I use a livescribe pretty regularly: I have one in my pocket right now. While I agree the form factor of the pens is suboptimal, as are the cartridges, it does the job for me. I've only lost one so far to overzealous inspection at an airport as a spy device because it has audio recording capability. In theory that one might come back, but the office it is stored in is only open a few hours a day, a few days a week at the airport and the release documents have two names on them and... long story.
Anyway, while I appreciate the OP's interest in a fully digital format and read through hoping to find something super cool I hadn't run across yet, the drift in the conversation to pre-digital technologies mirrors my own adoption of the livescribe pen. The books you fill out don't crash and are immediately re-viewable and sunlight readable. The pens are robust and while the cartridges run out of ink far too quickly and without any real warning, it isn't a meaningful cost burden to keep a few spares around.
The form factor of the pen and small note book is time-proven and convenient if you're moving around. It is unobtrusive in meetings, works well in the field, and you can easily have a hand or two free without catastrophic gravitational consequences.
Having a digital copy of my notes is organizationally helpful, even if my writing is not sufficiently legible for useful distribution. The accurate time stamps let me do things like post-correlate a digital picture with the notes unambiguously or a GPS coordinate or any other time stamped media. Occasionally I use the audio recording capability to integrate time-stamped conversational notes when I don't have time to write them all down, just noting a word or two here and there as I can to provide a visual/temporal reference in the converted media.
I am most pleased with myself when I can make a quick sketch on paper and email it out in a few seconds. I have occasionally considered a pen-enhanced phablet as an increasing drift toward virtualization, but that would lose the archival paper copy, the tangible organization of the pages and books, and would be far more fragile and prone to being out of juice when I need it. The pen wakes up in about 3 seconds and even if I haven't charged it in a month, is ready to work - and if the battery is dead, I still take perfectly usable notes I can later digitize by writing over them if I really need to.
For me it solves a few requirements:
* Archival (fairly, the notebooks aren't acid free or anything), * Reliable (works even if the battery is dead, though the small cartridges undermine this a bit,) * Durable (my pen has been in some atypically demanding environments like direct sunlight in measured ambient temperatures of 57C and kept working fine even when digital camera and phone couldn't take pictures because they were too hot,) * Time stamped entries, * Digital distribution/record keeping is painless, * Handles sketches well, * Can correlate to other digital media via time stamp metadata fairly automatically, * Fully cloudless local operation so you don't have to trust a company full of people you've never met.
But....
* I don't use the handwriting recognition tool. It is kind of cool, but not accurate enough with my crappy writing to be worth the cost, * I would prefer a more pen-like pen, * I wish the notebook software could recognize some simple glyphs so certain notes could be automatically extracted or highlighted (I'm thinking "to do" and "important" etc marks), * It'd be awesome if it took standard Fisher cartridges.
The certificate system is badly broken on a couple of levels. Most obvious and relevant to the OP is that there are 650 root CAs that can issue certs, including some state-run CA's by governments with potentially conflicting political interests or poor human rights records.
It is useful to think about what we use SSL certs for:
1) Establishing an encrypted link between our network client and a remote server to foil eavesdropping and surveillance.
2) To verify that the remote server is who we believe it to be.
Problem 1 is by far the most important, so much more important than number 2 that number 2 is almost irrelevant, and fundamental flaws with feature 2 in the current CA system make even trying to enforce verification almost pointless. Most users have no idea what SSL verification actually means or what any of the cryptic (no pun intended) and increasingly annoying alerts warning of "unvalidated certs" mean anyway.
What I find most annoying is that the extraordinary protective value of SSL encrypted communication is systematically undermined by browsers like Firefox in an intrinsically useless effort to convince users to care about verification. I have never, not once, ever not clicked through the warnings on a web site to access it. And even though I often access web sites from areas that are suspected of occasionally attempting to infiltrate dissident organizations with MITM attacks, I still have yet to see a legit MITM attack in the wild myself. But I do know for sure that without SSL encryption my passwords would be compromised - how many of us get spam from friends with Yahoo accounts? Yahoo still does not SSL encrypt login by default and so accounts are regularly compromised by spammers. Encryption really matters and is really important to keeping communication secure. Anything that adds friction to encryption should be rejected.
Self-signed certs and community certs (like CACert.com) should be accepted without any warnings that might slow down a user at all so that every website, even non-commercial or personal ones have no disincentive to adding encryption. HTTPSEverywhere. Routers should be configured to block non-SSL traffic (and HTML email, but that's another rant. Get off my lawn.).
Verification is unsolvable with SSL certs for a couple of reason, some due to the current model, some due to reasonable human behavior, some due to relatively legitimate law-enforcement concerns:
Obviously the OP makes clear that the current model is badly broken because the vast majority of issuing companies have every reason to minimize the cost of providing a cert which means cutting operational costs and increasing the risk of human error. Though even at a well run notary, human error is likely to occur, especially as notaries in different countries, speaking different languages can issue certs for companies in any other location. Certificate issuance by commercial entities is fail. A simple error can, because registrar certs are by default trusted, compromise anyone in the world. One mistake, everybody is at risk. Pinning does not actually reduce this risk in advance, though rapid response to discovered breaches can limit the damage.
But even if issuance were fixed, it wouldn't necessarily help. Most people would happily click through to www.bankomerica.com without thinking twice. Indeed, as companies may have purchased almost every spelling variation and point them all toward their "most reasonable" domain name, it isn't unreasonable to do so. If bankomerica.com asked for a cert in tashkent, would the (or even should they) be denied? No - green bar, wrong site. Even if they were non-SSL encrypted, it isn't practical to typo-test every legit URL against every possible fake, the vast majority of users would never notice if their usual bank site came up unencrypted (no cert at all). This user behavior limitation fundamentally obviates the value of certs for identifying sites. But even a typo-misdirection is assuming too much - all of my phishing
That's the thing about clouds, they're always changing. If you want consistent, reliable webmail, run roundcube on your own server and stop gifting Google your data.
My data centers are all so small they'd be lost in the caverns of the likes of Google or FB, but in applications where ownership of the data is important; and this should apply to sovereign governments, most companies, and even most small businesses; availing oneself of an external data hosting or processing service is giving away the farm.
There are a variety of security concerns unique to the "cloud" environment that should worry anyone who has some liability or risk associated with unintended exposure of their data: from other users of the same physical hardware, from the typically faceless third party employees operating it, and from joining a collective target. A counter argument is that cloud vendors tend to be expert at security and are likely to have more resources to stay current and be vigilant than any single client of theirs, just as a law of scale. But, as DropBox's password fiasco proves, this assumption is not always true - or, perhaps more accurately, a statistical reduction in the likelihood of execution risk is not an elimination of that risk and the consequences of false assumptions can be severe when the failure is of a central repository.
One is safe in using a "cloud" service (such a fluffy marketing term for "third party hosted IT") for data that is intrinsically public, such as this forum or a Facebook post. For a company's HR database, not so much. For a government to have a "cloud computing strategy to lower costs" is very sad. The OP references a statistic that is driven in large part by Google and Facebook, services of such massive scale that vertical integration into the hardware makes sense. It is not intrinsically a refutation of owned and operated hardware. That these vertical integrations have grown to such scale as to rank as major hardware vendors in their own right is impressive, but not in and of itself a "tide" against enterprise hardware. That the vendors of enterprise hardware would seek to own a piece of the emerging market for low cost, low atomic reliability (mitigated by macro reliability) compute systems isn't an abdication of more proven product lines, rather a reasonable foray into new product lines.
The OP finds the data supportive of a popular meme: that cloud computing will replace enterprise computing. This may be true if Zuckerberg's "no privacy" jihad is extended to "no secrets" as well, but as long as companies and governments have secrets and people value privacy, there will be a market for owned and operated hardware since he that owns the hardware owns the data (and when you host your data with a third party, you implicitly trust every employee there). While it is in theory possible to secure remotely hosted data through encryption (and perhaps even to allow remote processing of fully encrypted data), the overhead of securing one's secrets against the third party's prying eyes (and those of their other customers) significantly undermines any touted (but generally unproven) cost savings of "cloud computing."
I use GPG/OpenPGP for some mail and "secure" web mail for other applications. I do not use third party web mail (such as gmail) because I can't control the dissemination or privacy (or longevity) of my mail and while my life is generally boring enough to fit within Eric Schmidt's idea of privacy ("If you have something that you don't want anyone [someone] to know, maybe you shouldn't be doing it in the first place [at least not though a google property]."), I occasionally write a personal opinion of someone I wouldn't want them to be able to Google later or share a business detail that could be economically damaging or embarrassing (or is subject to NDA) and gMail and all other web mail services are effectively public.
I've used PGP (and eventually GPG) since about '94 and my keyring has about 20 people on it: more than 1 new key a year! Alas, 25% of those keys expired in the late 90s. My address book has about 1500 entries. Why so few keys? As the OP pointed out, it isn't all that difficult.
The answer for me is that the model for encouraging encryption has to be more like S-WAN than GPG-like. I'd love to turn on "encrypt everything" and forget it, but I'd get an error message for 99% of my correspondents, so obviously that isn't going to happen. So I set my prefs to reply to encrypted messages with encryption, which is fine, but it means I rarely (almost never) initiate an encrypted thread.
What I'd like is an opportunistic encryption mode where any message to an address in my keyring is encrypted by default. Any message to anyone I don't have a key for gets a nice little.sig file with a brief notice that their mail is insecure and effectively public and a link to further instructions for getting GPG set up.
One annoying problem is that encrypted mail is not searchable. To solve that, I want my client to extract a keyword list on decryption then upload that keyword list to (my own) server as an unencrypted header to enable searching (implemented, of course, with a stop list for words you wouldn't want to appear in the clear even out of context or perhaps particularly out of context).
For the truly paranoid, this list could be a hash list, though you could still fairly effectively dictionary hash fish, but it would provide some security and reduce the easy availability of information. In fact, all headers could be hashed and still generally be searchable (except maybe date ranges).
I also want my server to store my public key and encrypt all incoming mail with it. Of course it is already transported in the clear, but it makes my server less vulnerable. Once the mail has had an index extracted and the body encrypted, someone cracking into my IMAP server would, at least, not find a historical trove of clear-text data. And my friends without keys would get annoying sig files evangelizing encryption.
If you put your data in the cloud, you put it in the hands of not just the US government, but every government the cloud company does business with. And also in the hands of every underpaid employee in the company; and while some companies may claim otherwise, their claims are unverifiable and unenforceable. "Cloud" services have their place - it is for data that is intrinsically public and ephemeral. Nobody should ever trust any cloud service with data that is proprietary or private or irreplaceable.
Most obviously, the "free" services are predicated on exploiting the value of their users as product to customers that are not the users. The model makes sense in some cases, for example a forum, where the shared public content is willing coproduced by users of the forum, exchanging their content creation efforts for use of the forum itself, the forum exploiting that content to attract eyeballs to advertisers that pay the bills.
While there are strong logical reasons why cloud services are intrinsically untrustable (ultimately, he who owns the hardware, owns the data), a simple thought experiment proves the folly: how hard is it to bribe an employee of a cloud service to give you inappropriate access to someone's data? Do you think you couldn't find one employee in one company somewhere? While one may be able to find companies that are currently resistant to easy attacks, cloud companies come and go like the.coms that they are are, and with inevitable waning economic optimism, so too wanes employee loyalty. In the eventual asset transactions that follow, acquiring companies of even trusted entities are unknowns and customers have no recourse and no authority.
At best, the loss of yet another fleeting cloud service means only the loss of the associated data and whatever codependent business line the cloud service customer bet on the serial risk of the success of the cloud company itself.
The premise of handing your proprietary data to another person for remote, invisible processing and care is fundamentally flawed. Your interests are not aligned and their interests will evolve and ultimately diverge or fail.
Foreign companies (and US as well) are well advised to be wary of cloud services.
I carry a Tom Bihn Brainbag with their sleeves in it for laptops since 2007. I carried two laptops with it (T60+Dell M40) for a long time, now a W500+Sony NX5+acc and a crap load of other goodies. It has been on about 500 (?) maybe 600 flights with me, well over 1,000,000 air miles, was strapped to a pallet in a CJ in Afghanistan (and offloaded at the wrong fob where it spent the night and finally got back to me awfully dusty), bounced around Iraq, and accompanied me to to other difficult, sometimes less than gracious environments without any failures. The zippers are tight and with an occasional NikWax have kept the contents dust-free and dry.
My only complaint is that the Freudian Slip doesn't organize enough stuff - I wanted to make a rigid MOLLE style insert for the front pocket to strap sacks of cables and crap to and keep organized, and still keep an eye out for semi-rigid containers for delicate things, but so far nothing has been smashed inside, the straps and zippers work like new, no real fraying. The waist strap on mine has been a vestigial annoyance, but newer models have removable ones.
The only system failures are that the sternum straps disappeared one by one, but my GF has a later edition of the same bag and gave me hers since they interfere with her anatomy and the updated ones work better, no problems since. She's had hers for almost as long and almost as many miles and pretty much the same difficult travel schedule with no problems at all.
If it ever fails, I'll get another. It would be really cool if they had a ballistic spectra option and it would be very cool if there was an easy option to lock the zippers.
This is just yet another example of how the current copyright regime is prima facia unconstitutional.
To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries
Copyright is not a property right; copyright is an agreement between the public and authors & inventors creating a privilege of limited exclusive right as incentive for dissemination of ideas because otherwise authors & inventors have only the choice of keeping their inventions secret or sharing them that the recipient does what he or she will with the information without limitation, which is the natural right of the recipient.
Any mechanism of securing exclusive right to the author or inventor must meet two tests to be constitutional:
the term of the exclusive right must be limited (that is it is not a property right),
the mechanism must demonstrably promote the progress of science and the useful arts.
An attempt was made to test the absurdly long exclusive term against the "limited" requirement and that failed because any finite term is by definition limited.
The test that must now be made is against the requirement that copyright laws "promote the progress of science and the useful arts." The burden of proof should be on demonstrating that the laws do promote the progress of science and the useful arts because copyright is a limitation on the rights of the public and therefore intrinsically a burden on society. In granting copyright society temporarily yields their natural right to a privilege offered authors & inventors, a privilege that may be revoked at any time.
Current copyright laws do not pass the test of promoting the progress of science and the useful arts; they are a burden on innovation and have systematically retarded the progress of science and technology, strangling many significant innovations, once again with internet radio. Current copyright laws are therefore unconstitutional.
I have an idea that will solve world hunger and eradicate disease. Contrary to what you say I believe this idea to be very scarce. It has taken me years of effort and heaps of money to formulate this idea. I really, really want to share this idea with you, but not unreasonably I don't believe I should have to shoulder all the cost of creating it on my own. I want paying, and until then it's going to remain my secret. Owning my secret is very similar to owning my property because you can't have it, but whether you want to call this "intellectual property" or not isn't important. The bottom line is if you want to know my idea we're going to have to make a deal that allows me to get paid, and that means you don't get to use my idea without paying me. You get my great idea, I get paid for it. How is this not fair?
That is absolutely fair. It is work for hire. But once you tell me, you lose control. Set a price that is fair compensation for losing control. But even more fair, how about this: We The People will agree that sometimes people do have good ideas and that We want the maximum generation and dissemination of those ideas. To that end We will create a set of rules that offer inventors an incentive - it's our choice, our offer for a general term to anyone, call it a minimum offer. You are free to keep your secrets and negotiate a more lucrative deal if you can, but how about We give you a 20 year monopoly on your idea in return for teaching us -everything- you know about it and the -best- method for implementing it... under pain of losing the entire deal if you hold anything back.
Oh wait, that's a patent. Now if that's enough incentive for a multi-billion dollar drug development effort, on what basis do we grant 120 years for a pop song?
I don't know what the right balance is, exactly, but a 20 year monopoly is just about right for drug development (at least if the monopoly begins after approval for public sale as it does these days). 20 years is way too long for software. 120 years is utterly unjustifiable for copyright. The original 1790's 14 years seems like more than enough - with another 14 if the author is still profitably exploiting the idea and cares, not if it's fallen out of print.
To pretend that an idea can be owned as property suggests that one owns and has the right to exercise control over another's thoughts. This is absurd and unmanageable.
Absolutely. But you can't think about my idea if I don't tell you it. Unless you come up with it yourself, which is unlikely because my idea is very scarce.
I doubt it. There are few truly new ideas and most ideas are worthless. It's a tough lesson I end up trying to explain to a lot of people, but as someone said of the failed patent auction "buying a patent is a bit like buying an unscratched lottery ticket."
Or as in the painful irony of Marc Gershwin's statement "âoeIf works of art are in the public domain, you can take them and do whatever you want with them . . . [or] someone could turn [Porgy and Bess] into rap music," (note that he was not promoting this as a desirable outcome) after lifting it out of the African American musical tradition without offering any compensation.
If a law regulating the free use and exchange of ideas cannot be proven to promote the progress of science and the useful arts it is wrong and unconstitutional.
Define 'useful'. See that's usually a matter of taste and presently the value of art is usually defined as a matter of whether anyone is prepared to pay for it. Without "Intellectual Property" that's not possible. So who decides what's 'useful'?
Damn good question - and like all constitutional questions, one for the courts. I think it would be interesting to challenge the RIAA on the lack of usefulness; I am not aware of precedent, though there might be. It seems rip
Ideas are not equivalent to tangible property because (among other reasons):
1) There is no natural scarcity of ideas. Taking a thing deprives the person it is taken from of its use. If two people share an idea, both have it and neither the less. The two outcomes are diametrically opposed, ideas are the opposite of property. They are not subject to property. Dissemination of ideas increases the sum of knowledge, whether for profit or not. The purpose of patent and copyright law is to maximize the creation and dissemination of knowledge.
2) To pretend that an idea can be owned as property suggests that one owns and has the right to exercise control over another's thoughts. This is absurd and unmanageable.
3) If an idea is property, there is no basis to suggest that ownership of an idea shouldn't be permanent and heritable as other property is. This would be an economic and social disaster.
etc.
The constitution provides a simple justification for granting a monopoly to an inventor on the use of their idea: "to promote the progress of science and the useful arts." This is a noble goal, one I think generally embraced be even the opponents of the current copyright regime. This suggests a simple and obvious test for laws meant to regulate the temporary monopolies: if a given law can be proven to promote the progress of science and the useful arts, we are fairly subject to the limitations thereof so long as we (We) agree with the goal of promoting the progress of science and the useful arts. If a law regulating the free use and exchange of ideas cannot be proven to promote the progress of science and the useful arts it is wrong and unconstitutional.
Revive S/WAN. We should work to build opportunistic encryption into the base distribution. If it is widely enough spread, it would tend to thwart blocking attempts. OE should be part of the default install for all servers and we need some one-click installer for IIS admins too.
The basic premise of caloric measurements is available energy. Fat gives almost 2x the available energy per gram than protein or carbohydrate. Energy can not be created or destroyed. What you eat goes in one end and comes out or stays in. Period. (.).
The argument that you don't metabolize all available calories applies to olestra, not greasy burgers. The consequence of indigestible fasts is called "anal leakage" mmmmm... Is that what low-carb is promoting? Lose weight through anal leakage? How charming.
The consequence of indigestible sugars is flatulence. Some of the sugars in beans are indigestible. Good for your heart, the more you eat them the more you fart. Lactose intolerant people can't digest milk sugar. Give them some and stand back!
If you are not achieving such entertaining effects, you are not achieving some magical result contrary to the medical orthodoxy by less efficiently metabolizing your food by altering the relative balance of fats, carbohydrates, and proteins. That is, low-carb is a load. There's a reason why Atkins went bankrupt.
It is at least heartening to see the commentary following the Boing Boing article calling BS on it, especially after seeing the similarly anti-rationalists making their voices heard after that wired gadget article.
Crap crap crap. So now what? I've been a speakeasy customer for years now: good SDSL service, excellent customer service, people who actually know configuration options. I'm seriously unhappy. From the zenith of ISPs to the nadir of corporate misculture. Will they start to dynamically rewrite speakeasy quotes between the ad and the sale?
"LAST year, I walked away saying thank God she didn't get a break in SHA-1," says William Burr. "Well, now she has." Burr, a cryptographer at the National Institute of Standards and Technology in Gaithersburg, Maryland, is talking about Xiaoyun Wang, a Chinese cryptographer with a formidable knack for breaking things. Last year Wang, now at Tsinghua University in Beijing, stunned the cryptographic community by breaking a widely used computer security formula called MD5. This year, to Burr's dismay, she went further. Much further."
Every time one almost respects Sony they pull some boneheaded, arrogant, moronic thing like mini disk or memory stick or trying to tell consumers what content is worthy of their technology.
On the plus side, this settles the format war. Of course it matters what format you can get porn on. Blue-ray vs. HD-DVD is, to most people, not functionally differentiated. You can buy the player that lets you watch what you want, or you can buy the player with the morality police inside.
"Our USB Server makes it possible for USB printers (including multi-function printers), USB scanners and other types of USB devices to be used and shared by PCs on a network. It is ideal for home office, small office or classroom use.
"The USB Server supports both Ethernet and Wi-Fi networks -- making it easy to print to a USB printer or connect to other USB devices from a Wi-Fi based laptop."
I like the premise, but I think the metaphor is wrong: there is no actual debt, and in now way does being in prison function as repayment. Aside from other philosophical issues around the meaning of justice, individuals that demonstrate that they are a danger to society must be segregated from society at least until (arguably, only until) they are no longer a danger to society. The idea that someone presents such a danger that they need to be tracked suggests they are too dangerous to be "out." The theoretical streaker is unlikely to present any danger to society, whereas an unrepentant serial rapist with multiple prior convictions probably shouldn't be let out again, or at least until there's some plausible developments in psychiatry. But the same holds true for violent criminals, so clearly sex crimes are singled out solely for their prurient interest, by providing an opportunity to gratuitously describe sex in an offensive way that winds up voters but is without any political or legislative merit, which sounds a lot like a sex crime itself to me...
On balance though, we should be grateful for Lawrence & garner v. State of Texas. It would be a great help to pass a constitutional amendment barring laws that dictate the private behavior of consenting adults. Ask your legislators.
As the "Won't somebody please think of the children" subject alludes, the Simpsons have effectively commented on bogeyman politics, in particular with the bear patrol episode. It's just transparent pandering, creating a false fear and exploiting it; and all the better that the subject be indefensible, though simply defenseless will also work when all the good ones are taken. Sex criminals will always be an easy target, but once that bandwagon has left the station (again), it's time to attack immigrants (poor Groundskeeper Willie), or Albania, or homosexuals, or whatever.
The best thing about this sort of moralist pandering and posturing is that politicians are just as morally complex as everyone else and their utter humiliation is a nice reward for the harm they do, so we should all thank Limbaugh, Haggard, Barnes, Bakker, etc for the joy they've given us.
Trust Wired to get it wrong. The magic of subjective journalism. It is ironic that another/. article describes how the blogosphere is becoming recognized as unreliable.
I was a speaker there in August 2000 at the First WorldWide Top Hackers Conference 'IS2K' in Seoul Korea at the Millennium Hotel. We spoke for several days and even got to meet Kim Hyong-O, the Member of the National Assembly.
I disagree. Reiterating the statement that copyright isn't theft can't be done too often. The RIAA et. al. would love us to forget there's a difference. The core of the difference isn't that "copyright infringement isn't illegal" but that the term "intellectual property" is an intrinsic fallacy. I'd say anybody that uses the term literally and on purpose (instead of simply as a convenient marketing term) exposes a constitutionally unsupportable bias.
The key issue in all copyright debates is that the current copyright regime is indefensible under the constitution of the United States in as much as it does not "promote the progress of science and the useful arts" but is instead a millstone around the neck of innovation. That an economically trivial enterprise like the entertainment industry can hold far larger industries, such as the blank media industry let alone the computer industry as a whole, at bay is an intolerable injustice only sustainable through the most crass graft.
To reiterate that copyright infringement isn't theft is shorthand (much as "intellectual property" is shorthand for "temporary government granted monopoly") for reiterating the sad state of affairs where gross piracy of the public domain is committed constantly by those that would tar their opponents with the name of their own indecency.
Slashdot Mirror
I use a livescribe pretty regularly: I have one in my pocket right now. While I agree the form factor of the pens is suboptimal, as are the cartridges, it does the job for me. I've only lost one so far to overzealous inspection at an airport as a spy device because it has audio recording capability. In theory that one might come back, but the office it is stored in is only open a few hours a day, a few days a week at the airport and the release documents have two names on them and... long story.
Anyway, while I appreciate the OP's interest in a fully digital format and read through hoping to find something super cool I hadn't run across yet, the drift in the conversation to pre-digital technologies mirrors my own adoption of the livescribe pen. The books you fill out don't crash and are immediately re-viewable and sunlight readable. The pens are robust and while the cartridges run out of ink far too quickly and without any real warning, it isn't a meaningful cost burden to keep a few spares around.
The form factor of the pen and small note book is time-proven and convenient if you're moving around. It is unobtrusive in meetings, works well in the field, and you can easily have a hand or two free without catastrophic gravitational consequences.
Having a digital copy of my notes is organizationally helpful, even if my writing is not sufficiently legible for useful distribution. The accurate time stamps let me do things like post-correlate a digital picture with the notes unambiguously or a GPS coordinate or any other time stamped media. Occasionally I use the audio recording capability to integrate time-stamped conversational notes when I don't have time to write them all down, just noting a word or two here and there as I can to provide a visual/temporal reference in the converted media.
I am most pleased with myself when I can make a quick sketch on paper and email it out in a few seconds. I have occasionally considered a pen-enhanced phablet as an increasing drift toward virtualization, but that would lose the archival paper copy, the tangible organization of the pages and books, and would be far more fragile and prone to being out of juice when I need it. The pen wakes up in about 3 seconds and even if I haven't charged it in a month, is ready to work - and if the battery is dead, I still take perfectly usable notes I can later digitize by writing over them if I really need to.
For me it solves a few requirements:
* Archival (fairly, the notebooks aren't acid free or anything),
* Reliable (works even if the battery is dead, though the small cartridges undermine this a bit,)
* Durable (my pen has been in some atypically demanding environments like direct sunlight in measured ambient temperatures of 57C and kept working fine even when digital camera and phone couldn't take pictures because they were too hot,)
* Time stamped entries,
* Digital distribution/record keeping is painless,
* Handles sketches well,
* Can correlate to other digital media via time stamp metadata fairly automatically,
* Fully cloudless local operation so you don't have to trust a company full of people you've never met.
But....
* I don't use the handwriting recognition tool. It is kind of cool, but not accurate enough with my crappy writing to be worth the cost,
* I would prefer a more pen-like pen,
* I wish the notebook software could recognize some simple glyphs so certain notes could be automatically extracted or highlighted (I'm thinking "to do" and "important" etc marks),
* It'd be awesome if it took standard Fisher cartridges.
The certificate system is badly broken on a couple of levels. Most obvious and relevant to the OP is that there are 650 root CAs that can issue certs, including some state-run CA's by governments with potentially conflicting political interests or poor human rights records.
It is useful to think about what we use SSL certs for:
1) Establishing an encrypted link between our network client and a remote server to foil eavesdropping and surveillance.
2) To verify that the remote server is who we believe it to be.
Problem 1 is by far the most important, so much more important than number 2 that number 2 is almost irrelevant, and fundamental flaws with feature 2 in the current CA system make even trying to enforce verification almost pointless. Most users have no idea what SSL verification actually means or what any of the cryptic (no pun intended) and increasingly annoying alerts warning of "unvalidated certs" mean anyway.
What I find most annoying is that the extraordinary protective value of SSL encrypted communication is systematically undermined by browsers like Firefox in an intrinsically useless effort to convince users to care about verification. I have never, not once, ever not clicked through the warnings on a web site to access it. And even though I often access web sites from areas that are suspected of occasionally attempting to infiltrate dissident organizations with MITM attacks, I still have yet to see a legit MITM attack in the wild myself. But I do know for sure that without SSL encryption my passwords would be compromised - how many of us get spam from friends with Yahoo accounts? Yahoo still does not SSL encrypt login by default and so accounts are regularly compromised by spammers. Encryption really matters and is really important to keeping communication secure. Anything that adds friction to encryption should be rejected.
Self-signed certs and community certs (like CACert.com) should be accepted without any warnings that might slow down a user at all so that every website, even non-commercial or personal ones have no disincentive to adding encryption. HTTPSEverywhere. Routers should be configured to block non-SSL traffic (and HTML email, but that's another rant. Get off my lawn.).
Verification is unsolvable with SSL certs for a couple of reason, some due to the current model, some due to reasonable human behavior, some due to relatively legitimate law-enforcement concerns:
Obviously the OP makes clear that the current model is badly broken because the vast majority of issuing companies have every reason to minimize the cost of providing a cert which means cutting operational costs and increasing the risk of human error. Though even at a well run notary, human error is likely to occur, especially as notaries in different countries, speaking different languages can issue certs for companies in any other location. Certificate issuance by commercial entities is fail. A simple error can, because registrar certs are by default trusted, compromise anyone in the world. One mistake, everybody is at risk. Pinning does not actually reduce this risk in advance, though rapid response to discovered breaches can limit the damage.
But even if issuance were fixed, it wouldn't necessarily help. Most people would happily click through to www.bankomerica.com without thinking twice. Indeed, as companies may have purchased almost every spelling variation and point them all toward their "most reasonable" domain name, it isn't unreasonable to do so. If bankomerica.com asked for a cert in tashkent, would the (or even should they) be denied? No - green bar, wrong site. Even if they were non-SSL encrypted, it isn't practical to typo-test every legit URL against every possible fake, the vast majority of users would never notice if their usual bank site came up unencrypted (no cert at all). This user behavior limitation fundamentally obviates the value of certs for identifying sites. But even a typo-misdirection is assuming too much - all of my phishing
That's the thing about clouds, they're always changing. If you want consistent, reliable webmail, run roundcube on your own server and stop gifting Google your data.
If you want to retain ownership of your data, host it on your own server.
My data centers are all so small they'd be lost in the caverns of the likes of Google or FB, but in applications where ownership of the data is important; and this should apply to sovereign governments, most companies, and even most small businesses; availing oneself of an external data hosting or processing service is giving away the farm.
There are a variety of security concerns unique to the "cloud" environment that should worry anyone who has some liability or risk associated with unintended exposure of their data: from other users of the same physical hardware, from the typically faceless third party employees operating it, and from joining a collective target. A counter argument is that cloud vendors tend to be expert at security and are likely to have more resources to stay current and be vigilant than any single client of theirs, just as a law of scale. But, as DropBox's password fiasco proves, this assumption is not always true - or, perhaps more accurately, a statistical reduction in the likelihood of execution risk is not an elimination of that risk and the consequences of false assumptions can be severe when the failure is of a central repository.
One is safe in using a "cloud" service (such a fluffy marketing term for "third party hosted IT") for data that is intrinsically public, such as this forum or a Facebook post. For a company's HR database, not so much. For a government to have a "cloud computing strategy to lower costs" is very sad. The OP references a statistic that is driven in large part by Google and Facebook, services of such massive scale that vertical integration into the hardware makes sense. It is not intrinsically a refutation of owned and operated hardware. That these vertical integrations have grown to such scale as to rank as major hardware vendors in their own right is impressive, but not in and of itself a "tide" against enterprise hardware. That the vendors of enterprise hardware would seek to own a piece of the emerging market for low cost, low atomic reliability (mitigated by macro reliability) compute systems isn't an abdication of more proven product lines, rather a reasonable foray into new product lines.
The OP finds the data supportive of a popular meme: that cloud computing will replace enterprise computing. This may be true if Zuckerberg's "no privacy" jihad is extended to "no secrets" as well, but as long as companies and governments have secrets and people value privacy, there will be a market for owned and operated hardware since he that owns the hardware owns the data (and when you host your data with a third party, you implicitly trust every employee there). While it is in theory possible to secure remotely hosted data through encryption (and perhaps even to allow remote processing of fully encrypted data), the overhead of securing one's secrets against the third party's prying eyes (and those of their other customers) significantly undermines any touted (but generally unproven) cost savings of "cloud computing."
I use GPG/OpenPGP for some mail and "secure" web mail for other applications. I do not use third party web mail (such as gmail) because I can't control the dissemination or privacy (or longevity) of my mail and while my life is generally boring enough to fit within Eric Schmidt's idea of privacy ("If you have something that you don't want anyone [someone] to know, maybe you shouldn't be doing it in the first place [at least not though a google property]."), I occasionally write a personal opinion of someone I wouldn't want them to be able to Google later or share a business detail that could be economically damaging or embarrassing (or is subject to NDA) and gMail and all other web mail services are effectively public.
I've used PGP (and eventually GPG) since about '94 and my keyring has about 20 people on it: more than 1 new key a year! Alas, 25% of those keys expired in the late 90s. My address book has about 1500 entries. Why so few keys? As the OP pointed out, it isn't all that difficult.
The answer for me is that the model for encouraging encryption has to be more like S-WAN than GPG-like. I'd love to turn on "encrypt everything" and forget it, but I'd get an error message for 99% of my correspondents, so obviously that isn't going to happen. So I set my prefs to reply to encrypted messages with encryption, which is fine, but it means I rarely (almost never) initiate an encrypted thread.
What I'd like is an opportunistic encryption mode where any message to an address in my keyring is encrypted by default. Any message to anyone I don't have a key for gets a nice little .sig file with a brief notice that their mail is insecure and effectively public and a link to further instructions for getting GPG set up.
One annoying problem is that encrypted mail is not searchable. To solve that, I want my client to extract a keyword list on decryption then upload that keyword list to (my own) server as an unencrypted header to enable searching (implemented, of course, with a stop list for words you wouldn't want to appear in the clear even out of context or perhaps particularly out of context).
For the truly paranoid, this list could be a hash list, though you could still fairly effectively dictionary hash fish, but it would provide some security and reduce the easy availability of information. In fact, all headers could be hashed and still generally be searchable (except maybe date ranges).
I also want my server to store my public key and encrypt all incoming mail with it. Of course it is already transported in the clear, but it makes my server less vulnerable. Once the mail has had an index extracted and the body encrypted, someone cracking into my IMAP server would, at least, not find a historical trove of clear-text data. And my friends without keys would get annoying sig files evangelizing encryption.
If you put your data in the cloud, you put it in the hands of not just the US government, but every government the cloud company does business with. And also in the hands of every underpaid employee in the company; and while some companies may claim otherwise, their claims are unverifiable and unenforceable. "Cloud" services have their place - it is for data that is intrinsically public and ephemeral. Nobody should ever trust any cloud service with data that is proprietary or private or irreplaceable.
Most obviously, the "free" services are predicated on exploiting the value of their users as product to customers that are not the users. The model makes sense in some cases, for example a forum, where the shared public content is willing coproduced by users of the forum, exchanging their content creation efforts for use of the forum itself, the forum exploiting that content to attract eyeballs to advertisers that pay the bills.
While there are strong logical reasons why cloud services are intrinsically untrustable (ultimately, he who owns the hardware, owns the data), a simple thought experiment proves the folly: how hard is it to bribe an employee of a cloud service to give you inappropriate access to someone's data? Do you think you couldn't find one employee in one company somewhere? While one may be able to find companies that are currently resistant to easy attacks, cloud companies come and go like the .coms that they are are, and with inevitable waning economic optimism, so too wanes employee loyalty. In the eventual asset transactions that follow, acquiring companies of even trusted entities are unknowns and customers have no recourse and no authority.
At best, the loss of yet another fleeting cloud service means only the loss of the associated data and whatever codependent business line the cloud service customer bet on the serial risk of the success of the cloud company itself.
The premise of handing your proprietary data to another person for remote, invisible processing and care is fundamentally flawed. Your interests are not aligned and their interests will evolve and ultimately diverge or fail.
Foreign companies (and US as well) are well advised to be wary of cloud services.
I carry a Tom Bihn Brainbag with their sleeves in it for laptops since 2007. I carried two laptops with it (T60+Dell M40) for a long time, now a W500+Sony NX5+acc and a crap load of other goodies. It has been on about 500 (?) maybe 600 flights with me, well over 1,000,000 air miles, was strapped to a pallet in a CJ in Afghanistan (and offloaded at the wrong fob where it spent the night and finally got back to me awfully dusty), bounced around Iraq, and accompanied me to to other difficult, sometimes less than gracious environments without any failures. The zippers are tight and with an occasional NikWax have kept the contents dust-free and dry.
My only complaint is that the Freudian Slip doesn't organize enough stuff - I wanted to make a rigid MOLLE style insert for the front pocket to strap sacks of cables and crap to and keep organized, and still keep an eye out for semi-rigid containers for delicate things, but so far nothing has been smashed inside, the straps and zippers work like new, no real fraying. The waist strap on mine has been a vestigial annoyance, but newer models have removable ones.
The only system failures are that the sternum straps disappeared one by one, but my GF has a later edition of the same bag and gave me hers since they interfere with her anatomy and the updated ones work better, no problems since. She's had hers for almost as long and almost as many miles and pretty much the same difficult travel schedule with no problems at all.
If it ever fails, I'll get another. It would be really cool if they had a ballistic spectra option and it would be very cool if there was an easy option to lock the zippers.
Nobody would ever, ever put an explosive device or weapon on a child if we decided that children were too precious to scan.
http://www.asianewsnet.net/home/news.php?id=19669
http://articles.cnn.com/2010-06-15/opinion/obaid.suicide.children_1_suicide-bombers-pakistan-northwest-frontier-province?_s=PM:OPINION
http://www.washingtontimes.com/news/2009/jul/2/taliban-buying-children-to-serve-as-suicide-bomber/
http://www.youtube.com/watch?v=_lwaypeucTk
So there could not possibly be a problem with systematically allowing a certain class of people through security unscanned.
So, anybody help you find anything yet?
I only know of BRL-CAD that would be suitable for defining geometry that you could actually fabricate (as opposed to geometry for pretty pictures).
http://brlcad.org/
It has hit /. before http://developers.slashdot.org/article.pl?sid=05/01/08/1823248
This is just yet another example of how the current copyright regime is prima facia unconstitutional.
To promote the progress of science and useful arts, by securing for limited times to authors and inventors the exclusive right to their respective writings and discoveries
Copyright is not a property right; copyright is an agreement between the public and authors & inventors creating a privilege of limited exclusive right as incentive for dissemination of ideas because otherwise authors & inventors have only the choice of keeping their inventions secret or sharing them that the recipient does what he or she will with the information without limitation, which is the natural right of the recipient.
Any mechanism of securing exclusive right to the author or inventor must meet two tests to be constitutional:
An attempt was made to test the absurdly long exclusive term against the "limited" requirement and that failed because any finite term is by definition limited.
The test that must now be made is against the requirement that copyright laws "promote the progress of science and the useful arts." The burden of proof should be on demonstrating that the laws do promote the progress of science and the useful arts because copyright is a limitation on the rights of the public and therefore intrinsically a burden on society. In granting copyright society temporarily yields their natural right to a privilege offered authors & inventors, a privilege that may be revoked at any time.
Current copyright laws do not pass the test of promoting the progress of science and the useful arts; they are a burden on innovation and have systematically retarded the progress of science and technology, strangling many significant innovations, once again with internet radio. Current copyright laws are therefore unconstitutional.
There is no natural scarcity of ideas.
I have an idea that will solve world hunger and eradicate disease. Contrary to what you say I believe this idea to be very scarce. It has taken me years of effort and heaps of money to formulate this idea. I really, really want to share this idea with you, but not unreasonably I don't believe I should have to shoulder all the cost of creating it on my own. I want paying, and until then it's going to remain my secret. Owning my secret is very similar to owning my property because you can't have it, but whether you want to call this "intellectual property" or not isn't important. The bottom line is if you want to know my idea we're going to have to make a deal that allows me to get paid, and that means you don't get to use my idea without paying me. You get my great idea, I get paid for it. How is this not fair?
That is absolutely fair. It is work for hire. But once you tell me, you lose control. Set a price that is fair compensation for losing control. But even more fair, how about this: We The People will agree that sometimes people do have good ideas and that We want the maximum generation and dissemination of those ideas. To that end We will create a set of rules that offer inventors an incentive - it's our choice, our offer for a general term to anyone, call it a minimum offer. You are free to keep your secrets and negotiate a more lucrative deal if you can, but how about We give you a 20 year monopoly on your idea in return for teaching us -everything- you know about it and the -best- method for implementing it... under pain of losing the entire deal if you hold anything back.
Oh wait, that's a patent. Now if that's enough incentive for a multi-billion dollar drug development effort, on what basis do we grant 120 years for a pop song?
I don't know what the right balance is, exactly, but a 20 year monopoly is just about right for drug development (at least if the monopoly begins after approval for public sale as it does these days). 20 years is way too long for software. 120 years is utterly unjustifiable for copyright. The original 1790's 14 years seems like more than enough - with another 14 if the author is still profitably exploiting the idea and cares, not if it's fallen out of print.
To pretend that an idea can be owned as property suggests that one owns and has the right to exercise control over another's thoughts. This is absurd and unmanageable.
Absolutely. But you can't think about my idea if I don't tell you it. Unless you come up with it yourself, which is unlikely because my idea is very scarce.
I doubt it. There are few truly new ideas and most ideas are worthless. It's a tough lesson I end up trying to explain to a lot of people, but as someone said of the failed patent auction "buying a patent is a bit like buying an unscratched lottery ticket."
Or as in the painful irony of Marc Gershwin's statement "âoeIf works of art are in the public domain, you can take them and do whatever you want with them . . . [or] someone could turn [Porgy and Bess] into rap music," (note that he was not promoting this as a desirable outcome) after lifting it out of the African American musical tradition without offering any compensation.
If a law regulating the free use and exchange of ideas cannot be proven to promote the progress of science and the useful arts it is wrong and unconstitutional.
Define 'useful'. See that's usually a matter of taste and presently the value of art is usually defined as a matter of whether anyone is prepared to pay for it. Without "Intellectual Property" that's not possible. So who decides what's 'useful'?
Damn good question - and like all constitutional questions, one for the courts. I think it would be interesting to challenge the RIAA on the lack of usefulness; I am not aware of precedent, though there might be. It seems rip
Ideas are not equivalent to tangible property because (among other reasons):
1) There is no natural scarcity of ideas. Taking a thing deprives the person it is taken from of its use. If two people share an idea, both have it and neither the less. The two outcomes are diametrically opposed, ideas are the opposite of property. They are not subject to property. Dissemination of ideas increases the sum of knowledge, whether for profit or not. The purpose of patent and copyright law is to maximize the creation and dissemination of knowledge.
2) To pretend that an idea can be owned as property suggests that one owns and has the right to exercise control over another's thoughts. This is absurd and unmanageable.
3) If an idea is property, there is no basis to suggest that ownership of an idea shouldn't be permanent and heritable as other property is. This would be an economic and social disaster.
etc.
The constitution provides a simple justification for granting a monopoly to an inventor on the use of their idea: "to promote the progress of science and the useful arts." This is a noble goal, one I think generally embraced be even the opponents of the current copyright regime. This suggests a simple and obvious test for laws meant to regulate the temporary monopolies: if a given law can be proven to promote the progress of science and the useful arts, we are fairly subject to the limitations thereof so long as we (We) agree with the goal of promoting the progress of science and the useful arts. If a law regulating the free use and exchange of ideas cannot be proven to promote the progress of science and the useful arts it is wrong and unconstitutional.
Revive S/WAN. We should work to build opportunistic encryption into the base distribution. If it is widely enough spread, it would tend to thwart blocking attempts. OE should be part of the default install for all servers and we need some one-click installer for IIS admins too.
The basic premise of caloric measurements is available energy. Fat gives almost 2x the available energy per gram than protein or carbohydrate. Energy can not be created or destroyed. What you eat goes in one end and comes out or stays in. Period. (.).
The argument that you don't metabolize all available calories applies to olestra, not greasy burgers. The consequence of indigestible fasts is called "anal leakage" mmmmm... Is that what low-carb is promoting? Lose weight through anal leakage? How charming.
The consequence of indigestible sugars is flatulence. Some of the sugars in beans are indigestible. Good for your heart, the more you eat them the more you fart. Lactose intolerant people can't digest milk sugar. Give them some and stand back!
If you are not achieving such entertaining effects, you are not achieving some magical result contrary to the medical orthodoxy by less efficiently metabolizing your food by altering the relative balance of fats, carbohydrates, and proteins. That is, low-carb is a load. There's a reason why Atkins went bankrupt.
It is at least heartening to see the commentary following the Boing Boing article calling BS on it, especially after seeing the similarly anti-rationalists making their voices heard after that wired gadget article.
Crap crap crap. So now what? I've been a speakeasy customer for years now: good SDSL service, excellent customer service, people who actually know configuration options. I'm seriously unhappy. From the zenith of ISPs to the nadir of corporate misculture. Will they start to dynamically rewrite speakeasy quotes between the ad and the sale?
poo. this sucks.
When you send an SMS you are smissing. You're texting when you're typing anything.
Joe Davis did this more than 17years ago.
From the original article cited by the epoch times article (at the moment /.ed)
Busted! A crisis in cryptography
"LAST year, I walked away saying thank God she didn't get a break in SHA-1," says William Burr. "Well, now she has." Burr, a cryptographer at the National Institute of Standards and Technology in Gaithersburg, Maryland, is talking about Xiaoyun Wang, a Chinese cryptographer with a formidable knack for breaking things. Last year Wang, now at Tsinghua University in Beijing, stunned the cryptographic community by breaking a widely used computer security formula called MD5. This year, to Burr's dismay, she went further. Much further."
cute...
Every time one almost respects Sony they pull some boneheaded, arrogant, moronic thing like mini disk or memory stick or trying to tell consumers what content is worthy of their technology.
On the plus side, this settles the format war. Of course it matters what format you can get porn on. Blue-ray vs. HD-DVD is, to most people, not functionally differentiated. You can buy the player that lets you watch what you want, or you can buy the player with the morality police inside.
http://www.keyspan.com/products/usb/server/homepag e.spml
"Our USB Server makes it possible for USB printers (including multi-function printers), USB scanners and other types of USB devices to be used and shared by PCs on a network. It is ideal for home office, small office or classroom use.
"The USB Server supports both Ethernet and Wi-Fi networks -- making it easy to print to a USB printer or connect to other USB devices from a Wi-Fi based laptop."
It has been out for years.
Disclaimer: I designed the case.
I like the premise, but I think the metaphor is wrong: there is no actual debt, and in now way does being in prison function as repayment. Aside from other philosophical issues around the meaning of justice, individuals that demonstrate that they are a danger to society must be segregated from society at least until (arguably, only until) they are no longer a danger to society. The idea that someone presents such a danger that they need to be tracked suggests they are too dangerous to be "out." The theoretical streaker is unlikely to present any danger to society, whereas an unrepentant serial rapist with multiple prior convictions probably shouldn't be let out again, or at least until there's some plausible developments in psychiatry. But the same holds true for violent criminals, so clearly sex crimes are singled out solely for their prurient interest, by providing an opportunity to gratuitously describe sex in an offensive way that winds up voters but is without any political or legislative merit, which sounds a lot like a sex crime itself to me...
On balance though, we should be grateful for Lawrence & garner v. State of Texas. It would be a great help to pass a constitutional amendment barring laws that dictate the private behavior of consenting adults. Ask your legislators.
As the "Won't somebody please think of the children" subject alludes, the Simpsons have effectively commented on bogeyman politics, in particular with the bear patrol episode. It's just transparent pandering, creating a false fear and exploiting it; and all the better that the subject be indefensible, though simply defenseless will also work when all the good ones are taken. Sex criminals will always be an easy target, but once that bandwagon has left the station (again), it's time to attack immigrants (poor Groundskeeper Willie), or Albania, or homosexuals, or whatever.
The best thing about this sort of moralist pandering and posturing is that politicians are just as morally complex as everyone else and their utter humiliation is a nice reward for the harm they do, so we should all thank Limbaugh, Haggard, Barnes, Bakker, etc for the joy they've given us.
Trust Wired to get it wrong. The magic of subjective journalism. It is ironic that another /. article describes how the blogosphere is becoming recognized as unreliable.
I was a speaker there in August 2000 at the First WorldWide Top Hackers Conference 'IS2K' in Seoul Korea at the Millennium Hotel. We spoke for several days and even got to meet Kim Hyong-O, the Member of the National Assembly.
In order to ensure timely departures, at departure time a signal is sent which causes the device to explode.
That's too bad, really, I would have enjoyed going to hungary. I guess not by air.
I disagree. Reiterating the statement that copyright isn't theft can't be done too often. The RIAA et. al. would love us to forget there's a difference. The core of the difference isn't that "copyright infringement isn't illegal" but that the term "intellectual property" is an intrinsic fallacy. I'd say anybody that uses the term literally and on purpose (instead of simply as a convenient marketing term) exposes a constitutionally unsupportable bias.
The key issue in all copyright debates is that the current copyright regime is indefensible under the constitution of the United States in as much as it does not "promote the progress of science and the useful arts" but is instead a millstone around the neck of innovation. That an economically trivial enterprise like the entertainment industry can hold far larger industries, such as the blank media industry let alone the computer industry as a whole, at bay is an intolerable injustice only sustainable through the most crass graft.
To reiterate that copyright infringement isn't theft is shorthand (much as "intellectual property" is shorthand for "temporary government granted monopoly") for reiterating the sad state of affairs where gross piracy of the public domain is committed constantly by those that would tar their opponents with the name of their own indecency.