Several very good points...and in fact, those points are only the tip of the iceberg of why this solution makes no sense in that model. There are multiple security problems with multi-level security with cloud computing above and beyond what this would solve. And yes, I get the idea that maybe if all the problems are solved, cloud computing could be usable that way...except that nobody's *ever* solved the MLS challenge in a way that was usable. Trusted Solaris is as close as it got, and it was too hard to work with (and no longer exists). Even more salient, all of the requirements and regulations around security in computing, from DIACAP to PCI DSS to NERC CIP would forbid use of cloud computing in such a situation, even with this technology. The sensitive computing loads are themselves prohibited by law and other standards from being put in a mixed environment in the first place, so there's no real market.
So, what, would you rather MIT's electrical engineers study the art of persuading lazy sys admins to keep things updated? You've like gone to a bbq and complain about the lack of veg options.
I didn't go to the barbeque...the barbeque came to me. I'd rather MIT's engineers study ways to simplify the processes that are failing, rather than invent entirely new ones that don't solve the current problem as it exists. Yes, I do believe that science should actually serve a needed function, in the end. I don't think that having a Ph.D. makes someone a unique and special snowflake whose every effort is something we should cherish like a gift from God. They're framing this as practical science, meant to be applicable...but there's no problem to apply it to.
The overwhelming majority of breaches are not exotic. It's been shown that 85% of recent breaches would have been stopped by four fundamental security processes: patching, proper antimalware (both signature-based and whitelisting) and restriction of user access rights. Exotic hardware-based solutions to protect data in RAM do not help you when the application server itself has been compromised and the attacker has the same rights to the Oracle DB that your SAP instance has. I think it's great that people are working on defenses against these kinds of attacks, but the fact of the matter is that the way most organizations manage security, this is like getting vaccinated against Anthrax when you're a guy who rides a motorcycle drunk without a helmet every day. It's dealing with the wrong risk.
People are buying the platform, and it only comes from one vendor. It's not like with Android where you can compare different hardware specs. Apple will produce a single product at a given price point with a given set of hardware specs, and that's what people will buy. Not saying this is a good or bad thing, just that it's a thing.
This is only true because of continual improvement by Apple, however. Reputation does have a certain momentum (or, if it's a bad reputation, inertia) but it's not a perpetual motion machine. Produce a platform that performs badly, and people will notice; there aren't enough fanbois out there to keep Apple in the green if they produce a substandard product. And to be honest, I don't think that people know how to compare standards anymore between competing platforms in the same product space anyways. It used to be that you simply looked at the numbers for processor speed, RAM and storage, and the higher numbers were better. Now, the means used to describe a platform's components are less transparent ("Atom?" "Snapdragon?") and all over the place, and the bottlenecks move around based on how you build your systems.
Sounds like a silly premise. Who says Intel would even want to do it? Why would Intel want to go back into ARM fabrication when they are trying to beat ARM chips with Atom?
Good point...and there's another thing the blogger doesn't seem to really understand: that far and above, the heaviest source of power consumption in a tablet or smartphone isn't the processor, but the screen. By a very large margin, at that. Sure, you can save power by going with a tinier fab scale, but it's getting near the point of diminishing returns, and logic that throttles usage in different ways has been giving better returns anyways when it comes to processing.
As for TSMC being overextended, that actually makes them appealing to Apple in many ways. The blogger doesn't seem to recognize that Apple has more cash than King Solomon at this point, and that they have a habit of financing entire fab plants for their vendors in exchange for bottom-dollar exclusive pricing deals on what the plants produce for them. This would make TSMC *extremely* cooperative in negotiations for a deal. Intel, on the other hand, has regained a point of primacy in the mainstream processor market and probably isn't as interested in melding with Apple.
Everyone should go back and read about what the NSA program has been collecting. There are no dossiers in the programs that have recently come to light; it's metadata, and in some cases raw data. The phone information, for example, is which numbers called which other numbers and for how long. It's not like a credit report where there is derivative information; they go to the database when they want to look up associations between entities. Creating dossiers on hundreds of millions of people at random is hugely wasteful, since (conservatively) 99.9999% of the time it'd be a total waste of time and the person would never be of interest. The NSA isn't dumb when it comes to this stuff, ethical concerns about whether they should be doing it aside.
That doesn't "substantiate her claims." That substantiates that one person was injured, and so was another. Could have been a fistfight, could have been anything. Still her word versus his as to the cause of the fight, unless there is visual/audio evidence or other witnesses.
Actually, you're confusing "substantiate" with "prove." It does substantiate her claims, because, to use the root of the word, it adds "substance" to her claims.
If a person claimed that she had just been assaulted by someone and nearly raped, but she didn't have a mark on her, that would be rather suspicious. If she was clearly marked/bruised, but her alleged assailant was not, that would be slightly less suspicious, but still pretty hinky. But when both accuser and accused have injuries consistent with the allegations...well, now it looks like 1, the accuser isn't making up an attack, and 2, she isn't mistaken about the identity of her attacker. I certainly haven't seen a lot of people at professional conferences walking around with fresh injuries of the sort consistent with blunt force trauma..or any other sort, now that I think of it.
Okay, so at least now we have something to substantiate her claims. Shame this couldn't have been part of the summary.
I have no idea why I was modded down as a troll, all I did was point out that in the absence of evidence everyone is innocent until proven guilty and TFA contained no such evidence.
In the absence of evidence everyone is innocent, as the legal definition of innocence with regard to process, procedure, and official status until proven guilty. It does not mean that we are not allowed to think or even say that we believe someone is guilty; those are two different concepts entirely. I think your argument was taken as criticism of even leveling an accusation...which is a different matter entirely. Also, to point something out: he has a much greater motive to lie about not being involved if he was involved than she has as a motive to accuse him if he was innocent.
We have a Tesla showroom near where I live, and I've actually been there twice (it's in a major shopping mall...granted, this is in a fairly affluent area). They have two cars on display, along with just the undercarriage of the car...the part that holds the batteries. That section holds the bottom of the car, and the batteries are framed by the frame of the car's body itself, if not also welded or bolted in. The entire bottom of the car is battery...even with the entire upper body and cabin of the car absent, you can put your foot on the front bumper, step up, and walk down the whole length of the car without having the slightest chance of putting your foot through and touching ground. I can't imagine how such a massive battery pack (it's not thin, either) could weigh a small amount either.
So...I have to wonder...if I'd bought one of these cars yesterday, how in the hell would they be able to swap all of those batteries out in 90 seconds? If they were as light as empty cardboard boxes, I'd have trouble swapping them all simply because of the bulk. And there's no way they weigh that little, or are that easily dislodged.
OK so it's not everything we want or a solution for all abuses but if your elected representatives are going to do something this constructive and which directly addresses a specific outrageous abuse , then it's incumbent upon us to say *thanks for listening* and show some love, however uncool or simple that may strike some people.
So, thanks for listening and taking action Representative Lofgren, and Senator Wyden.
You know what, you're absolutely right. Some may argue that it's not enough, some may say it's not the right approach...but for fuck's sake everyone, these two are doing something. (Would someone please mod the quoted post up?)
A simple analysis shows that this is very hard in practice, severely limiting the whole point of running free software."
No it doesn't. The whole point of running free software is knowing that I can rebuild the binary (even if the end result isn't exactly the same) and, more importantly, freely modify it to suit my needs rather than being beholden to some vendor.
There's another point too...which incidentally is the whole point of running a distro like Gentoo...that you can compile the binary exactly to your specifications, even sometimes optimizing it for your specific hardware. I don't get at all this idea he has about "reproducible builds;" if he builds the same way on the same hardware, he'll get the same binary. But what he's doing is comparing builds in distros with ones he did himself...and the odds that it's the same method used to create the binary are very low indeed.
If he's concerned about precompiled binaries having been tampered with, he's looking at the wrong protective measure. Hashes and/or signing are what is used to protect against that...not distributing the source code alongside the compiled binary files. If you look at the source code and just assume that a precompiled binary must somehow be the same code "just because," you're an idiot.
Part of this depends on how they have remote access...is it dial-in? Are they connecting to a jump host via IP connectivity? Is it a VPN? The solution depends on which of those they use, because it's all different. You can use a relay to open/close the actual circuit to the phone line if they dial in; I know a few power companies that use this as a safeguard for their power substations that have dial-up access. If it's a jump host or VPN, then the details of that solution define the approach.
But here's a question for you...what about having a limited time to have remote access would have kept this from happening? From what it sounds like, the process control people would have let them in anyways. And then...what happens if they run out of time, halfway through whatever they're doing? Or even more interestingly, what if they screw everything up (again) but then blame it on being disconnected while they were in the midst of doing something, so they can put the blame on you? This sounds more like a people problem than a technology problem.
"Now that I have pleaded guilty it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites"
He even admitted his guilt in TFA.
So establishing his guilt, yes the sentence is way out of proportion with the crime, and yes this is a tactic way too often used by prosecutors to "scare" a defendant into a plea bargain. The problem here is the underlying law allowing for the possibility for a 30 year conviction, while it seems like DA is doing their job in an unjust manner, they are doing their job within the confines of the law. Best option is still to not get caught.
Um...you have to admit your guilt in part of a plea agreement. Calling him a moron for admitting he's guilty when he's pleading "guilty" is kind of ironic, don't you think?
I've been looking for someone to mention the Cyber Genome research project that DARPA sponsored a while ago...but nobody has. The goal was to do exactly this.
Yes, some people have pointed out a theoretical situation where malware is built entirely of non-malicious code which is shared by non-malicious binaries. But the reality is that this is not what 99% (or more) of malware looks like. Most malware is based on other malware, and you can readily track the genealogy of the code. Additionally, malware developers throw literally thousands of variants out at a time, so that they can overwhelm the ability of AV companies to develop discrete signatures. Both of these characteristics are vulnerable to the approach put forth by this detection tool.
So...will it stop all conceivable malware? Of course not; nothing does. Even whitelisting is vulnerable to certain attacks. But nothing stops everything, and nothing ever did. This approach looks like a major improvement over the current (and failing) standard approach.
Why are ISP's allowed to sell an 'unlimited' plan that has limits? Isn't that against false advertising laws? "Unlimited" has a well known and very specific meaning, and that meaning does not include limits, not even "30,000 percent higher than everyone else".
The limit isn't on the data here; it's on the form of use. They asked what he was doing, and it turned out that what he was doing qualifies as business, rather than residential use. And at that point they told him that he'd need to change account types.
Look at it this way: what if someone got an account like this, and set themselves up as a small ISP for their neighborhood? Would that be acceptable, simply because it's an unlimited account? Of course not...and the ToS that the customer would have agreed to says as much. Since when is it acceptable to simply ignore the contracts we sign? Oh, wait...that was your point, wasn't it? Well, it goes both ways.
It bears mentioning that Kim Dotcom was once named Kimble Schwartz, who basically went from one moneymaking scheme to another. Kimvestor, for example, got him jailed for securities violations. YIHAT was a front of an organization that tried to rally people around hacking terrorists. The list goes on and on. About 15 years ago he was noted as being a fraud in the security space, despite claiming to be a hacker. I think he got lucky with Megaupload, but now he's back to his old usual failing-yet-highly-vocal self.
Zero in on the source of the cyberattack, and end it.
Ummmm... and if the attack originates in a highly distributed bot-net? What about the script-kiddie is on US soil?
Still not a problem...and here's why: things change when it becomes about nations. Espionage doesn't have an IP address, and neither does terrorism. Countries are already quite used to using a wide variety of both tactics and sources of information to find out who is behind a certain act even when those who commit the act take technical measures to mask their identity, nationality, and location. If anything, the connected nature of cyber attacks makes it easier to track them, even though you cannot trust that the IP address that's sending you X packets is actually located in the same nation as the aggressor. But even without that, you have signals intelligence and human intelligence which are incredibly effective at uncovering the source of enemy operations, among other things. When a guy in a small company gets hacked, he usually can't figure out who did it because these tools aren't available to him. But if the national power grid comes under concerted siege? Yeah, you bet that we'll figure out who is behind it using every tool available to us as a country.
Why does it have to be nefarious? I have a real desire to be able to record everything i encounter if i desire. It opens up some very interesting possibilities It is not nefarious to collect photons in public.
That depends how you define "public" since Google Glass may be worn in places that aren't traditionally "public" like restrooms, gym locker rooms, etc. I don't really care if you peek over from the next urinal and watch me pee, but that doesn't mean that I want you capture it with your glasses and post it to Youtube. Likewise if I hire a plumber to fix my leaky bathroom faucet, I'm fine with him snapping a few photos of the bathroom sink so he can get the right parts, but I don't want him using Google Glass to record everything in my house on his way to the bathroom which could be exploited (by him or someone who hacked his Glasses) to build a database of attractive theft targets along with a detailed map of everything of value in the house.
Cameras (even ubiquitous cell phone cameras) are a known risk and it's generally easy to see someone recording with their cell phone, but Google Glass becomes a "hidden in plain view" spy cam.
I think the limiting factor here is the same as that for any video recording device, including the hidden ones that are much more subtle (and yet even better suited for the "bad" scenarios listed here). It's a simple lack of interest. You can buy a hidden camera...a very good one with a lot of capacity, in any number of form factors...for less than $100. They're available at Amazon, on Thinkgeek, and on a wide variety of other sites and shops. Yet you don't see many of them around, because honestly most people don't have an interest in recording wildly.
I wouldn't want a plumber recording everything in my house either...but more importantly, why would he, for that matter? First off, what about it would actually be interesting to him in the first place? Second, given the limited battery life of Google Glass and challenges of storing tons of data, it seems that there's actually a powerful disincentive for him to record indiscriminately. I think this is the flipside of Twitter mentality...people got so that they thought the world cares about them going to the bathroom, and now they're worried that people care about them going to the bathroom. But the truth (and the good news) is...they don't.:)
No, you use 9-1-1 for real threats involving actual terrorists. This is for increasing the level of fear in citizens in order to make privacy invasion more acceptable.
Now, now, now...it's also going to be very useful for getting kids off lawns, too. Don't forget that!
While the computer will do a better job with regard to bullet drop and deflection due to wind (assuming the computer is given correct information about wind, that is), there's still the question of shake when it comes to "pulling the trigger" on the laser. To some degree, this is nothing more than a wee bit more automation than you get from using a computer to calculate what your sight adjustment should be. A wee bit.
Slashdot Mirror
Welcome our new rodent overlords
FTFY. Adjectives are always funnier.
Well, they'll be able to drink us under the table, that's for sure...
Several very good points...and in fact, those points are only the tip of the iceberg of why this solution makes no sense in that model. There are multiple security problems with multi-level security with cloud computing above and beyond what this would solve. And yes, I get the idea that maybe if all the problems are solved, cloud computing could be usable that way...except that nobody's *ever* solved the MLS challenge in a way that was usable. Trusted Solaris is as close as it got, and it was too hard to work with (and no longer exists). Even more salient, all of the requirements and regulations around security in computing, from DIACAP to PCI DSS to NERC CIP would forbid use of cloud computing in such a situation, even with this technology. The sensitive computing loads are themselves prohibited by law and other standards from being put in a mixed environment in the first place, so there's no real market.
So, what, would you rather MIT's electrical engineers study the art of persuading lazy sys admins to keep things updated? You've like gone to a bbq and complain about the lack of veg options.
I didn't go to the barbeque...the barbeque came to me. I'd rather MIT's engineers study ways to simplify the processes that are failing, rather than invent entirely new ones that don't solve the current problem as it exists. Yes, I do believe that science should actually serve a needed function, in the end. I don't think that having a Ph.D. makes someone a unique and special snowflake whose every effort is something we should cherish like a gift from God. They're framing this as practical science, meant to be applicable...but there's no problem to apply it to.
The overwhelming majority of breaches are not exotic. It's been shown that 85% of recent breaches would have been stopped by four fundamental security processes: patching, proper antimalware (both signature-based and whitelisting) and restriction of user access rights. Exotic hardware-based solutions to protect data in RAM do not help you when the application server itself has been compromised and the attacker has the same rights to the Oracle DB that your SAP instance has. I think it's great that people are working on defenses against these kinds of attacks, but the fact of the matter is that the way most organizations manage security, this is like getting vaccinated against Anthrax when you're a guy who rides a motorcycle drunk without a helmet every day. It's dealing with the wrong risk.
People are buying the platform, and it only comes from one vendor. It's not like with Android where you can compare different hardware specs. Apple will produce a single product at a given price point with a given set of hardware specs, and that's what people will buy. Not saying this is a good or bad thing, just that it's a thing.
This is only true because of continual improvement by Apple, however. Reputation does have a certain momentum (or, if it's a bad reputation, inertia) but it's not a perpetual motion machine. Produce a platform that performs badly, and people will notice; there aren't enough fanbois out there to keep Apple in the green if they produce a substandard product. And to be honest, I don't think that people know how to compare standards anymore between competing platforms in the same product space anyways. It used to be that you simply looked at the numbers for processor speed, RAM and storage, and the higher numbers were better. Now, the means used to describe a platform's components are less transparent ("Atom?" "Snapdragon?") and all over the place, and the bottlenecks move around based on how you build your systems.
Sounds like a silly premise. Who says Intel would even want to do it? Why would Intel want to go back into ARM fabrication when they are trying to beat ARM chips with Atom?
Good point...and there's another thing the blogger doesn't seem to really understand: that far and above, the heaviest source of power consumption in a tablet or smartphone isn't the processor, but the screen. By a very large margin, at that. Sure, you can save power by going with a tinier fab scale, but it's getting near the point of diminishing returns, and logic that throttles usage in different ways has been giving better returns anyways when it comes to processing.
As for TSMC being overextended, that actually makes them appealing to Apple in many ways. The blogger doesn't seem to recognize that Apple has more cash than King Solomon at this point, and that they have a habit of financing entire fab plants for their vendors in exchange for bottom-dollar exclusive pricing deals on what the plants produce for them. This would make TSMC *extremely* cooperative in negotiations for a deal. Intel, on the other hand, has regained a point of primacy in the mainstream processor market and probably isn't as interested in melding with Apple.
Everyone should go back and read about what the NSA program has been collecting. There are no dossiers in the programs that have recently come to light; it's metadata, and in some cases raw data. The phone information, for example, is which numbers called which other numbers and for how long. It's not like a credit report where there is derivative information; they go to the database when they want to look up associations between entities. Creating dossiers on hundreds of millions of people at random is hugely wasteful, since (conservatively) 99.9999% of the time it'd be a total waste of time and the person would never be of interest. The NSA isn't dumb when it comes to this stuff, ethical concerns about whether they should be doing it aside.
That doesn't "substantiate her claims." That substantiates that one person was injured, and so was another. Could have been a fistfight, could have been anything. Still her word versus his as to the cause of the fight, unless there is visual/audio evidence or other witnesses.
Actually, you're confusing "substantiate" with "prove." It does substantiate her claims, because, to use the root of the word, it adds "substance" to her claims.
If a person claimed that she had just been assaulted by someone and nearly raped, but she didn't have a mark on her, that would be rather suspicious. If she was clearly marked/bruised, but her alleged assailant was not, that would be slightly less suspicious, but still pretty hinky. But when both accuser and accused have injuries consistent with the allegations...well, now it looks like 1, the accuser isn't making up an attack, and 2, she isn't mistaken about the identity of her attacker. I certainly haven't seen a lot of people at professional conferences walking around with fresh injuries of the sort consistent with blunt force trauma..or any other sort, now that I think of it.
Okay, so at least now we have something to substantiate her claims. Shame this couldn't have been part of the summary.
I have no idea why I was modded down as a troll, all I did was point out that in the absence of evidence everyone is innocent until proven guilty and TFA contained no such evidence.
In the absence of evidence everyone is innocent, as the legal definition of innocence with regard to process, procedure, and official status until proven guilty. It does not mean that we are not allowed to think or even say that we believe someone is guilty; those are two different concepts entirely. I think your argument was taken as criticism of even leveling an accusation...which is a different matter entirely. Also, to point something out: he has a much greater motive to lie about not being involved if he was involved than she has as a motive to accuse him if he was innocent.
We have a Tesla showroom near where I live, and I've actually been there twice (it's in a major shopping mall...granted, this is in a fairly affluent area). They have two cars on display, along with just the undercarriage of the car...the part that holds the batteries. That section holds the bottom of the car, and the batteries are framed by the frame of the car's body itself, if not also welded or bolted in. The entire bottom of the car is battery...even with the entire upper body and cabin of the car absent, you can put your foot on the front bumper, step up, and walk down the whole length of the car without having the slightest chance of putting your foot through and touching ground. I can't imagine how such a massive battery pack (it's not thin, either) could weigh a small amount either.
So...I have to wonder...if I'd bought one of these cars yesterday, how in the hell would they be able to swap all of those batteries out in 90 seconds? If they were as light as empty cardboard boxes, I'd have trouble swapping them all simply because of the bulk. And there's no way they weigh that little, or are that easily dislodged.
I'm sorry...you'll have to repeat that once more. I couldn't quite hear you over the sound of my brain cells committing suicide one by one.
OK so it's not everything we want or a solution for all abuses but if your elected representatives are going to do something this constructive and which directly addresses a specific outrageous abuse , then it's incumbent upon us to say *thanks for listening* and show some love, however uncool or simple that may strike some people.
So, thanks for listening and taking action Representative Lofgren, and Senator Wyden.
You know what, you're absolutely right. Some may argue that it's not enough, some may say it's not the right approach...but for fuck's sake everyone, these two are doing something.
(Would someone please mod the quoted post up?)
No it doesn't. The whole point of running free software is knowing that I can rebuild the binary (even if the end result isn't exactly the same) and, more importantly, freely modify it to suit my needs rather than being beholden to some vendor.
There's another point too...which incidentally is the whole point of running a distro like Gentoo...that you can compile the binary exactly to your specifications, even sometimes optimizing it for your specific hardware. I don't get at all this idea he has about "reproducible builds;" if he builds the same way on the same hardware, he'll get the same binary. But what he's doing is comparing builds in distros with ones he did himself...and the odds that it's the same method used to create the binary are very low indeed.
If he's concerned about precompiled binaries having been tampered with, he's looking at the wrong protective measure. Hashes and/or signing are what is used to protect against that...not distributing the source code alongside the compiled binary files. If you look at the source code and just assume that a precompiled binary must somehow be the same code "just because," you're an idiot.
Part of this depends on how they have remote access...is it dial-in? Are they connecting to a jump host via IP connectivity? Is it a VPN? The solution depends on which of those they use, because it's all different. You can use a relay to open/close the actual circuit to the phone line if they dial in; I know a few power companies that use this as a safeguard for their power substations that have dial-up access. If it's a jump host or VPN, then the details of that solution define the approach.
But here's a question for you...what about having a limited time to have remote access would have kept this from happening? From what it sounds like, the process control people would have let them in anyways. And then...what happens if they run out of time, halfway through whatever they're doing? Or even more interestingly, what if they screw everything up (again) but then blame it on being disconnected while they were in the midst of doing something, so they can put the blame on you? This sounds more like a people problem than a technology problem.
That's interesting...because it seems EA would like their employees to continue making EA games until they drop dead at their keyboards!
You moron...
"Now that I have pleaded guilty it is a relief to be able to say that I did work with Anonymous to hack Stratfor, among other websites"
He even admitted his guilt in TFA.
So establishing his guilt, yes the sentence is way out of proportion with the crime, and yes this is a tactic way too often used by prosecutors to "scare" a defendant into a plea bargain. The problem here is the underlying law allowing for the possibility for a 30 year conviction, while it seems like DA is doing their job in an unjust manner, they are doing their job within the confines of the law. Best option is still to not get caught.
Um...you have to admit your guilt in part of a plea agreement. Calling him a moron for admitting he's guilty when he's pleading "guilty" is kind of ironic, don't you think?
I've been looking for someone to mention the Cyber Genome research project that DARPA sponsored a while ago...but nobody has. The goal was to do exactly this.
Yes, some people have pointed out a theoretical situation where malware is built entirely of non-malicious code which is shared by non-malicious binaries. But the reality is that this is not what 99% (or more) of malware looks like. Most malware is based on other malware, and you can readily track the genealogy of the code. Additionally, malware developers throw literally thousands of variants out at a time, so that they can overwhelm the ability of AV companies to develop discrete signatures. Both of these characteristics are vulnerable to the approach put forth by this detection tool.
So...will it stop all conceivable malware? Of course not; nothing does. Even whitelisting is vulnerable to certain attacks. But nothing stops everything, and nothing ever did. This approach looks like a major improvement over the current (and failing) standard approach.
Why are ISP's allowed to sell an 'unlimited' plan that has limits? Isn't that against false advertising laws? "Unlimited" has a well known and very specific meaning, and that meaning does not include limits, not even "30,000 percent higher than everyone else".
The limit isn't on the data here; it's on the form of use. They asked what he was doing, and it turned out that what he was doing qualifies as business, rather than residential use. And at that point they told him that he'd need to change account types.
Look at it this way: what if someone got an account like this, and set themselves up as a small ISP for their neighborhood? Would that be acceptable, simply because it's an unlimited account? Of course not...and the ToS that the customer would have agreed to says as much. Since when is it acceptable to simply ignore the contracts we sign? Oh, wait...that was your point, wasn't it? Well, it goes both ways.
Don't forget the "music career" with that tasteless music video!
Oh yeah! Forgot about that one...it's easy to lose track of all the ways this self-indulgent butthead has tried to reinvent himself.
It bears mentioning that Kim Dotcom was once named Kimble Schwartz, who basically went from one moneymaking scheme to another. Kimvestor, for example, got him jailed for securities violations. YIHAT was a front of an organization that tried to rally people around hacking terrorists. The list goes on and on. About 15 years ago he was noted as being a fraud in the security space, despite claiming to be a hacker. I think he got lucky with Megaupload, but now he's back to his old usual failing-yet-highly-vocal self.
Zero in on the source of the cyberattack, and end it.
Ummmm... and if the attack originates in a highly distributed bot-net? What about the script-kiddie is on US soil?
Still not a problem...and here's why: things change when it becomes about nations. Espionage doesn't have an IP address, and neither does terrorism. Countries are already quite used to using a wide variety of both tactics and sources of information to find out who is behind a certain act even when those who commit the act take technical measures to mask their identity, nationality, and location. If anything, the connected nature of cyber attacks makes it easier to track them, even though you cannot trust that the IP address that's sending you X packets is actually located in the same nation as the aggressor. But even without that, you have signals intelligence and human intelligence which are incredibly effective at uncovering the source of enemy operations, among other things. When a guy in a small company gets hacked, he usually can't figure out who did it because these tools aren't available to him. But if the national power grid comes under concerted siege? Yeah, you bet that we'll figure out who is behind it using every tool available to us as a country.
Why does it have to be nefarious? I have a real desire to be able to record everything i encounter if i desire. It opens up some very interesting possibilities It is not nefarious to collect photons in public.
That depends how you define "public" since Google Glass may be worn in places that aren't traditionally "public" like restrooms, gym locker rooms, etc. I don't really care if you peek over from the next urinal and watch me pee, but that doesn't mean that I want you capture it with your glasses and post it to Youtube. Likewise if I hire a plumber to fix my leaky bathroom faucet, I'm fine with him snapping a few photos of the bathroom sink so he can get the right parts, but I don't want him using Google Glass to record everything in my house on his way to the bathroom which could be exploited (by him or someone who hacked his Glasses) to build a database of attractive theft targets along with a detailed map of everything of value in the house.
Cameras (even ubiquitous cell phone cameras) are a known risk and it's generally easy to see someone recording with their cell phone, but Google Glass becomes a "hidden in plain view" spy cam.
I think the limiting factor here is the same as that for any video recording device, including the hidden ones that are much more subtle (and yet even better suited for the "bad" scenarios listed here). It's a simple lack of interest. You can buy a hidden camera...a very good one with a lot of capacity, in any number of form factors...for less than $100. They're available at Amazon, on Thinkgeek, and on a wide variety of other sites and shops. Yet you don't see many of them around, because honestly most people don't have an interest in recording wildly.
I wouldn't want a plumber recording everything in my house either...but more importantly, why would he, for that matter? First off, what about it would actually be interesting to him in the first place? Second, given the limited battery life of Google Glass and challenges of storing tons of data, it seems that there's actually a powerful disincentive for him to record indiscriminately. I think this is the flipside of Twitter mentality...people got so that they thought the world cares about them going to the bathroom, and now they're worried that people care about them going to the bathroom. But the truth (and the good news) is...they don't. :)
No, you use 9-1-1 for real threats involving actual terrorists.
This is for increasing the level of fear in citizens in order to make privacy invasion more acceptable.
Now, now, now...it's also going to be very useful for getting kids off lawns, too. Don't forget that!
If this is the iPad of guns...then I am dying to see what HP comes up with! Perhaps it'll shoot cake mix and spite instead of bullets?
While the computer will do a better job with regard to bullet drop and deflection due to wind (assuming the computer is given correct information about wind, that is), there's still the question of shake when it comes to "pulling the trigger" on the laser. To some degree, this is nothing more than a wee bit more automation than you get from using a computer to calculate what your sight adjustment should be. A wee bit.