Ah yes. To quote, "Tod: You know, Mrs. Buchman, you need a license to buy a dog, to drive a car -- hell, you even need a license to catch a fish. But they'll let any butt-reaming asshole be a father."
Frighteningly, it was Keanu Reaves in some movie who said, "You need a license to drive a car. You need a license to even catch a fish. But they let anybody have a kid."
This is kind of scary, but right now the developers of libfaim are in the same situation M$ was a little while back. M$ wanted to connect their MSN IM users to AOL's servers for interoperability. We all had a good collective laugh when M$ got the smack down (probably because most of us, including me, tend to smile whenever M$ gets the shaft.)
But now that decision has come back to haunt us. The AOL IM network is AOL's property and they can do with it what they want, including a check to make sure you're connecting with their client (with what's honestly a very clever trick for doing so).
But now we're in the same boat M$ was in, trying to connect our own client (and users) to AOL's system without AOL's expressed consent. (They haven't said we can't connect, we just have to do it their way.)
So who wants to be first to call M$ and try to get their help on this one? Your enemy's enemy is your friend.
Computer manufactuers don't desire anything be put or not be put on their computers. They want people buy the machines, period. If people are going to buy machines with censorware, they'll install censorware. If people want machines that don't have censorware, they won't. If people want machines that sing the Star Spangled Banner backwards on boot, they'll make machines that do that. Corporations are whores. They're just doing whatver the customer wants for the money.
It breaks down like this: Your private key is a thing (i.e. a set of magnetic particles on a platter somewhere, etc.) The government can seize any *thing* via a search warrant. This also includes any notes, papers, etc. They cannot seize your *thought*. So if you don't write it down (e.g. like a passphrase), they can't get it.
Actually, I thought that the rules made it so that you were allowed to export certain, specifically approved products overseas. AFAIK, PGP is the only exportable product still. Yes/no?
But it does raise the issue of using strong crypto when sending e-mail to Mars. (Obligatory link to older/. story on interplanetary networks currently missing).
Is it considered 'exporting' to take a strong crypto package to the Moon? To the International Space Station?
Not only is it a temporary offer, but at the very end of the registration process, you have to produce your companies' articles of incorporation. So it's great for a small business, but still doesn't help private individuals. Is there a solution for us?
No, but if you had read the price sheet, you would see that they do add some consulting services with the 895$US package. (I don't know what they actually do for those services, but it is something other than just the extra 88 bits)
No, it shouldn't. But in reality, it does. Most people tend to things that are nice/clean looking over something that's been cut and pasted together. That's why marketing is everything. And good marketing comes from good image making. And you need money to make a good image.
Perhaps if a new CA sprung up overseas, and charged reasonable prices in the local currency, it would draw business out of the US? Is that necessarily a bad thing? I mean, we already have American cruise ship companies whose boats are registered in Panama, the Dominican Republic and other countries. Maybe some small but moderatley web-saavy country could bring big $$ to their country by starting such a CA? (I mean, who would actually look to see that their SSL chain of trust starts in Togo?)
Back in the days when computer time was a valuable resource (i.e. before PCs), stealing computer time was an offense and you could prosecuted for it. However, there have been changes since then. Although the actual computer time stolen is no longer at the issue, the cost of repairing any damage and the cost of the investigation into an incident can be considered "damage" and be used as part of the threshold necessary to make it a federal crime.
Does that require any extra installation on the user's part? If so, you're going to need a technical support hotline so that people who don't read directions can call at 2am because they want to buy Fluffy a new dog collar but don't "want to be bothered becoming a computer expert."
Although explicit permission was given in this case, John Young of Cryptome has a habit of publishing things that other people don't want published. He's gotten in semi-serious trouble for publishing classified documents before (and they're still on-line). Ironically enough, however, he took down the DeCSS code because 'enough other people were mirroring it' (paraphrase, can't find the link right now).
The market is a wonderful thing, except for those who only think short-term.
Actually I agree with you. The market is NOT a good short term investment. To me, a safety net is something that is always there. No, I don't have a six month's salary net in a savings account. But I don't put money that I might need tomorrow (you never know when you might get 'rightsized') in something that might not be around tomorrow. Sure, my retirement funds can bounce all around for the next 40 years. But next month's rent is FDIC insured by god.
This is a great idea, and I'm glad it works for you. But the problem is that such a solution, because it is not sheep simple (i.e. easy enough for 22 million AOL users), it won't catch on. Until you have something that's invisible to the user, it won't become popular even if it is a Good Thing(tm). Witness how many people don't use encryption on e-mail even through it's free and relatively easy to do. But make something transparent, like SSL protected web sites, and people will not only use it but demand it. (Most people think they're 'safe' on-line when they see the little gold key thingy.) Because the web site automatically puts the https:// instead of http://, the user doesn't get involved. Sad, but probably true...
The sad thing is that the way it's written, it's like the author really thinks that Amazon _must_ keep credit card numbers on
file...
Honest question: When a user makes a purchase, how long does the site have to store the credit card number. Obviously it has to be stored long enough to send off the credit card company for authorization, and perhaps during the rest of the transaction (e.g. to show on the screen as "charged to your Mastercard xxxx-xxxx-xxxx-1234"). But what if there's a dispute or other problem with the transaction. (For example, if the customer returns the item and asks for a refund.) Are there legitimate cases where the credit card number should be stored for at least a while?
Slashdot Mirror
An update for modern times? "There's a sucker logging on every minute."
Ah yes. To quote, "Tod: You know, Mrs. Buchman, you need a license to buy a dog, to drive a car -- hell, you even need a license to catch a fish. But they'll let any butt-reaming asshole be a father."
Wisdom pre-Matrix. wow...
But now that decision has come back to haunt us. The AOL IM network is AOL's property and they can do with it what they want, including a check to make sure you're connecting with their client (with what's honestly a very clever trick for doing so).
But now we're in the same boat M$ was in, trying to connect our own client (and users) to AOL's system without AOL's expressed consent. (They haven't said we can't connect, we just have to do it their way.)
So who wants to be first to call M$ and try to get their help on this one? Your enemy's enemy is your friend.
1:38pm up 11 years, 53 days, 14:01, 1 user, load averages: 0.00, 0.00, 0.00
mir$ su
Password: seineewserastsilatipac
mir# halt
Connection to mir closed.
Could the little Windows key work in a pinch?
Conspiracy theory #829382: George W. Bush from Texas. Jeb Bush governor of Florida. Hrmmm......
Computer manufactuers don't desire anything be put or not be put on their computers. They want people buy the machines, period. If people are going to buy machines with censorware, they'll install censorware. If people want machines that don't have censorware, they won't. If people want machines that sing the Star Spangled Banner backwards on boot, they'll make machines that do that. Corporations are whores. They're just doing whatver the customer wants for the money.
It breaks down like this: Your private key is a thing (i.e. a set of magnetic particles on a platter somewhere, etc.) The government can seize any *thing* via a search warrant. This also includes any notes, papers, etc. They cannot seize your *thought*. So if you don't write it down (e.g. like a passphrase), they can't get it.
Actually, I thought that the rules made it so that you were allowed to export certain, specifically approved products overseas. AFAIK, PGP is the only exportable product still. Yes/no?
Is it considered 'exporting' to take a strong crypto package to the Moon? To the International Space Station?
Not only is it a temporary offer, but at the very end of the registration process, you have to produce your companies' articles of incorporation. So it's great for a small business, but still doesn't help private individuals. Is there a solution for us?
No, but if you had read the price sheet, you would see that they do add some consulting services with the 895$US package. (I don't know what they actually do for those services, but it is something other than just the extra 88 bits)
Unfortunately that "one click" is owned by Amazon.
No, it shouldn't. But in reality, it does. Most people tend to things that are nice/clean looking over something that's been cut and pasted together. That's why marketing is everything. And good marketing comes from good image making. And you need money to make a good image.
Perhaps if a new CA sprung up overseas, and charged reasonable prices in the local currency, it would draw business out of the US? Is that necessarily a bad thing? I mean, we already have American cruise ship companies whose boats are registered in Panama, the Dominican Republic and other countries. Maybe some small but moderatley web-saavy country could bring big $$ to their country by starting such a CA? (I mean, who would actually look to see that their SSL chain of trust starts in Togo?)
Back in the days when computer time was a valuable resource (i.e. before PCs), stealing computer time was an offense and you could prosecuted for it. However, there have been changes since then. Although the actual computer time stolen is no longer at the issue, the cost of repairing any damage and the cost of the investigation into an incident can be considered "damage" and be used as part of the threshold necessary to make it a federal crime.
Does that require any extra installation on the user's part? If so, you're going to need a technical support hotline so that people who don't read directions can call at 2am because they want to buy Fluffy a new dog collar but don't "want to be bothered becoming a computer expert."
Although explicit permission was given in this case, John Young of Cryptome has a habit of publishing things that other people don't want published. He's gotten in semi-serious trouble for publishing classified documents before (and they're still on-line). Ironically enough, however, he took down the DeCSS code because 'enough other people were mirroring it' (paraphrase, can't find the link right now).
Actually I agree with you. The market is NOT a good short term investment. To me, a safety net is something that is always there. No, I don't have a six month's salary net in a savings account. But I don't put money that I might need tomorrow (you never know when you might get 'rightsized') in something that might not be around tomorrow. Sure, my retirement funds can bounce all around for the next 40 years. But next month's rent is FDIC insured by god.
The market is a wonderful thing, but not for your safety net.
This is a great idea, and I'm glad it works for you. But the problem is that such a solution, because it is not sheep simple (i.e. easy enough for 22 million AOL users), it won't catch on. Until you have something that's invisible to the user, it won't become popular even if it is a Good Thing(tm). Witness how many people don't use encryption on e-mail even through it's free and relatively easy to do. But make something transparent, like SSL protected web sites, and people will not only use it but demand it. (Most people think they're 'safe' on-line when they see the little gold key thingy.) Because the web site automatically puts the https:// instead of http://, the user doesn't get involved. Sad, but probably true...
Honest question: When a user makes a purchase, how long does the site have to store the credit card number. Obviously it has to be stored long enough to send off the credit card company for authorization, and perhaps during the rest of the transaction (e.g. to show on the screen as "charged to your Mastercard xxxx-xxxx-xxxx-1234"). But what if there's a dispute or other problem with the transaction. (For example, if the customer returns the item and asks for a refund.) Are there legitimate cases where the credit card number should be stored for at least a while?
Yahoo's search engine (for web pages) is powered by Google...