There are already rules about how and when the cops can force you to open your safe. The same rules should apply to encryption keys and computer passwords since (after all) they are the electronic equivalent of putting physical documents into a locked file cabinet or safe.
Would there not be images of either landers that have landed and left or of landers still on the moon taken from lunar orbit by the apollo crews? The later apollo missions landed with pinpoint accuracy and the Command Module Pilots were able to see the landers from space so there would be pictures of them somewhere one would think.
1.You go to the bank website. 2.The login form has a username and password field plus a randomly generated number and a field for a hash. 3.You input the randomly generated number into a little calculator containing a unique-to-you number which uses a hash algorithim and spits out another number. If the calculator and bank details are stolen or lost, you can get a new calculator with a different unique-to-you number. (well the number might not be unique-to-you but it would be random enough to not be something one could figure out) Assume that the number inside the secret calculator is N and the number you key into it is K, the output is o = f(n,k). The hash algorithim should be designed so that the value of k that would produce o = n is different for each value of n. 4.You then input your username and password plus the output from the calculator. The bank generates the same hash as the calculator does using the same number as stored in the calculator. 5.Then if they match, it lets you into the bank site. and 6.When you want to do a funds transfer to someone, you have to plug another number into the calculator and get another hash.
This system would stop phishers since the first number returned (i.e. when you first see the login screen) is only valid for a very short time (e.g. 5 minutes or even less) and is linked to the IP address of the machine that sent the http request.
This means that even if the phishers are able to get you to input the number into the little calculator and then the result into their login form, the number is useless because the number they capture is linked to the IP address of the machine making the http request to get the number and also only valid for a limited time.
Also, the second hash that is generated would be specifically linked to the specific set of transaction numbers (destination account and amount). Lets say they steal the first set of numbers and manage to log in from the correct machine at the correct time, they would still then need to prompt you for a second password in order to actually do funds transfer.
To prevent phishers doing a trick like "Your password is invalid, please enter it again" to get the second login, the hash algorithim used for the calculator should take as input for the second hash, the unique number AND the amount. If you enter an amount thats different to what the bank thinks you want to transfer, the hashes wont match up.
What this would mean is that people would need to type the actual amount the phishers are going to transfer from their account into the little calculator and anyone who is stupid enough to blindly press "Funds Transfer" "1000.00" "OK" "" "OK" into the little calculator (assuming of course that they arent actually legitimatly transfering $1000.00) probobly shouldnt be using a computer, let alone online banking.
So that this would be easier on the customer (especially if you transfer money to the same account all the time), there would be an "approved payee" list. To add an account to the white list you would visit the page and get another random hash. You then press "Add Approved Payee" "" "OK" "" "OK".
It might take a little bit more effort but it would be resistant to all attacks (even a man-in-the-middle attack wouldnt work since no-one except the user has the right little calculator to input "Funds Transfer" "1000.00" "OK" "" "OK" into).
This has an advantage over the "one time use password" type systems since with those systems the phishing scam can just ask you to input enough of the codes so that they get one they can then use. Its certainly more secure than the simple "username + password" login my bank uses (you do need to enter the password again in order to do a funds transfer though)
Unless Microsoft can proove that google knew that mr lee had a non compete clause that prevented mr lee from working for google, there is no way google could be liable
It is mr lee who is liable (for taking a job with google in violation of the non-compete and for not telling google about the non-compete)
Ummm, an NDA (or similar) would be (one would think) a permanent thing (or certainly very long) and as soon as google revealed the stuff it pilfered from microsoft via this ex MS employee, microsoft could sue. Doesnt matter if its 1 day, 1 year or 20 years after the guy left MS.
Its less legal if the people writing it are using OS/2 source code, trade secrets and stuff without the permission of the right people (for example, given that Microsoft owns chunks of OS/2, its highly likely that IBM legal was worried about Microsoft code ending up in the OS/2 emulation layer which would likely be in violation of the very limited aggreement IBM has with Microsoft)
Unfortunatly, just like the game way back when, if they did that, they would have to censor the Wolfenstien 3D like bits in germany (some crap about "you cant kill germans even if they are nazis)
I think AO only exists to give the ESRB a place to put all the stuff that the moral conservative idiots consider "wrong". So, Violence, Blood, Guts, Gore etc = M Sex, Nudity, Porn = AO Profanity = ? (not sure what the US standards on it are)
Firstly, they need a publisher for the X-Box version (presumably the fact that they went with EA means that they couldnt or didnt want to self-publish this) And secondly they need a publisher to get copies of things like expansions, mods (and also the eventual Half-Life 3) onto store shelves (not everyone is prepared/able to buy HL2 from Steam)
In order for downloads of video (movies & TV) to be a hit like the iTunes Music Store was, they will need to have the following attributes: 1.They must either be DVD quality (including all the extras) or they must be cheaper than the equivilant DVD (to make up for the loss of quality) 2.They must be available at the same time as the DVD release (if not earlier) 3.They must be in a format (or convertable to a format) that you can record onto something (be it a recordable DVD or a recordable HD-DVD/BluRay disk) and play on your TV setup (be it a home theater system with a big TV or a smaller TV and a simple cheap DVD player) I for one dont want to watch movies or TV on my computer, I want to watch on my TV sitting in my comfortable chair.
Bit Torrent and other P2P services are popular with people because of: A.Availability. For those in america, its a great way to get TV shows not playing where you live (including e.g. foriegn TV shows american networks arent playing or shows only on pay TV services you cant get or cant afford) And for those abroad, its a great way to get TV shows that just havent reached your country yet (anyone who lives in australia knows how great BitTorrent etc is for downloading all those Yank shows that we just wont see because no local network is prepared to show them or whatever)
B.Cost. Its very hard to beat free. Even though it is illegal, a lot of people dont care and download anyway (especially since a lot of people believe that just downloading without actually "sharing" anything means they cant get caught and that only the big fish with a large number of shared files are going to be targeted)
and C.Range. You can get stuff on BitTorrent that just isnt available on DVD (and isnt going to be), things like reality TV and stuff.
For a download service to work, it would have to come as close as possible to the availability of shows as BitTorrent and other P2P services do (if you cant download it from the download service until 12-18 months after it has aired, people will continue to download from BitTorrent which may well have it 12-18 hours after it first airs). It would also have to have better quality files than what you find on BitTorrent (the files available on the download site for current shows/movies could probobly be produced directly from the same digital master files that are used to produce the over-the-air copies and the DVD masters which means they are as close to perfect as the codec and bitrate used on the files will allow). Also, a download service could offer things DVD cant, including series where the cost to release DVDs is considered too much given likely sales (the cost to make files available on the download service would be cheaper than the cost to make DVDs) and also things like reality TV or sports games which just dont make sense to put on DVD.
The iTunes Music Store works because: 1.You are gauranteed to be able to get the song you want (and not a "fake" garbage song file or a song thats not what you want or getting no search results because no-one has the song you want shared)
2.In a lot of cases, you can preview the song to make sure its what you are looking for before you commit to purchasing it)
3.Once you have the song, you can put it onto an iPod, an iTunes phone (the new one with ITMS supoprt) or a completly normal no copy protection anywhere audio CD (which can be played on pretty much anything that can read audio CDs)
And the songs are cheap enough too.
In short, it has none of the disadvantages of P2P (risk of being caught by the RIAA, lack of sources for the song you want, poor quality rips, fake or garbage song files, songs that arent what the filename claims they are) whilst coming as close to the advantages of P2P (low cost and unrestricted files) as its possible for a legal download service to get.
Why arent companies spending more effort to make desktop computers use less electricity? If someone like Dell (with a new CPU and motherboard and graphics from Intel and other components from wherever) came out with a lower-power desktop machine, it would sell like hotcakes (especially to e.g. corperations who would see it as a way to save on their energy bills)
Basicly, the internet consists of the following core elements: 1.The core Protocols that underly it (that are drawn up as RFCs and put out by the IETF). The IETF seems to be doing a good job of this (although its slow to get a RFC out, there is no reason you cant go and use without one plusd RFCs need to be very well thought out in order to work)
2.IP address allocation. Right now various agencies (I know the IANA used to do this but they dont do it anymore, someone else does) hand out IP address blocks. That function seems to be running right (other than the physical lack of usable addresses that is) If IPV6 was more widely deployed, you wouldnt have any address problems since IPV6 provides so many addersses that even a home user could have an IPV6 block where the upper 120 bits were fixed and then they would get 8 bits of address to allocate to devices (IANA IPV6 guru so 8 bits for a normal home user might be too much but even 6 bits would give them 64 or so addresses to use) You could give different countries a block of IP addresses which could then give ISPs and hosts etc parts of that block and so on down to the users.
Also IPV6 adoption would mean a greater adoption of encryption (via IPSecV6 or something similar) and multicasting.
3.DNS. Right now, this is controled by those who run the root servers. And by ICANN and DOC who ultimatly control the root zone file (which points to the ccTLD and gTLD nameservers run by verisign and others). Then, verisign and others control the ccTLDs and gTLDs. What is needed here is for control of the root zone file as well as control over the key gTLDs (like.com,.net,.org etc) be given to one organization who is specifically set up as a non-profit (i.e. is not allowed to make any money or charge more for addresses in the TLDs than it costs them to run things). This organization would be prohibited from doing anything not connected with running the DNS (e.g. setting up sitefinder type ads) and would be controled and managed in a way that looks after the interests of ALL the stakeholders in the global Internet (i.e. governments, ISPs, big net companies like google etc). No one government, country or organization would have control over DNS and the root zone file (which would go back to the central idea of the Internet being a network of networks with those who run the individual networks having collective power over those parts of the internet where their networks link up). Special gTLDs like.edu,.mil or.gov would be run by the relavent organization (e.g..mil would be run by the US militay). ccTLDs would be run by whatever agency the governments of those countries decides should run them (e.g..uk,.co.uk etc would be run by whoever the UK government decides should run it)
and 4.the cables, routers and systems that actually make the core of the Internet work. The problem right now (IMO) is that too much of this infrastructure is held by too few companies (a lot of it is held by phone companies/large ISPs) There is not enough redundancy (and this isnt just to do with a lack of physical cables, its also to do with the fact that the large ISPs and phone cos that own the backbone wont allow/dont want/charge to much for their systems to talk to each other and route data over the other guys links when theirs is down. In addition to this, the consolodation of data links (including the fact that there are not as many possible ways for data to get from A to B as their should be) makes it easier for governments, police forces, spy agencies (friendly and otherwise), corperations (MPAA/RIAA/etc for one) and others to "Spy on" and "Monitor" and "Censor/control/block" internet traffic.
So, the question is, exactly which of the 4 key parts that make up the Internet as we know it is the part that people seem to think could be run better by an agency other than ICANN or the US Goverment?
Like the combination to a safe.
There are already rules about how and when the cops can force you to open your safe.
The same rules should apply to encryption keys and computer passwords since (after all) they are the electronic equivalent of putting physical documents into a locked file cabinet or safe.
How come no-one has ever tried this for stuff like old games or something?
Duh, the stargate is inside a mountain and wouldnt show up on arial/sattelite photos anyway.
Would there not be images of either landers that have landed and left or of landers still on the moon taken from lunar orbit by the apollo crews?
The later apollo missions landed with pinpoint accuracy and the Command Module Pilots were able to see the landers from space so there would be pictures of them somewhere one would think.
1.You go to the bank website.
2.The login form has a username and password field plus a randomly generated number and a field for a hash.
3.You input the randomly generated number into a little calculator containing a unique-to-you number which uses a hash algorithim and spits out another number.
If the calculator and bank details are stolen or lost, you can get a new calculator with a different unique-to-you number. (well the number might not be unique-to-you but it would be random enough to not be something one could figure out)
Assume that the number inside the secret calculator is N and the number you key into it is K, the output is o = f(n,k). The hash algorithim should be designed so that the value of k that would produce o = n is different for each value of n.
4.You then input your username and password plus the output from the calculator. The bank generates the same hash as the calculator does using the same number as stored in the calculator.
5.Then if they match, it lets you into the bank site.
and 6.When you want to do a funds transfer to someone, you have to plug another number into the calculator and get another hash.
This system would stop phishers since the first number returned (i.e. when you first see the login screen) is only valid for a very short time (e.g. 5 minutes or even less) and is linked to the IP address of the machine that sent the http request.
This means that even if the phishers are able to get you to input the number into the little calculator and then the result into their login form, the number is useless because the number they capture is linked to the IP address of the machine making the http request to get the number and also only valid for a limited time.
Also, the second hash that is generated would be specifically linked to the specific set of transaction numbers (destination account and amount). Lets say they steal the first set of numbers and manage to log in from the correct machine at the correct time, they would still then need to prompt you for a second password in order to actually do funds transfer.
To prevent phishers doing a trick like "Your password is invalid, please enter it again" to get the second login, the hash algorithim used for the calculator should take as input for the second hash, the unique number AND the amount. If you enter an amount thats different to what the bank thinks you want to transfer, the hashes wont match up.
What this would mean is that people would need to type the actual amount the phishers are going to transfer from their account into the little calculator and anyone who is stupid enough to blindly press "Funds Transfer" "1000.00" "OK" "" "OK" into the little calculator (assuming of course that they arent actually legitimatly transfering $1000.00) probobly shouldnt be using a computer, let alone online banking.
So that this would be easier on the customer (especially if you transfer money to the same account all the time), there would be an "approved payee" list. To add an account to the white list you would visit the page and get another random hash. You then press "Add Approved Payee" "" "OK" "" "OK".
It might take a little bit more effort but it would be resistant to all attacks (even a man-in-the-middle attack wouldnt work since no-one except the user has the right little calculator to input "Funds Transfer" "1000.00" "OK" "" "OK" into).
This has an advantage over the "one time use password" type systems since with those systems the phishing scam can just ask you to input enough of the codes so that they get one they can then use.
Its certainly more secure than the simple "username + password" login my bank uses (you do need to enter the password again in order to do a funds transfer though)
Unless Microsoft can proove that google knew that mr lee had a non compete clause that prevented mr lee from working for google, there is no way google could be liable
It is mr lee who is liable (for taking a job with google in violation of the non-compete and for not telling google about the non-compete)
Ummm, an NDA (or similar) would be (one would think) a permanent thing (or certainly very long) and as soon as google revealed the stuff it pilfered from microsoft via this ex MS employee, microsoft could sue.
Doesnt matter if its 1 day, 1 year or 20 years after the guy left MS.
Its less legal if the people writing it are using OS/2 source code, trade secrets and stuff without the permission of the right people (for example, given that Microsoft owns chunks of OS/2, its highly likely that IBM legal was worried about Microsoft code ending up in the OS/2 emulation layer which would likely be in violation of the very limited aggreement IBM has with Microsoft)
Yeah, the whole "demons from hell" thing is central to the idea of DOOM, if they dont have it, it will just be a lame Ghosts Of Mars clone.
Unfortunatly, just like the game way back when, if they did that, they would have to censor the Wolfenstien 3D like bits in germany (some crap about "you cant kill germans even if they are nazis)
I think AO only exists to give the ESRB a place to put all the stuff that the moral conservative idiots consider "wrong".
So, Violence, Blood, Guts, Gore etc = M
Sex, Nudity, Porn = AO
Profanity = ? (not sure what the US standards on it are)
Firstly, they need a publisher for the X-Box version (presumably the fact that they went with EA means that they couldnt or didnt want to self-publish this)
And secondly they need a publisher to get copies of things like expansions, mods (and also the eventual Half-Life 3) onto store shelves (not everyone is prepared/able to buy HL2 from Steam)
For an example of developer vs publisher when it comes to patches, look at the PC version of HALO and what happened with the whole Halo CE thing.
In order for downloads of video (movies & TV) to be a hit like the iTunes Music Store was, they will need to have the following attributes:
1.They must either be DVD quality (including all the extras) or they must be cheaper than the equivilant DVD (to make up for the loss of quality)
2.They must be available at the same time as the DVD release (if not earlier)
3.They must be in a format (or convertable to a format) that you can record onto something (be it a recordable DVD or a recordable HD-DVD/BluRay disk) and play on your TV setup (be it a home theater system with a big TV or a smaller TV and a simple cheap DVD player)
I for one dont want to watch movies or TV on my computer, I want to watch on my TV sitting in my comfortable chair.
Bit Torrent and other P2P services are popular with people because of:
A.Availability. For those in america, its a great way to get TV shows not playing where you live (including e.g. foriegn TV shows american networks arent playing or shows only on pay TV services you cant get or cant afford)
And for those abroad, its a great way to get TV shows that just havent reached your country yet (anyone who lives in australia knows how great BitTorrent etc is for downloading all those Yank shows that we just wont see because no local network is prepared to show them or whatever)
B.Cost. Its very hard to beat free. Even though it is illegal, a lot of people dont care and download anyway (especially since a lot of people believe that just downloading without actually "sharing" anything means they cant get caught and that only the big fish with a large number of shared files are going to be targeted)
and C.Range. You can get stuff on BitTorrent that just isnt available on DVD (and isnt going to be), things like reality TV and stuff.
For a download service to work, it would have to come as close as possible to the availability of shows as BitTorrent and other P2P services do (if you cant download it from the download service until 12-18 months after it has aired, people will continue to download from BitTorrent which may well have it 12-18 hours after it first airs). It would also have to have better quality files than what you find on BitTorrent (the files available on the download site for current shows/movies could probobly be produced directly from the same digital master files that are used to produce the over-the-air copies and the DVD masters which means they are as close to perfect as the codec and bitrate used on the files will allow). Also, a download service could offer things DVD cant, including series where the cost to release DVDs is considered too much given likely sales (the cost to make files available on the download service would be cheaper than the cost to make DVDs) and also things like reality TV or sports games which just dont make sense to put on DVD.
The iTunes Music Store works because:
1.You are gauranteed to be able to get the song you want (and not a "fake" garbage song file or a song thats not what you want or getting no search results because no-one has the song you want shared)
2.In a lot of cases, you can preview the song to make sure its what you are looking for before you commit to purchasing it)
3.Once you have the song, you can put it onto an iPod, an iTunes phone (the new one with ITMS supoprt) or a completly normal no copy protection anywhere audio CD (which can be played on pretty much anything that can read audio CDs)
And the songs are cheap enough too.
In short, it has none of the disadvantages of P2P (risk of being caught by the RIAA, lack of sources for the song you want, poor quality rips, fake or garbage song files, songs that arent what the filename claims they are) whilst coming as close to the advantages of P2P (low cost and unrestricted files) as its possible for a legal download service to get.
There is a big difference between "You cant use Firefox, use Mozilla instead" and "You cant use Firefox, use Intercrap Exploder instead" :)
Sentinel Worlds 1 Future Magic.
The top weapon in that game is a gun of some kind (most probobly the Neutron Gun acording to the documentation)
And that game definatly qualifies as an RPG.
Why arent companies spending more effort to make desktop computers use less electricity?
If someone like Dell (with a new CPU and motherboard and graphics from Intel and other components from wherever) came out with a lower-power desktop machine, it would sell like hotcakes (especially to e.g. corperations who would see it as a way to save on their energy bills)
Yeah, why cant we get the same thing as seen in the first part of "Paycheck"?
I seem to remember a number of macs that had a power button on the keyboard to turn it on and a "shut down" option on the menu to turn it off.
Such a device would probobly be similar to this:
http://www.aladdin.com/hasp/
Its not "You cant use Firefox", its more likely "You cant use anything we havent approved" because of the risks that might entail.
Simple, write to the subset of HTML, CSS and JavaScript supported by IE6, IE7, Mozilla/Firefox/Netscape 8, and Safari.
If you do that, you have most of the web.
The rest are then people using outdated tech
(like Netscape 4.x, IE 4/5 etc)
Someone with access to an OSX Intel DEV box actually posted patches to the WINE lists which appear to be "make WINE work on OSX intel" patches.
Gogle for "hdcp crack" to see how much (or rather how little) of an obstacle encrypted video streams can be.
Its control of the key parts of it.
.com, .net, .org etc) be given to one organization who is specifically set up as a non-profit (i.e. is not allowed to make any money or charge more for addresses in the TLDs than it costs them to run things). This organization would be prohibited from doing anything not connected with running the DNS (e.g. setting up sitefinder type ads) and would be controled and managed in a way that looks after the interests of ALL the stakeholders in the global Internet (i.e. governments, ISPs, big net companies like google etc). No one government, country or organization would have control over DNS and the root zone file (which would go back to the central idea of the Internet being a network of networks with those who run the individual networks having collective power over those parts of the internet where their networks link up). .edu, .mil or .gov would be run by the relavent organization (e.g. .mil would be run by the US militay). .uk, .co.uk etc would be run by whoever the UK government decides should run it)
Basicly, the internet consists of the following core elements:
1.The core Protocols that underly it (that are drawn up as RFCs and put out by the IETF). The IETF seems to be doing a good job of this (although its slow to get a RFC out, there is no reason you cant go and use without one plusd RFCs need to be very well thought out in order to work)
2.IP address allocation.
Right now various agencies (I know the IANA used to do this but they dont do it anymore, someone else does) hand out IP address blocks. That function seems to be running right (other than the physical lack of usable addresses that is)
If IPV6 was more widely deployed, you wouldnt have any address problems since IPV6 provides so many addersses that even a home user could have an IPV6 block where the upper 120 bits were fixed and then they would get 8 bits of address to allocate to devices (IANA IPV6 guru so 8 bits for a normal home user might be too much but even 6 bits would give them 64 or so addresses to use)
You could give different countries a block of IP addresses which could then give ISPs and hosts etc parts of that block and so on down to the users.
Also IPV6 adoption would mean a greater adoption of encryption (via IPSecV6 or something similar) and multicasting.
3.DNS. Right now, this is controled by those who run the root servers. And by ICANN and DOC who ultimatly control the root zone file (which points to the ccTLD and gTLD nameservers run by verisign and others). Then, verisign and others control the ccTLDs and gTLDs. What is needed here is for control of the root zone file as well as control over the key gTLDs (like
Special gTLDs like
ccTLDs would be run by whatever agency the governments of those countries decides should run them (e.g.
and 4.the cables, routers and systems that actually make the core of the Internet work. The problem right now (IMO) is that too much of this infrastructure is held by too few companies (a lot of it is held by phone companies/large ISPs)
There is not enough redundancy (and this isnt just to do with a lack of physical cables, its also to do with the fact that the large ISPs and phone cos that own the backbone wont allow/dont want/charge to much for their systems to talk to each other and route data over the other guys links when theirs is down.
In addition to this, the consolodation of data links (including the fact that there are not as many possible ways for data to get from A to B as their should be) makes it easier for governments, police forces, spy agencies (friendly and otherwise), corperations (MPAA/RIAA/etc for one) and others to "Spy on" and "Monitor" and "Censor/control/block" internet traffic.
So, the question is, exactly which of the 4 key parts that make up the Internet as we know it is the part that people seem to think could be run better by an agency other than ICANN or the US Goverment?