It's reasonable to suppose that fear of getting caught is a deterrent against many acts. You know that whole "if you could be invisible.." thought that people explore? Nobody ever answers "put in unpaid overtime without the boss yelling at me," or "watch rabbits up close without scaring them away."
Drones (yes, that's the word people have collectively decided to use -- no quotes required) provide a delivery platform with large or total deniability, and that changes peoples' (largely unformalized) risk assessments. It would be foolish to believe that nobody would capitalize on that. No, there haven't been any attacks yet, but once the dam breaks, expect to see more and more of it.
France must take the initiative and force device manufacturers to take into consideration the imperative of access for law enforcement officers, under the control of a judge and only in the case of an investigation, to those devices.
The only problem is that there is no such thing. Asking for government-only access to decryption is like asking for government-only access to perpetual motion, you know, in case we run out of power from other sources.
Well, the other aspect is that "self-brewers" don't suffer from the same intoxicating effects of alcohol. In fact, they often perform normally at levels exceeding those that would cause other people to become comatose, sometimes exceeding 0.04. So, if you didn't drink, and you're not intoxicated, and your BAC is internally generated... should you get a DUI? How would you even be aware of your BAC? Common sense says such a person should not receive a DUI, and fortunately for her, the judge agreed.
No, movie tickets are not a similar analogy. With many IAPs, you purchase credits, and those credits are redeemed for a random reward which may or may not be the item you need to progress in-game. When you buy a movie ticket, it's the same movie, no matter how many tickets you buy, whether or not you like it. One is clearly random reward, and the other is not.
By society, I assume you mean economy. There's some truth to that. Advertising is certainly designed to trigger an emotional response.
But when you go into a store, you don't purchase credits which you spend to possibly walk out with the item you came for. When you go into a store, you don't pay to jump to the head of the checkout line, and potentially never make it to the front if you don't pay. Better still, you're not told that there's a line when there is no line. It's how leaderboards work in some of these games -- pay money, and you're shown near the top; stop paying and suddenly you start falling -- players far beyond you simply aren't shown to you. These are exploitative and misleading practices.
This. Paying money for a random reward is gambling, and it should be regulated as with any other gaming, including audits of RNGs, and marketed for what it is, not what it pretends to be.
Additionally, charging money to speed up play should be banned as well. "Wait 16 hours, or pay $3 to continue!" Absent a compelling reason to prevent continued play, that's simple extortion.
This may be useful for remotely-controlled drones, but it's useless against autonomous drones, such as those being developed by Amazon for delivery. It's only a matter of time before someone hooks up an Arduino (or whatever the kids are using these days) and sets a GPS target with a payload attached. It's difficult to think of a defense against that that isn't easily overcome by numbers and/or altitude. Maybe nets encapsulating high value targets...
Knowing the length of a password cuts the keyspace in half -- assuming that one starts a brute-force search from shortest to longest -- because you can skip 2^(n-1) keys. That's huge, but if your passphrase is long enough, then that's still just the difference between the several times the heat-death of the universe and a couple of times the heat-death of the universe.
But even if that's an appreciable difference, this is still only useful for targeted attacks, and in those cases, there are better vulnerabilities to exploit from a cost/benefit perspective. This is especially true for state actors who can drop six figures for zero-days the way one might decide to purchase a stick of gum at the checkout line.
Most likely he's going to have a cookie made and then Jon Hamm will put it in solitary until it submits. So at least one version of Zuckerberg will get what it deserves.
It does for capacitors. Capacitors store energy as a field charge, and that charge is directly proportional to the amount of energy stored. C=Q*V, where C is the charge, Q is capacitance, and V is voltage. The only way to generate a higher charge on a fixed capacitor is to increase the voltage.
There is no debate. We either have functional encryption, or we don't. A technological vulnerability that can be exploited by one and only one entity is a pipe dream.
Now we can talk about key escrow, if only to dismiss it as untenable, where the government (or somebody) is required to keep a key to be used in the event that a warrant is issued, but that requires complicit cooperation on the part of the very people you want to monitor. So, good luck with that.
What I am more concerned with is the skewed perspective that's feeding these so-called debates and policy decisions. Terrorirism is NOT a major threat to national security. Isolated attacks with small arms will always be a problem, but they are not matters of national security. And if terrorism is the biggest problem our country is facing (it's not, but if it were) then we should be celebrating our success and relative security instead of hand-wringing over attacks that number in the singles of digits.
Even an OSS one can have code in it that recognizes when it is compiling itself and adds the back door to the newly compiled version of the compiler.
You're referring to the "Ken Thompson hack," but it's not a real threat. You would have to solve the halting problem for a compiler to know whether or not it is compiling itself, or a version of itself. That is to say, a compiler could recognize a copy of its source code. It could also recognize familiar strings that it can find, or worse (from a false negative standpoint) hashes of that code, or parts thereof ("signatures"), and as we (should) all know, signatures are easy to defeat, which is why antivirus software is great for detecting known threats, but not so useful for preventing future threats. A program cannot identify another program based on what the program actually does -- say, compile source code and output a binary -- else we would have solved the halting problem, and we would have bug-free code, and perfect antivirus, which would render the Ken Thompson hack ineffective anyway. Yay!
Moreover, regardless of the attack vector, even a compromised binary can't hide from disassembly and human inspection. And if you're incredibly paranoid, then you could use side-channel analysis to see if anything is happening that's not supposed to be happening, unless you think the NSA has also hacked physics, then nothing I can say matters anyway.
Well, we're perfectly happy to deal with other monarchies, dictatorships, and sham-democracies in the region, so it's not strictly the non-democracy aspect of Assad's reign that we have a problem with, or even the human rights issues, so much as his uncooperative nature with regard to American foreign policy. The dictatorship is just something we bring up when it suits our agenda. Not that Assad deserved to be defended, but let's not pretend that we wouldn't overlook that if it suited us.
Except ISIS made a credible claim to be responsible for the downed airliner, including both photos of the device, and details of how they smuggled it onto the plane. If your version of events were true, they would probably dispute those claims, or have no evidence.
I'm not saying that Putin is a "good guy," but he's not an idiot, and ISIS is run by, really, just idiots. You have to be truly stupid to believe that unilateral violence against any and all countries in the world, including your own, could possibly succeed, unless you're a religious zealot who believes God has his back.
To be pedantic, a bittorrent server serves small.torrent files, not the actual files indexed therein.
Secondly, let's call "unlimited data" what it is: unmetered data. And unmetered data works in many other scenarios with lower costs to the end-user and equally large data, like VPN and NNTP services for $10/mo. Further, many countries have ISPs that profitably offer unmetered data. Indeed, Comcast has never been close to unprofitable in its years of offering unmetered data, and its 400GB (or whatever) cap has seldom been enforced.
The real reason corporations are pushing back against unmetered data is that it's non-billable data. It's a revenue stream that they're naturally eyeing in a never-ending push to increase margins quarter-over-quarter and year-over-year. It's not because unmetered data is unprofitable, it's because it's not as profitable as metered data. The apologists who defend these corporations are either being duped by their marketing, or are heavily invested in their profits.
Funny quote, but meeting technical specifications and passing NDT are part of the procurement process. Fail those, and you're on the hook for making new parts or refunding the government (assuming they paid already), as well as fines for missing deadlines, and possible loss of future contracts.
Slashdot Mirror
It's reasonable to suppose that fear of getting caught is a deterrent against many acts. You know that whole "if you could be invisible.." thought that people explore? Nobody ever answers "put in unpaid overtime without the boss yelling at me," or "watch rabbits up close without scaring them away."
Drones (yes, that's the word people have collectively decided to use -- no quotes required) provide a delivery platform with large or total deniability, and that changes peoples' (largely unformalized) risk assessments. It would be foolish to believe that nobody would capitalize on that. No, there haven't been any attacks yet, but once the dam breaks, expect to see more and more of it.
France must take the initiative and force device manufacturers to take into consideration the imperative of access for law enforcement officers, under the control of a judge and only in the case of an investigation, to those devices.
The only problem is that there is no such thing. Asking for government-only access to decryption is like asking for government-only access to perpetual motion, you know, in case we run out of power from other sources.
Well, the other aspect is that "self-brewers" don't suffer from the same intoxicating effects of alcohol. In fact, they often perform normally at levels exceeding those that would cause other people to become comatose, sometimes exceeding 0.04. So, if you didn't drink, and you're not intoxicated, and your BAC is internally generated... should you get a DUI? How would you even be aware of your BAC? Common sense says such a person should not receive a DUI, and fortunately for her, the judge agreed.
No, movie tickets are not a similar analogy. With many IAPs, you purchase credits, and those credits are redeemed for a random reward which may or may not be the item you need to progress in-game. When you buy a movie ticket, it's the same movie, no matter how many tickets you buy, whether or not you like it. One is clearly random reward, and the other is not.
if i spend what amounts to about an hour's wages for something that takes 10k hours to unlock, it seems like a pretty smart move to me.
I'd say the person who ends up with your $50 by creating artificial barriers is smarter still.
Adding espresso shots can add up quickly. :)
By society, I assume you mean economy. There's some truth to that. Advertising is certainly designed to trigger an emotional response.
But when you go into a store, you don't purchase credits which you spend to possibly walk out with the item you came for. When you go into a store, you don't pay to jump to the head of the checkout line, and potentially never make it to the front if you don't pay. Better still, you're not told that there's a line when there is no line. It's how leaderboards work in some of these games -- pay money, and you're shown near the top; stop paying and suddenly you start falling -- players far beyond you simply aren't shown to you. These are exploitative and misleading practices.
This. Paying money for a random reward is gambling, and it should be regulated as with any other gaming, including audits of RNGs, and marketed for what it is, not what it pretends to be.
Additionally, charging money to speed up play should be banned as well. "Wait 16 hours, or pay $3 to continue!" Absent a compelling reason to prevent continued play, that's simple extortion.
N/T
Except this bit of text to bypass the lameness filter.
I'd mod you up, but the patriarchy has all the mods points today.
IA doesn't extend to private citizens -- it's only for government data. But you don't have to take my word for it. http://www.c-span.org/video/?3...
If this can raise awareness about the absurdity of copyright length while putting the hurt on The Big Bang Theory, I call that a win-win.
This may be useful for remotely-controlled drones, but it's useless against autonomous drones, such as those being developed by Amazon for delivery. It's only a matter of time before someone hooks up an Arduino (or whatever the kids are using these days) and sets a GPS target with a payload attached. It's difficult to think of a defense against that that isn't easily overcome by numbers and/or altitude. Maybe nets encapsulating high value targets...
Nets: They're like fences, only entanglier.
Knowing the length of a password cuts the keyspace in half -- assuming that one starts a brute-force search from shortest to longest -- because you can skip 2^(n-1) keys. That's huge, but if your passphrase is long enough, then that's still just the difference between the several times the heat-death of the universe and a couple of times the heat-death of the universe.
But even if that's an appreciable difference, this is still only useful for targeted attacks, and in those cases, there are better vulnerabilities to exploit from a cost/benefit perspective. This is especially true for state actors who can drop six figures for zero-days the way one might decide to purchase a stick of gum at the checkout line.
Your ideas are intriguing to me and I wish to subscribe to your newsletter.
Most likely he's going to have a cookie made and then Jon Hamm will put it in solitary until it submits. So at least one version of Zuckerberg will get what it deserves.
Yes.
Voltage does not equal storage capacity.
It does for capacitors. Capacitors store energy as a field charge, and that charge is directly proportional to the amount of energy stored. C=Q*V, where C is the charge, Q is capacitance, and V is voltage. The only way to generate a higher charge on a fixed capacitor is to increase the voltage.
He doesn't care because he won't be there in 15 years when other people are cleaning up his mess.
There is no debate. We either have functional encryption, or we don't. A technological vulnerability that can be exploited by one and only one entity is a pipe dream.
Now we can talk about key escrow, if only to dismiss it as untenable, where the government (or somebody) is required to keep a key to be used in the event that a warrant is issued, but that requires complicit cooperation on the part of the very people you want to monitor. So, good luck with that.
What I am more concerned with is the skewed perspective that's feeding these so-called debates and policy decisions. Terrorirism is NOT a major threat to national security. Isolated attacks with small arms will always be a problem, but they are not matters of national security. And if terrorism is the biggest problem our country is facing (it's not, but if it were) then we should be celebrating our success and relative security instead of hand-wringing over attacks that number in the singles of digits.
Even an OSS one can have code in it that recognizes when it is compiling itself and adds the back door to the newly compiled version of the compiler.
You're referring to the "Ken Thompson hack," but it's not a real threat. You would have to solve the halting problem for a compiler to know whether or not it is compiling itself, or a version of itself. That is to say, a compiler could recognize a copy of its source code. It could also recognize familiar strings that it can find, or worse (from a false negative standpoint) hashes of that code, or parts thereof ("signatures"), and as we (should) all know, signatures are easy to defeat, which is why antivirus software is great for detecting known threats, but not so useful for preventing future threats. A program cannot identify another program based on what the program actually does -- say, compile source code and output a binary -- else we would have solved the halting problem, and we would have bug-free code, and perfect antivirus, which would render the Ken Thompson hack ineffective anyway. Yay!
Moreover, regardless of the attack vector, even a compromised binary can't hide from disassembly and human inspection. And if you're incredibly paranoid, then you could use side-channel analysis to see if anything is happening that's not supposed to be happening, unless you think the NSA has also hacked physics, then nothing I can say matters anyway.
Well, we're perfectly happy to deal with other monarchies, dictatorships, and sham-democracies in the region, so it's not strictly the non-democracy aspect of Assad's reign that we have a problem with, or even the human rights issues, so much as his uncooperative nature with regard to American foreign policy. The dictatorship is just something we bring up when it suits our agenda. Not that Assad deserved to be defended, but let's not pretend that we wouldn't overlook that if it suited us.
Except ISIS made a credible claim to be responsible for the downed airliner, including both photos of the device, and details of how they smuggled it onto the plane. If your version of events were true, they would probably dispute those claims, or have no evidence.
I'm not saying that Putin is a "good guy," but he's not an idiot, and ISIS is run by, really, just idiots. You have to be truly stupid to believe that unilateral violence against any and all countries in the world, including your own, could possibly succeed, unless you're a religious zealot who believes God has his back.
To be pedantic, a bittorrent server serves small .torrent files, not the actual files indexed therein.
Secondly, let's call "unlimited data" what it is: unmetered data. And unmetered data works in many other scenarios with lower costs to the end-user and equally large data, like VPN and NNTP services for $10/mo. Further, many countries have ISPs that profitably offer unmetered data. Indeed, Comcast has never been close to unprofitable in its years of offering unmetered data, and its 400GB (or whatever) cap has seldom been enforced.
The real reason corporations are pushing back against unmetered data is that it's non-billable data. It's a revenue stream that they're naturally eyeing in a never-ending push to increase margins quarter-over-quarter and year-over-year. It's not because unmetered data is unprofitable, it's because it's not as profitable as metered data. The apologists who defend these corporations are either being duped by their marketing, or are heavily invested in their profits.
Funny quote, but meeting technical specifications and passing NDT are part of the procurement process. Fail those, and you're on the hook for making new parts or refunding the government (assuming they paid already), as well as fines for missing deadlines, and possible loss of future contracts.