The stipulation by the admissions department does not impart any ethical requirement on the applicant. Just because I provide you a date on which I'm going to contact you does not imply that you are prohibited from learning that information from another source.
Now you have got to be kidding. That fact that there is a process that is kept private and that the school will notify aplicants at a certain time certainly does implicity imply that you should not know the outcome until they notify you.
There are dozens of reasons why the school wants to keep the admissions process private but that is speculation on my part.
The simple fact that you are missing is that Just becuase you can doens't mean you should. It really is that simple and it is not a platitidue, but a truism.
So by your example, if someone induces another to divulge that information, then that is unethical, but because that same person induced a computer to do divulge that information, that is not unethical? Maybe you mean it would be unethical on the part of the person divulging, but what about the person inducing? Don't they have ethical boundaries? Of course they do.
Just becuase you access information through a computer doesn't make that right either nor does it remove the ethical responsibility.
That's just my opinion. I'm willing to accept the fact that you may disagree.
If I may be so bold, maybe you should re-examine that opinion as it is not well thought out and certianly obviously internally inconsistent (at least how you are stating it)
Oh, sure, by your logic, if you go in for a medical test to see if you have cancer, and the hospital says they'll notify you in August, but they start broadcasting your results via the web (lets say, by an unlinked web page, but one that is posted on discussion forums), you argue it would be unethical for you to go find out early if you have cancer.
And how long have you been in the business world? About 20 years in various industries. Thanks for asking. If you think there is some honor code that everyone follows then bend over buddy, you are about to take a good reeming.
So your arguement boils down to "because everyone does it, that makes it OK?"
Because a some (maybe a majority) athletes take anabolic steriods, everyone should. Hey, it's competition.
Because brokerages trade stocks and employ analysts of those stocks, then it's OK for those analysts to hype the very stocks they are invested in?
Because some manufacturing plants pollute and US laws are getting stricter in pollution, it is OK to move manufacturing to another country and pollute it?
Those are realistic and actual outcomes of your position.
I don't like it or agree with it, but that's the nature of our current business environment.
How sad for you, and rest of us, to buy into and accept that position.
You've got to be kidding me. How on earth is this some ethical conundrum? Information was available, unsecured, from the public Internet, to him, regarding his personal status.
Just because you can do a thing, doesn't mean you should or that it is right to do so. That the information was available is irrelevant.
The heart of the matter is that the admissions process stipultated a date when applicants would be notified and applicants should honor that stipulation. That is the honestly ethical thing to do.
I would have done it. And I consider myself to be an ethical person.... if a business deal came by where I could make $10 million by duping an old lady out of her $100k house,
This shows that you know nothing of ethics. Even a cursory glance at philosophy 101 and the Golden Rule ("Do unto others as you would have them do unto you") certainly applies. Would you want to be duped out of your $100K house so someone else can make money off of it?
The fact of the matter is that these people took the opportunity to look at information that should not have been available to them. They activley seeked it out. That is a violation of trust and that is unethical.
Good for you, but it is too bad that you can't actually see the ethical problem with taking a peek.
Fundamentally, business runs on trust--trust between collegues and peers, trust between companies, trust between companies and the public. You earn or lose trust based on your actions.
That you took a peek isn't particularly damning, it may be chalked upto a bad decision. That you can't see that it was a bad (unethical) decision, is damning, however.
Regardless of the outcome, you did something wrong and don't seem to see that as a problem.
What is means is that legal documents need to in specific formats to be considered valid. Word Perfect gives you complete control over the format of the document and the elements. Word does not.
By the way, the format issue is so important it is one of the reasons why faxing legal documents is OK, but sending them electronically is not (the local printer may reformat the document while in electronic format).
Kinda. Provided there is a well designed and realistic Protection Profile and the Security Target is realisticaly designed, there is some value to the CC certification.
The biggest issue I have seen with CC is more in the understanding, or lack there of, of what is covered in a CC eval on both consumers and vendors. Vendors obviously promte the CC eval because it is expensive and has a certain cache. Users tend to glaze over reading the certification docs and most often don't make it very far before checking whatever check box they need.
Re:Not a problem (yet)
on
SHA-1 Broken
·
· Score: 1
this attack does not allow an attacker to magically deduce your password from its hash, or even generate another password that would hash to the same value as yours. So you don't need to immediately jump up and replace SHA-1 wherever you use it
But if you can find any other password string that will compute to the same hash value, it doesn't matter if that string is the real password or not. You can still use the strig to authenticate and you can reuse that password with other systems that use the same mechanism.
And you have this so completly wrong in so many ways. First of all, it is not the TCPA, that organiztaion has long since been renamce to the TCG and you can find the site here.
Next, if th TPM is designed according to the TCG specs, you have to manually enable it in the BIOS. Once that happens, then you have to manually allow TSS to interact with it before it will do so. You can choose not to, but then you can't use that software.
The TPM does NOT stop software from running. It will NOT stop open source software from running. and it will NOT stop you from using alternative operating systems.
The FUD you are spreading is already available in cuurrent software platforms and does't require the TPM. Why not try actually *gasp* reading the damn specs before you speak.
It is OK for an organization to escrow encryption keys so that they can recover the data later. Of course, you need to protect the escrowed keys.
Key escrow of signing keys is a different matter altogether because signing keys are assigned to a specific user. If someone else has custody of the private signing key, you can never assert that the user had sole use--someone can always claim that he signatures were forged. Also, there is no need to escrow a signing key because if the private key was lost, you can still validate signatures on data signed with that provate key using the public key (at least upto the time when the key was lost, then don't trust any signatures)
From the article and case law, you can't sign away your basic rights even knowingly. That would be considered "unreasonable." You might be able to make the argument that the inability to sell your software, complete with the license, and no longer use it is unreasonable. And you might be able to win. You might also try to entice your states AG to take the fight for you. There are lots of options.
I'd say that the response to this by many people reading this would be fuck them. If they're greedy enough to subscribe to this silly notion of expecting to be paid for their creative output, then they deserve what they can get.
And you would be wrong. My response to you for depriving me of income from work and effort that I have put into a creative piece of work would be fuck you and there he is officer, arrest him. It is not up to you to decide the cost or benfit that is due a creator.
There is nothing wrong with people charging for creative works. There is something very wrong with someone else taking that work without paying for it.
And trying to use the American Indian situation as support for your arguments shows that you don't have a grasp of either situation.
I use Outlook and I can search for and locate Outlook emails in about 2 seconds. When I use Outlook search, I have to wait until it searches every single email and them presents them to me and here is the kicker, I can't do anything else while Outlook is searching otherwise the search stops. I have a couple of 1000 emails (I tend to keep deleted email for a long time and I rarely clean out my in box).
Another use is that I have alot of files for work in My Documents that I refer back to often as far as a year or so. No amount of organizing is going to save me time locating stuff.
The point is, computers are good at indexing and searching, I am not, so let the computer do the work.
Ah, lots of reasons. Windows search tool is pretty limiting. You can search the hard drive. Or I can search Outlook but those are seperate operations. Don't try to go back and read that email while searching Outlook using the Outlook tool because the search will end. And takes for ever to run.
It doesnt' have really good boolean support. Lot's of reasons.
I use Google Desktop because it supports the seraching I need to do (mostly microsoft files and Outlook) and it fast.
...which in turn will lead to the device being returned as defective by geeks and "normal" people experiencing false positives.
Go read the material on the TPM. You will find that the design of the TPM is specifically not to impede the boot strap process unless that is the policy of the machine. Vendors who try to sell something like that will face incredible public back-lash that it wouldn't get very far. Clipper failed due to extreme public pressure.
There are enough paranoid people who are far less informed about technology out there to put pressure on the market.
Most of the big companies are involved in Trusted Computing of some sort, and have invested heavily in it. The idea that they will go that all that expense and then not use the platform strikes me as unlikely.
Yeah. I agree. I think you will see this deployed more in the commercial and the gov't sectors because there is more of a motivation to control the endpoints and quite frankly more reason to.
I don't think this will work in the consumer space because too many consumers won't know what TPM is, won't be able to deal with errors, and any impediment to user acceptance is a cost that the organization trying to enforce TPM will have to deal with (read pay for).
With the 5 banks I deal with on-line, none of them require I use any special software and if they tried, I think they would find support costs astronimical.
The adage should be: "An organization that puts software on the computer gets to support it."
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right?
This is old news. That functionality has been available in BIOS's for at least 10 years.
What you may be referring to is the TPM 1.1 chip in some Thinkpads. But I believe that TPM has to be manually enabled. Could be wrong.
If this is based on the Trusted Platform Module (TPM) specified by the TCG, then the security features have to be enabled first.
Even if the TPM is enabled, it shouldn't interfere with the boot process at all. The TPM is a passive device. In fact, the TPM won't be used without explicit OS support. So you can load anything you want and it will boot.
Second, assuming this is based on the TCG TPM, individual host indentification should not be possible (there are cases where it may be possible) but in general, not.
Now the danger is with application vendors abusing the TPM functionality to limit computer use such as requiring the TPM to be active or storing identitfying information in the TPM.
A good solution in PK is to penalize high level players for attacking lower level players. It would have to be enforced that a higher level player MUST attack a lower level player, but that would work. The greater the disparity, the greater the loss.
Add in an ignore player feature and you can pretty easily make noob bashing a painful experience.
Re:I saw this trash a few weeks ago
on
The Media in 2014
·
· Score: 1
Yeah, I saw this too. I like the vision but I think they are missing the 3 points the parent poster makes.
The biggest problem I have is that to have news "anytime, anywhere" there really needs to be a very portable medium like, the predicted Sony electronic paper, that is as easy to use and as reliable as print (newpaper or book, and I am talking about the vehicle, not the content) and I don't see that coming for a long, long time. It would really suck if I had to wait to come out of a tunnel to get the next section of an electronic paper.
Sure, I use e-books from O'Reilly and they are great, but my paper copies of the same books are just as dog eared now as they were 10 years ago.
Slashdot Mirror
The stipulation by the admissions department does not impart any ethical requirement on the applicant. Just because I provide you a date on which I'm going to contact you does not imply that you are prohibited from learning that information from another source.
Now you have got to be kidding. That fact that there is a process that is kept private and that the school will notify aplicants at a certain time certainly does implicity imply that you should not know the outcome until they notify you.
There are dozens of reasons why the school wants to keep the admissions process private but that is speculation on my part.
The simple fact that you are missing is that Just becuase you can doens't mean you should. It really is that simple and it is not a platitidue, but a truism.
So by your example, if someone induces another to divulge that information, then that is unethical, but because that same person induced a computer to do divulge that information, that is not unethical? Maybe you mean it would be unethical on the part of the person divulging, but what about the person inducing? Don't they have ethical boundaries? Of course they do.
Just becuase you access information through a computer doesn't make that right either nor does it remove the ethical responsibility.
That's just my opinion. I'm willing to accept the fact that you may disagree.
If I may be so bold, maybe you should re-examine that opinion as it is not well thought out and certianly obviously internally inconsistent (at least how you are stating it)
Oh, sure, by your logic, if you go in for a medical test to see if you have cancer, and the hospital says they'll notify you in August, but they start broadcasting your results via the web (lets say, by an unlinked web page, but one that is posted on discussion forums), you argue it would be unethical for you to go find out early if you have cancer.
Your obviously an idiot.
About 20 years in various industries. Thanks for asking.
If you think there is some honor code that everyone follows then bend over buddy, you are about to take a good reeming.
So your arguement boils down to "because everyone does it, that makes it OK?"
- Because a some (maybe a majority) athletes take anabolic steriods, everyone should. Hey, it's competition.
- Because brokerages trade stocks and employ analysts of those stocks, then it's OK for those analysts to hype the very stocks they are invested in?
- Because some manufacturing plants pollute and US laws are getting stricter in pollution, it is OK to move manufacturing to another country and pollute it?
Those are realistic and actual outcomes of your position.I don't like it or agree with it, but that's the nature of our current business environment.
How sad for you, and rest of us, to buy into and accept that position.
You've got to be kidding me. How on earth is this some ethical conundrum? Information was available, unsecured, from the public Internet, to him, regarding his personal status.
Just because you can do a thing, doesn't mean you should or that it is right to do so. That the information was available is irrelevant.
The heart of the matter is that the admissions process stipultated a date when applicants would be notified and applicants should honor that stipulation. That is the honestly ethical thing to do.
I would have done it. And I consider myself to be an ethical person. ...
if a business deal came by where I could make $10 million by duping an old lady out of her $100k house,
This shows that you know nothing of ethics. Even a cursory glance at philosophy 101 and the Golden Rule ("Do unto others as you would have them do unto you") certainly applies. Would you want to be duped out of your $100K house so someone else can make money off of it?
The fact of the matter is that these people took the opportunity to look at information that should not have been available to them. They activley seeked it out. That is a violation of trust and that is unethical.
I'm going to turn lemons into lemonade, though.
Good for you, but it is too bad that you can't actually see the ethical problem with taking a peek.
Fundamentally, business runs on trust--trust between collegues and peers, trust between companies, trust between companies and the public. You earn or lose trust based on your actions.
That you took a peek isn't particularly damning, it may be chalked upto a bad decision. That you can't see that it was a bad (unethical) decision, is damning, however.
Regardless of the outcome, you did something wrong and don't seem to see that as a problem.
What is means is that legal documents need to in specific formats to be considered valid. Word Perfect gives you complete control over the format of the document and the elements. Word does not.
By the way, the format issue is so important it is one of the reasons why faxing legal documents is OK, but sending them electronically is not (the local printer may reformat the document while in electronic format).
Kinda. Provided there is a well designed and realistic Protection Profile and the Security Target is realisticaly designed, there is some value to the CC certification.
The biggest issue I have seen with CC is more in the understanding, or lack there of, of what is covered in a CC eval on both consumers and vendors. Vendors obviously promte the CC eval because it is expensive and has a certain cache. Users tend to glaze over reading the certification docs and most often don't make it very far before checking whatever check box they need.
this attack does not allow an attacker to magically deduce your password from its hash, or even generate another password that would hash to the same value as yours. So you don't need to immediately jump up and replace SHA-1 wherever you use it
But if you can find any other password string that will compute to the same hash value, it doesn't matter if that string is the real password or not. You can still use the strig to authenticate and you can reuse that password with other systems that use the same mechanism.
That is the problwm with collisions.
And you have this so completly wrong in so many ways. First of all, it is not the TCPA, that organiztaion has long since been renamce to the TCG and you can find the site here.
Next, if th TPM is designed according to the TCG specs, you have to manually enable it in the BIOS. Once that happens, then you have to manually allow TSS to interact with it before it will do so. You can choose not to, but then you can't use that software.
The TPM does NOT stop software from running. It will NOT stop open source software from running. and it will NOT stop you from using alternative operating systems.
The FUD you are spreading is already available in cuurrent software platforms and does't require the TPM. Why not try actually *gasp* reading the damn specs before you speak.
sheesh.
That would be copyright and trademark. Different animal altogether.
Key escrow.
It is OK for an organization to escrow encryption keys so that they can recover the data later. Of course, you need to protect the escrowed keys.
Key escrow of signing keys is a different matter altogether because signing keys are assigned to a specific user. If someone else has custody of the private signing key, you can never assert that the user had sole use--someone can always claim that he signatures were forged. Also, there is no need to escrow a signing key because if the private key was lost, you can still validate signatures on data signed with that provate key using the public key (at least upto the time when the key was lost, then don't trust any signatures)
From the article and case law, you can't sign away your basic rights even knowingly. That would be considered "unreasonable." You might be able to make the argument that the inability to sell your software, complete with the license, and no longer use it is unreasonable. And you might be able to win. You might also try to entice your states AG to take the fight for you. There are lots of options.
I'd say that the response to this by many people reading this would be fuck them. If they're greedy enough to subscribe to this silly notion of expecting to be paid for their creative output, then they deserve what they can get.
And you would be wrong. My response to you for depriving me of income from work and effort that I have put into a creative piece of work would be fuck you and there he is officer, arrest him. It is not up to you to decide the cost or benfit that is due a creator.
There is nothing wrong with people charging for creative works. There is something very wrong with someone else taking that work without paying for it.
And trying to use the American Indian situation as support for your arguments shows that you don't have a grasp of either situation.
Where is the "limited time" the constitution guarantees To really fix the problem, the copyright laws need revamped to put the "limited" back in.
...
You want to point out in the US Constitution the section that deals with copyright please? Maybe if you read it backwards it is there
Yep.
I use Outlook and I can search for and locate Outlook emails in about 2 seconds. When I use Outlook search, I have to wait until it searches every single email and them presents them to me and here is the kicker, I can't do anything else while Outlook is searching otherwise the search stops. I have a couple of 1000 emails (I tend to keep deleted email for a long time and I rarely clean out my in box).
Another use is that I have alot of files for work in My Documents that I refer back to often as far as a year or so. No amount of organizing is going to save me time locating stuff.
The point is, computers are good at indexing and searching, I am not, so let the computer do the work.
Ah, lots of reasons. Windows search tool is pretty limiting. You can search the hard drive. Or I can search Outlook but those are seperate operations. Don't try to go back and read that email while searching Outlook using the Outlook tool because the search will end. And takes for ever to run.
It doesnt' have really good boolean support. Lot's of reasons.
I use Google Desktop because it supports the seraching I need to do (mostly microsoft files and Outlook) and it fast.
...which in turn will lead to the device being returned as defective by geeks and "normal" people experiencing false positives.
Go read the material on the TPM. You will find that the design of the TPM is specifically not to impede the boot strap process unless that is the policy of the machine. Vendors who try to sell something like that will face incredible public back-lash that it wouldn't get very far. Clipper failed due to extreme public pressure.
There are enough paranoid people who are far less informed about technology out there to put pressure on the market.
It wouldn't sell.
Most of the big companies are involved in Trusted Computing of some sort, and have invested heavily in it. The idea that they will go that all that expense and then not use the platform strikes me as unlikely.
Yeah. I agree. I think you will see this deployed more in the commercial and the gov't sectors because there is more of a motivation to control the endpoints and quite frankly more reason to.
I don't think this will work in the consumer space because too many consumers won't know what TPM is, won't be able to deal with errors, and any impediment to user acceptance is a cost that the organization trying to enforce TPM will have to deal with (read pay for).
With the 5 banks I deal with on-line, none of them require I use any special software and if they tried, I think they would find support costs astronimical.
The adage should be: "An organization that puts software on the computer gets to support it."
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right?
This is old news. That functionality has been available in BIOS's for at least 10 years.
What you may be referring to is the TPM 1.1 chip in some Thinkpads. But I believe that TPM has to be manually enabled. Could be wrong.
No, no, no.
If this is based on the Trusted Platform Module (TPM) specified by the TCG, then the security features have to be enabled first.
Even if the TPM is enabled, it shouldn't interfere with the boot process at all. The TPM is a passive device. In fact, the TPM won't be used without explicit OS support. So you can load anything you want and it will boot.
Second, assuming this is based on the TCG TPM, individual host indentification should not be possible (there are cases where it may be possible) but in general, not.
See here for more details about the TPM: Design Principles
Now the danger is with application vendors abusing the TPM functionality to limit computer use such as requiring the TPM to be active or storing identitfying information in the TPM.
try Liberty Alliance
A good solution in PK is to penalize high level players for attacking lower level players. It would have to be enforced that a higher level player MUST attack a lower level player, but that would work. The greater the disparity, the greater the loss.
Add in an ignore player feature and you can pretty easily make noob bashing a painful experience.
Yeah, I saw this too. I like the vision but I think they are missing the 3 points the parent poster makes.
The biggest problem I have is that to have news "anytime, anywhere" there really needs to be a very portable medium like, the predicted Sony electronic paper, that is as easy to use and as reliable as print (newpaper or book, and I am talking about the vehicle, not the content) and I don't see that coming for a long, long time. It would really suck if I had to wait to come out of a tunnel to get the next section of an electronic paper.
Sure, I use e-books from O'Reilly and they are great, but my paper copies of the same books are just as dog eared now as they were 10 years ago.
It's a matter of convenience.
As long as you don't download crap off the internet or don't do port forwarding to an internal server, your NAPT router is a good defense.