The truth of DTV is that it's an excuse to force most of the population to cough up $500-$900 in a short period of time. It creates an artificial demand spike so that a select few corporations can profit from mass-exploitation.
That might sound appealing, but it isn't really true. The reason for the switch to digital was to free up the vast amounts of extremely valuable public EM spectrum currently being used for broadcast television which, given the dominant position of cable television, was serving an ever decreasing audience anyway. Or in other words, the government could not afford to continue allowing UHF television to occupy spectrum that was now worth many billions of dollars per year in licensing revenue simply to satisfy an ever decreasing population of analog broadcast only television holdouts who were too cheap to purchase cable which is superior in every measurable respect except price. Personally, I don't own a television and I don't pay for cable so I would rather that the government earn more money leasing the spectrum to those who are willing to pay for it and either lower my taxes or increase other government services. If you and grandma want to continue watching the boob tube then you can start paying what it really costs to deliver that service. Why should the taxpayer subsidize your television habit?
Hehe, ahhh yes...the first giddy years of a computer science education. Perhaps the would-be student entrepreneur could benefit from the advice of some CS graduates who have been working for the past ten (10) plus years. The fact is that first year computer science students know almost nothing of value. If they even knew that they knew nothing then that would be something but most of them don't even know that much. My advice to new CS students is study diligently and leave the ego at the door. Your classmates are all at least as smart as you and probably smarter (even if you were the smartest person in your high school classes). Learn from those of us who have gone before instead of worrying about someone stealing your unique, wonderful, and revolutionary idea. First year computer science students probably have a better chance of winning the state lottery than single handedly making a profound contribution to the field of computer science as freshman. Approach your studies with some humility and you will be rewarded with a better education.
While this is just my own opinion, I think that this notion of making money off an idea without breaking a sweat or having some "special" idea that nobody else has thought of before is just another manifestation of the so-called "praise" generation of children born after 1978 or so who were the first generation to be raised by parents who grew up in the sixties and constantly doted over their children. They gave them awards and trophies simply for participating and constantly told them how smart and special they were, so that their oh so precious self-esteem wouldn't be diminished, until their expectations in life had been built up to unsustainable heights. Now, when they enter college and begin their entry level jobs they expect to be treated as they always have been with heaps of praise for how special and important they are and with massive salaries to match their perceived levels of genius and massive egos. What is more important, assuring that our children have a blissfully ignorant childhood full of praise and sheltered from the world OR grounding them in the realities of this world so that they are better equipped to handle life without dangerous illusions of grandeur?
I didn't say that I had discovered some new way to break strong crypto, but unless you are the smartest person on earth how can you be sure that someone else, perhaps working for the government (ala the NSA), hasn't solved that problem and just not made the solution public? As far as anyone with access to only public information knows the problems upon which the algorithms are based remain very computationally expensive to solve, but do not be closed to the possibility that a solution exists unless it has been proven not to exist. For example, everyone "knows" that P != NP, but nobody has been able to prove that it isn't so we must remain open to the possibility, however remote, that P = NP. I have high confidence in the security of the encryption that I use on my personal laptop for most situations, but my faith in it is not unquestioning. Be careful about what you think you know or you may be in for some nasty surprises out in the real world.
If you read the article then you would know that he didn't even know that he was under surveillance by the USSS for some time before his arrest. They watched him move to a new appartment and take his stuff with him. They knew when he went out and what he took with him. They could have bugged his keyboard while he was out and recovered the key that way. The article didn't say how exactly they recovered the keys or even how long the passphrases were. If they can physically locate you and breach your physical security, as the government was able to do in this case, then it is only a matter of time before they catch you off guard. When they finally did arrest him they busted down the door while he was sleeping and threw him out of bed. There were ample opportunities to recover the keys, even if they didn't brute force them, because they compromised his physical security prior to his arrest.
How many times do you type your password vs. how many times do you type some other word?
It depends what you use your computer for and what the password is. If the password includes lots of punctuation characters that dont get typed as often as other keys for example or if numbers are used more or less etc. It might yield nothing or it might yield something, but you cannot say that under no circumstances would be of any help in brute forcing the keys. It might, it just depends upon the password and the usage patterns. If you have to try all of the keys anyway then the order doesn't really matter so it cannot hurt to try the keys with the more 'likely' characters first, even if that data turns out to be just noise.
Now suppose that they knew the cipher that was being used, maybe he used the default choice for whatever product he was using, it doesn't take to long to check a single key and even if they couldn't identify the algorithm being used checking three or more would only add a constant coefficient (the number of algorithms to check for each key generated) to the complexity of the attack.
No, actually that's not a certainty.
But it is not an uncertainty either. The NSA might have some cryptanalysis techniques that are not generally known that substantially reduce the keyspace or maybe they had some known plaintexts. The article didn't say how the FDE was cracked, but we do know that they got his keys somehow. At the very least this should signal to the average citizen that encryption is not an absolute defense against a determined adversary and particularly when that adversary is the government or is prepared to use extreme violence or duress (ala the rubber hose) to extract your keys. I agree that the algorithms themselves are strong, but there are other considerations in the real world.
Why is months any more reasonable of a timeline to crack an unknown encryption scheme with unknown resources?
Maybe they were able to determine some of the characters that were used in the key, or maybe they had some known plaintexts (things that they knew where on the harddrive). The attack may not have been completely unguided.
but there are those of us who find people randomly making things up to support their argument to be rude.
We were speculating because the article was vauge and those that do know (i.e. the government) aren't going to say because they don't want to reveal their methods. Having re-read the article I think that the most likely explanation for the breach was the compromise of Butler's physical security during the time leading up to his arrest. They could have bugged his keyboard(s) and waited for him to access the encrypted drive before kicking down the door. He was obviously concerned about his physical security, but he was apparanetly unable to spot the surveillance or take steps to destroy the evidence prior to his arrest (which he probably would have tried had he know about the agents watching his appartment and had time).
Not at all. The final value of this carders hoard of unused dumps was estimated to be in the range of 500 million dollars (at least according to the article) and the USSS was involved along with the FBI in an attempt to shut down the largest consolidated carder site ever assembled by one person. As other posters have pointed out, analysis of keyboard wear (assuming that Mr. Butler didn't have the foresight to regularly change his physical keyboard) might have assisted the effort greatly (yielding a success before all or even most of the possible key space had been exhausted). The point of encryption is not to provide absolute protection for all time against all efforts but rather to provide protection for a limited amount of time as a function of the resources of your adversary. The United States, as one of the reigning superpowers of the world, has a vast amount of money and resources at it's disposal (we spend more then 500 million dollars in Iraq every week). Even the best encryption will eventually fall to a determined enough adversary with enough resources to throw at the problem. The article mentions a time frame of serveral months to years (and the trial probably went on for a couple of years) which sounds reasonable if government super computers were being enlisted in a distributed brute force search of the keyspace. Fortunately, for most of us, our data is not worth 500 million dollars and so no great effort will made to brute force our FDE keys in the event that our laptops are lost or stolen. Even the resources of the largest governments are finite after all and no protection, even the strongest encryption, is infinite, but that doesn't make FDE useless.
Is here any roleplayer that does NOT know how using an artificial value to describe "real" problems automatically leads to some people "playing the system" instead of playing the game?
You mean like rolling up a fighter/cleric/mage/thief because the campaign is only going to last a few sessions anyway and a multi-class character is more useful in the short run than a single class? Or specializing in the harpoon, even when the campaign is not taking place in a coastal area, instead of the longsword because it does d10 damage instead of d8 and allows 3/2 attacks per round? Yeah, I have seen it all when it comes to minmaxing. The worst was all of the players option: skills and powers stuff in AD&D 3d edition, they should have called it players option: minmaxing.
Now why did anyone think this would be different when real money is involved, and thus the incentive to abuse the rules way higher?
Well for one thing, having one's butt thrown in jail for real is a bit more unnerving than the prospect of Grognak the Barbarian spending fall semester rotting in the dungeons of the Lich King until the gaming group gets back together during winter break.
You aren't necessarily doing anything illegal or immoral by betting on the downfall of companies. You are wisely investing.
If only it were that simple, but unfortunately in the real world it never is. I agree that that short sellers should receive their full due when their bets pan out, but even now the SEC and others in government have vilified the short sellers (and the 'naked short' sellers in particular) as vampires, sucking the last bits of equity out of dying companies and ruining the long term viability of otherwise good businesses. The short seller is a necessary and useful participant in the market, just as the vulture is a necessary and useful participant in the environment, but nobody likes to pay him off when the bill comes due because the rest of us are all miserable over our losses.
While Noscript works for us geek types it simply isn't usable for 95% of the PC users out there. It is simply too complex and is like a band aid on a gunshot wound, which is the prevalence of running third party JavaScript code for ads and core functionality on most websites. It is simply a BAD idea.
Don't blame NoScript, blame the people who thought that running untrusted third-party scripts automatically when web pages load was a good idea. In fact many of the current problems on the Internet are due to bad assumptions about user etiquette that were made during a more innocent time when the Internet was basically not accessible to the public. NoScript is an add-on, it is there for those who understand how to use it and want it and that is how it should be. JavaScript is not going to go away, so for the time being extensions like NoScript have a role to play, even if it is limited to geeks.
The problem with Noscript is it always blocks the content the user wants along with the content the user doesn't.
This is by design. The program starts in the most secure locked down state and the user configures it to open up as needed. This is good security practice.
Perhaps instead of the long list of blocked elements we could have a "simple" view as well as the traditional advanced? One in which there is a "play video" button that allows the video on whatever site you are on to play?
The default option is to show an empty box with the NoScript icon on blocked elements where clicking on the blocked element brings up a temporarily allow dialog whereby the block can be bypassed on a case by case basis. Is this not sufficient?
And it still doesn't get to what my point was, which is that someone shouldn't have to be a geek or shouldn't NEED to have all this complex software like Noscript simply so they can view a web page without being pwned
Some activities are always going to be complex or require some minimal level of skill to do well, there really isn't any good way around that. In fact Windows Vista, for all of its flaws both real and imagined, proved that by actually forcing some minimal level of security on users (even if it did demand privilege escalation a bit too often). Mac and Linux have been doing some of the same sorts of things (i.e. asking for admin password to install or perform other privileged tasks) for years now, the difference being that their users were used to it whereas Windows users were largely not aware of such practices (again, Microsoft owns blame for years of lax security and bad user training to click Yes or OK on everything that pops up) prior to Vista.
they are going to be scrambling trying to figure out how to get their websites to function the same without it.
The good web-designers already do that. I know that I do. If JavaScript is used then it should be used to enhance the user experience, but it should always degrade gracefully to permit even those with JavaScript turned off to effectively use the site. This is a very achievable goal in modern web design, even if too many amateur night web developers / designers out there still don't know how to use CSS instead of cut and paste JavaScript for common web functionality.
I would go so far to find ways to forbid the access to my sites to people with adblock&co. It's my content and you will see it my way or not at all.
You should not be so quick to initiate a technology arms race with the IT geeks over ad blocking. It is one that server operators, site owners, and advertisers will almost certainly lose and more to the point it is unnecessary. The most effective use of ad blocking requires technical knowledge of protocols, regular expressions, and the like. It is better to simply let the less than 20% of web users who are savvy enough to configure and use these technologies go, we wouldn't have clicked on or bought anything anyway. In fact, you should be thanking us for using ad blockers because by NOT downloading any ads we are inflating your click through ratios (i.e. the number of people who are served an ad and actually clicked through) by selecting ourselves out of the group that was served an ad but did NOT click on it. From what I understand NO advertisers pay for simple impressions anymore (or if they do then it is is very very little), they want click through and they will only pay for clicks on sale conversions. If your sites are small or don't serve as a storefronts for products then you are probably better off with dontations, swag (t-shrits and the like), and subscriptions than with ads.
The problem with the hosts file is that the advertisers keep switching servers and IP ranges in an attempt to dodge host based filtering. A better solution is a browser extension, such as AdBlock Plus with subscription lists and support for regular expression based filtering.
That is why NoScript is a must have add-on for Firefox. Combine with AdBlock Plus for an especially effective prescription against subversive scripts and annoying ads.
Has it occured to anyone else that with all of the surveillance and tracking going on in the UK that they might simply make certain crimes, like say identity theft, more attractive without really reducing the overall amount of crime or catching those who are actually responsible?
It is not possible to allow the "good guys" only to have access to secure operating systems and security technologies such as encryption while simultaneously locking the "bad guys" out. The British government will have to decide what is more important, providing secure online banking, shopping, and other electronic services as part of operating in a modern economy OR hobbling the information economy with restrictions to catch a few more low-level or careless "bad guys" at the expense of even more loss of privacy for millions of ordinary British citizens and substantial encumbrance of legitimate economic activity involving computers, the Internet, and other "sensitive" technologies. If it is easy for the police to "hack in" then it is easy for the spammers, terrorists, or anyone else to "hack in" as well. The British reaction always seems to be, "We ought to have a law against that!" instead of simply acceptating that bad things will sometimes happen despite the best laid plans or intentions and moving on with "acceptable risks" in an open society.
If NASA want to go back to the Moon (far better to offer a $20B X-Prize for the first organization to put 30 men on the Moon for a year and a day, and return them safely to Earth), all they have to do is to start building modernized Saturn Vs, Apollo CMs, SMs, & LMs.
Just about anything would be better than continuing with the Ares program using bastardized space shuttle technology which was itself highly specialized for the peculiarities of the Space Shuttle which in turn is probably the most unusual launch configuration ever flown with people aboard. It seems that NASA always tries to save money by stepping over dollars to pick up pennies. They made that mistake with the Space Shuttle program and they are all set to make it again with the Ares program. The SpaceX guys (who owe at least some debt to Boeing with their modular Delta rocket system) have the right idea, but for some reason(s), perhaps political, NASA doesn't want to be seen taking them too seriously. The SpaceX Falcon program demonstrates what can be achieved when the politicians are kept out of the loop and actual engineers make the vehicle design decisions instead of Senators with jobs to protect.
You mean the 'Imperial Starfleet' with the sword and globe logo ala the Mirror Universe right? It seems more and more like we are going down the Terran Empire path rather than the more altruistic one originally envisioned by Mr. Rodenberry.
The parent was not so much saying, "avoid Rails, use Django", but rather was explaining that for about 5% of his necessary requirements, customization of Rails was too complex or expensive when compared to the alternatives. I am myself a web developer and our whole business is really about trade-offs and costs. I have not used Rails personally, but from what I understand, in Ruby on Rails those who go "off the reservation" are "punished" with "ugly code" and complex maintenance for not adhering to the core Rails axiom of convention over customization. If you use Rails and like it then by all means continue using it. There are many web development projects out there that can surely benefit from the convention over customization route (aka why reinvent the wheel). However, there is also something to be said for the ability to "plug" or "hook" into a framework and provide customization where necessary and there are few things as frusterating as getting knee deep into a framework and then stepping on a land mine hidden in the muck because the framework developers were careless or walled off an internal handling area and didn't provide a key handling point, or foothold if you will, where it would be *really* nice to insert a custom strategy for some domain specific reason.
If MediaSentry implodes, they'll just setup another shell company and new personnel.
Perhaps, but if they create the new shell company in the same mould as MediaSentry (aka SafeNet...why do they bother changing names? Do they think in the age of the Internet that nobody will recognize them?) then they will fall victim to the same sort of sanctions. If the RIAA wanted to finance a company with licensed investigators in all 50 US states then it wouldn't be cheap and their whole strategy, on many levels, revolves around cheapness (that is why the try to withdraw from casses once the cost benefit ratio begins to turn against them, Capitol vs Thomas not withstanding). Licensed private investigators are not a cheap service and the RIAA knows that.
I can't believe anyone could actually believe something like that while living in this country.
Well, believe it. The problem with many Americans these days is that they take their freedoms for granted as if they were always there and always will be there. These are the same people who don't care about how we get the "bad guys" as long as the "right" people are caught and punished. Compounding the effects of their ignorance are the popular consumer culture and media that have taken over the public space with mindless and meaningless one way content that wastes time, reduces collective intelligence, and generally renders those enthralled by it oblivious to the gradual erosion of their hard won freedoms set down in our founding documents and nurtured for generations with the blood, sweat, and tears of an informed and involved citizenry. Perhaps one day too late they will wake up and ask, "what happened?" while the few among us who have been sounding the alarm from the very beginning smack them upside the head and say, "see, we told you so".
The stock can only go down to zero so the loss is limited in that regard (unlike some other financial instruments, short options for example, where the loss is theoretically unlimited because while a stock cannot be worth less than zero there is no upper limit on increases in value). If you have zero tolerance for risk than no amount of potential reward would offset even the smallest chance of loss and if that is the case then by all means open yourself a savings account and buy CDs and T-Bills. Right now, the yields on safe investments are so low (because lots of investors want them to shore up balance sheets for accounting reasons) that you probably will only be able to limit your losses (it is like paddling against the current, but not fast enough to make any headway. You may not fall behind as quickly, but you are still falling behind).
"They" will try to inflate, but your own post admits they will fail for (perhaps) 5 years. Telling people to buy stuff now is simply bad advice.
The P/E ratios are getting so low and the yields on dividends so high that you can justify the purchase price based almost entirely on 5 years of dividend payments alone. For example, I have a REIT in my Roth IRA that has paid regular dividends for a 7% anualized yield for the last 5 years and lost no principle (not too shabby, wouldn't you agree?). Some stocks have so much upside and so little left to lose that there are great values to be had if one has the nerve to persue them. As Warren Buffet says, "be fearful when others are greedy and greedy when others are fearful". Most of us Slashdot readers are still on the younger end of the scale and given that we are (or should be) investing in our IRAs and 401ks for our retirements with yearly contributions it makes sense to take advantage of good equity buying opporutnities rather than earn miserly returns in the cash funds and miss the best buying opportunity to come along in decades. I agree that there is a window here on the order of months or even years, but unless you are trying to engage in market timing (something which cannot be done reliably), now is a good time to start dollar cost averaging into some good long term positions.
Amen, but us savers have to watch out. The incoming Obama administration is about to pull the inflation ripcord big time in an ill fated attempt to devalue our existing national debts and spend our way out of trouble (which too much credit and spending got us into in the first place). Now is the time to invest money in tangible assets when prices are low and before the coming inflationary government spending policies. It is tempting to hold on to cash like everyone else, but the Fed is going to shake that cash loose with another round of spend it or lose it expansionary monetary policy (i.e. if you sit on your cash and refuse to spend it back into the economy, then they will punish you by inflating away a percentage of your hoard...call it a tax on saving). The best investments, IMHO, are probably in the commodities based businesses which produce metals, chemicals, energy, and other raw materials that are necessary to produce goods and services in the economy. Commercial real estate also has some attractive values right now, provided that one can take a longer than 5 year outlook on the investment.
Why should the population of the US prop up an industry which has had many many decades to compete on the world market.
The answer is quite simple, they shouldn't. However, like many other unfortunate political realities in this world both at home and abroad this one just isn't going away. The lobbyists for the corn farmers, or more precisely the agribusinesses who continue to promote the myth of the struggling small-hold working class farming family (a rarity these days even when it can be found), are very powerful and will NOT be deprived of their protections. It is what is known as a third rail issue in US politics. Senators and Representatives from corn farming states are dead politically if they even broach the subject of cutting protections. Obama and his message of hope are virtually meaningless in light of such stark political truths. I wish that more Americans had read the collected works of Machiavelli and took a more sanguine view of the world, at least then they wouldn't be so easily fooled by empty political promises of hope.
Slashdot Mirror
The truth of DTV is that it's an excuse to force most of the population to cough up $500-$900 in a short period of time. It creates an artificial demand spike so that a select few corporations can profit from mass-exploitation.
That might sound appealing, but it isn't really true. The reason for the switch to digital was to free up the vast amounts of extremely valuable public EM spectrum currently being used for broadcast television which, given the dominant position of cable television, was serving an ever decreasing audience anyway. Or in other words, the government could not afford to continue allowing UHF television to occupy spectrum that was now worth many billions of dollars per year in licensing revenue simply to satisfy an ever decreasing population of analog broadcast only television holdouts who were too cheap to purchase cable which is superior in every measurable respect except price. Personally, I don't own a television and I don't pay for cable so I would rather that the government earn more money leasing the spectrum to those who are willing to pay for it and either lower my taxes or increase other government services. If you and grandma want to continue watching the boob tube then you can start paying what it really costs to deliver that service. Why should the taxpayer subsidize your television habit?
Hehe, ahhh yes...the first giddy years of a computer science education. Perhaps the would-be student entrepreneur could benefit from the advice of some CS graduates who have been working for the past ten (10) plus years. The fact is that first year computer science students know almost nothing of value. If they even knew that they knew nothing then that would be something but most of them don't even know that much. My advice to new CS students is study diligently and leave the ego at the door. Your classmates are all at least as smart as you and probably smarter (even if you were the smartest person in your high school classes). Learn from those of us who have gone before instead of worrying about someone stealing your unique, wonderful, and revolutionary idea. First year computer science students probably have a better chance of winning the state lottery than single handedly making a profound contribution to the field of computer science as freshman. Approach your studies with some humility and you will be rewarded with a better education.
While this is just my own opinion, I think that this notion of making money off an idea without breaking a sweat or having some "special" idea that nobody else has thought of before is just another manifestation of the so-called "praise" generation of children born after 1978 or so who were the first generation to be raised by parents who grew up in the sixties and constantly doted over their children. They gave them awards and trophies simply for participating and constantly told them how smart and special they were, so that their oh so precious self-esteem wouldn't be diminished, until their expectations in life had been built up to unsustainable heights. Now, when they enter college and begin their entry level jobs they expect to be treated as they always have been with heaps of praise for how special and important they are and with massive salaries to match their perceived levels of genius and massive egos. What is more important, assuring that our children have a blissfully ignorant childhood full of praise and sheltered from the world OR grounding them in the realities of this world so that they are better equipped to handle life without dangerous illusions of grandeur?
I didn't say that I had discovered some new way to break strong crypto, but unless you are the smartest person on earth how can you be sure that someone else, perhaps working for the government (ala the NSA), hasn't solved that problem and just not made the solution public? As far as anyone with access to only public information knows the problems upon which the algorithms are based remain very computationally expensive to solve, but do not be closed to the possibility that a solution exists unless it has been proven not to exist. For example, everyone "knows" that P != NP, but nobody has been able to prove that it isn't so we must remain open to the possibility, however remote, that P = NP. I have high confidence in the security of the encryption that I use on my personal laptop for most situations, but my faith in it is not unquestioning. Be careful about what you think you know or you may be in for some nasty surprises out in the real world.
If you read the article then you would know that he didn't even know that he was under surveillance by the USSS for some time before his arrest. They watched him move to a new appartment and take his stuff with him. They knew when he went out and what he took with him. They could have bugged his keyboard while he was out and recovered the key that way. The article didn't say how exactly they recovered the keys or even how long the passphrases were. If they can physically locate you and breach your physical security, as the government was able to do in this case, then it is only a matter of time before they catch you off guard. When they finally did arrest him they busted down the door while he was sleeping and threw him out of bed. There were ample opportunities to recover the keys, even if they didn't brute force them, because they compromised his physical security prior to his arrest.
How many times do you type your password vs. how many times do you type some other word?
It depends what you use your computer for and what the password is. If the password includes lots of punctuation characters that dont get typed as often as other keys for example or if numbers are used more or less etc. It might yield nothing or it might yield something, but you cannot say that under no circumstances would be of any help in brute forcing the keys. It might, it just depends upon the password and the usage patterns. If you have to try all of the keys anyway then the order doesn't really matter so it cannot hurt to try the keys with the more 'likely' characters first, even if that data turns out to be just noise.
Now suppose that they knew the cipher that was being used, maybe he used the default choice for whatever product he was using, it doesn't take to long to check a single key and even if they couldn't identify the algorithm being used checking three or more would only add a constant coefficient (the number of algorithms to check for each key generated) to the complexity of the attack.
No, actually that's not a certainty.
But it is not an uncertainty either. The NSA might have some cryptanalysis techniques that are not generally known that substantially reduce the keyspace or maybe they had some known plaintexts. The article didn't say how the FDE was cracked, but we do know that they got his keys somehow. At the very least this should signal to the average citizen that encryption is not an absolute defense against a determined adversary and particularly when that adversary is the government or is prepared to use extreme violence or duress (ala the rubber hose) to extract your keys. I agree that the algorithms themselves are strong, but there are other considerations in the real world.
Why is months any more reasonable of a timeline to crack an unknown encryption scheme with unknown resources?
Maybe they were able to determine some of the characters that were used in the key, or maybe they had some known plaintexts (things that they knew where on the harddrive). The attack may not have been completely unguided.
but there are those of us who find people randomly making things up to support their argument to be rude.
We were speculating because the article was vauge and those that do know (i.e. the government) aren't going to say because they don't want to reveal their methods. Having re-read the article I think that the most likely explanation for the breach was the compromise of Butler's physical security during the time leading up to his arrest. They could have bugged his keyboard(s) and waited for him to access the encrypted drive before kicking down the door. He was obviously concerned about his physical security, but he was apparanetly unable to spot the surveillance or take steps to destroy the evidence prior to his arrest (which he probably would have tried had he know about the agents watching his appartment and had time).
Not at all. The final value of this carders hoard of unused dumps was estimated to be in the range of 500 million dollars (at least according to the article) and the USSS was involved along with the FBI in an attempt to shut down the largest consolidated carder site ever assembled by one person. As other posters have pointed out, analysis of keyboard wear (assuming that Mr. Butler didn't have the foresight to regularly change his physical keyboard) might have assisted the effort greatly (yielding a success before all or even most of the possible key space had been exhausted). The point of encryption is not to provide absolute protection for all time against all efforts but rather to provide protection for a limited amount of time as a function of the resources of your adversary. The United States, as one of the reigning superpowers of the world, has a vast amount of money and resources at it's disposal (we spend more then 500 million dollars in Iraq every week). Even the best encryption will eventually fall to a determined enough adversary with enough resources to throw at the problem. The article mentions a time frame of serveral months to years (and the trial probably went on for a couple of years) which sounds reasonable if government super computers were being enlisted in a distributed brute force search of the keyspace. Fortunately, for most of us, our data is not worth 500 million dollars and so no great effort will made to brute force our FDE keys in the event that our laptops are lost or stolen. Even the resources of the largest governments are finite after all and no protection, even the strongest encryption, is infinite, but that doesn't make FDE useless.
Is here any roleplayer that does NOT know how using an artificial value to describe "real" problems automatically leads to some people "playing the system" instead of playing the game?
You mean like rolling up a fighter/cleric/mage/thief because the campaign is only going to last a few sessions anyway and a multi-class character is more useful in the short run than a single class? Or specializing in the harpoon, even when the campaign is not taking place in a coastal area, instead of the longsword because it does d10 damage instead of d8 and allows 3/2 attacks per round? Yeah, I have seen it all when it comes to minmaxing. The worst was all of the players option: skills and powers stuff in AD&D 3d edition, they should have called it players option: minmaxing.
Now why did anyone think this would be different when real money is involved, and thus the incentive to abuse the rules way higher?
Well for one thing, having one's butt thrown in jail for real is a bit more unnerving than the prospect of Grognak the Barbarian spending fall semester rotting in the dungeons of the Lich King until the gaming group gets back together during winter break.
You aren't necessarily doing anything illegal or immoral by betting on the downfall of companies. You are wisely investing.
If only it were that simple, but unfortunately in the real world it never is. I agree that that short sellers should receive their full due when their bets pan out, but even now the SEC and others in government have vilified the short sellers (and the 'naked short' sellers in particular) as vampires, sucking the last bits of equity out of dying companies and ruining the long term viability of otherwise good businesses. The short seller is a necessary and useful participant in the market, just as the vulture is a necessary and useful participant in the environment, but nobody likes to pay him off when the bill comes due because the rest of us are all miserable over our losses.
While Noscript works for us geek types it simply isn't usable for 95% of the PC users out there. It is simply too complex and is like a band aid on a gunshot wound, which is the prevalence of running third party JavaScript code for ads and core functionality on most websites. It is simply a BAD idea.
Don't blame NoScript, blame the people who thought that running untrusted third-party scripts automatically when web pages load was a good idea. In fact many of the current problems on the Internet are due to bad assumptions about user etiquette that were made during a more innocent time when the Internet was basically not accessible to the public. NoScript is an add-on, it is there for those who understand how to use it and want it and that is how it should be. JavaScript is not going to go away, so for the time being extensions like NoScript have a role to play, even if it is limited to geeks.
The problem with Noscript is it always blocks the content the user wants along with the content the user doesn't.
This is by design. The program starts in the most secure locked down state and the user configures it to open up as needed. This is good security practice.
Perhaps instead of the long list of blocked elements we could have a "simple" view as well as the traditional advanced? One in which there is a "play video" button that allows the video on whatever site you are on to play?
The default option is to show an empty box with the NoScript icon on blocked elements where clicking on the blocked element brings up a temporarily allow dialog whereby the block can be bypassed on a case by case basis. Is this not sufficient?
And it still doesn't get to what my point was, which is that someone shouldn't have to be a geek or shouldn't NEED to have all this complex software like Noscript simply so they can view a web page without being pwned
Some activities are always going to be complex or require some minimal level of skill to do well, there really isn't any good way around that. In fact Windows Vista, for all of its flaws both real and imagined, proved that by actually forcing some minimal level of security on users (even if it did demand privilege escalation a bit too often). Mac and Linux have been doing some of the same sorts of things (i.e. asking for admin password to install or perform other privileged tasks) for years now, the difference being that their users were used to it whereas Windows users were largely not aware of such practices (again, Microsoft owns blame for years of lax security and bad user training to click Yes or OK on everything that pops up) prior to Vista.
they are going to be scrambling trying to figure out how to get their websites to function the same without it.
The good web-designers already do that. I know that I do. If JavaScript is used then it should be used to enhance the user experience, but it should always degrade gracefully to permit even those with JavaScript turned off to effectively use the site. This is a very achievable goal in modern web design, even if too many amateur night web developers / designers out there still don't know how to use CSS instead of cut and paste JavaScript for common web functionality.
I would go so far to find ways to forbid the access to my sites to people with adblock&co. It's my content and you will see it my way or not at all.
You should not be so quick to initiate a technology arms race with the IT geeks over ad blocking. It is one that server operators, site owners, and advertisers will almost certainly lose and more to the point it is unnecessary. The most effective use of ad blocking requires technical knowledge of protocols, regular expressions, and the like. It is better to simply let the less than 20% of web users who are savvy enough to configure and use these technologies go, we wouldn't have clicked on or bought anything anyway. In fact, you should be thanking us for using ad blockers because by NOT downloading any ads we are inflating your click through ratios (i.e. the number of people who are served an ad and actually clicked through) by selecting ourselves out of the group that was served an ad but did NOT click on it. From what I understand NO advertisers pay for simple impressions anymore (or if they do then it is is very very little), they want click through and they will only pay for clicks on sale conversions. If your sites are small or don't serve as a storefronts for products then you are probably better off with dontations, swag (t-shrits and the like), and subscriptions than with ads.
The problem with the hosts file is that the advertisers keep switching servers and IP ranges in an attempt to dodge host based filtering. A better solution is a browser extension, such as AdBlock Plus with subscription lists and support for regular expression based filtering.
That is why NoScript is a must have add-on for Firefox. Combine with AdBlock Plus for an especially effective prescription against subversive scripts and annoying ads.
And when the disaffected youth begin working out in underground gyms and training in martial arts then what? will they ban all physical exercise?
Has it occured to anyone else that with all of the surveillance and tracking going on in the UK that they might simply make certain crimes, like say identity theft, more attractive without really reducing the overall amount of crime or catching those who are actually responsible?
It is not possible to allow the "good guys" only to have access to secure operating systems and security technologies such as encryption while simultaneously locking the "bad guys" out. The British government will have to decide what is more important, providing secure online banking, shopping, and other electronic services as part of operating in a modern economy OR hobbling the information economy with restrictions to catch a few more low-level or careless "bad guys" at the expense of even more loss of privacy for millions of ordinary British citizens and substantial encumbrance of legitimate economic activity involving computers, the Internet, and other "sensitive" technologies. If it is easy for the police to "hack in" then it is easy for the spammers, terrorists, or anyone else to "hack in" as well. The British reaction always seems to be, "We ought to have a law against that!" instead of simply acceptating that bad things will sometimes happen despite the best laid plans or intentions and moving on with "acceptable risks" in an open society.
If NASA want to go back to the Moon (far better to offer a $20B X-Prize for the first organization to put 30 men on the Moon for a year and a day, and return them safely to Earth), all they have to do is to start building modernized Saturn Vs, Apollo CMs, SMs, & LMs.
Just about anything would be better than continuing with the Ares program using bastardized space shuttle technology which was itself highly specialized for the peculiarities of the Space Shuttle which in turn is probably the most unusual launch configuration ever flown with people aboard. It seems that NASA always tries to save money by stepping over dollars to pick up pennies. They made that mistake with the Space Shuttle program and they are all set to make it again with the Ares program. The SpaceX guys (who owe at least some debt to Boeing with their modular Delta rocket system) have the right idea, but for some reason(s), perhaps political, NASA doesn't want to be seen taking them too seriously. The SpaceX Falcon program demonstrates what can be achieved when the politicians are kept out of the loop and actual engineers make the vehicle design decisions instead of Senators with jobs to protect.
You mean the 'Imperial Starfleet' with the sword and globe logo ala the Mirror Universe right? It seems more and more like we are going down the Terran Empire path rather than the more altruistic one originally envisioned by Mr. Rodenberry.
The parent was not so much saying, "avoid Rails, use Django", but rather was explaining that for about 5% of his necessary requirements, customization of Rails was too complex or expensive when compared to the alternatives. I am myself a web developer and our whole business is really about trade-offs and costs. I have not used Rails personally, but from what I understand, in Ruby on Rails those who go "off the reservation" are "punished" with "ugly code" and complex maintenance for not adhering to the core Rails axiom of convention over customization. If you use Rails and like it then by all means continue using it. There are many web development projects out there that can surely benefit from the convention over customization route (aka why reinvent the wheel). However, there is also something to be said for the ability to "plug" or "hook" into a framework and provide customization where necessary and there are few things as frusterating as getting knee deep into a framework and then stepping on a land mine hidden in the muck because the framework developers were careless or walled off an internal handling area and didn't provide a key handling point, or foothold if you will, where it would be *really* nice to insert a custom strategy for some domain specific reason.
If MediaSentry implodes, they'll just setup another shell company and new personnel.
Perhaps, but if they create the new shell company in the same mould as MediaSentry (aka SafeNet...why do they bother changing names? Do they think in the age of the Internet that nobody will recognize them?) then they will fall victim to the same sort of sanctions. If the RIAA wanted to finance a company with licensed investigators in all 50 US states then it wouldn't be cheap and their whole strategy, on many levels, revolves around cheapness (that is why the try to withdraw from casses once the cost benefit ratio begins to turn against them, Capitol vs Thomas not withstanding). Licensed private investigators are not a cheap service and the RIAA knows that.
I can't believe anyone could actually believe something like that while living in this country.
Well, believe it. The problem with many Americans these days is that they take their freedoms for granted as if they were always there and always will be there. These are the same people who don't care about how we get the "bad guys" as long as the "right" people are caught and punished. Compounding the effects of their ignorance are the popular consumer culture and media that have taken over the public space with mindless and meaningless one way content that wastes time, reduces collective intelligence, and generally renders those enthralled by it oblivious to the gradual erosion of their hard won freedoms set down in our founding documents and nurtured for generations with the blood, sweat, and tears of an informed and involved citizenry. Perhaps one day too late they will wake up and ask, "what happened?" while the few among us who have been sounding the alarm from the very beginning smack them upside the head and say, "see, we told you so".
The stock can only go down to zero so the loss is limited in that regard (unlike some other financial instruments, short options for example, where the loss is theoretically unlimited because while a stock cannot be worth less than zero there is no upper limit on increases in value). If you have zero tolerance for risk than no amount of potential reward would offset even the smallest chance of loss and if that is the case then by all means open yourself a savings account and buy CDs and T-Bills. Right now, the yields on safe investments are so low (because lots of investors want them to shore up balance sheets for accounting reasons) that you probably will only be able to limit your losses (it is like paddling against the current, but not fast enough to make any headway. You may not fall behind as quickly, but you are still falling behind).
"They" will try to inflate, but your own post admits they will fail for (perhaps) 5 years. Telling people to buy stuff now is simply bad advice.
The P/E ratios are getting so low and the yields on dividends so high that you can justify the purchase price based almost entirely on 5 years of dividend payments alone. For example, I have a REIT in my Roth IRA that has paid regular dividends for a 7% anualized yield for the last 5 years and lost no principle (not too shabby, wouldn't you agree?). Some stocks have so much upside and so little left to lose that there are great values to be had if one has the nerve to persue them. As Warren Buffet says, "be fearful when others are greedy and greedy when others are fearful". Most of us Slashdot readers are still on the younger end of the scale and given that we are (or should be) investing in our IRAs and 401ks for our retirements with yearly contributions it makes sense to take advantage of good equity buying opporutnities rather than earn miserly returns in the cash funds and miss the best buying opportunity to come along in decades. I agree that there is a window here on the order of months or even years, but unless you are trying to engage in market timing (something which cannot be done reliably), now is a good time to start dollar cost averaging into some good long term positions.
Amen, but us savers have to watch out. The incoming Obama administration is about to pull the inflation ripcord big time in an ill fated attempt to devalue our existing national debts and spend our way out of trouble (which too much credit and spending got us into in the first place). Now is the time to invest money in tangible assets when prices are low and before the coming inflationary government spending policies. It is tempting to hold on to cash like everyone else, but the Fed is going to shake that cash loose with another round of spend it or lose it expansionary monetary policy (i.e. if you sit on your cash and refuse to spend it back into the economy, then they will punish you by inflating away a percentage of your hoard...call it a tax on saving). The best investments, IMHO, are probably in the commodities based businesses which produce metals, chemicals, energy, and other raw materials that are necessary to produce goods and services in the economy. Commercial real estate also has some attractive values right now, provided that one can take a longer than 5 year outlook on the investment.
Why should the population of the US prop up an industry which has had many many decades to compete on the world market.
The answer is quite simple, they shouldn't. However, like many other unfortunate political realities in this world both at home and abroad this one just isn't going away. The lobbyists for the corn farmers, or more precisely the agribusinesses who continue to promote the myth of the struggling small-hold working class farming family (a rarity these days even when it can be found), are very powerful and will NOT be deprived of their protections. It is what is known as a third rail issue in US politics. Senators and Representatives from corn farming states are dead politically if they even broach the subject of cutting protections. Obama and his message of hope are virtually meaningless in light of such stark political truths. I wish that more Americans had read the collected works of Machiavelli and took a more sanguine view of the world, at least then they wouldn't be so easily fooled by empty political promises of hope.
Do all of the innovation you like, but do it on your own dime. I will be deciding how best to spend the money in my pocket, thank you very much.