Slashdot Mirror


User: Karmashock

Karmashock's activity in the archive.

Stories
0
Comments
10,236
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,236

  1. Re:The level of security required seems unsustaina on Estonia Urged To Drop Internet Voting Over Security Fears · · Score: 1

    Well... I think something that might help is if they had a two part secret key system. Where in the identity of any individual vote could only be unlocked by the person that cast it.

    Then make it possible for voters to query how their vote was calculated. So if I personally voted for X then I checked the system and it says that my vote was counted as Y then we know there was tampering or at the very least a mistake.

    This would make vote altering harder because they wouldn't be able to change the vote tally to match the correct encrypted vote.

    Very important to this concept is that only the voter can decrypt the their encrypted vote.

    The vote is cast anonymously after some sort of ID verification to make sure you should even vote in the first place. The anti voter ID stuff appears to be nonsense so far as I can tell... possibly an attempt to protect voter fraud schemes. In any case, you need voter ID to have a secure voting system.

    So your ID lets you vote, you vote, you are then prompted for a password to encrypt your vote. The actual encryption scheme should be pretty aggressive. The password should be something that can be unique to that specific vote. Write it down on a piece of paper or something. Then after the votes have been officially declared, you can go back into the system, enter the signiture of your vote serial number. Not your personal ID but the ID of that vote which should be anonymous. View what the system labeled it. Then download the file... decrypt it with your password and see if the public record matches the encrypted record.

    Obviously this is just out of my ass here. So it could easily be refined by someone with more experience or more thought on the matter.

    But a two part system would seem to be less prone to error.

    If a significant number of ballots don't match the encrypted version then you might need to invalidate an entire election and start over.

    Possible problems with the system are if the system that actually casts the vote is itself compromised. In that way the encrypted vote would be compromised as well. However, the person that cast the vote would still know which way they did vote so they should be able to at least know personally if their vote was tampered with indifferent to whether anyone else believes them.

    Another place you could have a security breach is between the system that holds all the individual votes and the system that measures the final tally. If that system were compromised every decrypted vote could say X while the final tally could say anything. This system could be made more secure by making it redundant. Several totally different system could add up the votes simultaneously and then have the results compared. They should match exactly every single time. If they don't then you know you have a problem... mostly likely a software bug but this is something where paranoia is warranted.

  2. The level of security required seems unsustainable on Estonia Urged To Drop Internet Voting Over Security Fears · · Score: 1

    The issue is that you only get real security when the people in charge of the security are both well funded and the organization as a whole takes security very seriously.

    To my knowledge, the only organizations that really tend to have good security are banks and government intelligence. And in both of these we've seen major security breaches.

    I think the attraction of corrupting the voting system simply outweighs the internal pressure to secure the system such that if implemented, a digital voting system would be inherently compromised.

    I struggle to think of a solution to this problem that wouldn't be undone by a mixture of inside man corruption, laziness, and external manipulation by powers that want to control the process be they state level or not.

  3. Re:We need competition on Major ISPs Threaten To Throttle Innovation and Slow Network Upgrades · · Score: 1

    I consider an ISP to provide service to your door. To actually run the wires themselves that enter your home. I do not consider the companies that lease cable from the above mentioned monoliths to be true ISPs.

    You break the stranglehold of these companies by bypassing them. If your ISP utterly depends upon the giant ISP providing you with to the door cable access and you must contract with them to buy that access then you've done nothing to upset the status quo. If anything you're just increasing the profits of the monoliths by doing all the high overhead marketing work to get THEIR cable subscribed to by your customers.

  4. We need competition on Major ISPs Threaten To Throttle Innovation and Slow Network Upgrades · · Score: 1

    The existing ISPs are too large and monolithic. I suspect this is mostly local regulation making pole leasing fees unreasonable.

    It needs to be practical for small ISPs to operate anywhere in the US. Any jackass should be able to start his own ISP. Lease the poles, buy some shake and bake ISP equipment, buy the appropriate back end bandwidth, and then run the business.

  5. We told you so MS. on Microsoft Finally Selling Xbox One Without Kinect · · Score: 2

    Its nice that you've listened... its just too bad that you took this long to actually respond.

    Not a console gamer so I can't gauge how this effects anything. I'm PC gamer. The consoles of any brand are an irrelevance to me.

    But MS's launch of the One has seemed troubled from the beginning. I do wonder why they bother with it. MS could have done much better simply by releasing an actual MS windows PC with a console form factor and a console GUI dropped on top of the windows OS. That would have given the Xbox One cross platform game compatibility, legacy support for lots of things windows is compatible with an the one is not, given additional utility to MS windows systems that would be able to use things initially designed for the Xbox, and generally given the Xbox a big advantage over the Playstation.

    But they decided to go with another divergent incompatible OS with no legacy support even for most older xbox games. Its pathetic.

    Every console should be backward compatible with consoles of the same brand. At least build a reasonable emulator into each. And its deeply foolish for MS not to leverage their command of the desktop environment to gain an advantage over Sony.

  6. This is one way to reduce medical costs on DIY Lab Tests Getting More Capable · · Score: 1

    Most medical tests can be boiled down to something simple enough for the patient to self diagnose with proper equipment.

    If the US Navy can get 18 year old high school students to manage nuclear reactors aboard submarines then I think we can get the average American able to self diagnose most tests.

    Cut that out of the hospital bill and you've already gone a long way to make healthcare more affordable.

    This was the mistake with the healthcare reform push. They keep doing this... they just throw money at problems and expect the problem to go away. They did the same thing with housing and education. Rather then get poor people homes by giving them cheap home loans, they instead inflated home prices and made homes less affordable for people that would otherwise have had no trouble buying homes. They increased debt and created a bad house flipping culture that simply accelerated the coming crash. The same thing has happened in education. They just throw money at the students which inflates university prices well beyond the inflation rate and then IF they actually graduate they are in so much debt that they're not able to do anything in their lives but service that debt for years.

    The solution is and has always been supply side rather then demand side. Demand side is just give people money and expect everything to work out properly. The problem is that it doesn't actually fix anything and tends to just inflate prices. Prices for healthcare. Prices for housing. Prices for education... it doesn't matter. Demand side stimulus just inflates prices.

    The alternative is supply side. You increase the supply without giving anyone any additional money to actually buy the service. The idea is that by increasing the supply the cost of the good or service will naturally fall.

    In this case, medical tests. You make it so that more people can perform the tests and that the ACTUAL per test cost is much lower. Thus the cost to the patients and what patients spend on healthcare should go down.

    Supply side. Its the less moronic way to deal with controlling costs.

  7. The point of this technology? on A Look at Smart Gun Technology · · Score: 1

    Is apparently to take guns out of the hands of poor law abiding citizens.

    Who is going to be effected by this tech? Not the police or military. Despite police guns often being used by criminals their guns will probably remain "dumb" because dumb is reliable.

    It probably won't effect the rich either because the older weapons will remain grand fathered and they can afford to buy them even as the price goes up. You can for example still buy a licensed AK47 or fully automatic M16 in the US. Its just very expensive because the gun in question had to have been made and licensed prior to those getting banned. There is a market in the US for those grandfathered weapons. And if you've got 10 grand sitting around you too can have a completely legal automatic weapon.

    So this doesn't effect the rich at all.

    And then you have criminals... by definition they don't obey the law. So it doesn't effect them either beyond marginally reducing the market they can tap into.

    What's left? Poor and middle class people that might not be able to afford a gun if its cost goes up a few hundred dollars.

    Here is my solution to the smart gun debate:

      Make it clear that the police will have to use the smart guns if the general public is forced to use them as well.

    Its not unreasonable because again may gun crimes are committed with police weapons.

    But the political genius of this ploy is that the police won't like it and will use their lobbying power through their unions to shut it down. Which renders the whole push dead.

    Best way to kill it. Say all new gun legislation would have to apply to the police and police weapons and very quickly the political coalitions that bring these issues to the fore would choke it off out of shear self preservation.

  8. This is going to kill the US tech industry on Glenn Greenwald: How the NSA Tampers With US Made Internet Routers · · Score: 2

    If I'm a foreign buyer for this stuff... say a bank in Germany that wants to build a data center... I can't buy American stuff anymore. That's a huge blow to US tech.

    Look... I'm okay with pulling this crap against brutal dictatorships. But I suspect they're just doing it to anyone they're even vaguely interested in... I have to assume that because there's so much double talk and evasion on the issue along with apparently no oversight or auditing.

    If this sort of crap continues then the companies are at they very least going to have to use protected shipping methods that guarantee no tampering. A guard going with the shipment 24 hours a day from the factory to the delivery location would be an example.

    And of course, any organization or customer that is responsible to data security is going to have increasing trouble trusting US businesses with anything.

    This is incredibly damaging. The NSA needs to do their job without destroying the US tech industry in the process.

  9. Re:I have to ask why? on China May Build an Undersea Train To America · · Score: 1

    Airplanes are very safe statistically.

    About 1.5 million people in the US alone travel by air EVERY SINGLE DAY.

    And of those people how many of them are killed due to a safety issue on the plane or pilot error etc?

    We have a serious air crash about once every 5 to 10 years and those tend to claim something between 100 and 400 lives.

    The cruise industry loses more people to the flu then the airlines lose to anything as a percentage of travelers.

    I don't understand why people are mindlessly against airplanes. They're great.

    If you were traveling more then a thousand miles in the US, tell me you wouldn't take a plane?

    No one travels by train more then a couple hundred miles at most. Its too slow and too expensive.

    Try to book a train from Los Angeles to New York city. Tell me what that train seat costs.

    Okay... that is WITH government subsidies making it cheaper. Now look at the plane ticket. That is not only without government subsidies but with additional government taxes on top of it.

    Planes are RADICALLY cheaper.

    And planes are more flexible too. With trains a given station is connected to another given station. Airports have no such physical connection. You can take off at any airport and land at any airport.

    Trains can't compete with that.

  10. Re:I have to ask why? on China May Build an Undersea Train To America · · Score: 1

    Entirely theoretical.

    the people predicting spikes in oil prices have been wrong for about 100 years... which is about as long as they've made those claims.

    The current spike in prices has more to do with politics then it does with resource scarcity. Remove the extra taxes put on oil over the last 10 years and relax the regulations on the oil industry back to what they were ten years ago and you could have 2 dollar a gallon gas.

    Or maintain the taxes and regulation and pay upwards of 2.50 in nothing but government interference.

    Regardless the price of a gallon of gasoline has about as much to do with the scarcity of oil as the price of a pack of cigarettes has to do with the scarcity of tobacco. Aka... nada.

    You can't fuck with the market and then claim the prices are market prices. They're not. They're the price after you fucked with the system.

  11. Re:I have to ask why? on China May Build an Undersea Train To America · · Score: 1

    You think a trans Atlantic train from China to Seattle is cheaper then a commercial airliner?

    And you think I am ignorant?

    Either you don't know what our air network costs per passenger or you don't know what the rail network costs per passenger.

    There is a reason Amtrak for example gets government subsidies but most airlines do not.

    Passenger rail over long distances is not competitive with airplanes for price or speed.

    And doing it from china to the United States is moronic for PASSENGER traffic.

    For freight, it might make sense... if not for the political problems which just render it moot.

  12. I have to ask why? on China May Build an Undersea Train To America · · Score: 1

    Planes are faster, cheaper, and safer for passenger traffic at that distance.

    Possibly they want the underwater tunnel for cargo trains? Then you're competing with container ships which are themselves very cheap though possibly not as fast.

    The only way a train beats a plane is if the tunnel is a vacuum. And that radically complicates the engineering especially if you're putting it under the ocean.

    And that doesn't even address the political problems.

    Tensions with china are increasing and then you have this train going through Russian territory which has its own problems.

    So... why would we build the train? Yes the chinese are saying they're paying for it. Great. But its going to go through our territory and give the Chinese physical access to the whole route. Why would we give them that for something which appears pointless and doomed?

  13. As others have said... why not? on Why Scientists Are Still Using FORTRAN in 2014 · · Score: 4, Insightful

    If the language accomplishes the task efficiently and effectively with no apparent downside then why attempt to switch languages simply for the sake of switching?

    Furthermore, an ability to run legacy code should be sustained especially in science where being able to use that code again after many years might save scientists from having to reverse engineer past discoveries.

  14. Re:Blacklists are dead, Long live white lists. on Anti-Virus Is Dead (But Still Makes Money) Says Symantec · · Score: 2

    White lists can go all the way down to scripts. You can have them evaluate scripts and unknown scripts which run in PDFs or flash won't be allowed to run.

    Another thing you can do is sandbox things that are just prone to infection such as flash. So flash etc would exist in a compartmentalized environment is unable to interact with anything outside of it except in a controlled fashion and anything that does interact even at that level has to be known.

    Once everything that is not known is automatically prevented from running it will make infections much less likely.

      Of course, your'e going to have people clicking "allow" a lot because there will be a lot of unknown third party content. And there you run into issues. But the average user should be encouraged in that situation to not hit allow ever unless the code asking for permission was authorized by someone else that should know what they're talking about.

    More experienced users can take their chances.

    In a corporate environment, the "allow" feature would only be available at the admin level. Processes and scripts trying to run but forbidden to do so would be flagged and passed on to the administrator who could either add the file/program/script to the white list or he could track down who, where, and when the process attempted to run and then ask the user why.

    This is security.

    Anything else is a fucking waste of time.

  15. Blacklists are dead, Long live white lists. on Anti-Virus Is Dead (But Still Makes Money) Says Symantec · · Score: 2

    All antivirus software is ultimately based on the notion of a blacklist. That has failed. Whitelists however... that is lists of known good applications are more reasonable. Yes, they require users to know the difference and not just white list any nonsense. But white lists are much better at dealing with zero day attacks etc.

    This is what anti virus should be... white lists.

  16. They aren't a troubled technology on Did the Ignition Key Just Die? · · Score: 1

    I've never seen a car that has a problem with its ignition and while there was recently a scandal, the vast majority of cars never have this issue.

    What is more, if all cars were push button ignition cars, I'm quite sure that more cars would statistically pop up that have a problem with their push button system.

  17. Remind me when "I" gave up nuclear weapons on Talking To the Public: the Biggest Enemy To Reducing Greenhouse Emissions · · Score: 2

    Because my understanding was that the public never had them in the first place.

    So in what way are the two situations at all similar?

    They aren't.

    In the one case you have nuclear weapons in government nuclear stockpiles and silos. And in the other case you have everyone with a car in their garage. They're not remotely similar.

    But you know what... if the end result is they bitch about global warming less, then I'm all for it. That is one if the biggest mcguffins of the last 100 years.

  18. Easy way to avoid... on Really, Why Are Smartphones Still Tied To Contracts? · · Score: 1

    Just buy the smart phone separately. Buy it off the internet. Then buy a sim card from one of the many cellphone plan retailers. Match a to b and you're good.

  19. Re:The ISS was a mistake on US Should Use Trampolines To Get Astronauts To the ISS Suggests Russian Official · · Score: 1

    We could have found a better project for our space industry. The ISS was a make work project... in space.

  20. The ISS was a mistake on US Should Use Trampolines To Get Astronauts To the ISS Suggests Russian Official · · Score: -1

    It was a huge waste of resources and the supposed diplomatic gains from the expense clearly were an illusion.

    For the same money we spent on the ISS we could have put a base on the moon. I'm not saying we should have put a base on the moon... just saying we could have done that for the same money.

    Wind the ISS down. Sell it if anyone wants to buy it. And then take the money NASA now has open in their budget to do something worthwhile.

  21. Re:Yeah, but... on Graphene Could Be Dangerous To Humans and the Environment · · Score: 1

    Exactly... if the stupid regulators shut down the production of this stuff then I'm done with them.

  22. Re:Paying your dues on Why the Sharing Economy Is About Desperation, Not Trust · · Score: 1

    Not my point. We were talking about where people wanted to live once they had choices. Your argument is that they have no choice so its good that they live in the city which is a circular argument.

    Please be logical.

  23. Re:Cute, but not $815 cute on Mini Gaming PCs — Promising, But Not Ready · · Score: 1

    you could say the same thing about the gaming laptop.

    One of my old laptops is currently plugged into the big screen tv. It acts as a video file server for my entertainment system. I have a remote that works with it and everything. I just click the tv over to the input the laptop is plugged into... and then pick up the remote that works with the laptop and tell it to play.

    I have lots of old machines that serve as file servers, web servers, etc etc etc.

    That doesn't change the fact that at ONE time they were each desirable as a machine you'd actually like to use. This little machine they're trying to sell is too expensive, too unreliable, and too under powered.

    Its got nothing to redeem it.

  24. Re:This isn't why they had a security breach on Target Moves To Chip and Pin Cards To Boost Security · · Score: 1

    Well that's nonsense because how do they know if you're PCI complaint or not? Are they going to examine your database? They don't.

    So all that means is that when a breach happens, if you're not complaint, they're not responsible. It doesn't mean anything else.

    Furthermore, I've seen a lot of businesses that process credit cards that store everything on their systems forever.

    So... no.

  25. Re:Cute, but not $815 cute on Mini Gaming PCs — Promising, But Not Ready · · Score: 1

    If they are that expensive the system these people are selling is very over priced because you can get a significantly more powerful laptop for that price. Which means you're getting a screen, a keyboard, a battery, etc... and other components are of a higher quality... and you're paying nothing more for it.

    My point remains... this little machine is a bad buy.