I bet the heads of the security/intelligence/law enforcement agencies (CIA, NSA etc) are already telling Obama at the regular national security briefings that making any of this public WILL compromise the ability for those agencies to catch the bad guys and prevent the next 9/11 or the next Boston Marathon.
Here in Australia, when they phased out leaded gasoline, they had a fuel available called "Lead Replacement Petrol" which then got phased out in favor of a fuel additive (which I assume is the same additive that was used to turn unleaded petrol into the "lead replacement" kind. So, the FAA just needs to place a mandate on fuel companies to invent a lead-free substitute for the lead in avgas that is suitable for the needs of aircraft (assuming one doesn't already exist)
The problem is that NASCAR technology is 50+ years old. If they would change their ways and move towards a modern engine, it wouldn't be a problem.
Here in Australia, the V8 Supercars (which is becoming more and more like NASCAR with all the rule changes they keep bringing in) are using modern 5.0L N/A V8 engines with EFI and they are doing just fine running E85 Ethanol.
Given NASCAR has hillbilly/farmer/rural/redneck associations/roots and given how big corn ethanol is in the US, using E85 in NASCAR would actually be seen as a good thing among much of its traditional fan base. They would just need to move into the modern era and embrace engines that aren't 50+ years old.
Because not all OSs provide the time zone data in the same format... Take Windows for example, how do you get at the time zone data on that platform? (not just the current time zone as set under "date and time" but all the time zone data and settings including historical information)
It may be the case that there is a general shortage of the out-of-stock item. It may be that the supplier was unable to deliver the item for some reason (e.g. recently I was looking for milk and the store was out of the brand I wanted because the supplier had not made a delivery. Ended up buying from another store the next day). It may be that the trucks only deliver product on certain days.
I too refuse to use the self-checkouts. Firstly I dont want to contribute to putting checkout operators out of a job. And secondly I dont want to have to figure out how to use the things. Especially since using the self-checkout would probably take just as long (if not longer) than going the regular way.
What I would like to see (and could probably partially get if I had the right smartphone and the right app) is a means where I can scan things with a bar-code scanner of some sort as I use them up and have them added to a shopping list. Then being able to go to the store and scan things as I pick them up and get them ticked off the list, along with building a running total so I can see how much I spend before I get to the checkout.
The sheeple wont care about this, they will continue to listen to (and believe) the propaganda from the talking heads on Fox, MSNBC, CNN and the other TV news operations when those organizations say "yes we are tapping all your phone calls and internet traffic but if we dont, Evil Terrorists will come and kill your children so we have to do it to keep America safe".
The obvious solution is for someone to come up with a drop-in replacement for the stock timezone APIs and then use whatever method Java has for overriding stock functions (not sure what it has, I haven't written any Java code in years) to make the JRE pick that up instead of the stock code.
I genuinely believe that there is NO threat, no matter HOW big that can EVER justify wholesale surveillance of the communications of innocent civilians. If they have evidence that a particular individual (or a YouTube account or Gmail account or Facebook account or phone number of other individually identifiable entity) has done something illegal or is planning to do something illegal then they should be able to get a warrant (even a secret warrant so that the bad guys can't find out their data has been snooped on) for the specific data matching that individual. I do NOT support wholesale data retention either (again, if they have an individual, get a warrant requiring the entity in question to retain data about that individual) Nor do I support the idea of requiring back doors in software programs so that the FBI/CIA/NSA/Scotland Yard/Bundespolizei/AFP/MI6/ASIO/etc/etc can listen in on secret conversations (even if those conversations may be being carried out by criminals or terrorists)
Restricting the export of rockets under export control makes sense when you think about how 90% of modern space rocketry in the US is ultimately derived from ICBM programs (the first Americans in space all went into orbit on modified Redstone, Atlas and Titan ICBMs)
1.Make it illegal to send any infringement notices or "you have violated a patent we own" notices unless the notices contain details of exactly which patents are being violated. 2.Make it harder to get an ITC injunction order by requiring the patent holder to provide more proof that not granting the order will cause irreparable harm. 3.Introduce an "enforce it or loose it" system for patents which prevents patent holders from waiting to sue until they think they can get more money from a violation (e.g. waiting until the patent-violating technology becomes more wide spread before filing lawsuits) 4.Prohibit suing of retailers and end users (i.e. someone who acquires a product and re-sells it or uses it without making changes to it in a way that causes it to violate a patent that it wasn't violating before they obtained it would be protected) 5.Tie the amount of money that a patent holder can obtain in damages in a patent lawsuit to the revenue earned by the patent violator for the infringing item.
If people aren't interested in eating whale meat, why not just give up on the hunt and stop killing the things? Continuing to produce a product no-one is interested in (and that large swathes of the rest of the world would rather you didn't produce) seems stupid to me, especially if they have to divert money from tsunami relief to pay for it.
Is it because of lobbying by the whale fishermen? Concerns from the government about where all the people involved in the industry are gonna get jobs if the industry is shut down? National pride? (i.e. "we have been catching whales for decades, why should we stop now just because someone else tells us to") Something else?
My bank uses POST in the login form which means that sniffing memory for URLs (which is what this malware seems to do) wont get you a login. Plus, in order to actually transfer money to someone you haven't transferred money to before you have to input a second password.
The biggest failing of the bank in question is that it has a 10 char maximum on passwords for some stupid reason.
Ok, so HBO gets $x per month per subscriber from the cable companies. All they need to do is to offer a no-cable-required a-la-carte subscription that earns them at least $x per month per subscriber after any costs they have that they dont have for cable subscribers are taken out. They still get at least the same amount of money if people switch to a-la-carte as they do for subscribers on cable plus they get a whole bunch of new subscribers who wont pay for cable but will pay for a-la-carte.
Maybe the answer is to say "stop carrying out cyber attacks on western nations, stop stealing western intellectual property etc or we will enforce sanctions against Chinese products" Plenty of other countries with low cost base for manufacturers to move to (countries that aren't stealing western IP and government/military secrets)
Actually, legally, if the person who posted the original content submits a valid DMCA counter-notice then the content host (the one originally sent the DMCA take-down notice) can put it back and be legally protected. Its then up to whoever sent the original notice to to file a lawsuit against the uploader if they still believe they have a legitimate case.
IANAL but this is my understanding of the DMCA. Any experts out there feel free to correct me if I am wrong.
Compared to the size of the layouts the WA Brick Society (that's Western Australia, not Washington State btw) has displayed over the last few years, that layout is tiny. And I bet there are clubs out there doing even bigger layouts.
I have an idea for a really secure chat client. It would support all the things Skype does that don't cost money (including voice chat, video chat and file transfers). How I envisage it working is this: 1.When a user installs the program and registers for the service on a given host (there could be multiple separate instances of the server which may or may not communicate for the purposes of allowing users on one to talk to users on another), a public and private key-pair is generated on the local device. The public half is submitted alongside the registration details and the private half never leaves the users device (unless the user e.g. copies it to another device so they can use the program there). 2.When the user logs onto the service, they use their private key to digitally sign a login packet which is verified by the central host (to verify that the user is who they claim to be and making phishing and password-theft much harder). 3.To talk to someone (voice, video, text, file transfer, whatever) the client that wants to initiate the conversation asks the central server for the public key of the other guy. Then that public key is used as part of some sort of key exchange to share an encrypted session key in a way that even someone with a complete packet dump of the network traffic AND the private keys of both people couldn't recover the session key (something like Diffie-Helman would probably work here) 4.All communications between users would be peer-to-peer direct conversations. In cases where direct links are not fesable (such as mobile devices where direct p2p links are not an option) all any relay servers ever see is encrypted data packets. 5.Unless specifically asked by the user to do so, none of the communications are ever stored on any persistent storage medium by the client. 6.At the end of the conversation, the session key is destroyed. (how you define "end of the conversation" in an IM client I dont know but certainly ending a video or voice session would count, as would closing the client) 7.The client would cache public keys from users and warn if the cached key and the one the server has are different (thus helping detect if the central server has been compromised by someone)
Assuming the client is implemented properly and the crypto is good (and hasn't been cracked) then this should be highly resistant to eavesdropping. The protocol would be 100% documented and open. The client (and there would ideally be multiple implementations to ensure against someone inserting a back-door) would be open source.
If the session keys and key exchange are done properly (and there are no weaknesses in the key exchange or crypto) then even with the private keys of both parties in the conversation AND a full packet dump of the entire conversation, it would be impossible to recover what was transmitted.
In some cases they want to lock games out of FTA in an area because there is a different game on a subscription channel in some form that they want people to watch (and pay for)
The ITAR rules place restrictions on exporting certain things without an export license. One of the things that is restricted are handguns. ITAR also says that exporting blueprints and technical data related to an item requires an export permit in the same way that exporting the item does.
So by publishing blueprints to a handgun on a US-hosted web server without an export license, an ITAR violation has taken place.
The law says that its not illegal to produce a gun at home. People have been making guns at home for years. Why is it suddenly a problem that someone can 3D print a gun instead of making one out of a block of metal with machine tools?
Is that it is simply replacing one set of binary blobs (Flash, Silverlight and a host of dedicated non-web apps on mobile devices, smart TVs, games console etc) with another set of binary blobs (the content decryption plugins).
It does nothing to make the content work on more browsers (the content decryption plugins still have to be ported to a given OS/browser combination). In fact, if those who create content decryption plugins do browser sniffing to block browsers they dont like (or browsers that contain bugs, vulnerabilities or features that could allow access to the decrypted content) it may reduce the number of choices to view specific content.
It will likely increase the number of DRM solutions out there as different content providers will want their own DRM solutions. (e.g. what Netflix uses may be different to what Google or Microsoft or Hulu or Amazon uses).
I agree with others posting here that the correct response (given that no-one was hurt, no damage was done and there was no intent to hurt anyone or cause any damage and given that this kid was otherwise a model student and had never done anything wrong before) was NOT to call the cops but to give the kid a week of detentions or maybe a weeks suspension, maybe combined with a stern warning to the kid (and the school as a whole at the next school assembly or something) not to do such things again because people might get hurt.
Slashdot Mirror
I bet the heads of the security/intelligence/law enforcement agencies (CIA, NSA etc) are already telling Obama at the regular national security briefings that making any of this public WILL compromise the ability for those agencies to catch the bad guys and prevent the next 9/11 or the next Boston Marathon.
Here in Australia, when they phased out leaded gasoline, they had a fuel available called "Lead Replacement Petrol" which then got phased out in favor of a fuel additive (which I assume is the same additive that was used to turn unleaded petrol into the "lead replacement" kind.
So, the FAA just needs to place a mandate on fuel companies to invent a lead-free substitute for the lead in avgas that is suitable for the needs of aircraft (assuming one doesn't already exist)
The problem is that NASCAR technology is 50+ years old. If they would change their ways and move towards a modern engine, it wouldn't be a problem.
Here in Australia, the V8 Supercars (which is becoming more and more like NASCAR with all the rule changes they keep bringing in) are using modern 5.0L N/A V8 engines with EFI and they are doing just fine running E85 Ethanol.
Given NASCAR has hillbilly/farmer/rural/redneck associations/roots and given how big corn ethanol is in the US, using E85 in NASCAR would actually be seen as a good thing among much of its traditional fan base. They would just need to move into the modern era and embrace engines that aren't 50+ years old.
Because not all OSs provide the time zone data in the same format... Take Windows for example, how do you get at the time zone data on that platform? (not just the current time zone as set under "date and time" but all the time zone data and settings including historical information)
It may be the case that there is a general shortage of the out-of-stock item.
It may be that the supplier was unable to deliver the item for some reason (e.g. recently I was looking for milk and the store was out of the brand I wanted because the supplier had not made a delivery. Ended up buying from another store the next day).
It may be that the trucks only deliver product on certain days.
I too refuse to use the self-checkouts. Firstly I dont want to contribute to putting checkout operators out of a job. And secondly I dont want to have to figure out how to use the things.
Especially since using the self-checkout would probably take just as long (if not longer) than going the regular way.
What I would like to see (and could probably partially get if I had the right smartphone and the right app) is a means where I can scan things with a bar-code scanner of some sort as I use them up and have them added to a shopping list. Then being able to go to the store and scan things as I pick them up and get them ticked off the list, along with building a running total so I can see how much I spend before I get to the checkout.
The sheeple wont care about this, they will continue to listen to (and believe) the propaganda from the talking heads on Fox, MSNBC, CNN and the other TV news operations when those organizations say "yes we are tapping all your phone calls and internet traffic but if we dont, Evil Terrorists will come and kill your children so we have to do it to keep America safe".
The obvious solution is for someone to come up with a drop-in replacement for the stock timezone APIs and then use whatever method Java has for overriding stock functions (not sure what it has, I haven't written any Java code in years) to make the JRE pick that up instead of the stock code.
I genuinely believe that there is NO threat, no matter HOW big that can EVER justify wholesale surveillance of the communications of innocent civilians. If they have evidence that a particular individual (or a YouTube account or Gmail account or Facebook account or phone number of other individually identifiable entity) has done something illegal or is planning to do something illegal then they should be able to get a warrant (even a secret warrant so that the bad guys can't find out their data has been snooped on) for the specific data matching that individual.
I do NOT support wholesale data retention either (again, if they have an individual, get a warrant requiring the entity in question to retain data about that individual)
Nor do I support the idea of requiring back doors in software programs so that the FBI/CIA/NSA/Scotland Yard/Bundespolizei/AFP/MI6/ASIO/etc/etc can listen in on secret conversations (even if those conversations may be being carried out by criminals or terrorists)
Actually its not an Arcology as it doesn't have its own power source or food sources (among other things)
Restricting the export of rockets under export control makes sense when you think about how 90% of modern space rocketry in the US is ultimately derived from ICBM programs (the first Americans in space all went into orbit on modified Redstone, Atlas and Titan ICBMs)
1.Make it illegal to send any infringement notices or "you have violated a patent we own" notices unless the notices contain details of exactly which patents are being violated.
2.Make it harder to get an ITC injunction order by requiring the patent holder to provide more proof that not granting the order will cause irreparable harm.
3.Introduce an "enforce it or loose it" system for patents which prevents patent holders from waiting to sue until they think they can get more money from a violation (e.g. waiting until the patent-violating technology becomes more wide spread before filing lawsuits)
4.Prohibit suing of retailers and end users (i.e. someone who acquires a product and re-sells it or uses it without making changes to it in a way that causes it to violate a patent that it wasn't violating before they obtained it would be protected)
5.Tie the amount of money that a patent holder can obtain in damages in a patent lawsuit to the revenue earned by the patent violator for the infringing item.
If people aren't interested in eating whale meat, why not just give up on the hunt and stop killing the things?
Continuing to produce a product no-one is interested in (and that large swathes of the rest of the world would rather you didn't produce) seems stupid to me, especially if they have to divert money from tsunami relief to pay for it.
Is it because of lobbying by the whale fishermen? Concerns from the government about where all the people involved in the industry are gonna get jobs if the industry is shut down? National pride? (i.e. "we have been catching whales for decades, why should we stop now just because someone else tells us to") Something else?
My bank uses POST in the login form which means that sniffing memory for URLs (which is what this malware seems to do) wont get you a login.
Plus, in order to actually transfer money to someone you haven't transferred money to before you have to input a second password.
The biggest failing of the bank in question is that it has a 10 char maximum on passwords for some stupid reason.
Ok, so HBO gets $x per month per subscriber from the cable companies. All they need to do is to offer a no-cable-required a-la-carte subscription that earns them at least $x per month per subscriber after any costs they have that they dont have for cable subscribers are taken out.
They still get at least the same amount of money if people switch to a-la-carte as they do for subscribers on cable plus they get a whole bunch of new subscribers who wont pay for cable but will pay for a-la-carte.
Maybe the answer is to say "stop carrying out cyber attacks on western nations, stop stealing western intellectual property etc or we will enforce sanctions against Chinese products"
Plenty of other countries with low cost base for manufacturers to move to (countries that aren't stealing western IP and government/military secrets)
Actually, legally, if the person who posted the original content submits a valid DMCA counter-notice then the content host (the one originally sent the DMCA take-down notice) can put it back and be legally protected. Its then up to whoever sent the original notice to to file a lawsuit against the uploader if they still believe they have a legitimate case.
IANAL but this is my understanding of the DMCA. Any experts out there feel free to correct me if I am wrong.
Compared to the size of the layouts the WA Brick Society (that's Western Australia, not Washington State btw) has displayed over the last few years, that layout is tiny.
And I bet there are clubs out there doing even bigger layouts.
SSH is not a chat client, its a secure remote shell for logging into other computers.
I have an idea for a really secure chat client. It would support all the things Skype does that don't cost money (including voice chat, video chat and file transfers). How I envisage it working is this:
1.When a user installs the program and registers for the service on a given host (there could be multiple separate instances of the server which may or may not communicate for the purposes of allowing users on one to talk to users on another), a public and private key-pair is generated on the local device. The public half is submitted alongside the registration details and the private half never leaves the users device (unless the user e.g. copies it to another device so they can use the program there).
2.When the user logs onto the service, they use their private key to digitally sign a login packet which is verified by the central host (to verify that the user is who they claim to be and making phishing and password-theft much harder).
3.To talk to someone (voice, video, text, file transfer, whatever) the client that wants to initiate the conversation asks the central server for the public key of the other guy. Then that public key is used as part of some sort of key exchange to share an encrypted session key in a way that even someone with a complete packet dump of the network traffic AND the private keys of both people couldn't recover the session key (something like Diffie-Helman would probably work here)
4.All communications between users would be peer-to-peer direct conversations. In cases where direct links are not fesable (such as mobile devices where direct p2p links are not an option) all any relay servers ever see is encrypted data packets.
5.Unless specifically asked by the user to do so, none of the communications are ever stored on any persistent storage medium by the client.
6.At the end of the conversation, the session key is destroyed. (how you define "end of the conversation" in an IM client I dont know but certainly ending a video or voice session would count, as would closing the client)
7.The client would cache public keys from users and warn if the cached key and the one the server has are different (thus helping detect if the central server has been compromised by someone)
Assuming the client is implemented properly and the crypto is good (and hasn't been cracked) then this should be highly resistant to eavesdropping.
The protocol would be 100% documented and open.
The client (and there would ideally be multiple implementations to ensure against someone inserting a back-door) would be open source.
If the session keys and key exchange are done properly (and there are no weaknesses in the key exchange or crypto) then even with the private keys of both parties in the conversation AND a full packet dump of the entire conversation, it would be impossible to recover what was transmitted.
In some cases they want to lock games out of FTA in an area because there is a different game on a subscription channel in some form that they want people to watch (and pay for)
The ITAR rules place restrictions on exporting certain things without an export license. One of the things that is restricted are handguns. ITAR also says that exporting blueprints and technical data related to an item requires an export permit in the same way that exporting the item does.
So by publishing blueprints to a handgun on a US-hosted web server without an export license, an ITAR violation has taken place.
The law says that its not illegal to produce a gun at home. People have been making guns at home for years.
Why is it suddenly a problem that someone can 3D print a gun instead of making one out of a block of metal with machine tools?
Is that it is simply replacing one set of binary blobs (Flash, Silverlight and a host of dedicated non-web apps on mobile devices, smart TVs, games console etc) with another set of binary blobs (the content decryption plugins).
It does nothing to make the content work on more browsers (the content decryption plugins still have to be ported to a given OS/browser combination). In fact, if those who create content decryption plugins do browser sniffing to block browsers they dont like (or browsers that contain bugs, vulnerabilities or features that could allow access to the decrypted content) it may reduce the number of choices to view specific content.
It will likely increase the number of DRM solutions out there as different content providers will want their own DRM solutions. (e.g. what Netflix uses may be different to what Google or Microsoft or Hulu or Amazon uses).
I agree with others posting here that the correct response (given that no-one was hurt, no damage was done and there was no intent to hurt anyone or cause any damage and given that this kid was otherwise a model student and had never done anything wrong before) was NOT to call the cops but to give the kid a week of detentions or maybe a weeks suspension, maybe combined with a stern warning to the kid (and the school as a whole at the next school assembly or something) not to do such things again because people might get hurt.