Yeah right, wifi transactions somehow manage to pop-up on my computer screen and display the packet contents without any kind of interaction from me.
And all of that is passive. There is no interaction. If Google was breaking the encryption of a given network, then pookemon's analogy would have been more apt.
Yes - Google had to look to see what they saw. But there's nothing that indicates Google was interested in the network traffic itself (beyond SIDs, MACs, etc.). And even if they were, and I'd find that disturbing, I'd have to admit I'd find it no more outrageous than Google indexing password files it's spiders saw on incorrectly configured web servers.
However, in case you missed it the first time, my original point was; none of this is remotely analogous to nazi eugenics.
Fair enough. I agree on that point. I don't like the concept of a law that would make (say) Kismet illegal. But it's a far cry from death camps.
I see you subscribe to Googles claim that they "did it accidentally".
More or less, yes. I do. I've done the same thing with Kismet. I've been interested in what SIDs I can find and, by default, have captured some random amount of data in the process. I wouldn't be surprised to find out Google did the same thing - especially since Kismet seems to be part of their tool kit.
As for the law being new or old - not really worried about that. If Australia makes this illegal, too bad for Australian citizens. And I'll be sure to be extra careful next time I visit.
Overlooking that all banking transactions are done over https, Conroy was effectively advising people that extremely risky behavior is perfectly OK. There is a level of extreme hypocrisy about the whole debate that leads me to believe this is 100% a witch hunt primarily designed to distract from the government's own desire to violate our privacy.
It does strike me as being quite telling. These are worse thinking scenarios dreamed up to scare the horses. To what ends is an interesting question.
It's illegal to open the little box at the end of my neigboor's driveway and "sniff" the contents of their mail. It's illegal to open a pit in the footpath and "sniff" the contents of a telephone call...
The problem with your analogies is that they involve interaction well beyond what's going on in this case. With the mail, you have to open the mailbox, remove mail, and presumably open up envelopes to "sniff" the mail. With the telephone system, you're going a few steps even further. No sort of interaction is going on with wireless network sniffing.
To make your mail analogy work, we'd have to rework the mail system. We'd toss out mailboxes. Instead, there's a bulletin board. You tack your mail up on that when sending or receiving mail. If you're not too picky, you're just tacking up post cards. Anyone who's passing by who cares to look can see not only that you have a mail board up, but what you're using it for. Of course, some people have an issue with this - or are simply following trends set for them. They've taken to folding their post in half before tacking it to the board (WEP). Casual drive-by observers, such as Google, now can only tell that you've got a post board up and what it's called. They can see that you're using it. But beyond that, it takes effort to walk up to the board and unfold the message to read it (WEP being relatively trivial to decrypt depending on the details). Those in the post board industry weren't happy with that and developed envelopes that make it even more difficult to read your neighbors mail (WPA / WPA2). Most people are using these envelopes by default even if they don't understand why - it's the trendy thing to do (and most access point hardware has you set it up by default). All people would probably use these envelopes if they understood what's involved. A few people are running around screaming that Google looked at their post board - they're the same ones upset that a picture was taken of their front door.
You're wrong. I'm one of the people saying "big deal." And as much as I despise Microsoft and it's business practices, I'd have a hard time coming up with an issue to bring them to task over this.
...that as an American, I'm looking to Europe and Australia to actually stand up to Google and stop them from collecting every bit of data they can about me, like actually sending a van outside my house to grab information about my home network.
Don't fear Google. Fear me. I could be your neighbor. As of last week, my laptop could see about two dozen wireless access points. Most of those were encrypted. A handful aren't. The unencrypted ones aren't too chatty. One is fairly busy. I would hazard to guess that very few of my neighbors are aware that I can see them much less are looking. If one of them did suspect the possibility, I'd guess it was one of those who's network is encrypted.
No, no... that's spelled correctly in the native language of 4chan.
Re:They opensourced the engine, but not the data.
on
Aquaria Goes Open Source
·
· Score: 4, Interesting
(I guess it wouldn't work for multiplayer due to the rampant cheating that would ensue...)
Quakeworld was an object lesson in this. Very shortly after the Quake source went GPL, you saw speed hacks. There were those in the Quake (specifically Team Fortress) community who believed that this was Carmack's poison pill to finally kill off the game. However, newer server code soon followed that detected speed hacks (among other things). And, for the most part, a game that had already survived numerous cheats before it was Open Source, continued to survive afterwards.
It should be noted that one of Carmack's discussions around that time was the problem of balancing out latency without trusting the client too much (said trust being the issue that lead to speed hacks).
The case of it being "accidental" could depend on their intentions. Was Google interested in the data they sniffed in itself or is it a byproduct of the network mapping they were doing. I used to run Kismet on my drives home every day from work just to see what SIDs I find along my route. By default, Kismet was dumping those packets to disk. Once in awhile, I'd go back and dump those files and clean up. I shuffled quite a bit of data that I never looked at and I wouldn't be surprised if Google wasn't the same.
Of course - I also occasionally looked to see what I was picking up. The most damning thing I found was someone's POP credentials. I'm sure if that individual knew how public they were being, they'd be quite upset about it. Probably start behaving like folks are behaving towards Google. Which is why I never took the effort to point out the issue to them.
Exactly. I'm perfectly fine with them banning bots. What's stupid is that they sue another company over the revenue lost because Blizzard chose to ban bots. They didn't have to do that. Their decision.
It depends on what they're attributing their losses to. I expect Blizzard has had to dedicate a fair amount of resources to dealing with the damage Glider was doing. They were in the arms race of locking out Glider / detecting cheaters using Glider. Then they were having to deal with account banning and handling customers who (honestly or otherwise) claimed surprise that using Glider was an issue. And they had to deal with customers who were getting annoyed at watching cheaters running their scam. While all this is a part of doing business in these area - it was an expense that was being greatly advanced by the efforts of MDY.
There are technical solutions for these issues. but they want to dictate what programs you can and can't run.
Well, sure there are technical solutions. But are they as effective? A lot of these solutions seem to be more reactive than anything. And that's not always the best way to handle a threat.
Having said that - sometimes reactive mitigation is the only sensible alternative. There are times one could be more pro-active but end up doing more damage; the cure worse than the illness. And I think this is one of those times.
I don't think the issue here is whether Blizzard should or should not work to prevent bots. The question is the tactic they're using to achieve that end. And, more to the point, the legal ramifications of those tactics being successful.
I'm glad Blizzard was able to shut down MDY and go a long way towards interrupting Glider and it's ilk. But I'm afraid Blizzard's lawyers are being too smart for everyone's good. The legal tactic has been successful in achieving this goal. And I'm not sure that there's a more effective way to go about it. However, the legal ramifications are startling.
I really miss the AutoTravel mod. I used to check on the Auction House during lunch by logging in via VNC and using AutoTravel to run between the bank, mailbox, and AH. That and riding down the road while I went to get some more soda was nice.
One of the things I hated about working the flight-line was getting tagged to go wash an aircraft. We used some sort of orange-oil based solvent / soap that was friendly to the environment but decidedly unfriendly to bare skin. So we'd get suited up in rain gear, boots, rubber gloves... duct tape to seal intersections between gear.... and a face shield. You did not want that stuff on you. With a high pressure hot water hose and a foam cannon operating in a closed hanger, you got a nice mixture of heat, humidity, and citris scent. I'm pretty sure it was a close approximation to what Hell would be like if it moved to Florida.
I'm not sure of the details of this bill - but as in the above scenario I can certainly think of situations where intervention by specialist government experts may be needed for the greater good or to save lives.
The problem I have with this line of thought is that in my experience one is much more likely to find competent infosec specialists within the private sector than public service. That's not to say that incompetency doesn't exist in the private sector (and how). And I don't wish to discount those upstanding individuals I've met within public institutions. But as a general rule of thumb, the Government has consistently lagged behind the private sector in this area. And their recent efforts have had more to do with creating regulations and generating documents to show that they meet them than fostering technical capability. Which is fine, except the aforementioned black-hats are less impressed with documentation that outlines how an organization has mitigated a given risk than exploiting the risk itself.
Your nightmare scenario sounds very much like the infamous Cyber.Shockwave "exercise" broadcast on CNN. The scenario they used involved a lot of "what-ifs", no representation by private industry who actually run the networks involved, and a broad assumption that those private individuals who keep said networks functional day to day would be unable to affect change to the situation. What you ended up with is a room full of former Federal policy wonks with no real technical knowledge all wringing their hands that they have no power to do anything.
Slashdot Mirror
What you're missing is that I'm not missing that point. Like I said - whether the law is new or old, don't much care. It's still an inane law. ;)
If Google was breaking the encryption of a given network, then pookemon's analogy would have been more apt.
Sorry - that was your analogy. :P
Yeah right, wifi transactions somehow manage to pop-up on my computer screen and display the packet contents without any kind of interaction from me.
And all of that is passive. There is no interaction. If Google was breaking the encryption of a given network, then pookemon's analogy would have been more apt.
Yes - Google had to look to see what they saw. But there's nothing that indicates Google was interested in the network traffic itself (beyond SIDs, MACs, etc.). And even if they were, and I'd find that disturbing, I'd have to admit I'd find it no more outrageous than Google indexing password files it's spiders saw on incorrectly configured web servers.
However, in case you missed it the first time, my original point was; none of this is remotely analogous to nazi eugenics.
Fair enough. I agree on that point. I don't like the concept of a law that would make (say) Kismet illegal. But it's a far cry from death camps.
I see you subscribe to Googles claim that they "did it accidentally".
More or less, yes. I do. I've done the same thing with Kismet. I've been interested in what SIDs I can find and, by default, have captured some random amount of data in the process. I wouldn't be surprised to find out Google did the same thing - especially since Kismet seems to be part of their tool kit.
As for the law being new or old - not really worried about that. If Australia makes this illegal, too bad for Australian citizens. And I'll be sure to be extra careful next time I visit.
Overlooking that all banking transactions are done over https, Conroy was effectively advising people that extremely risky behavior is perfectly OK. There is a level of extreme hypocrisy about the whole debate that leads me to believe this is 100% a witch hunt primarily designed to distract from the government's own desire to violate our privacy.
It does strike me as being quite telling. These are worse thinking scenarios dreamed up to scare the horses. To what ends is an interesting question.
Let me see if I can phrase this right...
U mad?
It's illegal to open the little box at the end of my neigboor's driveway and "sniff" the contents of their mail. It's illegal to open a pit in the footpath and "sniff" the contents of a telephone call...
The problem with your analogies is that they involve interaction well beyond what's going on in this case. With the mail, you have to open the mailbox, remove mail, and presumably open up envelopes to "sniff" the mail. With the telephone system, you're going a few steps even further. No sort of interaction is going on with wireless network sniffing.
To make your mail analogy work, we'd have to rework the mail system. We'd toss out mailboxes. Instead, there's a bulletin board. You tack your mail up on that when sending or receiving mail. If you're not too picky, you're just tacking up post cards. Anyone who's passing by who cares to look can see not only that you have a mail board up, but what you're using it for. Of course, some people have an issue with this - or are simply following trends set for them. They've taken to folding their post in half before tacking it to the board (WEP). Casual drive-by observers, such as Google, now can only tell that you've got a post board up and what it's called. They can see that you're using it. But beyond that, it takes effort to walk up to the board and unfold the message to read it (WEP being relatively trivial to decrypt depending on the details). Those in the post board industry weren't happy with that and developed envelopes that make it even more difficult to read your neighbors mail (WPA / WPA2). Most people are using these envelopes by default even if they don't understand why - it's the trendy thing to do (and most access point hardware has you set it up by default). All people would probably use these envelopes if they understood what's involved. A few people are running around screaming that Google looked at their post board - they're the same ones upset that a picture was taken of their front door.
You're wrong. I'm one of the people saying "big deal." And as much as I despise Microsoft and it's business practices, I'd have a hard time coming up with an issue to bring them to task over this.
...that as an American, I'm looking to Europe and Australia to actually stand up to Google and stop them from collecting every bit of data they can about me, like actually sending a van outside my house to grab information about my home network.
Don't fear Google. Fear me. I could be your neighbor. As of last week, my laptop could see about two dozen wireless access points. Most of those were encrypted. A handful aren't. The unencrypted ones aren't too chatty. One is fairly busy. I would hazard to guess that very few of my neighbors are aware that I can see them much less are looking. If one of them did suspect the possibility, I'd guess it was one of those who's network is encrypted.
Yours should be too.
No, no... that's spelled correctly in the native language of 4chan.
(I guess it wouldn't work for multiplayer due to the rampant cheating that would ensue ...)
Quakeworld was an object lesson in this. Very shortly after the Quake source went GPL, you saw speed hacks. There were those in the Quake (specifically Team Fortress) community who believed that this was Carmack's poison pill to finally kill off the game. However, newer server code soon followed that detected speed hacks (among other things). And, for the most part, a game that had already survived numerous cheats before it was Open Source, continued to survive afterwards.
It should be noted that one of Carmack's discussions around that time was the problem of balancing out latency without trusting the client too much (said trust being the issue that lead to speed hacks).
The case of it being "accidental" could depend on their intentions. Was Google interested in the data they sniffed in itself or is it a byproduct of the network mapping they were doing. I used to run Kismet on my drives home every day from work just to see what SIDs I find along my route. By default, Kismet was dumping those packets to disk. Once in awhile, I'd go back and dump those files and clean up. I shuffled quite a bit of data that I never looked at and I wouldn't be surprised if Google wasn't the same.
Of course - I also occasionally looked to see what I was picking up. The most damning thing I found was someone's POP credentials. I'm sure if that individual knew how public they were being, they'd be quite upset about it. Probably start behaving like folks are behaving towards Google. Which is why I never took the effort to point out the issue to them.
Really? You expect to be arrested for running Kismet? What country do you live in?
Exactly. I'm perfectly fine with them banning bots. What's stupid is that they sue another company over the revenue lost because Blizzard chose to ban bots. They didn't have to do that. Their decision.
It depends on what they're attributing their losses to. I expect Blizzard has had to dedicate a fair amount of resources to dealing with the damage Glider was doing. They were in the arms race of locking out Glider / detecting cheaters using Glider. Then they were having to deal with account banning and handling customers who (honestly or otherwise) claimed surprise that using Glider was an issue. And they had to deal with customers who were getting annoyed at watching cheaters running their scam. While all this is a part of doing business in these area - it was an expense that was being greatly advanced by the efforts of MDY.
There are technical solutions for these issues. but they want to dictate what programs you can and can't run.
Well, sure there are technical solutions. But are they as effective? A lot of these solutions seem to be more reactive than anything. And that's not always the best way to handle a threat.
Having said that - sometimes reactive mitigation is the only sensible alternative. There are times one could be more pro-active but end up doing more damage; the cure worse than the illness. And I think this is one of those times.
I don't think the issue here is whether Blizzard should or should not work to prevent bots. The question is the tactic they're using to achieve that end. And, more to the point, the legal ramifications of those tactics being successful.
I'm glad Blizzard was able to shut down MDY and go a long way towards interrupting Glider and it's ilk. But I'm afraid Blizzard's lawyers are being too smart for everyone's good. The legal tactic has been successful in achieving this goal. And I'm not sure that there's a more effective way to go about it. However, the legal ramifications are startling.
... travel while the human is AFK, etc.
I really miss the AutoTravel mod. I used to check on the Auction House during lunch by logging in via VNC and using AutoTravel to run between the bank, mailbox, and AH. That and riding down the road while I went to get some more soda was nice.
One of the things I hated about working the flight-line was getting tagged to go wash an aircraft. We used some sort of orange-oil based solvent / soap that was friendly to the environment but decidedly unfriendly to bare skin. So we'd get suited up in rain gear, boots, rubber gloves... duct tape to seal intersections between gear.... and a face shield. You did not want that stuff on you. With a high pressure hot water hose and a foam cannon operating in a closed hanger, you got a nice mixture of heat, humidity, and citris scent. I'm pretty sure it was a close approximation to what Hell would be like if it moved to Florida.
I'm not sure of the details of this bill - but as in the above scenario I can certainly think of situations where intervention by specialist government experts may be needed for the greater good or to save lives.
The problem I have with this line of thought is that in my experience one is much more likely to find competent infosec specialists within the private sector than public service. That's not to say that incompetency doesn't exist in the private sector (and how). And I don't wish to discount those upstanding individuals I've met within public institutions. But as a general rule of thumb, the Government has consistently lagged behind the private sector in this area. And their recent efforts have had more to do with creating regulations and generating documents to show that they meet them than fostering technical capability. Which is fine, except the aforementioned black-hats are less impressed with documentation that outlines how an organization has mitigated a given risk than exploiting the risk itself.
Your nightmare scenario sounds very much like the infamous Cyber.Shockwave "exercise" broadcast on CNN. The scenario they used involved a lot of "what-ifs", no representation by private industry who actually run the networks involved, and a broad assumption that those private individuals who keep said networks functional day to day would be unable to affect change to the situation. What you ended up with is a room full of former Federal policy wonks with no real technical knowledge all wringing their hands that they have no power to do anything.
Which is a nice lead-in to this current bill.
Which brings to mind my favorite thing about Flash - it's so easy to block.
....how about a nice game of Ice Station Zebra?
while Israel has just boarded a flotilla of ships killing 19 people in the process for importing wheelchairs, cement and wood
banning a webpage seems a rather trivial response in comparison
"Hey guys - look over there!" Nice attempt to distract.
Let's totally unplug all backwards theocracies from the internet.
Or we could ignore them and their foolishness.
Do you live in Pakistan?