fact that the internet exists. The math guarantees that once a key is known, there's no limits to it. The scale of the install base means knowing keys to one phone is almost equivalent to a universal privacy invasion and the fact that the internet exists means separate keys for each phone isn't significantly different from a single key (the key needed to log into the database storing the other keys.)
Of those, the internet issue is by far the easiest to work around -- just don't ever allow the keys to be put somewhere that they're accessible from the internet (or any network that could potentially be accessed from the internet regardless of how many firewalls and whatever you put in place.) But of course we all know that won't happen. Never mind the possibility of internal sabotage exposing the key database to the world.
Real-world search and seizure works because things like safes or houses are fundamentally distinct objects. The FBI breaking down my neighbor's door doesn't impact my security in the slightest (.. my property values are another story..)
The FBI having the capability to break into the phone of some random guy Jersey on the other hand has a strong potential to affect my phone's security (and I'm not even American!) because that single shared database (if it existed) would break the fundamental separation that makes search and seizure not horrific for real-world objects..
And even then, the US had to enact a constitutional amendment to limit abuse in the real world. Imagine what would happen if abuse required only a couple keystrokes while hidden away in a cubical rather than a swat team with a battering ram in plain sight?
The problem is when someone hacks the government server and just takes all of the keys.
By necessity there needs to be some way to identify which key belongs to which phone, so you've simply reduced the problem set from getting a single key to getting a database of keys.
And that might not even be an improvement. A single key could in principle be kept purely on paper in a safe at the FBI and all digital copies destroyed immediately after printing whereas that would be impractical for a database containing hundreds of millions of keys..
Having a dual set of keys held by different entities as a poster below suggested would be significantly better since the hacker would now have to break into two completely separate systems. This is also technically possible -- we have the math to build K of N keys systems for any 1=K=N and if you want one user key OR two external keys then you just combine two regular keys together to create your user key (and then the FBI and Apple would each get a single regular key.).. But this is only really useful if the keys had a way of being overwritten in the phone (so if FBI's database is compromised, Apple can just send them a new set of keys and push an update to the affected phones.. and similarly if their own database is compromised.) Without that, its only a matter of time before both databases are compromised -- more time than with just one perhaps but still just time.
And now you've opened up a back door that anyone could (potentially) figure out and just be able to load your phone with whatever keys they feel like and then have complete access to it.
From a theoretical standpoint, this problem was solved decades ago with things like K-of-N encryption systems. Its the practical side that falls down since we have no way to guarantee the keys won't be stolen or abused, and any key update/replacement functionality you try to bake into it could also be stolen or abused just as easily.
That's a real-world problem though and the media/FBI/whoever constantly focusing on the technical "issues" to the exclusion of all else isn't doing anything to solve it. Which of course is what they want because there really isn't a way to solve it. Nobody really believes perfect security is possible and unfortunately when it comes to computer systems, imperfect security is exactly equivalent to no security with a time delay.
That sounds completely in line to be honest, since those ransomware programs are using strong encryption to do their work, and the FBI is all about stamping out strong encryption. I'm surprised they don't try to bring that out as a talking point.. maybe not in this Apple case (since Apple would rightly question how the fuck that's related) but in their more general anti-encryption stance.
I mean it would be bullshit of course.. its not like all the laws in the world would convince the ransomware people to stop using encryption.. but its not any more BS than most of the other talking points that get thrown around lately.
Or Green or independent or any other label you want to apply. "Government" is made up of many people, not all of whom are even voted for (hell not even most,) and at least some proportion of which are going to be dicks because power draws assholes like moths to a flame.
Even if you have one favored candidate up on your little pedestal and even if they're actually as awesome as you proclaim, there's a whole shitload of other people waiting to fill in the dickery slot for them and those people come from all parties and all walks of life. Having to deal with assholes is one of the few shared human experiences that spans every nation, race, culture and time period.
Not that you shouldn't try of course. Having one good person in office is better than having no good people in office.. but using any definition of party association to encompass good vs bad politicians is just dumb.
Its not even that. The sole purpose of which is to make it easier to associate your various accounts across databases when sharing your personal information for the marketing and tracking purposes.
Google and Facebook and whoever don't give a shit if you get attacked for saying stupid shit unless they somehow wind up being liable for the incoming retributions in a court case which is pretty unlikely.
They don't even care if the government wants your real name for whatever shady purpose.. they can make the damned connections between your various accounts themselves.
No, its all about the Benjamins. As usual. They certainly do want that sweet sweet ad revenue.
Define "success." Stopping 95% of the population from casually running across something China doesn't like is probably a success in their books. I mean sure they'd like to stop 100% but 95% is still a hell of a lot better than 0%.
Just like the lock on your door (ooh an analogy on Slashdot!) It won't keep out 100% of people, but nobody's about to be calling for a removal of all locks on all doors just because of the occasional B&E.
Of course that analogy breaks down in the sense that we generally value our personal security and generally consider censorship bad, so the goals of the two systems are kind of opposite (at least in the view of western internet users) but in terms of defining "success," it matches up pretty well.
I mean I'm not defending the practice here.. it would be great if information could be as free as it wants to be.. but unfortunately the vast majority of users are either technically incapable or just don't care circumventing these kinds of blockades and so for all practical intents they work great even if they're not perfectly sound in theory.
Also, protecting "national security and public safety" should be a proactive act.
From that line of thinking we get ideas like PRISM. No. Just no.
The only way to proactively stop someone from committing a crime is to invade their privacy. But you don't know who's privacy to invade until you've already done it. Therefore we must invade everyone's privacy!
But that's OK because we all trust the government to be good, honest and inhumanly capable of securing their databases, right? Those silly constitution writers didn't know what they were talking about when they made that fourth amendment. Probably just wrote it up as a prank.
They did to a degree, but when it came to freedom-destroying election issues, the parties pretty much focused on our very own C51.
The TPP was mentioned here and there, though more with respect to the secret courts (aka sell your sovereignty to the highest non-domestic bidder) than copyright.
Supposedly Trudeau's cabinet was going to "review" the TPP, whatever the hell that's supposed to mean. I can't imagine they did anything thorough in the amount of time they've been in power -- the treaty text is just too damned long and convoluted. Regardless, they're still planning on signing it so I guess any review they did manage to get done ended up as "status quo."
No mention of CETA that I saw, though that's not just during the election -- CETA gets significantly less coverage across the board than the TPP. I have neither the time nor legal expertise to work it out for myself but from what I've read, the two treaties are quite similar other than the participants, suggesting that CETA will probably screw us at least within an order of magnitude of the TPP... but it's missing the "ermg we'll be taken over by America!" factor that makes the TPP so much more newsworthy up here.
Well since the US isn't part of CETA, I doubt Obama would have wasted the phone call (official phone calls between international leaders tends to be considered a big deal.)
Then again, CETA (for some reason) includes a lot of DMCA-like copyright laws that the US has been trying to push on us for ages. But its still unlikely Obama would have been the one to make such a call. US government might be in the hands of big business but that would be a little too obvious when the US doesn't officially get anything out of it.
Also don't forget that these are massive deals that have been many years in the making (probably years before anyone even heard of them given how secretive they are) and that there's a lot of people in government that don't get changed out at election time. There's a lot of pressure both from internal and international sources against pulling out at the last minute.
I mean I obviously have no idea what Trudeau's personal opinion is on these trade deals, but trying to blame a decade-in-the-making gong show on one single guy who only came into the picture a couple months ago is stupid, no matter what position that guy holds.
Even Harper with his semi-dictatorial control over his government would have been hard pressed to do something like that just on his own whim (not that he would have wanted to of course, just saying.)
Heh if these were just trade deals, that wouldn't be a problem.
Unfortunately what we're "trading" is our freedom, especially in the realm of copyright. CETA (and TPP and basically every other "trade" agreement you've heard of in the past decade and who knows how many you haven't heard of) give us just enough carrot that we'll brave the stick, while everyone politely overlooks the shotgun in the corner.
There's two arguments there: - Starting at a high level language will allow a wider audience, but they'll come out not knowing the fundamentals.
- Starting at a low level language will scare off many casuals, but those who stick with it will (typically) know a lot more in the end.
In our modern era of "everyone should have a chance!" thinking, the former is definitely the way to go. Unfortunately it makes it harder for those who want to dig deeper to do so because you end up forming a lot of bad habits that are hard to break even when you know better.
Still, at least its possible to go that direction.. usually if someone is scared off from "programming" because their teacher started them in C, they probably won't try another programming course even if its dramatically less obscure (especially since they wouldn't have gained the knowledge needed to understand the difference.)
The hell are you talking about? Of course if you send a plain text email then its going to get sent in plain text. That's kind of obvious.
The "encrypted by default" that governments are currently pissy about isn't the communications -- its the storage (internal, SD card, whatever.)
Nothing of course will stop a keylogger (unless you can type encrypted bytes by hand!) but its pretty obvious to anyone who knows how to snoop network traffic if your device is sending unexpected things to places it shouldn't be, including keylogged data. That is: someone will find it, in very short order, and it'll be all over the (techie) news within days.
Aside from a keylogger.. if you're paranoid about any encryption being backdoored then _write it yourself_. It definitely requires some knowledge of computation and cryptographic methods obviously, but its not particularly _difficult_ if you have the appropriate skills and some reference material (which is easy to find -- grab the coursebook from any university-level cryptography class.)
Sure you probably won't make a 100% secure encryption scheme right off the bat, but as long as its non-standard, you've got a layer of obscurity on top of whatever real security you did manage to put together.
Unless you somehow think that the government has secret fast algorithms for prime factoring and elliptic curve analysis and whatever other commonly used one-way functions that are only assumed (but not proven) intractable (or even more unlikely, you think they've somehow managed to inject a back door into the very concept of factoring prime numbers.. In which case you should probably find yourself a nice padded room cause you're way off the top of the conspiracy meter.)
Well yeah, SK might get pissy but it wouldn't have anything to do with being a "US client state" -- it would be because they'd want to annex NK themselves to reunite the full country of Korea.
They'd probably still be better off with China running NK than the Kim dynasty though. China's less likely to do something totally insane just for the hell of it.
the device as sold is not secure at a hardware or OS level.
Well they are currently -- that's what France and other governments around the world are attempting to change: Apple and Google and other mobile OS developers have been enabling un-backdoored encryption out of the box for the past year or two (and its been included but disabled by default for years before that.)
If you mean by "not secure" that "Apple can push an iOS update that breaks security" well yes, that's true: While your data is secure, the device itself and the software on it is still controlled by Apple.
However that would also intrinsically destroy all of your data so you'd find out right away that something's amiss. I suppose they could try to do some trickery in the background where it decrypts existing secure data and re-encrypts it with the new broken scheme using your same password (that you give it because this is still while the device is in your possession..)
But something like that should be fairly obvious for people with large amounts of data such as you'd see at say watchdog firms who are looking out for exactly that kind of BS.. so we'd know about it pretty quickly in that case as well (though perhaps for only a smaller definition of "we" since most average people don't follow tech blogs and wouldn't see those kind of notices.)
Uhhh what? Unless they're requiring a keylogger or similar to be installed, software encryption works just as well as hardware encryption (or possibly better, if you write it yourself and know 100% that you can trust it.)
The part you should have put in quotes is "plain text." If the hardware is only seeing encrypted garble itself, its not going to be able to pass plaintext to the government.
always report your ip
Well yeah, that's pretty much a requirement for IP-based networking.
and log, collect or allow a trap door, back door
Uhhh no. Generally speaking those don't exist unless the manufacturer is either forced to implement it or they're trying to do something underhanded (wasn't there a story about Chinese routers a couple years ago?)
Implementing logging and back doors and whatnot is both more work for the manufacturer and less secure for the user -- its a lose-lose situation and nobody would do that without some external influence. (Well maybe a certain amount of logging in the context of telemetry type things where the external influence is "potential advertising income," which generally falls into the underhanded category even if its pretty much universal these days.)
Or in this case, made so insecure as to be useless!
With the bonus of completely ignoring the fundamental fact that anybody with a bit of skill can write their own encryption software. Its not that hard if you have a good book on the subject and some programming knowledge -- at least not to make a simple chat app or whatever. Integrating your personal encryption scheme with popular websites/apps/devices is another question of course, but if all you're looking for is purely the ability to pass secure commands to your subordinates.. its pretty easy.
*I* have yet to install an alternative OS on my phone.
But do you have any reason to? Are you sounding out terrorist plots or other illegal activities? Hopefully not.
Criminals and Terrorists... are mostly drawn from normal people.
One of the above posters mentioned this as well.. and that's true for your rank and file foot soldier. The higher ups will be more akin to the higher ups in a normal organization -- probably don't understand the shit either (and will fuck it up occasionally no matter what) but will also employ people to handle it for them.
Of course, also as others have already pointed out, the French attackers weren't bothering to encrypt things anyway, so the whole argument is chasing a red herring and failing to even address the national security issues its supposed to be "solving."
Probably not as bad as you'd think since being a parody, it would be the comedic(/comedically terrible) parts you're evaluating rather than the porn itself.
The few porn parodies I've run across are usually not much different than non-porn parodies other than there being you know.. sex involved. Good ones can be amusing as hell but 99% of the time they're just boring crap running on nothing but weak puns (or whatever the visual equivalent of puns is.. I know there's a word for that..) and you'd be better to watch either a real comedy or a real porn (depending on what you're looking for at the time!)
it would not include a North Korea with nuclear strike capability
No, but it could end up worse if it gets boondoggled like when the USSR broke up and they just flat out lost track of a bunch of them. I mean nobody knows how NK's nuclear program is setup -- whether its spread across many sites or still packed into a single research facility or what.
In particular if they're distributed across the country to any great degree there's a good chance that any knowledge of the external sites would be lost in the attack and those weapons would be available for any unscrupulous reseller to push to the black market before they're found again.
That would be probably the best outcome possible for everybody. NK population gets a (ok, probably fairly slight) quality of life improvement.. NK as a country are no longer a threat.. and China gets to annex some territory that nobody's going to get pissy over.
That might have been true in the 80s, 90s and early 2000s, but what was also true then was that most (non-business) computing was done by people who were at least moderately interested in the computers themselves and were willing (and more importantly, technically capable) to jump through some hoops to get what they wanted.
That is vastly different from today where every teenager and grandma and everyone in between has an smart phone or a console or a Steam account and frequently all three.
The kind of people who are interested in dicking around to get their games to work are still doing that -- its just that they're now a significantly smaller portion of the overall demographic. What might have been 30%, 50% hell maybe higher in the early 90s is probably more like 3% or lower today -- not because there's necessarily less hardcore gamers, but because there's so many more of everybody else in the market space.
Trouble is, Pyongyang is estimated to contain around 10% of the NK population (~2.3mill/24mill according to a quick Wikipedia scan.) That's a hell of a lot of civilian casualties, and the world in general is pretty set against civilian casualties these days -- al'Queda and ISIS and other bullshit groups like that would be easy to deal with if you had the option of "just blow up everything within 100miles of their known bases."
That level of civilian destruction is generally saved for comic book maniacs however. In the real world we've got to be more strategic about things or shit will hit the fan.
Not to mention the issue of "what now?" 24mill people under a brutal government is still a lot more predictable than 22mill people acting under pure anarchy. So somebody's going to have to go in and clean up the mess.. and then the question becomes whether they'll be any better than what you just took out. We certainly haven't had a good track record replacing regimes in the middle east over the past couple decades (though I'm not sure we've actually been giving it a solid attempt.)
But on the other hand, Japan was a pretty successful rebuild after we obliterated them in WW2 so it can be done if we try hard enough. That's a pretty big gamble though and I can't even imagine how much it cost to see that through. It would be a tough sell to convince people that its worth that risk for a "measly" 24mill people unless old KJIll actually does pull off something to make him a serious international security risk (ie: pulling off a Pearl Harbor equivalent.)
Cuba survived in large part thanks to support from the old USSR. NK survives in large part thanks to support from China.
I'm not sure Iran has that level of support behind them (though its also possible I'm just not fully up on international politics..)
Sanctions are basically the country-level equivalent of starving a castle out during a siege -- works great when you're successful but if they're getting supplied from somewhere else and you can't block that, you're not going to accomplish much other than waste everyone's time for a while.
Slashdot Mirror
Yeah good luck with that.
More like equals 1% of people not buying anything from those two companies anymore. Most people have no idea what the hell encryption is, how it works, or why we can't just let the FBI do their job.. computers are exactly like cars after all, right? Or door locks or something we understand and just works and we don't need to think about it while we get back to surfing for cats and porn.
And of the people who do understand the issues, switching to a whole different OS, losing all of their familiar apps and a good portion of their data.. it just isn't going to happen for a lot of them either. They might make a token effort and install Linux on a separate partition or something but they'll still spend 3/4 of their life booting back into Windows to get something they "just need."
Never mind phones. You have your choice between Apple, Microsoft and Google. All of which are American companies and subject to US law. Google's probably the best since the actual devices are mostly made and customized by third parties (many of whom aren't US-based) but they still retain a hell of a lot of control over their OS at the fundamental level. They kind of have to in order to keep apps (and ad services!) working across disparate devices.
I guess you could suck it up and get a Blackberry. Though RIM I'm sure has enough ties to the US that they probably wouldn't fight too hard when the FBI hands them a data retrieval request (probably even less than the big three given their already-precarious economic position.) And Canada's not particularly good at protecting our privacy when the government comes knocking either so we're not really a huge step up even if RIM tries to dig their heels in.
Your only real hope is just give up your phone, give up your computer, give up your credit and debit cards and pretty much every other modern convenience and go back to living like its 1916 instead of 2016.
What makes a phone different?
Math, scale of the install base and the fact that the internet exists. The math guarantees that once a key is known, there's no limits to it. The scale of the install base means knowing keys to one phone is almost equivalent to a universal privacy invasion and the fact that the internet exists means separate keys for each phone isn't significantly different from a single key (the key needed to log into the database storing the other keys.)
Of those, the internet issue is by far the easiest to work around -- just don't ever allow the keys to be put somewhere that they're accessible from the internet (or any network that could potentially be accessed from the internet regardless of how many firewalls and whatever you put in place.) But of course we all know that won't happen. Never mind the possibility of internal sabotage exposing the key database to the world.
Real-world search and seizure works because things like safes or houses are fundamentally distinct objects. The FBI breaking down my neighbor's door doesn't impact my security in the slightest (.. my property values are another story..)
The FBI having the capability to break into the phone of some random guy Jersey on the other hand has a strong potential to affect my phone's security (and I'm not even American!) because that single shared database (if it existed) would break the fundamental separation that makes search and seizure not horrific for real-world objects..
And even then, the US had to enact a constitutional amendment to limit abuse in the real world. Imagine what would happen if abuse required only a couple keystrokes while hidden away in a cubical rather than a swat team with a battering ram in plain sight?
This is technically possible yes.
The problem is when someone hacks the government server and just takes all of the keys.
By necessity there needs to be some way to identify which key belongs to which phone, so you've simply reduced the problem set from getting a single key to getting a database of keys.
And that might not even be an improvement. A single key could in principle be kept purely on paper in a safe at the FBI and all digital copies destroyed immediately after printing whereas that would be impractical for a database containing hundreds of millions of keys..
Having a dual set of keys held by different entities as a poster below suggested would be significantly better since the hacker would now have to break into two completely separate systems. This is also technically possible -- we have the math to build K of N keys systems for any 1=K=N and if you want one user key OR two external keys then you just combine two regular keys together to create your user key (and then the FBI and Apple would each get a single regular key.) .. But this is only really useful if the keys had a way of being overwritten in the phone (so if FBI's database is compromised, Apple can just send them a new set of keys and push an update to the affected phones.. and similarly if their own database is compromised.) Without that, its only a matter of time before both databases are compromised -- more time than with just one perhaps but still just time.
And now you've opened up a back door that anyone could (potentially) figure out and just be able to load your phone with whatever keys they feel like and then have complete access to it.
From a theoretical standpoint, this problem was solved decades ago with things like K-of-N encryption systems. Its the practical side that falls down since we have no way to guarantee the keys won't be stolen or abused, and any key update/replacement functionality you try to bake into it could also be stolen or abused just as easily.
That's a real-world problem though and the media/FBI/whoever constantly focusing on the technical "issues" to the exclusion of all else isn't doing anything to solve it. Which of course is what they want because there really isn't a way to solve it. Nobody really believes perfect security is possible and unfortunately when it comes to computer systems, imperfect security is exactly equivalent to no security with a time delay.
That sounds completely in line to be honest, since those ransomware programs are using strong encryption to do their work, and the FBI is all about stamping out strong encryption. I'm surprised they don't try to bring that out as a talking point.. maybe not in this Apple case (since Apple would rightly question how the fuck that's related) but in their more general anti-encryption stance.
I mean it would be bullshit of course.. its not like all the laws in the world would convince the ransomware people to stop using encryption.. but its not any more BS than most of the other talking points that get thrown around lately.
Or Green or independent or any other label you want to apply. "Government" is made up of many people, not all of whom are even voted for (hell not even most,) and at least some proportion of which are going to be dicks because power draws assholes like moths to a flame.
Even if you have one favored candidate up on your little pedestal and even if they're actually as awesome as you proclaim, there's a whole shitload of other people waiting to fill in the dickery slot for them and those people come from all parties and all walks of life. Having to deal with assholes is one of the few shared human experiences that spans every nation, race, culture and time period.
Not that you shouldn't try of course. Having one good person in office is better than having no good people in office.. but using any definition of party association to encompass good vs bad politicians is just dumb.
Its not even that. The sole purpose of which is to make it easier to associate your various accounts across databases when sharing your personal information for the marketing and tracking purposes.
Google and Facebook and whoever don't give a shit if you get attacked for saying stupid shit unless they somehow wind up being liable for the incoming retributions in a court case which is pretty unlikely.
They don't even care if the government wants your real name for whatever shady purpose.. they can make the damned connections between your various accounts themselves.
No, its all about the Benjamins. As usual. They certainly do want that sweet sweet ad revenue.
Define "success." Stopping 95% of the population from casually running across something China doesn't like is probably a success in their books. I mean sure they'd like to stop 100% but 95% is still a hell of a lot better than 0%.
Just like the lock on your door (ooh an analogy on Slashdot!) It won't keep out 100% of people, but nobody's about to be calling for a removal of all locks on all doors just because of the occasional B&E.
Of course that analogy breaks down in the sense that we generally value our personal security and generally consider censorship bad, so the goals of the two systems are kind of opposite (at least in the view of western internet users) but in terms of defining "success," it matches up pretty well.
I mean I'm not defending the practice here.. it would be great if information could be as free as it wants to be.. but unfortunately the vast majority of users are either technically incapable or just don't care circumventing these kinds of blockades and so for all practical intents they work great even if they're not perfectly sound in theory.
Also, protecting "national security and public safety" should be a proactive act.
From that line of thinking we get ideas like PRISM. No. Just no.
The only way to proactively stop someone from committing a crime is to invade their privacy. But you don't know who's privacy to invade until you've already done it. Therefore we must invade everyone's privacy!
But that's OK because we all trust the government to be good, honest and inhumanly capable of securing their databases, right? Those silly constitution writers didn't know what they were talking about when they made that fourth amendment. Probably just wrote it up as a prank.
They did to a degree, but when it came to freedom-destroying election issues, the parties pretty much focused on our very own C51.
The TPP was mentioned here and there, though more with respect to the secret courts (aka sell your sovereignty to the highest non-domestic bidder) than copyright.
Supposedly Trudeau's cabinet was going to "review" the TPP, whatever the hell that's supposed to mean. I can't imagine they did anything thorough in the amount of time they've been in power -- the treaty text is just too damned long and convoluted. Regardless, they're still planning on signing it so I guess any review they did manage to get done ended up as "status quo."
No mention of CETA that I saw, though that's not just during the election -- CETA gets significantly less coverage across the board than the TPP. I have neither the time nor legal expertise to work it out for myself but from what I've read, the two treaties are quite similar other than the participants, suggesting that CETA will probably screw us at least within an order of magnitude of the TPP... but it's missing the "ermg we'll be taken over by America!" factor that makes the TPP so much more newsworthy up here.
Well since the US isn't part of CETA, I doubt Obama would have wasted the phone call (official phone calls between international leaders tends to be considered a big deal.)
Then again, CETA (for some reason) includes a lot of DMCA-like copyright laws that the US has been trying to push on us for ages. But its still unlikely Obama would have been the one to make such a call. US government might be in the hands of big business but that would be a little too obvious when the US doesn't officially get anything out of it.
Also don't forget that these are massive deals that have been many years in the making (probably years before anyone even heard of them given how secretive they are) and that there's a lot of people in government that don't get changed out at election time. There's a lot of pressure both from internal and international sources against pulling out at the last minute.
I mean I obviously have no idea what Trudeau's personal opinion is on these trade deals, but trying to blame a decade-in-the-making gong show on one single guy who only came into the picture a couple months ago is stupid, no matter what position that guy holds.
Even Harper with his semi-dictatorial control over his government would have been hard pressed to do something like that just on his own whim (not that he would have wanted to of course, just saying.)
Heh if these were just trade deals, that wouldn't be a problem.
Unfortunately what we're "trading" is our freedom, especially in the realm of copyright. CETA (and TPP and basically every other "trade" agreement you've heard of in the past decade and who knows how many you haven't heard of) give us just enough carrot that we'll brave the stick, while everyone politely overlooks the shotgun in the corner.
There's two arguments there:
- Starting at a high level language will allow a wider audience, but they'll come out not knowing the fundamentals.
- Starting at a low level language will scare off many casuals, but those who stick with it will (typically) know a lot more in the end.
In our modern era of "everyone should have a chance!" thinking, the former is definitely the way to go. Unfortunately it makes it harder for those who want to dig deeper to do so because you end up forming a lot of bad habits that are hard to break even when you know better.
Still, at least its possible to go that direction.. usually if someone is scared off from "programming" because their teacher started them in C, they probably won't try another programming course even if its dramatically less obscure (especially since they wouldn't have gained the knowledge needed to understand the difference.)
The hell are you talking about? Of course if you send a plain text email then its going to get sent in plain text. That's kind of obvious.
The "encrypted by default" that governments are currently pissy about isn't the communications -- its the storage (internal, SD card, whatever.)
Nothing of course will stop a keylogger (unless you can type encrypted bytes by hand!) but its pretty obvious to anyone who knows how to snoop network traffic if your device is sending unexpected things to places it shouldn't be, including keylogged data. That is: someone will find it, in very short order, and it'll be all over the (techie) news within days.
Aside from a keylogger.. if you're paranoid about any encryption being backdoored then _write it yourself_. It definitely requires some knowledge of computation and cryptographic methods obviously, but its not particularly _difficult_ if you have the appropriate skills and some reference material (which is easy to find -- grab the coursebook from any university-level cryptography class.)
Sure you probably won't make a 100% secure encryption scheme right off the bat, but as long as its non-standard, you've got a layer of obscurity on top of whatever real security you did manage to put together.
Unless you somehow think that the government has secret fast algorithms for prime factoring and elliptic curve analysis and whatever other commonly used one-way functions that are only assumed (but not proven) intractable (or even more unlikely, you think they've somehow managed to inject a back door into the very concept of factoring prime numbers.. In which case you should probably find yourself a nice padded room cause you're way off the top of the conspiracy meter.)
Well yeah, SK might get pissy but it wouldn't have anything to do with being a "US client state" -- it would be because they'd want to annex NK themselves to reunite the full country of Korea.
They'd probably still be better off with China running NK than the Kim dynasty though. China's less likely to do something totally insane just for the hell of it.
the device as sold is not secure at a hardware or OS level.
Well they are currently -- that's what France and other governments around the world are attempting to change: Apple and Google and other mobile OS developers have been enabling un-backdoored encryption out of the box for the past year or two (and its been included but disabled by default for years before that.)
If you mean by "not secure" that "Apple can push an iOS update that breaks security" well yes, that's true: While your data is secure, the device itself and the software on it is still controlled by Apple.
However that would also intrinsically destroy all of your data so you'd find out right away that something's amiss. I suppose they could try to do some trickery in the background where it decrypts existing secure data and re-encrypts it with the new broken scheme using your same password (that you give it because this is still while the device is in your possession..)
But something like that should be fairly obvious for people with large amounts of data such as you'd see at say watchdog firms who are looking out for exactly that kind of BS.. so we'd know about it pretty quickly in that case as well (though perhaps for only a smaller definition of "we" since most average people don't follow tech blogs and wouldn't see those kind of notices.)
Uhhh what? Unless they're requiring a keylogger or similar to be installed, software encryption works just as well as hardware encryption (or possibly better, if you write it yourself and know 100% that you can trust it.)
The part you should have put in quotes is "plain text." If the hardware is only seeing encrypted garble itself, its not going to be able to pass plaintext to the government.
always report your ip
Well yeah, that's pretty much a requirement for IP-based networking.
and log, collect or allow a trap door, back door
Uhhh no. Generally speaking those don't exist unless the manufacturer is either forced to implement it or they're trying to do something underhanded (wasn't there a story about Chinese routers a couple years ago?)
Implementing logging and back doors and whatnot is both more work for the manufacturer and less secure for the user -- its a lose-lose situation and nobody would do that without some external influence. (Well maybe a certain amount of logging in the context of telemetry type things where the external influence is "potential advertising income," which generally falls into the underhanded category even if its pretty much universal these days.)
or, at least, highly secured.
Or in this case, made so insecure as to be useless!
With the bonus of completely ignoring the fundamental fact that anybody with a bit of skill can write their own encryption software. Its not that hard if you have a good book on the subject and some programming knowledge -- at least not to make a simple chat app or whatever. Integrating your personal encryption scheme with popular websites/apps/devices is another question of course, but if all you're looking for is purely the ability to pass secure commands to your subordinates.. its pretty easy.
*I* have yet to install an alternative OS on my phone.
But do you have any reason to? Are you sounding out terrorist plots or other illegal activities? Hopefully not.
Criminals and Terrorists... are mostly drawn from normal people.
One of the above posters mentioned this as well.. and that's true for your rank and file foot soldier. The higher ups will be more akin to the higher ups in a normal organization -- probably don't understand the shit either (and will fuck it up occasionally no matter what) but will also employ people to handle it for them.
Of course, also as others have already pointed out, the French attackers weren't bothering to encrypt things anyway, so the whole argument is chasing a red herring and failing to even address the national security issues its supposed to be "solving."
Probably not as bad as you'd think since being a parody, it would be the comedic(/comedically terrible) parts you're evaluating rather than the porn itself.
The few porn parodies I've run across are usually not much different than non-porn parodies other than there being you know.. sex involved. Good ones can be amusing as hell but 99% of the time they're just boring crap running on nothing but weak puns (or whatever the visual equivalent of puns is.. I know there's a word for that..) and you'd be better to watch either a real comedy or a real porn (depending on what you're looking for at the time!)
it would not include a North Korea with nuclear strike capability
No, but it could end up worse if it gets boondoggled like when the USSR broke up and they just flat out lost track of a bunch of them. I mean nobody knows how NK's nuclear program is setup -- whether its spread across many sites or still packed into a single research facility or what.
In particular if they're distributed across the country to any great degree there's a good chance that any knowledge of the external sites would be lost in the attack and those weapons would be available for any unscrupulous reseller to push to the black market before they're found again.
That would be probably the best outcome possible for everybody. NK population gets a (ok, probably fairly slight) quality of life improvement.. NK as a country are no longer a threat.. and China gets to annex some territory that nobody's going to get pissy over.
That might have been true in the 80s, 90s and early 2000s, but what was also true then was that most (non-business) computing was done by people who were at least moderately interested in the computers themselves and were willing (and more importantly, technically capable) to jump through some hoops to get what they wanted.
That is vastly different from today where every teenager and grandma and everyone in between has an smart phone or a console or a Steam account and frequently all three.
The kind of people who are interested in dicking around to get their games to work are still doing that -- its just that they're now a significantly smaller portion of the overall demographic. What might have been 30%, 50% hell maybe higher in the early 90s is probably more like 3% or lower today -- not because there's necessarily less hardcore gamers, but because there's so many more of everybody else in the market space.
destroy Pyongyang
Trouble is, Pyongyang is estimated to contain around 10% of the NK population (~2.3mill/24mill according to a quick Wikipedia scan.) That's a hell of a lot of civilian casualties, and the world in general is pretty set against civilian casualties these days -- al'Queda and ISIS and other bullshit groups like that would be easy to deal with if you had the option of "just blow up everything within 100miles of their known bases."
That level of civilian destruction is generally saved for comic book maniacs however. In the real world we've got to be more strategic about things or shit will hit the fan.
Not to mention the issue of "what now?" 24mill people under a brutal government is still a lot more predictable than 22mill people acting under pure anarchy. So somebody's going to have to go in and clean up the mess.. and then the question becomes whether they'll be any better than what you just took out. We certainly haven't had a good track record replacing regimes in the middle east over the past couple decades (though I'm not sure we've actually been giving it a solid attempt.)
But on the other hand, Japan was a pretty successful rebuild after we obliterated them in WW2 so it can be done if we try hard enough. That's a pretty big gamble though and I can't even imagine how much it cost to see that through. It would be a tough sell to convince people that its worth that risk for a "measly" 24mill people unless old KJIll actually does pull off something to make him a serious international security risk (ie: pulling off a Pearl Harbor equivalent.)
Cuba survived in large part thanks to support from the old USSR. NK survives in large part thanks to support from China.
I'm not sure Iran has that level of support behind them (though its also possible I'm just not fully up on international politics..)
Sanctions are basically the country-level equivalent of starving a castle out during a siege -- works great when you're successful but if they're getting supplied from somewhere else and you can't block that, you're not going to accomplish much other than waste everyone's time for a while.