If they want to do a hardware thing, they should invest the time in making a multicore processor which solves a problem no one else is solving. Maybe a processor specifically designed for microkernels and untrusted code. Maybe an FPGA that implements CAM's + complex SQL functions on the fly in circuitry, as needed? You know, stuff people other than Oracle might actually have a use for? Then they could sell that stuff and make money.
Just because something is published, doesn't mean it will be declassified. They will still raise a motion to suppress testimony, because the requirement to do that is a very technical definition (i.e., it has nothing to do with whether something is actually a secret or not). In several previous Patriot Act trials, the defendant had been barred by the judge from mentioning anything to do with Snowden, even though Snowden himself had nothing to do with the case, because stuff pertaining to Snowden is still classified even after mass publication.
Furthermore, he would be specifically barred from making any public interest defense whatsoever. That's written into the law. So regardless of the classification status of the topics he would wish to raise, he would still not be able to make a verbal argument because the law forbids it. The only thing the law actually permits is for him to dispute whether or not he took classified documents, and any statements he made regarding that very narrow thing would have to be preapproved by the prosecution because they concern national security info. In other words, he isn't allowed to defend himself. Period.
"as far as I know (and other commenters seem to think so as well), don't work that way"
AFAIK != secure. If you were the only holder of the decryption key for your data, the vendor would make sure you knew that. The fact that people are not sure is not a promising sign.
Many of the ones discussed are hosted on hardware which must be leased by the hour, but are offered free of charge to users. There is an inherent conflict of interest for the provider of the service, even if their intentions currently are above board. I'm not saying they're worthless, because every federated identity management system has problems, but users often assume there is less counter-party risk than there really is.
The correct approach is to simplify password requirements and use two-factor authentication, not allow manipulation of the password field. If passwords have to get complex enough that you can't keep them in your head, they aren't really knowledge-based authentication anyway.
The system is needed so that law enforcement can remotely shut down the engine if the car is stolen. In other words, as Comey would say, "a front door with really big locks." However, law enforcement has a difficult time working with really big locks, so we make the big locks smaller, more like child-safety locks, so that officers are not inconvenienced and can't accuse the vendor of obstruction.
It's dishonest to say that there is no way to prevent businesses from abusing the H1B program. Screening based on motivation for the hire is baked into the program. The only way to get a H1B worker to replace an American worker is to file false documents with the US Department of Labor. That's already a crime. The problem is they don't want to enforce it, because they depend on companies like Disney to fund political advertising. I think it's a little sad that America's first black president won't weigh in on what is effectively a modern servant indenture program, even while claiming to want to help illegal immigrants who are exploited a similar way.
It's not just that. In a cashless society the government van put a tax on deposits that can't be avoided by holding currency. In other words, it makes it possible to seize savings in a way that is fairly automated.
They offer you no interest because you have the alternative of paying with cash, which affects their negotiating position. If cash transactions are made illegal, fees on electronic transactions will go up, because as a customer you have no choice but to accept the fee. There's a huge difference between cash being less preferred, and cash being illegal or otherwise encumbered.
We're not talking about chip designs. We're talking about public policy. You are paying for the labor involved in producing the info, not a proprietary interest in the data itself.
Public information isn't supposed to be exclusive; that's the whole reason why its public. If reporters have turned FOIA into a business model then that's a problem for reporters. It doesn't just take time to file requests, it also takes time to digest released material. That really takes even more time than the request, if the reporter isndoinf their job right. If they want "exclusives", they can just do what they always do; call up their "anonymous" department heads for a sanctioned leak.
Are you blocking because the website carries malware, or are you blocking it because your boss doesn't approve of the content? Those are separate issues. If you are blocked because of content, then your boss needs to decide which employees should be trusted with internet access and unblock them (but audit). If the site contains malware it needs to stay blocked, until you have an IT guy on staff who can access the site in a sandbox VM. If the problem is loss prevention, they need to airgap the network with the stuff they don't want to get out.
I frequently have people I have never met or seen before sneak up behind me and exclaim loudly "IS THAT A BOMB?". No, dipshit. Not everything home made with wires and capacitors is a bomb.
I doubt Google will fix them anyway, if they are on a carrier-locked device. They haven't even fixed TLS on the system default browser on a lot of their devices. 80% of Android installs are abandonware.
TLS, if it uses a cert signed by a CA under the legal jurisdiction of the US, is really no protection at all. Lavabit proved that the DoJ and others use general warrants to subpeona private signing keys of service providers. Once a government has that information (ostensibly obtained for one purpose, a law enforcement surveillance order), may continue using it for any other "authorized" purpose, such as espionage or impersonation. This is a known problem with PKI generally. That also completely ignores the fact that the data center hosting the mail may be compelled to install implants under secret court order or turn over hard drive images, regardless of whatever encryption is employed on the commlinks. This may occur even in cases where the particular government has no jurisdiction, by using IT workers who they have compromised via blackmail or bribes.
If you have to focus on facilitating it, it isn't organic. Organic interaction means you provide the tools and get out of the way, instead of being that one waiter guy that keeps asking if your food is okay every 3 minutes.
Making IPv4 expensive is the only way IPv6 is ever going to happen. My local cable company bragged in the news about rolling out IPv6 to the whole country. That was two years ago. I called to find out when IPv6 was going to be offered in my area. There is no timetable nor any plan to provide it. I live in a suburban area in a city of over 150,000. The retail ISPs simply aren't interested in upgrading their equipment. They have partial monopolies in their coverage areas, and until it becomes so expensive that a third party can build infrastructure cheaper than the incumbent can upgrade, IPv4 is here to stay.
There is no such thing as a certain outcome in a court case, particularly if the other side has a lot of money to spend and can file motions continually. The SCO case took over 10 years. If you run out of money for attorney fees you lose by default.
Slashdot Mirror
If they want to do a hardware thing, they should invest the time in making a multicore processor which solves a problem no one else is solving. Maybe a processor specifically designed for microkernels and untrusted code. Maybe an FPGA that implements CAM's + complex SQL functions on the fly in circuitry, as needed? You know, stuff people other than Oracle might actually have a use for? Then they could sell that stuff and make money.
Just because something is published, doesn't mean it will be declassified. They will still raise a motion to suppress testimony, because the requirement to do that is a very technical definition (i.e., it has nothing to do with whether something is actually a secret or not). In several previous Patriot Act trials, the defendant had been barred by the judge from mentioning anything to do with Snowden, even though Snowden himself had nothing to do with the case, because stuff pertaining to Snowden is still classified even after mass publication. Furthermore, he would be specifically barred from making any public interest defense whatsoever. That's written into the law. So regardless of the classification status of the topics he would wish to raise, he would still not be able to make a verbal argument because the law forbids it. The only thing the law actually permits is for him to dispute whether or not he took classified documents, and any statements he made regarding that very narrow thing would have to be preapproved by the prosecution because they concern national security info. In other words, he isn't allowed to defend himself. Period.
"as far as I know (and other commenters seem to think so as well), don't work that way" AFAIK != secure. If you were the only holder of the decryption key for your data, the vendor would make sure you knew that. The fact that people are not sure is not a promising sign. Many of the ones discussed are hosted on hardware which must be leased by the hour, but are offered free of charge to users. There is an inherent conflict of interest for the provider of the service, even if their intentions currently are above board. I'm not saying they're worthless, because every federated identity management system has problems, but users often assume there is less counter-party risk than there really is.
The correct approach is to simplify password requirements and use two-factor authentication, not allow manipulation of the password field. If passwords have to get complex enough that you can't keep them in your head, they aren't really knowledge-based authentication anyway.
The system is needed so that law enforcement can remotely shut down the engine if the car is stolen. In other words, as Comey would say, "a front door with really big locks." However, law enforcement has a difficult time working with really big locks, so we make the big locks smaller, more like child-safety locks, so that officers are not inconvenienced and can't accuse the vendor of obstruction.
Because they sold to governments. Clever, really.
It's dishonest to say that there is no way to prevent businesses from abusing the H1B program. Screening based on motivation for the hire is baked into the program. The only way to get a H1B worker to replace an American worker is to file false documents with the US Department of Labor. That's already a crime. The problem is they don't want to enforce it, because they depend on companies like Disney to fund political advertising. I think it's a little sad that America's first black president won't weigh in on what is effectively a modern servant indenture program, even while claiming to want to help illegal immigrants who are exploited a similar way.
They aren't different fiefdoms anymore. They haven't been for about a decade. That's the whole problem.
It's not just that. In a cashless society the government van put a tax on deposits that can't be avoided by holding currency. In other words, it makes it possible to seize savings in a way that is fairly automated.
They offer you no interest because you have the alternative of paying with cash, which affects their negotiating position. If cash transactions are made illegal, fees on electronic transactions will go up, because as a customer you have no choice but to accept the fee. There's a huge difference between cash being less preferred, and cash being illegal or otherwise encumbered.
We're not talking about chip designs. We're talking about public policy. You are paying for the labor involved in producing the info, not a proprietary interest in the data itself.
Public information isn't supposed to be exclusive; that's the whole reason why its public. If reporters have turned FOIA into a business model then that's a problem for reporters. It doesn't just take time to file requests, it also takes time to digest released material. That really takes even more time than the request, if the reporter isndoinf their job right. If they want "exclusives", they can just do what they always do; call up their "anonymous" department heads for a sanctioned leak.
Are you blocking because the website carries malware, or are you blocking it because your boss doesn't approve of the content? Those are separate issues. If you are blocked because of content, then your boss needs to decide which employees should be trusted with internet access and unblock them (but audit). If the site contains malware it needs to stay blocked, until you have an IT guy on staff who can access the site in a sandbox VM. If the problem is loss prevention, they need to airgap the network with the stuff they don't want to get out.
Unfortunately, we will have to chain passengers to the oars. We regret any inconvenience.
If that's the case, Elon Musk has you covered. Literally.
And what do you do with a risk pool of ONE?
I mean, what are the actuarial tables on that?
I doubt even the NSA could answer that question.
I frequently have people I have never met or seen before sneak up behind me and exclaim loudly "IS THAT A BOMB?". No, dipshit. Not everything home made with wires and capacitors is a bomb.
It is on TV!
I doubt Google will fix them anyway, if they are on a carrier-locked device. They haven't even fixed TLS on the system default browser on a lot of their devices. 80% of Android installs are abandonware.
No but a judge in the US with a bad hair day could do it in minutes.
TLS, if it uses a cert signed by a CA under the legal jurisdiction of the US, is really no protection at all. Lavabit proved that the DoJ and others use general warrants to subpeona private signing keys of service providers. Once a government has that information (ostensibly obtained for one purpose, a law enforcement surveillance order), may continue using it for any other "authorized" purpose, such as espionage or impersonation. This is a known problem with PKI generally. That also completely ignores the fact that the data center hosting the mail may be compelled to install implants under secret court order or turn over hard drive images, regardless of whatever encryption is employed on the commlinks. This may occur even in cases where the particular government has no jurisdiction, by using IT workers who they have compromised via blackmail or bribes.
If you have to focus on facilitating it, it isn't organic. Organic interaction means you provide the tools and get out of the way, instead of being that one waiter guy that keeps asking if your food is okay every 3 minutes.
Making IPv4 expensive is the only way IPv6 is ever going to happen. My local cable company bragged in the news about rolling out IPv6 to the whole country. That was two years ago. I called to find out when IPv6 was going to be offered in my area. There is no timetable nor any plan to provide it. I live in a suburban area in a city of over 150,000. The retail ISPs simply aren't interested in upgrading their equipment. They have partial monopolies in their coverage areas, and until it becomes so expensive that a third party can build infrastructure cheaper than the incumbent can upgrade, IPv4 is here to stay.
There is no such thing as a certain outcome in a court case, particularly if the other side has a lot of money to spend and can file motions continually. The SCO case took over 10 years. If you run out of money for attorney fees you lose by default.