In ways the movie reminded me of the first days of stereo music where people were too keen to demonstrate that they were "stereo" rather than use it for more natural sound. Classic example: "Play that funky music" by Wild Cherry. With 3D too there are some compulsory elements, like the things that fly "out" of the screen (every 3D movie so far has had them, even the red/green ones).
Alice in Wonderland has what I call "cardboard" 3D, 3D as 2D animators make it by putting various "walls" in to create the illusion of depth, and so wastes great potential. I think the good news is that Avatar really set a high standard to compete against (it's a real credit to the innovation in that movie that they've gone so far to get it right), so anyone who's seen that will recognise the cheap rubbish for the con it is and avoid it. A full animation like Shrek *may* get it right, we'll see. It's early days..
Nope. You're forgetting one very critical component: ID theft. If I have a single record of a person, replacing that record with someone else's data makes for a very simple and cost effective method of coercion: if you don't comply, you'll end up as a non-entity - or get swapped with a recently escaped axe murderer.
There is more to detection than just having the data, however well protected against reverse engineering. There is also what you do with that data, and as far as I have been able to tell, most governments haven't grown up enough to be trusted with this task.
No one has come up with anything to replace paypal for this.
Actually, I have. It's just a f*cking pain to get any kind of seed capital these days. What if I tell you that I have a method of offering transactions that are hack proof, and that you can properly verify before you, and only you, authorise it. What if I tell you that such an authorisation is even safe if you're using worlds most malware infested system in the world?
And no, I'm not kidding. The catch: you have to be prepared to pay for the credit card I use, once, because it's also biometrically secured but in the card (so no hassle -and risk - with Big Brother crap). Due to the significantly reduced risk it means the transaction costs are lower, and the card is multi-functional.
The problem was solved about 3 years ago, but the credit card companies don't care - they roll the risk towards merchants and end users who end up paying for that. If you can pay once and then have no worries whatsoever, would you be prepared to do so? If yes - the answer needs some funding, that's all.
.. that is, of course, after they get rid of the need for reading muscle tension by electricity. That is a matter of optical analysis so I guess that will be step 2.
Side note: I am very wary of devices requiring direct electrical contact with my body..
Normally it takes some talent or a directional mike to pick up a distant conversation, these guys would have just automated long distance bugging. All you need is a decent telelens. It means any boardroom conversation will now require closed curtains.
"I am not aware of any such thing ever having happened, nor do I think it would, since killing your customers does not seem to make business sense."
I don't think it's ever planned (that would really be a bad business model), but the effects of a mistake can carry on for years. It starts with discovering that whatever is happening is caused by one specific product (in the case of deliberate poisoning not hard, of course), then coming up with measures to kill the supply, followed by mopping up the mess. The last part can take generations if the cock-up (or wilful crime) is large enough. Case in point: Thalidomide.
I actually know more or less the time of day, plus/minus half an hour. I have no idea how, but it's something I've had for years (including the habit of waking up just BEFORE the alarm goes off - but only if I set it - duh:-)).
However, I wear a watch, despite having a phone as well - it's simply faster to get a time/date from an analogue device that has only one, fixed location and mode..
The next hacker into NASA systems will now have a new shiny toy to play with. I don't know if you know this, but there are SCADA controllers that can be nuked with one SINGLE packet (yes, one), leaving it in an undetermined state, and a reboot or reset won't cure it, it needs reprogramming.
There is no way I would want that aimed at my back garden, thanks.
Streetview is a good tool, but with any mass data collection you need to strike a balance.
There is nothing wrong with watching a street, but people/cars should be blurred, and that was effectively what Google promised to do, also in Switzerland, only that they didn't do it well enough, and the retention of such material must be explained.
What I positively do NOT like about Streetview is that it offers to zoom in on windows - that really is invasive. In addition, they have the problem that they take pictures from an elevated viewpoint. I can understand why (try looking over parked cars otherwise), but people build fences for privacy, and they thus ended up with problems in privacy concious countries like Japan and Switzerland.
As a matter of fact, I remarked at the time that I didn't find it surprising the Switzerland asked questions - I found it amazing no EU regulator had done the same. Now I know why - they weren't exposed to the issues yet. Now they are, and thankfully they are asking the same questions.
I personally hope Google will pay attention, because addressing this intelligently would do much to address the privacy worries Google is creating. I don't think there is malice involved, it's more a culture clash, and IMHO it can be resolved with a bit of thinking.
OK, so you're managing the risk by disabling all functionality - and how long did it take you to set that up?
There's just so much happening to keep it somewhere near safe that I've started wondering if it isn't time to start experimenting with Macs. They also have the advantage that bootup is sensibly quick..
I'm just really no longer convinced that a PC is a usable platform, so I'm going to experiment with Macs. I've worked with Linux since it came as Slackware on floppies so I know it reasonably well, but I'd like a system I can recommend to someone else without having to worry about becoming their tech support..
Yup, bit it still requires by now TWICE daily updates of anti-virus signatures, and patch Tuesday wasn't introduced to help you, it was introduced to make it less visible just how much patching takes place.
Don't get me wrong, I still have a Windows desktop too, but receiving a zero day virus brought it home to me just how open the platform is. Sure, I know not to execute a file, but my virus scanner didn't pick it up until I forced an update, and according to virustotal.com it wasn't the only one.
I am not denying you can keep things reasonable safe, I'm observing that the amount of effort you have to put in to make that happen is disproportionally large compared to other platforms. And don't get me started about the consequences to system boot up time..
4 million viruses vs 40k for Linux and OSX combined means far less exposure to those who jack in an unapproved system or a USB stick they just found on the street. In addition, it also means more stability and less downtime with wrong patches, reboots etc, and that is direct, raw human cost. Infections can also totally swamp resources endangering SLAs.
So it's a bit bigger than just the software cost..
That doesn't mean I'm all for Open Source, I would just like something a bit less sensitive to breach.
The Logitech io Personal Digital Pen is one example: you write, and it records what you do. I'm not sure it's the Logitech one, but I also recall seeing a pen that records voice at the same time, so you can actually track back what drawing you made with which commentary. AFAIK it works with specially coded paper.
I stopped using Chrome. It comes from a supplier that sees privacy as a problem, and I don't feel I have enough control over what it does with the information it gains from my surfing - that's also why I don't use Google DNS. I also have no idea how to switch the "referrer" information off (in FF that's quite easy).
So, personally I don't give a damn what Chrome (or any other Google app) does. I prefer FF, even when I switch to OSX later this year (yes, I'm switching control freaks:-))..
Funding a startup from a BILLION is like small change.
Just to illustrate, to spend a billion in 10 years you would have to spend more than a quarter of a million every *single* day of those 10 years (including weekends). And that's assuming you don't get interest on that dough. So, funding a 1 million startup is like to buying a plane for 4 days.
No, they are selling over time. They cannot afford to show that China wasn't quite as much a walk in the park as other countries, and that they have not been able to crowd out the competition (not always easy with a controlled market anyway) because that *would* hit the stock, so it's back to the "do no evil" theme, casually ignoring the fact that that wasn't a problem until now.
I fail to see any other way to link up "you have been hacking us" with ".. so we want to go uncensored", as far as I know I have enough caffeine in my system..
I think that even for a guy who is so good at self marketing as Schneier this is a WAY too obvious attempt to grab publicity as well as sound off over his hobby topic. I'm not saying he's right or wrong (as I do not have access to facts on either side of the argument), I just think this is a diplomatic spat brought on by Google execs because they want to sell stock.
I would shut up until the politicians have stopped playing, but I think he's trying to ride the publiciy, and it makes me wonder why. Is he about to sell BT stock?:-)
Look, umm, sorry, but that just won't do. You can't just go and report positive things, that's not the way things are done here. You are in danger of being labelled a shrill by the mutinous crowds baying for blood (that's enough sarcasm. ed).
Sarcasm aside, I think it would be interesting to find some *facts*. The problem with any kind of reporting is that you only ever see where it went wrong, not where it went right, so your story is interesting (and also more honest that most would dare). I lost my site at GoDaddy a week ago. Did I complian? No, because I forget to change the CC details (mainly because I was changing to Squarespace anyway), but they still allow you FTP access to a site that's down so it wasn't a problem to get my data out. I could have gone screeching at GoDaddy, but why? *I* screwed up, and I still use them for other things..
Slashdot Mirror
In ways the movie reminded me of the first days of stereo music where people were too keen to demonstrate that they were "stereo" rather than use it for more natural sound. Classic example: "Play that funky music" by Wild Cherry. With 3D too there are some compulsory elements, like the things that fly "out" of the screen (every 3D movie so far has had them, even the red/green ones).
Alice in Wonderland has what I call "cardboard" 3D, 3D as 2D animators make it by putting various "walls" in to create the illusion of depth, and so wastes great potential. I think the good news is that Avatar really set a high standard to compete against (it's a real credit to the innovation in that movie that they've gone so far to get it right), so anyone who's seen that will recognise the cheap rubbish for the con it is and avoid it. A full animation like Shrek *may* get it right, we'll see. It's early days..
Intel, Intel, hmm. Why does that remind me of something? Hmm, something with floating point bugs or something, hmm. :-)
Nope. You're forgetting one very critical component: ID theft. If I have a single record of a person, replacing that record with someone else's data makes for a very simple and cost effective method of coercion: if you don't comply, you'll end up as a non-entity - or get swapped with a recently escaped axe murderer.
There is more to detection than just having the data, however well protected against reverse engineering. There is also what you do with that data, and as far as I have been able to tell, most governments haven't grown up enough to be trusted with this task.
No one has come up with anything to replace paypal for this.
Actually, I have. It's just a f*cking pain to get any kind of seed capital these days. What if I tell you that I have a method of offering transactions that are hack proof, and that you can properly verify before you, and only you, authorise it. What if I tell you that such an authorisation is even safe if you're using worlds most malware infested system in the world?
And no, I'm not kidding. The catch: you have to be prepared to pay for the credit card I use, once, because it's also biometrically secured but in the card (so no hassle -and risk - with Big Brother crap). Due to the significantly reduced risk it means the transaction costs are lower, and the card is multi-functional.
The problem was solved about 3 years ago, but the credit card companies don't care - they roll the risk towards merchants and end users who end up paying for that. If you can pay once and then have no worries whatsoever, would you be prepared to do so? If yes - the answer needs some funding, that's all.
.. that is, of course, after they get rid of the need for reading muscle tension by electricity. That is a matter of optical analysis so I guess that will be step 2.
Side note: I am very wary of devices requiring direct electrical contact with my body..
Normally it takes some talent or a directional mike to pick up a distant conversation, these guys would have just automated long distance bugging. All you need is a decent telelens. It means any boardroom conversation will now require closed curtains.
Yup - I have an Audi with that strategy firmly in place.
BTW, most braking assistance systems keep indeed a small buffer, so even that done!
"I am not aware of any such thing ever having happened, nor do I think it would, since killing your customers does not seem to make business sense."
I don't think it's ever planned (that would really be a bad business model), but the effects of a mistake can carry on for years. It starts with discovering that whatever is happening is caused by one specific product (in the case of deliberate poisoning not hard, of course), then coming up with measures to kill the supply, followed by mopping up the mess. The last part can take generations if the cock-up (or wilful crime) is large enough. Case in point: Thalidomide.
I actually know more or less the time of day, plus/minus half an hour. I have no idea how, but it's something I've had for years (including the habit of waking up just BEFORE the alarm goes off - but only if I set it - duh :-)).
However, I wear a watch, despite having a phone as well - it's simply faster to get a time/date from an analogue device that has only one, fixed location and mode..
That rant was impressive. Let me know if you do more of them :-)
The next hacker into NASA systems will now have a new shiny toy to play with. I don't know if you know this, but there are SCADA controllers that can be nuked with one SINGLE packet (yes, one), leaving it in an undetermined state, and a reboot or reset won't cure it, it needs reprogramming.
There is no way I would want that aimed at my back garden, thanks.
Streetview is a good tool, but with any mass data collection you need to strike a balance.
There is nothing wrong with watching a street, but people/cars should be blurred, and that was effectively what Google promised to do, also in Switzerland, only that they didn't do it well enough, and the retention of such material must be explained.
What I positively do NOT like about Streetview is that it offers to zoom in on windows - that really is invasive. In addition, they have the problem that they take pictures from an elevated viewpoint. I can understand why (try looking over parked cars otherwise), but people build fences for privacy, and they thus ended up with problems in privacy concious countries like Japan and Switzerland.
As a matter of fact, I remarked at the time that I didn't find it surprising the Switzerland asked questions - I found it amazing no EU regulator had done the same. Now I know why - they weren't exposed to the issues yet. Now they are, and thankfully they are asking the same questions.
I personally hope Google will pay attention, because addressing this intelligently would do much to address the privacy worries Google is creating. I don't think there is malice involved, it's more a culture clash, and IMHO it can be resolved with a bit of thinking.
Easy - that means they break the law too. Any more questions?
.. and if they have abandoned soap in the showers, I hope they have mounted the new wall soap dispensers really, really low..
OK, so you're managing the risk by disabling all functionality - and how long did it take you to set that up?
There's just so much happening to keep it somewhere near safe that I've started wondering if it isn't time to start experimenting with Macs. They also have the advantage that bootup is sensibly quick..
I'm just really no longer convinced that a PC is a usable platform, so I'm going to experiment with Macs. I've worked with Linux since it came as Slackware on floppies so I know it reasonably well, but I'd like a system I can recommend to someone else without having to worry about becoming their tech support..
Yup, bit it still requires by now TWICE daily updates of anti-virus signatures, and patch Tuesday wasn't introduced to help you, it was introduced to make it less visible just how much patching takes place.
Don't get me wrong, I still have a Windows desktop too, but receiving a zero day virus brought it home to me just how open the platform is. Sure, I know not to execute a file, but my virus scanner didn't pick it up until I forced an update, and according to virustotal.com it wasn't the only one.
I am not denying you can keep things reasonable safe, I'm observing that the amount of effort you have to put in to make that happen is disproportionally large compared to other platforms. And don't get me started about the consequences to system boot up time..
4 million viruses vs 40k for Linux and OSX combined means far less exposure to those who jack in an unapproved system or a USB stick they just found on the street. In addition, it also means more stability and less downtime with wrong patches, reboots etc, and that is direct, raw human cost. Infections can also totally swamp resources endangering SLAs.
So it's a bit bigger than just the software cost..
That doesn't mean I'm all for Open Source, I would just like something a bit less sensitive to breach.
The Logitech io Personal Digital Pen is one example: you write, and it records what you do. I'm not sure it's the Logitech one, but I also recall seeing a pen that records voice at the same time, so you can actually track back what drawing you made with which commentary. AFAIK it works with specially coded paper.
Grin, you immediately thought of it as well. I forgot the name of the rock group, though..
I stopped using Chrome. It comes from a supplier that sees privacy as a problem, and I don't feel I have enough control over what it does with the information it gains from my surfing - that's also why I don't use Google DNS. I also have no idea how to switch the "referrer" information off (in FF that's quite easy).
So, personally I don't give a damn what Chrome (or any other Google app) does. I prefer FF, even when I switch to OSX later this year (yes, I'm switching control freaks :-))..
Funding a startup from a BILLION is like small change.
Just to illustrate, to spend a billion in 10 years you would have to spend more than a quarter of a million every *single* day of those 10 years (including weekends). And that's assuming you don't get interest on that dough. So, funding a 1 million startup is like to buying a plane for 4 days.
Not bad for a couple of geeks..
No, they are selling over time. They cannot afford to show that China wasn't quite as much a walk in the park as other countries, and that they have not been able to crowd out the competition (not always easy with a controlled market anyway) because that *would* hit the stock, so it's back to the "do no evil" theme, casually ignoring the fact that that wasn't a problem until now.
I fail to see any other way to link up "you have been hacking us" with ".. so we want to go uncensored", as far as I know I have enough caffeine in my system..
However, I agree with you.
I think that even for a guy who is so good at self marketing as Schneier this is a WAY too obvious attempt to grab publicity as well as sound off over his hobby topic. I'm not saying he's right or wrong (as I do not have access to facts on either side of the argument), I just think this is a diplomatic spat brought on by Google execs because they want to sell stock.
I would shut up until the politicians have stopped playing, but I think he's trying to ride the publiciy, and it makes me wonder why. Is he about to sell BT stock? :-)
Look, umm, sorry, but that just won't do. You can't just go and report positive things, that's not the way things are done here. You are in danger of being labelled a shrill by the mutinous crowds baying for blood (that's enough sarcasm. ed).
Sarcasm aside, I think it would be interesting to find some *facts*. The problem with any kind of reporting is that you only ever see where it went wrong, not where it went right, so your story is interesting (and also more honest that most would dare). I lost my site at GoDaddy a week ago. Did I complian? No, because I forget to change the CC details (mainly because I was changing to Squarespace anyway), but they still allow you FTP access to a site that's down so it wasn't a problem to get my data out. I could have gone screeching at GoDaddy, but why? *I* screwed up, and I still use them for other things..
But I sure missed an opportunity for headlines :-)
Thanks for the comment.
.. would you need to build a car? :-)