Leaving aside the fact that TicketMaster is evil, this is a good thing if it ever happens. First is that as a buyer, my confidence that I'll get the goods I'm paying for rises. Second, the people who put on the event get more money, and as a result might be more interested in more showings of the event, putting the event in a bigger venue (or building a bigger venue). Another submitter noted that Ticketmaster sells tickets for most NHL teams. Most NHL teams are in financial trouble. This will increase the revenues and put the league in better shape.
I'm not sure what the laws say right now, back in the 80's the US, UK and Australian governments classified encryption algorithims as armaments (weapons), exporting encryption technology was very tightly controlled by all three countries.
The export control rules for USA exports of crypto have been all but
eliminated (done in the last year of the Clinton Administration). To export open source crypto from a web site, you just email the
Feds telling them you are doing that. To sell binaries, you apply for
a retail designation of your software, and can export with virtual impunity.
Most or all OECD nations have followed suit.
They are simply asking to give the police the power to force you to submit keys on request.
Like the UK government, you apparently don't understand what
perfect forward security is. Or the UK government knows, and
plans to ban data communications systems that use perfect forward security (PFS).
Well let's say I've got a long running IPsec session going. The
first session key, derived from my secret key, was established 3 days ago.
By now I'm on my N'th secret key.
Today the UK police give my ISP or employer a supoena for my desktops
IPsec key. The
boss says "sure, here it is." The police packet sniff my IP traffic and find that
they can't do anything with it because they don't know my session key,
and don't have the full 3 days of traffic to derive all N session keys
(perfect forward security and all that). If the UK government could
hack into my desktop or hack into the destination of of my IP
traffic, they could decrypt current and future traffic, but if I'm
smart enough I'll be able to detect that. So if PFS is not banned,
the UK government will require every system to have an undetectable
back door.
Except that the criminals will use open or free source, and remove
the back doors. When safe cryto is made unlawful, only the unlawful
will have access to safe crypto.
They're talking about private keys (as in the private half of the public/private key pair in public key cryptography), not private keys (as in the only key in private key cryptography).
No you are wrong.
There was a period of time when the Clinton Administration allowed export
of software (only to the USA's allies) that encrypted data over the network provided it had support
for key escrow. Someone in my employer's company had the idea that, "gee,
Kerberos Key Distribution Centers keep each user's key in a data base, in the clear.
Why not propose that, unchanged, as a Key Escrow System to the NSA? Law enforcement
can obtain a warrant to get a user's private key per the policy
of the Clinton Administration.".
So I
did just that. The NSA's response: not good enough because they need to be
able to descrypt arbitrary sessions, which means they needed a centralized place
in a modified Kerberos system to record each session key, and BTW, have vendor
supplied tools for making this really easy. As vendors we were unwilling to do
all that because it would severely weaken the strength of the system. So
we told the NSA, thanks, but no thanks.
The UK government is either very naive, or very stupid.
> There once was a country. They were known as Germany.
That's a cute little story.
You forgot to mention that in 2009, Bush leaves
office, unlike Hitler who wasn't bothered by electoral process. Are you seriously predicting that Bush is going to go Hitler on
us and cancel the next presidential election?
So if you are really worried about the nation becoming a fascist state,
spend your energy on helping the Libertarian party win in 2008. If
you think that the Dems will be any different, keep in mind that Clinton
tried to give us the Clipper chip.
Sometimes the lab performs tests remotely, taking control of unprotected computers inside the censoring country without permission. This poses an ethical controversy, but Deibert says it's for the greater good: "We don't worry about that too much."
What if the Chinese gov't falsely accuses one
of the hackers' victims of breaking the firewall, and imprisons or executes
their victim?
It is really scary that the U. of Toronto sanctions
what would be a crime if committed against PCs in Canada. Their callous disregard
for the consequences of their actions is chilling.
As expected, the filters block very benign content.
One morning I found I couldn't access my.yahoo.com, google.com., ebay.com.
My guess is that this is because several of my co-workers had earlier
accessed these web sites and popped up a web page with an evil
keyword like "erotic". For example, someones yahoo email accout had
spam offering penis enlargement and this showed up in the my.yahoo.com
page for the user.
Now, the Labour Party says they will allow ISP customers to opt out,
that is exactly what will happen the first time well meaning parents
try to access a web page describing say a Louis Malle film.
All this will do is raise the cost of ISP services, which is consistent
with a left wing political party (but in fairness, nanny protectionism
isn't limited to the left; the Sarbanes Oxley law in the USA is one of
the worst forms of nanny protectionism [one which indirectly requires my employer
have content filters] that the right wing party has ever produced).
Judge Kollar-Kotelly's
decision makes it harder to find vulnerabilities in Windows versus open source
operating systems,
because she explicitly exempted mandatory disclosure
of APIs that would expose security holes
and also disclosure to those entities that
did not have a "reasonable business need."
Read it:
J. No provision of this Final Judgment shall:
1. Require Microsoft to document, disclose or license to third parties: (a) portions of APIs or Documentation or portions or layers of Communications Protocols the disclosure of which would compromise the security of a particular installation or group of installations of anti-piracy, anti-virus, software licensing, digital rights management, encryption or authentication systems, including without limitation, keys, authorization tokens or enforcement criteria; or (b) any API, interface or other information related to any Microsoft product if lawfully directed not to do so by a governmental agency of competent jurisdiction.
2. Prevent Microsoft from conditioning any license of any API, Documentation or Communications Protocol related to anti-piracy systems, anti-virus technologies, license enforcement mechanisms, authentication/authorization security, or third party intellectual property protection mechanisms of any Microsoft product to any person or entity on the requirement that the licensee: (a) has no history of software counterfeiting or piracy or willful violation of intellectual property rights, (b) has a reasonable business need for the API, XDocumentation or Communications Protocol for a planned or shipping product, (c) meets reasonable, objective standards established by Microsoft for certifying the authenticity and viability of its business, (d) agrees to submit, at its own expense, any computer program using such APIs, Documentation or Communication Protocols to third-party verification, approved by Microsoft, to test for and ensure verification and compliance with Microsoft specifications for use of the API or interface, which specifications shall be related to proper operation and integrity of the systems and mechanisms identified in this paragraph.
As long as you decide to use unencrypted communications you have no privacy anyway; get over it.
You think foreign countries aren't listening in on your communications?
Why should anyone on slashdot care? You guys don't know how to properly encrypt your
email, voice comms, wifi, internet traffic? Probably not... you're just a bunch of
nerd wannabees.
$75 billion / 0.3 billion people = $250 or about the cost of an ipod, 6 months
cell phone service, 3 months cable TV serice, one car payment, a week's rent, etc.
Just to make AI military applications clear, you will never see such a program acting as a substitute for human beings. At best, it will be a supplement. Because of this inherent nature in the art of war, true independent thinking and self aware will rarely be given a chance in the theater of battle. Why you ask? Simple. It's a security risk!
A human being in uniform is far more of a security risk than a military
'bot with AI. Just look at the number of court martials from the war in Iraq.
Humans make mistakes. They humiliate or at worst torture human PoWs and then
the photos get shown on CNN. Bots will
most likely kill the enemy before he has a chance to surrender. CNN doesn't seem
to mind if the enemy is efficiently and ruthlessly killed.
A military bot that can react as fast or better than a human soldier will pretty
much do to infantry warfare that iron clad ships did to naval warfare. In
the case of the latter, once it was clear an iron clad was feasible, all
the wooden ships were instantly obsolete. So it will be with the
human infantryman when the military bot is introduced.
Imagine the current Iraq conflict if the side with the all the money had
military bots. No coalition or Iraqi gov't soldiers die, whereas the
insurgents die at an even higher rate. Iraqi government officials simply
conduct their business via telepresence in similar bots. Suicide bombing
of police, soliders, and government officials becomes useless: "Today
a Belgian suicide bomber rammed her car into an Iraqi police station and destroyed 3
bots" just doesn't make page 1 of the newspaper. Bring it on.
No substitute for human beings? In case you haven't noticed, a solid majority of
Americans believes 2000 dead soliders in Iraq is about 1900 or so too many. If and
when this technology becomes viable, it won't matter what people like you or
in the Pentagon say. The public that pays taxes and
supplies cannon fodder will demand military bots to replace humans in
direct hand to hand combat. Sorry.
And if the US is foolish enough to not deploy the technology, eventually
China will (though it will be much later as a Chinese human solider costs
much much less than an American human solider, and there are far
more Chinese humans), and then at that point any Pentagon luddites still left will be irrelevant.
But, given the trend of the current US military thinking, I suspect Pentagon
generals
appreciate the benefits of an independent military bot far more than you or
I.
You might not think that when you discover that your mortgage office, which stores an obscene amount of personal info, has all of that personal information on desktop computers on an unsecured wireless network.
You have single handedly undone in my knee jerk reaction; I think your
point is well taken.
We have National Electric Code which most municipal electric codes
based their rules on. The NEC is defined by the electrical nerds.
We ought to have a National CompSec Code defined by the nerds. It appears
this county is trying to fill a cap (and will likely mess it up). This is a complex area crying for
straightforward guidelines. With generally accepted guidelines, it would
be easier for small businesses to deploy this stuff safely.
Another reply pointed out that Sarbanes Oxley covers all this. It doesn't
actually. What I've observed first hand and from reading the statute, is
that there is nothing specific in the statute, and instead, corporations
defer to third party auditors who define security policy. For example the
auditor will often insist that passwords be changed frequently (every 3
months is often preached) and that the passwords use combinations of
upper and lower case, special characters, and numbers. Thus the passwords
are difficult to remember, and by changing them frequently, the result is
less security because people write them down on sticky notes.
Incredibly, the auditors don't seem to care if passwords are going in the
clear over the network.
This is what happens when the nerds stand around and let the idiots (politicians)
make the rules. It appears the plumbers and electricians figured this
out decades ago. Our turn.
The nerds would lose control to Castro, Mugabe, and the Ayatollah,
Thanks for re-making my point for me. Is there a Latin term for "arguement by harping on the worst-case scenario?" Or will "scaremongering" do?
Which country ran the UN Human Rights Commission in 2003?
Even if the worst case scenario is crap like the ISO OSI protocol suite,
that's bad enough.
I'll take an Internet run by employees of Cisco...
Oh, good. Let's trade in national governments, which pretend to be accountable, for corporations, which don't.
You'd rather put pretenders (liars) in charge than people who admit
that profit drives their motives?
You managed to snip "CERN" from the examples I gave and left just Cisco. What shareholders own CERN? Besides which, an employee of Cisco ran IETF for many years
and co-authored RFC1984, showing that Cisco's profit motives aligned well
with the needs of the people.
Besides which you even admit governments pretend to be accountable. Cisco at
least has to competitors. Who'd love to make hay if it appeared Cisco was abusing
its influence on the Internet. I'll take corporate competition over national dictators.
Yeah, America would never try to pass legislation regulating good taste on the Internet - nothing like the Communications Decency Act or the Child Online Protection Act
Which the courts routinely overturn.
this has nothing to do with new protocols or a global firewall.
As if the Ayatollah is going let the USA retain theoretical control
of the process for producing new protocols. You are aware that new Internet protocols
get produced all the time right? RTFA:
Fourth and finally, there are technical standards that must be formally established and coordinated to ensure the Internet's interoperability.
"What, you want Cuba running the Internet?" No, I don't.
Then what is your solution? The UN routinely appoints despot regimes to
chair the human rights subcommittee. ITU is under the UN... you don't
see the problems with that? Such as depot regimes making it
difficult to use cheap alternatives to the gov't telecom monopolies?
The article discusses the standards the Internet uses. Currently these
standards are issued by IETF under
the auspices of the Internet Society. IETF
is an truly international organization where the people with ideas and time
have the influence in terms of authoring or editing standards,
chair working groups, and directing actitivies, all achieved by a credo
of "rough consensus, running code". It is a system that prizes technical
excellent above politics. The same system that told the USA to
piss off
when the gov't attempted to cripple encryption over the the network in order
to "protect us." Under your vision this would be
replaced with each national government voting on standards; the same
people who gave us OSI standards that were stillborn. The
nerds would lose control to Castro, Mugabe, and the Ayatollah, not to
mention the regulators of democratic regimes. Get ready for a new internet protocol
with gov't backdoors in the standards.
Next week IETF meets in Vancouver. I expect it will be one of the last
IETF meetings I'll attend, thanks to visionaries like you.
The Internet is global, and no one nation should have a chokehold over a global system.
That's the problem; you want nations to control it. I want competent people from all
places in the world to control it,
i.e. the status quo. I'll take an Internet run by employees of Cisco and CERN over
your Internet.
~~ no number of supercomputers are going to 'crack' it, whether it's 14 or 90 or 900 days ~~ Oh, please. Haven't you read Dan Brown's Digital Fortress? We all know the NSA has a 3 million processor supercomputer that would be able to crack 256 AES in about 9 seconds.
I think the person who modded this down to zero is sarcasm impaired.
Assuming you are posting from the USA, how do you deal with health insurance, given that the USA's
system is biased toward employer provided health insurance?
A million users and they want POP3? Add a gun and a single bullet to your administration requirements.
No doubt a well deseved +5 for humor, but for those of us less in the know (and a chance at another +5 for informative), what is so bad about POP3? Thx.
Far more important, doesn't IBM have software patents? Making Linux unusable by it's largest corporate sponsor is kinda... stupid.
Making the GPL so that the corporate sponsors
cannot file software patents and re-assign
them to the FSF or the public domain is really
stupid.
Software patents (as stupid as they are) are the
law of the land. Several places I've
worked at file them as a defensive measure, not
as a way to extract royalties from competitors.
GPL 3.0 is not going to change the fact that
there are companies out there filing
obvious patents and extracting revenue from
legitimate businesses. It is only going to
make it easier for the parasites.
Slashdot Mirror
Leaving aside the fact that TicketMaster is evil, this is
a good thing if it ever happens. First is that as a buyer,
my confidence that I'll get the goods I'm paying for rises.
Second, the people who put on the event get more money, and as
a result might be more interested in more showings of the event,
putting the event in a bigger venue (or building a bigger
venue). Another submitter noted that Ticketmaster sells tickets
for most NHL teams. Most NHL teams are in financial trouble.
This will increase the revenues and put the league in better
shape.
The export control rules for USA exports of crypto have been all but eliminated (done in the last year of the Clinton Administration). To export open source crypto from a web site, you just email the Feds telling them you are doing that. To sell binaries, you apply for a retail designation of your software, and can export with virtual impunity. Most or all OECD nations have followed suit.
Well let's say I've got a long running IPsec session going. The first session key, derived from my secret key, was established 3 days ago. By now I'm on my N'th secret key. Today the UK police give my ISP or employer a supoena for my desktops IPsec key. The boss says "sure, here it is." The police packet sniff my IP traffic and find that they can't do anything with it because they don't know my session key, and don't have the full 3 days of traffic to derive all N session keys (perfect forward security and all that). If the UK government could hack into my desktop or hack into the destination of of my IP traffic, they could decrypt current and future traffic, but if I'm smart enough I'll be able to detect that. So if PFS is not banned, the UK government will require every system to have an undetectable back door.
Except that the criminals will use open or free source, and remove the back doors. When safe cryto is made unlawful, only the unlawful will have access to safe crypto.
There was a period of time when the Clinton Administration allowed export of software (only to the USA's allies) that encrypted data over the network provided it had support for key escrow. Someone in my employer's company had the idea that, "gee, Kerberos Key Distribution Centers keep each user's key in a data base, in the clear. Why not propose that, unchanged, as a Key Escrow System to the NSA? Law enforcement can obtain a warrant to get a user's private key per the policy of the Clinton Administration.".
So I did just that. The NSA's response: not good enough because they need to be able to descrypt arbitrary sessions, which means they needed a centralized place in a modified Kerberos system to record each session key, and BTW, have vendor supplied tools for making this really easy. As vendors we were unwilling to do all that because it would severely weaken the strength of the system. So we told the NSA, thanks, but no thanks.
The UK government is either very naive, or very stupid.
That's a cute little story. You forgot to mention that in 2009, Bush leaves office, unlike Hitler who wasn't bothered by electoral process. Are you seriously predicting that Bush is going to go Hitler on us and cancel the next presidential election?
So if you are really worried about the nation becoming a fascist state, spend your energy on helping the Libertarian party win in 2008. If you think that the Dems will be any different, keep in mind that Clinton tried to give us the Clipper chip.
What if the Chinese gov't falsely accuses one of the hackers' victims of breaking the firewall, and imprisons or executes their victim?
It is really scary that the U. of Toronto sanctions what would be a crime if committed against PCs in Canada. Their callous disregard for the consequences of their actions is chilling.
As expected, the filters block very benign content.
One morning I found I couldn't access my.yahoo.com, google.com., ebay.com. My guess is that this is because several of my co-workers had earlier accessed these web sites and popped up a web page with an evil keyword like "erotic". For example, someones yahoo email accout had spam offering penis enlargement and this showed up in the my.yahoo.com page for the user.
Now, the Labour Party says they will allow ISP customers to opt out, that is exactly what will happen the first time well meaning parents try to access a web page describing say a Louis Malle film.
All this will do is raise the cost of ISP services, which is consistent with a left wing political party (but in fairness, nanny protectionism isn't limited to the left; the Sarbanes Oxley law in the USA is one of the worst forms of nanny protectionism [one which indirectly requires my employer have content filters] that the right wing party has ever produced).
One way to combat this scenario is to have a will that promises some
inheritence if the survivors don't contest, and nothing at all if they
do.
Read it:
The clipper chip was an encryption key escrow system. Why would parents care about clipper?
> You will notice however, that when a lot of people didn't like it, it went away.
Yes, we got CALEA instead.
You think foreign countries aren't listening in on your communications?
Why should anyone on slashdot care? You guys don't know how to properly encrypt your email, voice comms, wifi, internet traffic? Probably not ... you're just a bunch of
nerd wannabees.
I enabled automatic updates and install. If MS doesn't want to install them,
not my problem man. I've got too much other stuff to do.
Obviously you've forgotten the Clipper chip and key escrow.
This is easily affordable if that's all it is.
A military bot that can react as fast or better than a human soldier will pretty much do to infantry warfare that iron clad ships did to naval warfare. In the case of the latter, once it was clear an iron clad was feasible, all the wooden ships were instantly obsolete. So it will be with the human infantryman when the military bot is introduced.
Imagine the current Iraq conflict if the side with the all the money had military bots. No coalition or Iraqi gov't soldiers die, whereas the insurgents die at an even higher rate. Iraqi government officials simply conduct their business via telepresence in similar bots. Suicide bombing of police, soliders, and government officials becomes useless: "Today a Belgian suicide bomber rammed her car into an Iraqi police station and destroyed 3 bots" just doesn't make page 1 of the newspaper. Bring it on.
No substitute for human beings? In case you haven't noticed, a solid majority of Americans believes 2000 dead soliders in Iraq is about 1900 or so too many. If and when this technology becomes viable, it won't matter what people like you or in the Pentagon say. The public that pays taxes and supplies cannon fodder will demand military bots to replace humans in direct hand to hand combat. Sorry.
And if the US is foolish enough to not deploy the technology, eventually China will (though it will be much later as a Chinese human solider costs much much less than an American human solider, and there are far more Chinese humans), and then at that point any Pentagon luddites still left will be irrelevant.
But, given the trend of the current US military thinking, I suspect Pentagon generals appreciate the benefits of an independent military bot far more than you or I.
Then the winner is hands down, "Office Space". Anyone who disagrees
... I thought this place was for nerds.
can walk on over to my cubical and deal with me and my big red swing line.
Sheesh
We have National Electric Code which most municipal electric codes based their rules on. The NEC is defined by the electrical nerds. We ought to have a National CompSec Code defined by the nerds. It appears this county is trying to fill a cap (and will likely mess it up). This is a complex area crying for straightforward guidelines. With generally accepted guidelines, it would be easier for small businesses to deploy this stuff safely.
Another reply pointed out that Sarbanes Oxley covers all this. It doesn't actually. What I've observed first hand and from reading the statute, is that there is nothing specific in the statute, and instead, corporations defer to third party auditors who define security policy. For example the auditor will often insist that passwords be changed frequently (every 3 months is often preached) and that the passwords use combinations of upper and lower case, special characters, and numbers. Thus the passwords are difficult to remember, and by changing them frequently, the result is less security because people write them down on sticky notes.
Incredibly, the auditors don't seem to care if passwords are going in the clear over the network.
This is what happens when the nerds stand around and let the idiots (politicians) make the rules. It appears the plumbers and electricians figured this out decades ago. Our turn.
Then what is your solution? The UN routinely appoints despot regimes to chair the human rights subcommittee. ITU is under the UN ... you don't
see the problems with that? Such as depot regimes making it
difficult to use cheap alternatives to the gov't telecom monopolies?
The article discusses the standards the Internet uses. Currently these standards are issued by IETF under the auspices of the Internet Society. IETF is an truly international organization where the people with ideas and time have the influence in terms of authoring or editing standards, chair working groups, and directing actitivies, all achieved by a credo of "rough consensus, running code". It is a system that prizes technical excellent above politics. The same system that told the USA to piss off when the gov't attempted to cripple encryption over the the network in order to "protect us." Under your vision this would be replaced with each national government voting on standards; the same people who gave us OSI standards that were stillborn. The nerds would lose control to Castro, Mugabe, and the Ayatollah, not to mention the regulators of democratic regimes. Get ready for a new internet protocol with gov't backdoors in the standards.
Next week IETF meets in Vancouver. I expect it will be one of the last IETF meetings I'll attend, thanks to visionaries like you.
That's the problem; you want nations to control it. I want competent people from all places in the world to control it, i.e. the status quo. I'll take an Internet run by employees of Cisco and CERN over your Internet.There's also software called VPNs which creates encrypted tunnels that makes VoIP traffic detecting software useless.
Indeed, Google for time, Google would let you VPN through them for free.
Assuming you are posting from the USA, how do you deal with health insurance, given that the USA's system is biased toward employer provided health insurance?
Software patents (as stupid as they are) are the law of the land. Several places I've worked at file them as a defensive measure, not as a way to extract royalties from competitors.
GPL 3.0 is not going to change the fact that there are companies out there filing obvious patents and extracting revenue from legitimate businesses. It is only going to make it easier for the parasites.