> I can't imagine that a scam would be too willing to provide a lot of proof > that someone authorized the purchase of a fake product and that they then > delivered that fake product.
They might be willing to send out a few bullshit-filled emails designed to baffle the bank for long enough for them to finish the operation, clean out the account, and move on.
> How many months of bogus $10 charges will you tolerate?
Zero. My wife handles the credit cards and she verifies every single charge. I am required to save and annotate every slip and log every Internet or phone transaction.
> Just you didn't get what you thought you'd get doesn't mean you can reverse > the charges.
Yes it does. They promised antivirus and failed to deliver it. The problem is in proving it. It's the vendor's word against yours. You did give the vendor your number and they did send you something. Why should the credit card company believe your claim that it wasn't what you ordered? Are you ready to go to court over $50? If so you will probably win.
I'm honestly not trying to troll of flamebait, but what difference does the "study" make whether it's correct or not?
Torrents are not, in and of themselves, currently illegal in the USA. This study will be used to support attempts to change that, or at least to try to induce ISPs to block torrents.
A deadline's always feasible. It may not be possible to come up with a clean fix in a short timeframe, but you can always come up with either a workaround or something the users can do to mitigate the damage.
So publish the workaround along with the vulnerability.
I'm talking about disclosing vulnerabilities, not publishing exploit code. From your link:
Publication of truthful information is protected by the First Amendment. Both source code and object code are also protected speech. Therefore truthful vulnerability information or proof of concept code are constitutionally protected.
This protection, however, is not absolute. Rather, it means that legal restrictions on publishing vulnerability reports must be viewpoint-neutral and narrowly tailored. Practically speaking, this means it is very rare for the publication of non-code information lead to legal liability.
> If a court were to find that a specific attack occured because of your > disclosure and would not have occured otherwise, you may be held partially > liable to that attack's victim even if your disclosure ultimlately prevented > many more attacks.
Not likely in the USA. Absent a contract you have no duty not to utter true statements.
Actually it was the Poles and the Brits who broke Enigma: the USA broke the Japanese codes. Irrelevant in any case though. The Germans had developed Enigma themselves and were using it only internally: there were no trusting "users" at risk.
> By paying for the tow package you are reducing your inconvenience later, > maybe even a dangerous situation for you and your passengers like being > stuck where you don't belong over a flat tire.
Which will help you not at all when you can't get where you are going because one of the state's bridges fell into the river. Which is the automobile analogy for the situations Southwest means.
> Force Majeure means 'superior force', so perhaps not an act of your God but > of some other deity? Presumably that would be one of the Greek Gods, say > Hermes, God of Travel or Lelantos, God of Air?
No, the FAA and the local government's airport authority. They might as well be gods for all that the airline can do about them.
> Those still seem like maintenance issues that the airline is responsible for > as they rent those services to provide service to their customers.
The air traffic control system is not a service they rent. It's a Federal government monopoly. They use it or they don't fly and they have no recourse when in breaks down.
> The airline should then seek relief from the airport under whatever > contracts they have.
The airports are generally local government monopolies. It's unlikely that the airline has any recourse their either.
I'm not saying it isn't possible. I'm saying that the answer to the Fermi "Paradox" could be as simple as: Maybe the assumption that civilizations will engage in exponential galactic colonization endeavors is wrong.
The paradox only requires the assumption that at least one does. Your answer requires than none do.
I think it likely that aging will be eliminated within a hundred years or so. That means bigger changes than just everyone living about 500 years, though. There is a fundamental difference between "You have a 50% chance of living a total of X years" and "You have a 50% chance of living another X years". In the former case you have a less than 50% chance of surviving a journey of X years and very little chance of living long enough to do much if you do arrive. In the latter you have a 50% chance of surviving the journey and a 50% chance of living X years once you arrive. It's a matter of horizons. People who are always thinking "I'm likely to be here in X years. I might be here in 2X years" are going to have different attitudes than those who are always thinking "I'm likely to be gone in (X-age) years. I'll surely be gone in 2X years." Someone who knows he is likely to live another 500 years no matter how long he has already lived may be quite willing to undertake a century-long voyage.
Slashdot Mirror
rm -rf ~/.adobe/Flash_Player/* ~/.macromedia/Flash_Player/* /dev/null ~/.adobe/Flash_Player/AssetCache /dev/null ~/.macromedia/Flash_Player/#SharedObjects /dev/null ~/.macromedia/Flash_Player/macromedia.com
ln -s
ln -s
ln -s
Or just get rid of Adobe Flash entirely.
> What? They said that bank customers can't make the decision to NOT cash a
> check?
No, that the intent was clearly fraudulent. Except when prevented by loony statutes judges regularly apply common sense.
> I can't imagine that a scam would be too willing to provide a lot of proof
> that someone authorized the purchase of a fake product and that they then
> delivered that fake product.
They might be willing to send out a few bullshit-filled emails designed to baffle the bank for long enough for them to finish the operation, clean out the account, and move on.
> Depends on what they actually promised, they did "clean" the pcs of the
> browser hijacker.
They only removed what they installed, and only after you paid them. Not just fraud: extortion.
> Even then just try suing a company from Russia in your local small claims
> court.
Not the vendor. The card-issuing bank, for refusing to cancel the charge. You might win, but it wouldn't be worth it.
> Now this isn't ethical, but that doesn't mean it is not legal.
Fraud and extortion are not legal.
> Funny how, unlike on the Monopoly Community Chest cards, bank errors never
> appear to be 'in your favour'.
I experienced one just last month: a $500+ overpayment.
> How many months of bogus $10 charges will you tolerate?
Zero. My wife handles the credit cards and she verifies every single charge. I am required to save and annotate every slip and log every Internet or phone transaction.
Sure it is, but how does the credit card company know that? They have only your word.
> Just you didn't get what you thought you'd get doesn't mean you can reverse
> the charges.
Yes it does. They promised antivirus and failed to deliver it. The problem is in proving it. It's the vendor's word against yours. You did give the vendor your number and they did send you something. Why should the credit card company believe your claim that it wasn't what you ordered? Are you ready to go to court over $50? If so you will probably win.
Torrents are not, in and of themselves, currently illegal in the USA. This study will be used to support attempts to change that, or at least to try to induce ISPs to block torrents.
So publish the workaround along with the vulnerability.
> If a court were to find that a specific attack occured because of your
> disclosure and would not have occured otherwise, you may be held partially
> liable to that attack's victim even if your disclosure ultimlately prevented
> many more attacks.
Not likely in the USA. Absent a contract you have no duty not to utter true statements.
Actually it was the Poles and the Brits who broke Enigma: the USA broke the Japanese codes. Irrelevant in any case though. The Germans had developed Enigma themselves and were using it only internally: there were no trusting "users" at risk.
If you want to be an "ethical person" you will want to warn the users ASAP.
Whenever you damn well please unless you are contractually obligated to do otherwise.
Sad.
> By paying for the tow package you are reducing your inconvenience later,
> maybe even a dangerous situation for you and your passengers like being
> stuck where you don't belong over a flat tire.
Which will help you not at all when you can't get where you are going because one of the state's bridges fell into the river. Which is the automobile analogy for the situations Southwest means.
> Force Majeure means 'superior force', so perhaps not an act of your God but
> of some other deity? Presumably that would be one of the Greek Gods, say
> Hermes, God of Travel or Lelantos, God of Air?
No, the FAA and the local government's airport authority. They might as well be gods for all that the airline can do about them.
> If any of those things is wrong, it's on their heads.
Good luck suing the FAA or the Metropolitan Airport Commission.
> Those still seem like maintenance issues that the airline is responsible for
> as they rent those services to provide service to their customers.
The air traffic control system is not a service they rent. It's a Federal government monopoly. They use it or they don't fly and they have no recourse when in breaks down.
> The airline should then seek relief from the airport under whatever
> contracts they have.
The airports are generally local government monopolies. It's unlikely that the airline has any recourse their either.
> Putting "god" in a law ... makes you trust the justice system so much ...
What law are you talking about?
n/t
The paradox only requires the assumption that at least one does. Your answer requires than none do.
I think it likely that aging will be eliminated within a hundred years or so. That means bigger changes than just everyone living about 500 years, though. There is a fundamental difference between "You have a 50% chance of living a total of X years" and "You have a 50% chance of living another X years". In the former case you have a less than 50% chance of surviving a journey of X years and very little chance of living long enough to do much if you do arrive. In the latter you have a 50% chance of surviving the journey and a 50% chance of living X years once you arrive. It's a matter of horizons. People who are always thinking "I'm likely to be here in X years. I might be here in 2X years" are going to have different attitudes than those who are always thinking "I'm likely to be gone in (X-age) years. I'll surely be gone in 2X years." Someone who knows he is likely to live another 500 years no matter how long he has already lived may be quite willing to undertake a century-long voyage.
No. I know why. It's currently the most effective bogeyman.