``The voter registration service mails you two random numbers (which include some checksum mechanism against typos, of course). You enter one of them. Voter identity and voter preference can be completely segregated. What's the difficulty?''
How do you demonstrate that at the end of the election you aren't going to join the tables together and print a list of who voted for whom?
``If it good enough for your money it is good enough for your vote''
But it isn't my money: it's the bank's. If they install a system that leaks money, they have an incentive to fix it (money). If they install a system that leaks money against my name, legislation is in place (although not as strong as it should be) to pass the risk back to the bank. In a voting system, the people operating the election have no incentive to fix anything.
Moreover, an ATM is designed to tie you to the transaction as clearly as possible; a voting machine is the precise opposite.
I've just got a lump of space on a whitebox PC (mirrored disks with ZFS on Solaris 10, but others will prefer Linux) served up with the Apache WebDAV module (which ships with Solaris). Were I really paranoid I'd create a zone to run the web server in, but as things stand it's not running as root and I'm reasonably comfortable with the security as it stands. The authentication is standard Apache, but I've forced all access to the directory to be via https to avoid sniffing (the data centre is actually a University CS department machine room). Access from Mac is standard OSX stuff (just sue the Finder to map https://.../ from Windows is Web Folders (again, https works) and from LInux is davfs2. Solaris is a little trickier...
What advantage does using all these on-line services actually offer me as the end user?
If you do all your computing in your proverbial mother's proverbial basement, and that basement happens to be a disused Minuteman silo, then what you say is true. But just as I want to be able to access my home directory whichever of my employer's offices I'm in, and I've been in them on three continents, I'd quite like to be able to have my private (home home?) directory available wherever I am. And my email. And my contacts. And my calendar. And (personally) I'll trade access to it on the rare occasions the big data centre goes out for not having to do backups and figure out the replication strategy. Do I care if I can't access photographs of my holiday last year for twelve hours? No. Their loss, though, as my home disk crashes is king of bad.
Now I can lash some of that together with Google Apps and/or.Mac and/or Amazon S3, and indeed I have done that. I have a private WebDAV server in a data centre which I back up to S3, and I mount that WebDav'd directory on each of the machines I use (your company security policy may, and probably does,. vary). I run an IMAP server on it, a Squirelmail interface for when I need it, and I outsource the calendaring to Google. But it's a bunch of hacks. Back to Mac or whatever it's called is sort of tempting, but is a bit Mac-specific and will probably struggle over ADSL upstream bandwidth from home.
If there were a service which provided a desktop, accessible from a web page in the manner of Citrix Remote Access Gateway, from a thin client which contained no state, a large market of people who need computing but don't need games would be prime targets.
My iPod's full of LAME encoded MP3s and is managed with a self-written SQL database that backends with GNUPod. Hard to see how that's weird formats, although I'll accept weird software...
ian
Fraudulent transactions are in theory void, but as the parent says, it's a great deal easier for you to refuse to pay than it is for you to reclaim your money.
The Consumer Credit Act 1974, section 75, makes credit card companies jointly liable for the supply of goods and services for purchases between £100 and £30K. Purchasing goods on a debit card is a mugs' game, because a credit card company is jointly liable under the Sale of Goods Act if the actual vendor goes bankrupt.
There's a theory that debit cards linked to accounts with overdraft facilities might fall into the ambit of the CCA. Do you want to be a test case? I thought not.
In the end Vista will be inevitable. Drivers not available anymore except for Vista, important programs that are Vista-only.
I'm not so sure. XP has such inertia behind it (>90% of the home install base) that a company that launches Vista-only hardware or software has no market. Because XP coincided with a huge increase in the number of PCs in use in non-technical environments in a largely benign economy, there's a lot of kit out there that will be run until it falls apart. Why would people (ordinary people, not geeks, not teenagers using their parents' money) buy a new computer when they have a 1GHz 1GB 200GB humming away quite nicely? Yes, Ford released a new Mondeo, but my old one's fine.
The big four have decent procedures, and the failures are individual branches. Reprehensible, yes, and a problem for the consumer, yes, but fixable by enforcement. Nationwide got clobbered because they didn't have the processes in place: even if you followed the rulebook to the letter, it still wouldn't be good enough. Fixing those sorts of things is harder.
There are still a bunch of secret-algorithm ciphers around and in use (and which the government, in its infinite wisdom, treats as more secure than the openly-reviewed ones),
The breadth and depth of cryptographic skill,. experience and knowledge behind the wire at Cheltenham and Fort Meade is orders of magnitude than that outside. The review process internally is actually far higher quality than that externally. This isn't like software, where even Microsoft doesn't employ a measurable fraction of the software engineers in the world. GCHQ plus NSA is the vast majority of the cryptographers, plus they have libraries and testcases and methodologies dating back fifty years that the rest don't have access it.
In that case, the benefit of open review (that, just possibly, someone in the small pool of non-spook cryptographers who know what they're doing might find a flaw) is far less than the downside (that your opponents get to see what a modern code system looks like). The lowdown on a modern close-world cipher system would reveal attacks they are defending against, give a good impression of their real capabilities and so on. Yes, in a real shooting war, the spooks have to allow for their crypto systems falling into the wrong hands. But in the current climate, the tactical stuff will be exposed, but the strategic stuff can be closed algorithms and closed keys: what's not to like?
This reminds us all of the S Box hoo-hah, where elaborate theories were put forward by open community `experts' about the `flaws' in the S Boxes in DES. It turned out, of course, that they were optimal against an attack that wasn't even public, and close to optimal against other attacks that (allegedly) weren't known to anyone. I'd take a cipher system that the NSA or GCHQ approves for government use over anything advocated outside the wire., simply because the chances of an intentional weakness in the former are far smaller than the chances of an accidental weakness in the latter.
We went through all this is the discussion about the S Boxes
I know from personal contacts that this woke the banks up pretty sharply (Nationwide are small and were the first: the FSA have told the big four that they'll get far fiercer treatment). In practice the big four have been quite careful, and have tended to use fairly good encryption: it's no accident that the former building societies have found things harder (see also, in an unrelated area, Northern Rock). But the threat of eight-figure fines (the numbers I've heard bandied around) make it a simple business case to do things properly.
I was in the CS department at Birmingham 1983--1988, so used Multics pretty much throughout (and as a CS undergraduate I got essentially enough resources that I didn't need to worry about resources, unlike less-favoured departments: I think I got $20/day in the first year and $50/day thereafter, while other departments got about $2/day). The joy was the emacs implementation, which was a thing of beauty and in many ways better that GNU emacs is today.
The White House is using an Enterprise email system, i.e. not Firefox + IMAP.''
Even if they were using Firefox plus IMAP, it's hardly rocket science to preserve all mail. Cyrus now supports delayed expunge, so that sort +flags.silent (\deleted) followed by expunge just records that the expunge happened, removes the messages from what fetch/search/etc see and makes a note to delete the files later. This saves IO at the time and means that punters who blow mail away accidentally can get restores easily. We run the real expunge at 0200, with a window of three days (ie mail you delete and expunge isn't really deleted for three days). Turn that process off, and it's preserved forever. Throw in snapshots with your netApp and you're done.
[[ For Cyrus hotshots, it works slightly differently for delayed deletion of entire mailboxes, but you get the general idea. ]]
Someone once told me that you can tell how far you are from the earthquake zones in Silicon Valley by the nature of the taps (faucets for Americans). If they're automatic, ie require mains power, you're out of the earthquake zone. Inside the zone, they have to be manual so you can still get water out of the pipes with the power off. Certainly I noticed that the faucets are automatic at the cinema at Great America Parkway down in Santa Clara, but manual in the Stanford Shopping Centre...
however, i know for a fact that my parents wouldn't be able to set this up, and I'm sure they're not the only ones.
I've solved the problem by a more brute force solution: the house contains a load of computers, one TV and no games machines. The computers have no parental controls on them, and I don't have a squid proxy at the border at the moment. However there is an AUP for my children, and I'll simply remove their accounts from the computers if there's a breach of it. The lack of video games machines is because in 30 years in computing I've never seen a computer game which is anything other than a total waste of time, and most I've seen in the past ten years have been horrid. Read a book.
What applications does the average punter need?
on
The Dying PC Market
·
· Score: 1
run a few apps like Word Processing and Spreadsheets,
In the 1990s, the typical PC purchaser was an affluent, managerial or professional adult. Even if s/he didn't actually bring work home to do on the computer, they thought it would be a neat idea. That market is only 20% of the population, if that. Today, the PC market is essentially everyone with the money, and a huge proportion of them cannot or will not bring work home: manual, clerical, service industry. Some of them will have children who need to use machines for education but a lot won't. So I would assert that, given the most people don't have school age children and most people don't have jobs that encourage them to bring work home, the set of people who need a spreadsheet at home is substantially under 50%. Word processing, same argument. So a web / email / digital camera / games appliance does for most of the population.
``The Nyquist rate of 2 samples / hz is under ideal DAC and ADC.''
On replay, that's a non-issue: the signal is upsampled to a much higher frequency, then brick-wall filtered in the digital domain (which can emulate an ideal filter). Rather than needing the 36dB/octave filter of very early CD players the output can just be rolled off gently at a few dB per octave. On the record side, most recordings are now done at 96KHz and again dropped down in the digital domain.
By contrast, your beloved analogue sources will have been processed with analogue filters (you can have the frequency domain or the time domain approximate the ideal, but not both) to provide Dolby noise reduction, NAB or similar eq onto tape (record and replay, best hope they match), then RIAA encoding onto the vinyl and then off again (again, best hope they match). To get worried about the time domain distortion of the filtration to limit the CD's signal to 22.05Hz seems a bit mote and beam...
``vinyl wins the race for me. This is a music storage technology where playback can be achieved with no electricity''
I call bullshit. I don't believe there's any credible mechanism for playing 33pm or 45rpm microgroove records without electricity. 78s and wax cylinders rely on massive deflections of a fast moving needle and sub-telephone bandwidth. I don't see how that's possible with 45s or 33s, or, indeed, most 78s produced after the advent of the moving magnet pickup.
A while ago I received a lecture from a friend with a zillion pounds worth of NAIM equipment on the `fact' that Radio 3 was the last great analogue source, via his zillion pound NAIM tuner. Listen to a live concert on Radio 3, he said, and bypass all that hideous digital nonsense. I was expected to revere the great god analogue at 1930 every evening. DAB was the second coming of the devil, of course.
I honestly didn't have the heart to point out that since the late eighties all BBC transmission between transmitter sites has been done with NICAM, which is a 12-bit x 32KHz sampling digital protocol (with some nifty stuff compansion so that it approximates 14 bits). So unless you've got an aerial pointed at one of the London transmitters for a concert in a BBC building, and probably not even then, you're getting an analogue version of a fairly low bit rate digital transcription. So all the things he could `hear' in the `analogue' signal which showed how much better it was than `digital' were figments of his imagination.
In the UK, and it's similar in most of Europe, we have the Sale of Goods Act. If a business sells things, it is responsible for those things being of merchantable quality. If they're not, it's the vendor's problem. Yes, he will then back that responsibility off to the manufacturer or the wholesaler, but the issue is his problem. I'm constantly astounded by the shambles the US gets into because so far as I can tell the retailer adds precisely no value: if he sells stuff that doesn't work, he can just wave his hands and pass the problem off to the manufacturer.
If I buy something and it doesn't work, I take it back to the store and they replace it or repair it. They can then take it up with the manufacturer, or not: I don't care. Repair is a high-stakes game, because if trading standards believe that they're doing it to delay, or that the failure was unreasonable, they vendor has a problem. SoGA protection is a movable feast, but applies for at least a year.
(because you don't worry about stranger kidnappings as much as car accidents
If you're worried about harm to your children, it's cars, stairs and hot liquids, not necessarily in that order. Everything else is in the noise floor. If you're worried about sexual abuse of your children, tell your ex-wife to stop leaving your pubescent daughter with her boyfriend: everything else is in the noise floor. Etc.
I'm in the fortunate position of having been in the IT trade for over twenty years and never having used a Windows machine for more than half an hour at a time, so my opinion doesn't count for much. But I run the IT for ~1200 employee company, and when XP shipped we had a path beaten to our desks by people demanding XP now, and when for the first few months we re-installed new hardware with Windows 2000 there were threats of violence. I've heard nothing at all from users wanting Vista, and our policy of installing XP SP2 on newly purchased laptops barely evokes comment. Out of the office, in my guise as the go-to guy from friends and family, I've not heard Vista mentioned.
On the other hand, both my parents and my in-laws, all in their 70s, have bought four Macs between them, and in the office I've now got a list of people who wants Macs officially supported along with the unofficial ones that have crept in. With a team of three plus two on the helpdesk support SuSE, CentOS, Solaris and Windows is tough enough, but with Macs on my desk and that of one of my team we ought to give it a go. IMAP, SMTP, Office, a compliant web browser and the Oracle Collaboration Suite client is pretty much the baseline, and it's all there...
``The Brits used to do it with the French resistance on the darned public radio frequencies, right under the Germans' noses. ''
It worked well, and had some interesting advantages. One benefit was it provided a means for a resistance worker to partially confirm that someone claiming to speak for British intelligence really was: the latter said ``give me a sentence, any sentence, and I'll arrange to have it broadcast by the BBC''. It didn't work as well as it should because SOE were very careless and/or stupid about paying attention to duress markers in cipher traffic, but that undermined a lot of their work.
But the Germans helped by being pretty dense. Under interrogation, a resistance worker actually told the Germans of the meaning of ``Les sanglots longs des violons de l'automne'' (invasion within 48 hours) and ``Bercent mon coeur d'une langueur monotone'' for one group in Orleans. But for reasonable and unreasonable reasons, it was ignored. But then, that's the story of German counter-intelligence all over.
``Compared to the UK? I don't think so...
We had about 10 major transmitter sites each with 3 analog transmitters that were converted to a single digital multiplex overnight.''
Look at this list: http://www.wolfbane.com/uktv.htm. 1200 sites. A glance at a map might show you the difference in the ``hills'' as we call them. egrep -i ' ll|dd ' shows 41 sites: you might like to think why.
Ah, the ``the Dutch can, so why can't everyone?'' argument at its finest. One of the major problems with TV transmission in the UK and the US is terrain, notably hills and mountains. The UK city I live in has more than two hundred feet of height variation in its canals alone, and we have these things called mountains whose populations still need service. Apart from Norfolk, most of the UK has hills. Most of the Netherlands is/are (oh, those grammar uncertainties) flat. Very flat indeed. Makes TV transmission planning, railway building and cycling a lot easier, unless you live in Vaalserberg .
Slashdot Mirror
How do you demonstrate that at the end of the election you aren't going to join the tables together and print a list of who voted for whom?
But it isn't my money: it's the bank's. If they install a system that leaks money, they have an incentive to fix it (money). If they install a system that leaks money against my name, legislation is in place (although not as strong as it should be) to pass the risk back to the bank. In a voting system, the people operating the election have no incentive to fix anything.
Moreover, an ATM is designed to tie you to the transaction as clearly as possible; a voting machine is the precise opposite.
ian
I've just got a lump of space on a whitebox PC (mirrored disks with ZFS on Solaris 10, but others will prefer Linux) served up with the Apache WebDAV module (which ships with Solaris). Were I really paranoid I'd create a zone to run the web server in, but as things stand it's not running as root and I'm reasonably comfortable with the security as it stands. The authentication is standard Apache, but I've forced all access to the directory to be via https to avoid sniffing (the data centre is actually a University CS department machine room). Access from Mac is standard OSX stuff (just sue the Finder to map https://.../ from Windows is Web Folders (again, https works) and from LInux is davfs2. Solaris is a little trickier...
Now I can lash some of that together with Google Apps and/or .Mac and/or Amazon S3, and indeed I have done that. I have a private WebDAV server in a data centre which I back up to S3, and I mount that WebDav'd directory on each of the machines I use (your company security policy may, and probably does,. vary). I run an IMAP server on it, a Squirelmail interface for when I need it, and I outsource the calendaring to Google. But it's a bunch of hacks. Back to Mac or whatever it's called is sort of tempting, but is a bit Mac-specific and will probably struggle over ADSL upstream bandwidth from home.
If there were a service which provided a desktop, accessible from a web page in the manner of Citrix Remote Access Gateway, from a thin client which contained no state, a large market of people who need computing but don't need games would be prime targets.
My iPod's full of LAME encoded MP3s and is managed with a self-written SQL database that backends with GNUPod. Hard to see how that's weird formats, although I'll accept weird software... ian
The Consumer Credit Act 1974, section 75, makes credit card companies jointly liable for the supply of goods and services for purchases between £100 and £30K. Purchasing goods on a debit card is a mugs' game, because a credit card company is jointly liable under the Sale of Goods Act if the actual vendor goes bankrupt.
There's a theory that debit cards linked to accounts with overdraft facilities might fall into the ambit of the CCA. Do you want to be a test case? I thought not.
ian
The big four have decent procedures, and the failures are individual branches. Reprehensible, yes, and a problem for the consumer, yes, but fixable by enforcement. Nationwide got clobbered because they didn't have the processes in place: even if you followed the rulebook to the letter, it still wouldn't be good enough. Fixing those sorts of things is harder.
In that case, the benefit of open review (that, just possibly, someone in the small pool of non-spook cryptographers who know what they're doing might find a flaw) is far less than the downside (that your opponents get to see what a modern code system looks like). The lowdown on a modern close-world cipher system would reveal attacks they are defending against, give a good impression of their real capabilities and so on. Yes, in a real shooting war, the spooks have to allow for their crypto systems falling into the wrong hands. But in the current climate, the tactical stuff will be exposed, but the strategic stuff can be closed algorithms and closed keys: what's not to like?
This reminds us all of the S Box hoo-hah, where elaborate theories were put forward by open community `experts' about the `flaws' in the S Boxes in DES. It turned out, of course, that they were optimal against an attack that wasn't even public, and close to optimal against other attacks that (allegedly) weren't known to anyone. I'd take a cipher system that the NSA or GCHQ approves for government use over anything advocated outside the wire., simply because the chances of an intentional weakness in the former are far smaller than the chances of an accidental weakness in the latter.
We went through all this is the discussion about the S Boxes
I know from personal contacts that this woke the banks up pretty sharply (Nationwide are small and were the first: the FSA have told the big four that they'll get far fiercer treatment). In practice the big four have been quite careful, and have tended to use fairly good encryption: it's no accident that the former building societies have found things harder (see also, in an unrelated area, Northern Rock). But the threat of eight-figure fines (the numbers I've heard bandied around) make it a simple business case to do things properly.
ian
ian
I was in the CS department at Birmingham 1983--1988, so used Multics pretty much throughout (and as a CS undergraduate I got essentially enough resources that I didn't need to worry about resources, unlike less-favoured departments: I think I got $20/day in the first year and $50/day thereafter, while other departments got about $2/day). The joy was the emacs implementation, which was a thing of beauty and in many ways better that GNU emacs is today.
Someone once told me that you can tell how far you are from the earthquake zones in Silicon Valley by the nature of the taps (faucets for Americans). If they're automatic, ie require mains power, you're out of the earthquake zone. Inside the zone, they have to be manual so you can still get water out of the pipes with the power off. Certainly I noticed that the faucets are automatic at the cinema at Great America Parkway down in Santa Clara, but manual in the Stanford Shopping Centre...
ian
By contrast, your beloved analogue sources will have been processed with analogue filters (you can have the frequency domain or the time domain approximate the ideal, but not both) to provide Dolby noise reduction, NAB or similar eq onto tape (record and replay, best hope they match), then RIAA encoding onto the vinyl and then off again (again, best hope they match). To get worried about the time domain distortion of the filtration to limit the CD's signal to 22.05Hz seems a bit mote and beam...
ian
``vinyl wins the race for me. This is a music storage technology where playback can be achieved with no electricity'' I call bullshit. I don't believe there's any credible mechanism for playing 33pm or 45rpm microgroove records without electricity. 78s and wax cylinders rely on massive deflections of a fast moving needle and sub-telephone bandwidth. I don't see how that's possible with 45s or 33s, or, indeed, most 78s produced after the advent of the moving magnet pickup.
I honestly didn't have the heart to point out that since the late eighties all BBC transmission between transmitter sites has been done with NICAM, which is a 12-bit x 32KHz sampling digital protocol (with some nifty stuff compansion so that it approximates 14 bits). So unless you've got an aerial pointed at one of the London transmitters for a concert in a BBC building, and probably not even then, you're getting an analogue version of a fairly low bit rate digital transcription. So all the things he could `hear' in the `analogue' signal which showed how much better it was than `digital' were figments of his imagination.
ian
If I buy something and it doesn't work, I take it back to the store and they replace it or repair it. They can then take it up with the manufacturer, or not: I don't care. Repair is a high-stakes game, because if trading standards believe that they're doing it to delay, or that the failure was unreasonable, they vendor has a problem. SoGA protection is a movable feast, but applies for at least a year.
On the other hand, both my parents and my in-laws, all in their 70s, have bought four Macs between them, and in the office I've now got a list of people who wants Macs officially supported along with the unofficial ones that have crept in. With a team of three plus two on the helpdesk support SuSE, CentOS, Solaris and Windows is tough enough, but with Macs on my desk and that of one of my team we ought to give it a go. IMAP, SMTP, Office, a compliant web browser and the Oracle Collaboration Suite client is pretty much the baseline, and it's all there...
ian
It worked well, and had some interesting advantages. One benefit was it provided a means for a resistance worker to partially confirm that someone claiming to speak for British intelligence really was: the latter said ``give me a sentence, any sentence, and I'll arrange to have it broadcast by the BBC''. It didn't work as well as it should because SOE were very careless and/or stupid about paying attention to duress markers in cipher traffic, but that undermined a lot of their work.
But the Germans helped by being pretty dense. Under interrogation, a resistance worker actually told the Germans of the meaning of ``Les sanglots longs des violons de l'automne'' (invasion within 48 hours) and ``Bercent mon coeur d'une langueur monotone'' for one group in Orleans. But for reasonable and unreasonable reasons, it was ignored. But then, that's the story of German counter-intelligence all over.
``Compared to the UK? I don't think so... We had about 10 major transmitter sites each with 3 analog transmitters that were converted to a single digital multiplex overnight.'' Look at this list: http://www.wolfbane.com/uktv.htm. 1200 sites. A glance at a map might show you the difference in the ``hills'' as we call them. egrep -i ' ll|dd ' shows 41 sites: you might like to think why.
Ah, the ``the Dutch can, so why can't everyone?'' argument at its finest. One of the major problems with TV transmission in the UK and the US is terrain, notably hills and mountains. The UK city I live in has more than two hundred feet of height variation in its canals alone, and we have these things called mountains whose populations still need service. Apart from Norfolk, most of the UK has hills. Most of the Netherlands is/are (oh, those grammar uncertainties) flat. Very flat indeed. Makes TV transmission planning, railway building and cycling a lot easier, unless you live in Vaalserberg .