And sure, the system should be different for someone who has a genuine reason why they're unable to work...
Living with a genuine disability is very expensive, and yet the benefits available are being cut because there isn't enough money to go around. If you cut down on all the people falsely claiming disability benefits, and those claiming benefits because they are simply too lazy to work then a lot more help could be made available for those in genuine need.
Many of those taking drugs also turn to crime, even when they are claiming benefits. Either the benefits handout is insufficient to fund their habit or desired lifestyle, so they commit crime to supplement their handouts, or they commit violent crimes as a direct result of being out of their minds on drink/drugs.
As a taxpayer it makes little difference if the state buys him a tv or he steals mine, i end up paying for it either way.
Look at the arrogance of such people, they feel they have a divine right to have all these modern luxuries without having to work for them like everyone else does.
So don't allow them to be idle, if they're able to work then they should be working.. If they can't find a job through the normal channels then they should be required to study/train towards finding a job, or work community service.
Taxpayers shouldn't be paying for fit and able people to sit on their asses all day consuming drugs and alcohol. The rest of us don't have that much free time because we actually have to work!
And why exactly should the government (ie those of us who pay tax) subsidise someone consuming drugs and alcohol?
The benefits system should provide an absolute baseline standard of living, ie it keeps you alive but you get absolutely no luxuries whatsoever. That means basic food nothing fancy, no car, no drugs/alcohol/tobacco, a room to sleep in with access to basic facilities, and access to education/training.
The benefits system is not there to provide a lifestyle, it is there to TEMPORARILY provide the bare essentials until you find another job. People should have to work if they want any kind of luxury items.
The amount of people on long term benefits, who have all manner of luxury goods is absolutely sickening. And i have yet to meet someone claiming benefits who doesn't smoke.
If your hosts are sensibly configured, then a firewall only serves to prevent external users from sending traffic to closed ports on your server... There isn't a huge risk involved with users being able to send traffic to closed ports.
If a port is open then it should be open for a reason, and you will configure your firewall to allow that service through anyway.
By adding a firewall you've increased your hardware costs, increased your hosting (rackspace, power) costs, increased your maintenance costs, decreased throughput, increased latency, added additional potential failure points... And for what?
Firewalls are often used by people who are too lazy or incompetent to configure their servers properly, so you have a grossly insecure webserver running telnet, smb, ftp etc where the firewall only permits access to http. A properly configured webserver would only allow http in the first place.
Copyright is supposed to be a contract between the people and those who would produce such works... A contract should have both parties give something in exchange, and a fair exchange is far more likely to be respected by those involved.
However copyright as it exists today is not a fair exchange. The original concept has become extremely corrupted by the greed of a very small number of large publishers. Copyright terms are ridiculously long, to the extent that we will all be dead before any content being made today enters the public domain, and when that eventually does happen most of the content will have long been forgotten, or be unreadable due to drm schemes or degraded/obsolete media.
Also why should someone be paid for some work they did 50 years ago, or even worse why should someone be paid for work their parents did 20 years before they were born? An honest day's work for an honest day's pay is fair - being continuously paid for the rest of your life and that or your children for work you did years ago is ridiculous. Want to provide for your children? Save or invest your money like everyone else has to.
Copyright today does not enrich the public domain, it provides no benefit whatsoever for 99% of people which is why people won't respect it.
Move back to a fair system. Give users the content on reasonable terms without trying to make them pay multiple times for the same thing, release it into the public domain while people are still able to remember it and people might actually respect the system.
People with less money have the option too, but for them it serves no purpose.
There are many tax havens who won't let you emigrate there without a high net worth... In fact, many countries work like this... Immigration is much easier if you have money.
The people setting the tax can only do so if they get the vote from the majorit of people. Most people prefer taxes to be payed by other people, hence a majority supports high taxes for the rich and low taxes for themselves. There are of course some dynamics to this that complicate things (people's sense of fairness, expectancy of larger income in the future, etc.), but in practice this mechanism makes people with a high income pay much more taxes than people with low incomes in most countries.
They don't get a vote from the majority, noone does... Many people don't vote, and most of those who do are voting for the least unfavorable option. In most countries you get 2 or 3 choices who have any chance of ever winning, and all of them consist of rich politicians.
If a new party were formed with policies that 95% of the population agreed with they would never get elected, because they wouldn't have the resources to inform sufficient numbers of the population as to what their policies were.
Except that this is not possible in practice. Hiring expensive accountants does not change tax law (it does provide employment to some people, however).
It doesn't change the law, it just allows people to take advantage of loopholes like keeping their earnings offshore, and operating their own "charities"...
a, those people on such high income will simply move somewhere with lower taxes (people with less money don't have this option). b, the people setting the taxes tend to be those on the highest income and thus wouldn't shoot themselves in the foot. c, those with high income will employ expensive accountants to move and/or hide their income, making them appear to be on very low income for tax purposes.
Moving closer to work is often not an option... Companies like to concentrate themselves all in the same place, which means most of the space in the area becomes occupied by businesses and what little residential property there is becomes obscenely expensive. And then due to the density of businesses all in one place, you get severe overcrowding on any transport systems serving those areas during the peak business travel hours.
If companies would spread themselves out more, and also spread their working hours out more then it would solve most of the transport problems, and save most people an absolute fortune in wasted time and money.
Businesses always choose their own profit margins over the wellbeing of their customers. They consider customers are only there to be exploited, without considering the long term effects... For instance look at outsourcing production to places like china... The cheap laborers who make your goods in china aren't paid enough to buy them, and neither are the now unemployed people in your home country. By keeping people employed back home you might have to pay your workers more, but a healthier economy would also ensure more potential customers.
So now you have the small amount of software running on the firewall, PLUS all the software running on the server (unless you advocate removing the server and having only the firewall?)... You've not decreased the amount of software you're running, you have increased it.
Because if you deny people the freedom to rant, then they will still do so but hide their actions and you lose track of them...
If you give people the freedom to rant in public then you know exactly who is saying what, and you can keep track of them as well as anyone who listens to them. Also the apparent freedom acts to placate some who might want to rant. If anyone's opposing views ever become too widespread it is much easier to keep them under control and discredit them if you know exactly who they are.
The concept of owning a physical good has been around a long time, and without laws people simply used physical force to protect their ownership.
The same thing is not true of information... You can protect information by keeping it secret, but once the secret gets out you can't stop it from spreading. Similarly the spread of information doesn't deprive the originator of that information.
Phone gaming is driven by the same factors which drove PC gaming, while lacking many of the problems that plagued early PC games...
Everyone i know has a mobile phone, yet only a handful of people i know (including myself) have dedicated portable games consoles (i have a nintendo ds, which i hardly ever use).
Almost everyone already owns a phone, but most cannot justify the cost of a dedicated gaming device. It's easy to justify installing a free or $5 game on your existing phone, its a lot harder to justify buying a $150 handheld games device and some $30 games for it.
Most people carry their phones everywhere, but very few will take a psp/ds everywhere with them... I very rarely take my DS unless i know in advance i'll have lots of time to play it and actually remember it.
Games for phones are usually free or very cheap, and pirating them is relatively easy if even cheap is too much for you... If like me you very quickly get bored of most games, $5 is reasonable but $60 is not.
Data plans are widely available so downloading a game on a whim is easily practical. People quite often find themselves with a few minutes of spare time, and will download and start playing a random free or very cheap game.
Such an assumption has always been false. The problem is the obscurity of the code, if you don't know how it works then you can't be sure...
If you do know how it works (as mentioned above, TOTP from RFC6238) then you know that it can be cloned, but only if you have the initial seed values... Knowledge is power, if you as a user know how the system works then you know what to protect, and you can more easily raise the appropriate red flags if you detect compromise of the seeds.
As a user i would never be happy with a black box and no knowledge of how it works.
Unsolvable even with specialized hardware, you just increase the costs for both yourself and any potential attacker... Probably increasing your own costs far more than that of the attacker.
That's security through obscurity, and it can often be extremely detrimental... When a piece of code runs on a device the user controls, it's not a case of *if* it can be reverse engineered, but simply a case of how long it takes and wether anyone is sufficiently motivated. So given that, what's more important is that the algorithm itself has no flaws, and the seed/key values it uses cannot be compromised, neither of which should ever depend on the code being obfuscated. However the obfuscation will deter/delay whitehats, and if the bank brings in any external testers (which they should, and in many places are required by law to do), the obfuscation will just increase the cost of testing while providing no security benefit. Heavy obfuscation also increases development and other testing costs too, makes it more difficult to debug customer problems, and is likely to make the application larger and buggier.
All in all a lot of effort and cost to cause a minor inconvenience to anyone looking to attack the client.
Heavily obfuscated code is also often used to hide serious design flaws, there is quite a lot of software out there that on the surface looks quite secure, but once you start reverse engineering the binary you find severe shortcomings... Making something harder to find doesn't stop it being exploited, it just increases the time before its discovered by a whitehat and fixed.
Something should be secure even against an attacker who knows everything about how it works... Knowledge of the system should not enable any attacks. Common encryption algorithms and protocols are fully documented, and a lot of security critical devices are based on publicly available source code.
Even if you don't use your ISPs DNS servers, your requests are passing in the clear over their network so they could intercept or modify them should they so wish.
Wireless keys must be available in plain text in order to be used, there's no way around this... Windows just tries to obfuscate the data, which achieves no security benefit but serves to unnecessarily increase complexity. You could use WPA2 Enterprise instead, so each user has their own private key, so that then only one key becomes compromised.
Windows actually does much worse things, it stores the passwords of system users in a plain text equivalent form.
Hashing it would make it unusable... Unless your using an authentication scheme like NTLM, where you simply make the hash the equivalent of plaintext anyway - eliminating any benefits from hashing it.
You could encrypt it, but then every time you wanted to connect you would need a copy of the decryption key. Either you store the decryption key on the system itself, in which case anyone has root or physical access needs only to work out how to extract the key, or you require that the key be entered every time - in which case you might as well not store the wifi key at all and simply require the user to re-enter that every time instead.
If the data (in this case a wifi key) is "protected" then the system can't use it to connect to the wireless network.. If the system is able to obtain the wifi key, either by reading a file or by decrypting one, then so is an attacker who has root on or physical access to that system.
If the system can't obtain the key autonomously, then neither can an attacker with access to that system. In this instance the key really is protected, but then the user has to enter either the wifi key itself, or a decryption key for the stored copy whenever they want to connect to the wifi network.
Encryption only works when your adversaries don't have possession of the key.
And where is the key to decrypt these encrypted xml files stored? By making the storage more complicated your just making it more difficult to debug and/or fix when it breaks, if both the key and encrypted data are available (which they must be in order to connect to the wifi network) then the data can be read. There are already freely available tools to extract the wifi keys from windows machines, obfuscating the key provides exactly zero benefit.
So you store the password in plain text, so what? The password needs to be available in plain text form in order to be used, so even if you store it encrypted you must also store the key so that the system is able to retrieve it so at best all you do is make it slightly more difficult to extract the key. For other systems there are freely available tools to extract the wifi keys anyway...
The only secure way to do it, is to encrypt the wifi key using the user's login password... MacOS can do this, but then your system won't connect to wireless until after you've logged in so this is a very uncommon configuration to use.
Slashdot Mirror
We shouldn't sub the bankers either.
And sure, the system should be different for someone who has a genuine reason why they're unable to work...
Living with a genuine disability is very expensive, and yet the benefits available are being cut because there isn't enough money to go around. If you cut down on all the people falsely claiming disability benefits, and those claiming benefits because they are simply too lazy to work then a lot more help could be made available for those in genuine need.
Many of those taking drugs also turn to crime, even when they are claiming benefits. Either the benefits handout is insufficient to fund their habit or desired lifestyle, so they commit crime to supplement their handouts, or they commit violent crimes as a direct result of being out of their minds on drink/drugs.
As a taxpayer it makes little difference if the state buys him a tv or he steals mine, i end up paying for it either way.
Look at the arrogance of such people, they feel they have a divine right to have all these modern luxuries without having to work for them like everyone else does.
So don't allow them to be idle, if they're able to work then they should be working.. If they can't find a job through the normal channels then they should be required to study/train towards finding a job, or work community service.
Taxpayers shouldn't be paying for fit and able people to sit on their asses all day consuming drugs and alcohol. The rest of us don't have that much free time because we actually have to work!
And why exactly should the government (ie those of us who pay tax) subsidise someone consuming drugs and alcohol?
The benefits system should provide an absolute baseline standard of living, ie it keeps you alive but you get absolutely no luxuries whatsoever. That means basic food nothing fancy, no car, no drugs/alcohol/tobacco, a room to sleep in with access to basic facilities, and access to education/training.
The benefits system is not there to provide a lifestyle, it is there to TEMPORARILY provide the bare essentials until you find another job. People should have to work if they want any kind of luxury items.
The amount of people on long term benefits, who have all manner of luxury goods is absolutely sickening. And i have yet to meet someone claiming benefits who doesn't smoke.
If your hosts are sensibly configured, then a firewall only serves to prevent external users from sending traffic to closed ports on your server... There isn't a huge risk involved with users being able to send traffic to closed ports.
If a port is open then it should be open for a reason, and you will configure your firewall to allow that service through anyway.
By adding a firewall you've increased your hardware costs, increased your hosting (rackspace, power) costs, increased your maintenance costs, decreased throughput, increased latency, added additional potential failure points... And for what?
Firewalls are often used by people who are too lazy or incompetent to configure their servers properly, so you have a grossly insecure webserver running telnet, smb, ftp etc where the firewall only permits access to http. A properly configured webserver would only allow http in the first place.
Copyright is supposed to be a contract between the people and those who would produce such works... A contract should have both parties give something in exchange, and a fair exchange is far more likely to be respected by those involved.
However copyright as it exists today is not a fair exchange. The original concept has become extremely corrupted by the greed of a very small number of large publishers.
Copyright terms are ridiculously long, to the extent that we will all be dead before any content being made today enters the public domain, and when that eventually does happen most of the content will have long been forgotten, or be unreadable due to drm schemes or degraded/obsolete media.
Also why should someone be paid for some work they did 50 years ago, or even worse why should someone be paid for work their parents did 20 years before they were born? An honest day's work for an honest day's pay is fair - being continuously paid for the rest of your life and that or your children for work you did years ago is ridiculous. Want to provide for your children? Save or invest your money like everyone else has to.
Copyright today does not enrich the public domain, it provides no benefit whatsoever for 99% of people which is why people won't respect it.
Move back to a fair system. Give users the content on reasonable terms without trying to make them pay multiple times for the same thing, release it into the public domain while people are still able to remember it and people might actually respect the system.
People with less money have the option too, but for them it serves no purpose.
There are many tax havens who won't let you emigrate there without a high net worth... In fact, many countries work like this... Immigration is much easier if you have money.
The people setting the tax can only do so if they get the vote from the majorit of people. Most people prefer taxes to be payed by other people, hence a majority supports high taxes for the rich and low taxes for themselves. There are of course some dynamics to this that complicate things (people's sense of fairness, expectancy of larger income in the future, etc.), but in practice this mechanism makes people with a high income pay much more taxes than people with low incomes in most countries.
They don't get a vote from the majority, noone does... Many people don't vote, and most of those who do are voting for the least unfavorable option. In most countries you get 2 or 3 choices who have any chance of ever winning, and all of them consist of rich politicians.
If a new party were formed with policies that 95% of the population agreed with they would never get elected, because they wouldn't have the resources to inform sufficient numbers of the population as to what their policies were.
Except that this is not possible in practice. Hiring expensive accountants does not change tax law (it does provide employment to some people, however).
It doesn't change the law, it just allows people to take advantage of loopholes like keeping their earnings offshore, and operating their own "charities"...
Won't work because:
a, those people on such high income will simply move somewhere with lower taxes (people with less money don't have this option).
b, the people setting the taxes tend to be those on the highest income and thus wouldn't shoot themselves in the foot.
c, those with high income will employ expensive accountants to move and/or hide their income, making them appear to be on very low income for tax purposes.
Moving closer to work is often not an option... Companies like to concentrate themselves all in the same place, which means most of the space in the area becomes occupied by businesses and what little residential property there is becomes obscenely expensive.
And then due to the density of businesses all in one place, you get severe overcrowding on any transport systems serving those areas during the peak business travel hours.
If companies would spread themselves out more, and also spread their working hours out more then it would solve most of the transport problems, and save most people an absolute fortune in wasted time and money.
Businesses always choose their own profit margins over the wellbeing of their customers. They consider customers are only there to be exploited, without considering the long term effects...
For instance look at outsourcing production to places like china... The cheap laborers who make your goods in china aren't paid enough to buy them, and neither are the now unemployed people in your home country. By keeping people employed back home you might have to pay your workers more, but a healthier economy would also ensure more potential customers.
So now you have the small amount of software running on the firewall, PLUS all the software running on the server (unless you advocate removing the server and having only the firewall?)... You've not decreased the amount of software you're running, you have increased it.
Because if you deny people the freedom to rant, then they will still do so but hide their actions and you lose track of them...
If you give people the freedom to rant in public then you know exactly who is saying what, and you can keep track of them as well as anyone who listens to them. Also the apparent freedom acts to placate some who might want to rant.
If anyone's opposing views ever become too widespread it is much easier to keep them under control and discredit them if you know exactly who they are.
The concept of owning a physical good has been around a long time, and without laws people simply used physical force to protect their ownership.
The same thing is not true of information... You can protect information by keeping it secret, but once the secret gets out you can't stop it from spreading. Similarly the spread of information doesn't deprive the originator of that information.
Sure, why not?
That's considerably more than an xbox 360 or ps3, and people are more than happy to play games on those.
Phone gaming is driven by the same factors which drove PC gaming, while lacking many of the problems that plagued early PC games...
Everyone i know has a mobile phone, yet only a handful of people i know (including myself) have dedicated portable games consoles (i have a nintendo ds, which i hardly ever use).
Almost everyone already owns a phone, but most cannot justify the cost of a dedicated gaming device. It's easy to justify installing a free or $5 game on your existing phone, its a lot harder to justify buying a $150 handheld games device and some $30 games for it.
Most people carry their phones everywhere, but very few will take a psp/ds everywhere with them... I very rarely take my DS unless i know in advance i'll have lots of time to play it and actually remember it.
Games for phones are usually free or very cheap, and pirating them is relatively easy if even cheap is too much for you... If like me you very quickly get bored of most games, $5 is reasonable but $60 is not.
Data plans are widely available so downloading a game on a whim is easily practical. People quite often find themselves with a few minutes of spare time, and will download and start playing a random free or very cheap game.
Such an assumption has always been false.
The problem is the obscurity of the code, if you don't know how it works then you can't be sure...
If you do know how it works (as mentioned above, TOTP from RFC6238) then you know that it can be cloned, but only if you have the initial seed values...
Knowledge is power, if you as a user know how the system works then you know what to protect, and you can more easily raise the appropriate red flags if you detect compromise of the seeds.
As a user i would never be happy with a black box and no knowledge of how it works.
Unsolvable even with specialized hardware, you just increase the costs for both yourself and any potential attacker... Probably increasing your own costs far more than that of the attacker.
That's security through obscurity, and it can often be extremely detrimental...
When a piece of code runs on a device the user controls, it's not a case of *if* it can be reverse engineered, but simply a case of how long it takes and wether anyone is sufficiently motivated.
So given that, what's more important is that the algorithm itself has no flaws, and the seed/key values it uses cannot be compromised, neither of which should ever depend on the code being obfuscated.
However the obfuscation will deter/delay whitehats, and if the bank brings in any external testers (which they should, and in many places are required by law to do), the obfuscation will just increase the cost of testing while providing no security benefit.
Heavy obfuscation also increases development and other testing costs too, makes it more difficult to debug customer problems, and is likely to make the application larger and buggier.
All in all a lot of effort and cost to cause a minor inconvenience to anyone looking to attack the client.
Heavily obfuscated code is also often used to hide serious design flaws, there is quite a lot of software out there that on the surface looks quite secure, but once you start reverse engineering the binary you find severe shortcomings... Making something harder to find doesn't stop it being exploited, it just increases the time before its discovered by a whitehat and fixed.
Something should be secure even against an attacker who knows everything about how it works... Knowledge of the system should not enable any attacks. Common encryption algorithms and protocols are fully documented, and a lot of security critical devices are based on publicly available source code.
Or even from a local one which just happens to be heavily overloaded due to serving content to thousands of far away users.
Even if you don't use your ISPs DNS servers, your requests are passing in the clear over their network so they could intercept or modify them should they so wish.
Windows does pretty much do the same thing...
They obfuscate the key, but there are plenty of tools available to easily extract them:
http://www.nirsoft.net/utils/wireless_key.html
gsecdump can extract wireless keys too...
Wireless keys must be available in plain text in order to be used, there's no way around this... Windows just tries to obfuscate the data, which achieves no security benefit but serves to unnecessarily increase complexity.
You could use WPA2 Enterprise instead, so each user has their own private key, so that then only one key becomes compromised.
Windows actually does much worse things, it stores the passwords of system users in a plain text equivalent form.
Hashing it would make it unusable... Unless your using an authentication scheme like NTLM, where you simply make the hash the equivalent of plaintext anyway - eliminating any benefits from hashing it.
You could encrypt it, but then every time you wanted to connect you would need a copy of the decryption key. Either you store the decryption key on the system itself, in which case anyone has root or physical access needs only to work out how to extract the key, or you require that the key be entered every time - in which case you might as well not store the wifi key at all and simply require the user to re-enter that every time instead.
If the data (in this case a wifi key) is "protected" then the system can't use it to connect to the wireless network..
If the system is able to obtain the wifi key, either by reading a file or by decrypting one, then so is an attacker who has root on or physical access to that system.
If the system can't obtain the key autonomously, then neither can an attacker with access to that system. In this instance the key really is protected, but then the user has to enter either the wifi key itself, or a decryption key for the stored copy whenever they want to connect to the wifi network.
Encryption only works when your adversaries don't have possession of the key.
And where is the key to decrypt these encrypted xml files stored?
By making the storage more complicated your just making it more difficult to debug and/or fix when it breaks, if both the key and encrypted data are available (which they must be in order to connect to the wifi network) then the data can be read. There are already freely available tools to extract the wifi keys from windows machines, obfuscating the key provides exactly zero benefit.
So you store the password in plain text, so what?
The password needs to be available in plain text form in order to be used, so even if you store it encrypted you must also store the key so that the system is able to retrieve it so at best all you do is make it slightly more difficult to extract the key.
For other systems there are freely available tools to extract the wifi keys anyway...
The only secure way to do it, is to encrypt the wifi key using the user's login password... MacOS can do this, but then your system won't connect to wireless until after you've logged in so this is a very uncommon configuration to use.