Haven't looked at the script, but I know that some iTunes pages are HTTP/SSL encrypted with a fixed AES key. If this script requires those pages, it must be "circumventing" that encryption, hence DMCA problems. Of course, it's possible that they're not using encrypted pages...
Now I don't think monopolies are a good idea in the general case, however AT&T's results were at least halfway decent.
Yet at the same time, daytime Long Distance cost over a dollar a minute from NY to California. Phones and telephone equipment had to be rented from the phone company, so technological development in many areas (faxes, answering systems, business telephony) came at a snail's pace. Also, if you think DSL rollout was slow and overpriced under the Baby Bells, just imagine what it would have been like under Ma Bell. All things have their price, and this was a high one.
Furthermore, AT&T had their problems as well. On at least one occasion, they had massive network failures due to a combination of-- guess what-- human error and software failure.
The New Republic. Isn't that the same magazine that employed Stephen Glass?
For those of you who don't know the story, Glass was busted for making up dozens of stories out of whole cloth. The story that finally broke the camel's back was one he made up about a (ficitonal) teenage hacker who held a large (fictional) technology corporation hostage. He invented hacker conventions and fictional US infosec laws to back all of this up. Nobody at TNR figured any of this out-- it took an investigation by another magazine to bring the ridiculousness of this to anyone's attention.
As Glass got more desperate, he manufactured fake web pages (in the AOL members section) for the corporation. Still, nobody at TNR realized this was bullshit, because they apparently didn't know a whole lot about how this Internet thing worked.
Unfair of me to hold this against them? Maybe. But TNR is going to have to do a lot to demonstrate that they're "with it" on technology issues before that kind of ineptitude is forgotten.
At least with paperless voting you need something more sofisticated and educated that a horde of gorillas that can barely read and write their names
Yeah, you need a dozen educated, trained hackers who know how the system works. This might raise the cost of rigging an election somewhat, or who knows-- it might actually be a savings.
The best part is, when you burn down a polling place, you effectively let people know that the election is crooked. There's no such assurance with E-Voting.
I have naked DSL from Verizon. I thought this would be a slam dunk with Vonage (better overall rates, keep my old area code, etc.). But Verizon's service seems to include a great deal of latency and packet loss that makes VoIP not so much fun to use. I never had these problems with my Time Warner Cable Modem. It makes me wonder if the Telecoms are deliberately providing this slightly degraded service, knowing that it won't affect most Internet usage (web, email), but will hose their IP-based telephony competitors.
This is a very old idea. Not that you should be ashamed for thinking it up. There are similar solutions for almost every vulnerable Internet protocol (DNS, BPG, etc.) People don't implement them because they have high cryptographic overhead and require major infrastructure changes (including the addition of a PKI.)
Incidentally, a better solution might use Identity Based Encryption. Still has many of the same problems, but it's a tiny bit more elegant.
How much does an Indian college education cost the typical student? Is it government subsidized, or are students expected to pick up the entire cost? And how does that cost compare to the average yearly salary of a college-educated technology worker (ie, how long does it take you to pay of college debt?)
There is no real solution for the plain, old-fashioned Denial of Service attack. Not to mention the many more elaborate versions of this scheme. And that's the real problem with any voting system that uses the Internet.
But conservatives came out of the woodwork, claiming the "smart card" could become a national I.D. card, containing all kinds of information that could be misused by authorities. The bill quickly died.
So am I supposed to conclude that the real threat to our liberties is from the liberals? Is this a spin job or have I been confused?
There is a faction of the conservative right that really does value civil liberties, and wants to see things like P.A.T.R.I.O.T. repealed. Unfortunately, these are not the conservatives who currently control the White House, or the Republican Party leadership of Congress.
If these pro-civil-liberties conservatives find a way to wrestle control of the Republican party away from the current leaders, it will be a different story. Unfortunately, Bush's statements during his State of the Union address (in which he agitated that the act be extended, to loud applause from the Republican side Congress) indicate that this isn't happening yet.
So even if there are "some conservatives" who oppose the thing, they're currently powerless to actually do anything about it. The Democratic candidates are the only people running for office who have advocated limiting and/or repealing the act.
This shouldn't be soft-pedaled. Given Bush's unequivocal statements in front of Congress last week, it's safe to say that shoud Bush win re-election, and/or the current Republican party maintains control of Congress, we will see an extension/expansion of the act. If the Democrats win, it's much less likely.
What, no mention of who sponsored the panel? With what governmental body (UN, etc.) or special interest group
Who says any of the above? Scientists form panels all the time; they even have conferences together. It's part of the process. This isn't Microsoft paying for a favorable a research study, it's a bunch of world-renowned experts getting together and making their opinions known.
the propaganda that was mixed in is old and tired.
Maybe you've heard it a lot because... a lot of well-informed scientists agree on it?
Yes, voting. That will work wonders. You realistically have the choice of poeple who voted and/or supported the Patriot Act (Kerry, Dean, Edwards, Leiberman, i.e. the entire Democratic field) *OR* the guy that actually signed the shit into law, Mr. G.W. Bush. Whutta choice.:/
Most of the Democratic candidates havespokenout vocally against extending the P.A.T.R.I.O.T. act. To contrast, George W. Bush recently advocated not only extending, but expanding the damn thing-- in his State of the Union speech, no less. (The applause you heard when he said "the PATRIOT act is due to expire soon" was not coming from the pro-Bush side of the room.)
If you believe there is no significant difference between the candidates on this issue, you're just plain nuts. I'm sorry your favorite candidate isn't in the race anymore, but if you keep equivocating and misrepresenting the situation, you're only going to be rewarded with PATRIOT Acts II, III, IV and V.
However, if the population of Niue falls too low (due to migration here) then the population of Niue would be better served as being NZ citizens with the rights & privileges that go with that so that we can provide services to the resident population more cheaply.
According to the CIA World Factbook, Niueans already enjoy New Zealand citizenship, with all the rights and privileges, etc. Should this development come to pass, they will not gain anything; they'll simply lose their sovereignty.
I'm not sure exactly what the current plan is, and how it will save money, unless the NZ gov't physically removes these individuals from their island. I suppose dismantling the gov't apparatus could save some money, but probably not that much.
So we're talking about the smallest "independent" country in the world, but they are not quite so independent that they don't take aid from New Zealand... I don't have free wireless internet access, why in the world should I pay extra to give it to a bunch of people who can't take care of themsleves just because they want it?
I don't know much about this history of that part of the world, but I doubt New Zealand is somehow being shaken down by the island of Niue. I imagine instead that New Zealand probably has some moral or political reason for allowing the island to remain independent and for supporting them financially.
From what I can find on the web, the native population has suffered a fairly steep loss of population since they were first contacted by Europeans, mainly due to disease, etc. They lost control of their island until sometime and were annexed by New Zealand. This story certainly isn't unique, but perhaps the New Zealand government felt that it owed these people something for all of that; independence, and perhaps enough cash to stay alive. Maybe even wireless Internet.
Hundreds of people have their lives destroyed by a cyclone, and Slashdot reports it as a wireless Internet outage. Tsk.
Yes. Of course, had it not been reported as a tech story, you wouldn't have heard about it on Slashdot at all, this being a site for technical news. Because the poster chose to spin it this way, you now know about it... at least enough to make a snary comment.
Equating the gov't trying to stop the illegal actions of mobsters and drug dealers with a police state is pointless hyperbole.
Why don't you go through some of the records of COINTELPRO? The reason we have so many of the restrictions we do (many of which are being undone by P.A.T.R.I.O.T.) is because our government has been caught-- relatively recently-- abusing its powers, and using them to spy on political dissenters.
The recent craziness regarding terrorist attacks has undone a lot of the protections that we've come to take for granted in the past couple of decades. We have to deal with the fact that freedom of speech and conscience are always going to be at risk, as long as we're willing to be careless about protecting them.
Re:Encryption ain't it all tapped out to be...
on
Feds Want to Tap VoIP
·
· Score: 1
However, this is the US government-with tons of money to throw around...they'll find ways around encryption.
Leaving aside the fact that most commercial products that use "encryption" either use ridiculous, sad algorithms, or misuse relatively secure ones (WEP/RC4)... Let's assume that the NSA or some ultra-secret 3-letter agency does have attacks against a number of ciphers that are generally considered to be "secure". Do you really think they're going to share the fact that they have this capability for anything less than a matter of urgent national security?
With a very few national-security related exceptions (building a dirty bomb, etc.), any criminal or Slashdotter can be fairly certain that the plebes at the FBI are about as likely to crack AES/3DES/RSA encoded messages as I am. Even if the NSA does know how to crack those ciphers, they're not going to risk exposing that capability for anything less than the most urgent matter of national security-- and even then, I wouldn't count on it.
Don't you get an untappable phone? Feds would have to ban routing voice traffic through a VPN in order to stop that.
Well, yes. This is exactly what they will begin to do, if the "problem" becomes serious enough. Key escrow schemes have been proposed before; they'll be proposed again. We enjoy a certain amount of anonymity because the Internet's still a bit like the wild west. It won't last forever.
If they don't correlate, then how will you know whether the printed ballots are more trustworthy than the electronic versions?
The paper ballots should always be treated as the gold standard. The ballot box can be observed by any number of people; the electronic system cannot. The electronic voting system can also add cryptographic signatures or other safeguards to make it harder to stuff ballots. As a result, you actually wind up with a system that's better than the sum of its parts.
Personally, I think we should just use optical scan systems. They're perfectly accurate, and a whole lot simpler.
What's so frickin hard about having a little plexisglass window, showing the paper that was just printed on?
That'd be fine, if the little plexiglass window couldn't possibly show you other people's votes. The truth is, I think it'd be easier to print ballots on card stock using an inkjet than to deal with those rolls of paper.
75 year old election volunteers are more capable of loading a paper tray than a cash-register style paper access. You ever see the nightmare of some under-trained cashier trying to get the cash register working again with a line of twenty waiting?
An angry and restless population is totally healthy for democracy because at least they're paying attention and attempting to have some influence on the government.
It's an indifferent and estranged population that's unhealthy for democracy.
On the contrary. An angry and restless population is not a good thing when that population believes they have no way to influence the government democratically. Then you either get people acting out violently, or giving up on government altogether and becoming apathetic and angry. It's not like either of these things are unheard of in our country.
But some people that seem to think that the manufacturer of voting machines is going to intentionally write code to conduct election fraud are insane.
My concern is that the manufacturer will write cheap, buggy, and potentially exploitable code. This is, in fact, precisely the case with the current generation of machines-- the SAIC has deemed them "at high risk of compromise". The SAIC is no paranoid slashdot conspiracist.
People have shown amazing resourcefulness at rigging elections in the past. Why should we even take the chance that it will happen when it's so easily avoided? And saying "well, there are other ways that fraud could be undertaken" does not justify adding new holes.
Any malicious hack would also ensure that the "vote" wouldn't be close enough.
Exactly. That's what the 2% random recount plans specified in various pieces of legislation attempt to address. Only if the breakdown of the random sample is very different from the final outcome, then it would trigger a full recount-- unless the final count was so close that this method would be insufficient to detect fraud. In that case, a full recount would always be mandatory.
What people often fail to understand is that voting systems have two purposes. One, to determine the winner of the election. Two, to convince the losing side that they really did lose fair and square.
If you acheive the first goal, but fail to address the second, you create an increasingly angry and restless population, and that's unhealthy for any democracy. A lesson many politicians seem to have taken from the Florida debacle is that most people will "get over it", and go back to driving their SUVs and watching TV. So far they've been right about this. Unfortunately, that only works if we're talking about an isolated incident; if people begin to develop even the impression that they're being repeatedly screwed, our society will suffer.
Voting machine records the vote electronically and also prints the vote on paper (maybe in like a scantron type format so it can be easily recounted)
Done?
Not done. You still have no idea whether the version recorded on some internal paper spool is actually what you voted for on the screen. If there's a bug, or a malicious hack that can screw up the all-electronic process, then it's equally likely that there's a bug that'll also mess with what goes on the paper.
Ultimately, you need a machine that prints out a paper ballot that can then be verified by the voter and deposited in a ballot box. This box needs to be at least partially recounted (2%, perhaps) before any result can be certified. If the outcome of the electronic vote is very close, the entire set of paper ballots needs to be recounted.
Slashdot Mirror
Haven't looked at the script, but I know that some iTunes pages are HTTP/SSL encrypted with a fixed AES key. If this script requires those pages, it must be "circumventing" that encryption, hence DMCA problems. Of course, it's possible that they're not using encrypted pages...
Yet at the same time, daytime Long Distance cost over a dollar a minute from NY to California. Phones and telephone equipment had to be rented from the phone company, so technological development in many areas (faxes, answering systems, business telephony) came at a snail's pace. Also, if you think DSL rollout was slow and overpriced under the Baby Bells, just imagine what it would have been like under Ma Bell. All things have their price, and this was a high one.
Furthermore, AT&T had their problems as well. On at least one occasion, they had massive network failures due to a combination of-- guess what-- human error and software failure.
For those of you who don't know the story, Glass was busted for making up dozens of stories out of whole cloth. The story that finally broke the camel's back was one he made up about a (ficitonal) teenage hacker who held a large (fictional) technology corporation hostage. He invented hacker conventions and fictional US infosec laws to back all of this up. Nobody at TNR figured any of this out-- it took an investigation by another magazine to bring the ridiculousness of this to anyone's attention.
As Glass got more desperate, he manufactured fake web pages (in the AOL members section) for the corporation. Still, nobody at TNR realized this was bullshit, because they apparently didn't know a whole lot about how this Internet thing worked.
Unfair of me to hold this against them? Maybe. But TNR is going to have to do a lot to demonstrate that they're "with it" on technology issues before that kind of ineptitude is forgotten.
Yeah, you need a dozen educated, trained hackers who know how the system works. This might raise the cost of rigging an election somewhat, or who knows-- it might actually be a savings.
The best part is, when you burn down a polling place, you effectively let people know that the election is crooked. There's no such assurance with E-Voting.
I have naked DSL from Verizon. I thought this would be a slam dunk with Vonage (better overall rates, keep my old area code, etc.). But Verizon's service seems to include a great deal of latency and packet loss that makes VoIP not so much fun to use. I never had these problems with my Time Warner Cable Modem. It makes me wonder if the Telecoms are deliberately providing this slightly degraded service, knowing that it won't affect most Internet usage (web, email), but will hose their IP-based telephony competitors.
BPG = BGP, by the way. Gotta preview more.
Incidentally, a better solution might use Identity Based Encryption. Still has many of the same problems, but it's a tiny bit more elegant.
How much does an Indian college education cost the typical student? Is it government subsidized, or are students expected to pick up the entire cost? And how does that cost compare to the average yearly salary of a college-educated technology worker (ie, how long does it take you to pay of college debt?)
There is no real solution for the plain, old-fashioned Denial of Service attack. Not to mention the many more elaborate versions of this scheme. And that's the real problem with any voting system that uses the Internet.
There is a faction of the conservative right that really does value civil liberties, and wants to see things like P.A.T.R.I.O.T. repealed. Unfortunately, these are not the conservatives who currently control the White House, or the Republican Party leadership of Congress.
If these pro-civil-liberties conservatives find a way to wrestle control of the Republican party away from the current leaders, it will be a different story. Unfortunately, Bush's statements during his State of the Union address (in which he agitated that the act be extended, to loud applause from the Republican side Congress) indicate that this isn't happening yet.
So even if there are "some conservatives" who oppose the thing, they're currently powerless to actually do anything about it. The Democratic candidates are the only people running for office who have advocated limiting and/or repealing the act.
This shouldn't be soft-pedaled. Given Bush's unequivocal statements in front of Congress last week, it's safe to say that shoud Bush win re-election, and/or the current Republican party maintains control of Congress, we will see an extension/expansion of the act. If the Democrats win, it's much less likely.
Who says any of the above? Scientists form panels all the time; they even have conferences together. It's part of the process. This isn't Microsoft paying for a favorable a research study, it's a bunch of world-renowned experts getting together and making their opinions known.
the propaganda that was mixed in is old and tired.
Maybe you've heard it a lot because... a lot of well-informed scientists agree on it?
Most of the Democratic candidates have spoken out vocally against extending the P.A.T.R.I.O.T. act. To contrast, George W. Bush recently advocated not only extending, but expanding the damn thing-- in his State of the Union speech, no less. (The applause you heard when he said "the PATRIOT act is due to expire soon" was not coming from the pro-Bush side of the room.)
If you believe there is no significant difference between the candidates on this issue, you're just plain nuts. I'm sorry your favorite candidate isn't in the race anymore, but if you keep equivocating and misrepresenting the situation, you're only going to be rewarded with PATRIOT Acts II, III, IV and V.
According to the CIA World Factbook, Niueans already enjoy New Zealand citizenship, with all the rights and privileges, etc. Should this development come to pass, they will not gain anything; they'll simply lose their sovereignty.
I'm not sure exactly what the current plan is, and how it will save money, unless the NZ gov't physically removes these individuals from their island. I suppose dismantling the gov't apparatus could save some money, but probably not that much.
I don't know much about this history of that part of the world, but I doubt New Zealand is somehow being shaken down by the island of Niue. I imagine instead that New Zealand probably has some moral or political reason for allowing the island to remain independent and for supporting them financially.
From what I can find on the web, the native population has suffered a fairly steep loss of population since they were first contacted by Europeans, mainly due to disease, etc. They lost control of their island until sometime and were annexed by New Zealand. This story certainly isn't unique, but perhaps the New Zealand government felt that it owed these people something for all of that; independence, and perhaps enough cash to stay alive. Maybe even wireless Internet.
Yes. Of course, had it not been reported as a tech story, you wouldn't have heard about it on Slashdot at all, this being a site for technical news. Because the poster chose to spin it this way, you now know about it... at least enough to make a snary comment.
Why don't you go through some of the records of COINTELPRO? The reason we have so many of the restrictions we do (many of which are being undone by P.A.T.R.I.O.T.) is because our government has been caught-- relatively recently-- abusing its powers, and using them to spy on political dissenters.
The recent craziness regarding terrorist attacks has undone a lot of the protections that we've come to take for granted in the past couple of decades. We have to deal with the fact that freedom of speech and conscience are always going to be at risk, as long as we're willing to be careless about protecting them.
Leaving aside the fact that most commercial products that use "encryption" either use ridiculous, sad algorithms, or misuse relatively secure ones (WEP/RC4)... Let's assume that the NSA or some ultra-secret 3-letter agency does have attacks against a number of ciphers that are generally considered to be "secure". Do you really think they're going to share the fact that they have this capability for anything less than a matter of urgent national security?
With a very few national-security related exceptions (building a dirty bomb, etc.), any criminal or Slashdotter can be fairly certain that the plebes at the FBI are about as likely to crack AES/3DES/RSA encoded messages as I am. Even if the NSA does know how to crack those ciphers, they're not going to risk exposing that capability for anything less than the most urgent matter of national security-- and even then, I wouldn't count on it.
Well, yes. This is exactly what they will begin to do, if the "problem" becomes serious enough. Key escrow schemes have been proposed before; they'll be proposed again. We enjoy a certain amount of anonymity because the Internet's still a bit like the wild west. It won't last forever.
The paper ballots should always be treated as the gold standard. The ballot box can be observed by any number of people; the electronic system cannot. The electronic voting system can also add cryptographic signatures or other safeguards to make it harder to stuff ballots. As a result, you actually wind up with a system that's better than the sum of its parts.
Personally, I think we should just use optical scan systems. They're perfectly accurate, and a whole lot simpler.
That'd be fine, if the little plexiglass window couldn't possibly show you other people's votes. The truth is, I think it'd be easier to print ballots on card stock using an inkjet than to deal with those rolls of paper.
75 year old election volunteers are more capable of loading a paper tray than a cash-register style paper access. You ever see the nightmare of some under-trained cashier trying to get the cash register working again with a line of twenty waiting?
On the contrary. An angry and restless population is not a good thing when that population believes they have no way to influence the government democratically. Then you either get people acting out violently, or giving up on government altogether and becoming apathetic and angry. It's not like either of these things are unheard of in our country.
My concern is that the manufacturer will write cheap, buggy, and potentially exploitable code. This is, in fact, precisely the case with the current generation of machines-- the SAIC has deemed them "at high risk of compromise". The SAIC is no paranoid slashdot conspiracist.
People have shown amazing resourcefulness at rigging elections in the past. Why should we even take the chance that it will happen when it's so easily avoided? And saying "well, there are other ways that fraud could be undertaken" does not justify adding new holes.
Exactly. That's what the 2% random recount plans specified in various pieces of legislation attempt to address. Only if the breakdown of the random sample is very different from the final outcome, then it would trigger a full recount-- unless the final count was so close that this method would be insufficient to detect fraud. In that case, a full recount would always be mandatory.
Optical scanning is looking better and better.
If you acheive the first goal, but fail to address the second, you create an increasingly angry and restless population, and that's unhealthy for any democracy. A lesson many politicians seem to have taken from the Florida debacle is that most people will "get over it", and go back to driving their SUVs and watching TV. So far they've been right about this. Unfortunately, that only works if we're talking about an isolated incident; if people begin to develop even the impression that they're being repeatedly screwed, our society will suffer.
Not done. You still have no idea whether the version recorded on some internal paper spool is actually what you voted for on the screen. If there's a bug, or a malicious hack that can screw up the all-electronic process, then it's equally likely that there's a bug that'll also mess with what goes on the paper.
Ultimately, you need a machine that prints out a paper ballot that can then be verified by the voter and deposited in a ballot box. This box needs to be at least partially recounted (2%, perhaps) before any result can be certified. If the outcome of the electronic vote is very close, the entire set of paper ballots needs to be recounted.