In California, for example, as many as 45 percent of the more than 8 million cell phone calls to 911 each year are for non-emergencies, officials said; in Sacramento, it could be as high as 80 percent. Those calls block the lines for callers who really need urgent help
But national statistics say otherwise. One recent survey reported that 25 percent of all 911 calls are pranks, creating a dilemma for emergency agencies. And in 2003, another national study found that 70 percent of all cell phone calls to 911 are dialed inadvertently.
We don't want American spy agencies listening to our https traffic either. Just because Alice is shooting at me, it doesn't suddenly make it OK for Bob to stab me too.
This is an attack against the SSL trust model. A CA knowingly created a rogue certificate for malicious purposes. This wasn't an accident. A Diginotar type response would not be inappropriate.
I see the "close access work" as a bit of a red herring, and the "ethically worse position" is the real story. Mass surveillance is just too nice to give up. So, I predict that we will be seeing government malware that infects large numbers of computers in order to attempt to maintain the status quo.
So, are you saying that Wikipedia is wrong, or just saying that because it doesn't agree with you, that you want to dismiss it?
I'm saying that it's a controversial subject, and as such, anything on Wikipedia should be taken with a grain of salt.
I was not stating my opinion, because I hadn't seen enough of both sides to develop one yet. One side seems normal mixed with a few crazies, and the other seems all crazy. I was looking for the normals on the other side in order to see what their argument was, but have yet to find them. From what I've read here, I think I'm finally starting to understand that they are, in fact, all crazy, and that they have no real disagreement other than that they find the very existence of the first group repugnant for no readily apparent reason, and that they're projecting their thoughts onto the first group.
I apologize for attempting to define "SJW". I thought you legitimately didn't know how the term was being used, and like I said, I now understand your side of this disagreement.
FYI, Wikipedia generally isn't the best reference for controversial subjects.
I see the term SJW being used as a pejorative against a group which includes some but not all feminists. In particular, third-wave feminism seems closely intertwined with the social justice movement.
It would need to be a full on classification system, similar to how Netflix does ratings. That is, it would have to put both the reviewer and the review reader into groups, and weigh the rating based on the reviewer's similarity to the reader.
"People with similar ratings to yours gave this restaurant 2 stars, while the general public gave it 4 stars."
The problem with this is that you would need a whole lot more ratings in order to get any kind of reliability.
First 6 are non-secret, last 4 are non-secret. And one additional digit is a checksum, therefore non-secret. So, a credit card has 5 digits of secrecy.
I don't know about anybody else, but the reason I don't find Netflix DRM unpalatable is because I didn't purchase the content. The "rental" is very explicit in the agreement between the Netflix and the consumer. If Netflix were to start to sell movies, I would find that objectionable. I do find Steam objectionable, as well as most DRM.
The primary development goal of Tor is to prevent the request from being traced back to the requester. (As a secondary effect, it also bypasses various national/regional content blocking schemes.) Malicious exit relays are detrimental, but in theory the user should be aware of the trust issues involved. I would label this as a user education issue.
The major points being:
If your traffic is on the Internet, unless it is encrypted (such as by SSL), it can be passively monitored with only moderate effort.
If you are using Tor to reach the Internet, your traffic can't be traced back to you, but it still goes out over the Internet; see the previous point for more details. Tor can do nothing once the traffic is back on the Internet.
Attacks such as sslstrip exist. Be on guard against them.
A great example of this that I've seen is: Shine a spotlight at the moon (from Earth) and sweep it across the surface. You can move the spot faster than the speed of light, thus the wave moves faster than c, but no individual photon moves faster than c, and no information is conveyed faster than c.
The U.S. Department of Labor's Wage and Hour Division allows an employer not to pay a trainee if all of the following are true:
The training, even though it includes actual operation of the facilities of the employer, is similar to what would be given in a vocational school or academic educational instruction;
The training is for the benefit of the trainees;
The trainees do not displace regular employees, but work under their close observation;
The employer that provides the training derives no immediate advantage from the activities of the trainees, and on occasion the employer’s operations may actually be impeded;
The trainees are not necessarily entitled to a job at the conclusion of the training period; and
The employer and the trainees understand that the trainees are not entitled to wages for the time spent in training.
I'll second this. Another similar option is Sandboxie. It sandboxes the browser, preventing any exploits from escaping into the rest of the system. Also, make sure they are using Chrome or Firefox. And finally, ad-blocking software makes a huge difference.
The point is to minimize the amount of information you actually have. You don't need to know the password itself, you only need to know that they know the password. So, you store just enough information to be able to check that the person attempting to log in knows the password.
Very interesting and insightful troll. I was tempted to mod you up, but I figured a reply would be preferred.
Originally I disagreed with your post, but upon attempting to reply, I found that I agree that "both sides are equally bad/dishonest/wrong" is a cop-out, but I disagree that it's embarrassing. It's only embarrassing if you aren't doing anything to back up your belief, and voting is a good start, but it isn't enough.
As I've learned, the correct answer is, "Sure, but it'll cost them $n megabucks, and it will take x amount of time." (I'm sure rimcrazy also figured this out since then.)
Thank you, that answers my question perfectly. An immoral act is immoral in and of itself. Someone's suicide does not affect the morality of the original act.
To the dispassionate and disinterested outside observer, a mentally disturbed man committed suicide. The only one at fault is the mentally disturbed man.
I've long believed that suicide is nobody's fault except for the one who committed the act. However, I very much want to blame the DA for pushing him to commit suicide. I realize it's an emotional response, but there must be some basis in fact. At what point does provoking someone who then commits suicide become the moral and ethical responsibility of the provocateur?
I know I'm responding to a troll, but it hits upon an issue I've been thinking about for some time. It's well known how DAs threaten disproportionate punishments in order to get a plea bargain. And it's easy to see how this might get someone who was previously not seriously considering suicide to start doing so. Where should the line be drawn? Online/offline bullying? Threats of imprisonment? Threats of physical violence and/or torture? Or is it never someone else's fault?
I do not think that means what you think it means.
"Security through obscurity" is being deliberately insecure and relying on other people not knowing about the insecurity as your defense.
Something like this relies on the fact that choosing a random address is much easier than guessing a random address that was previously chosen. This flaw results in forcing the victim to choose a non-random address when they intend to choose a random one. And "address spraying" works by increasing the size of the target the attacker must hit from a single exact address to a large number of ranges which covers most of the available addresses.
Mega holding a copy of your encrypted key does not reduce security, and slightly improves security. A password generally has a laughably low number of bits. Anyone who knows or can guess your password can get your key and thus your files. Not very surprising. There is no way around the crypto entropy being limited by the password entropy. However, if your password has 2048 bits of entropy, then the attacker must crack 2048 bits of entropy to recover your key and your files.
Password entropy is an incredibly difficult problem to solve. xkcd has what has become the canonical example of this. 28 bits of entropy for a "typical" password. 44 bits of entropy for 4 random words strung together. The mega key is 2048 bits, which is roughly equivalent to 186 random words strung together or about 311 completely random typed characters. Anyone attempting to crack your crypto is going to attack the password, not the mega key.
The security increase comes from two factors. The net effect of padding your password so that its length is unknown, and the real world security from using a known, trusted and tested security algorithm.
In summary, your encryption isn't any more or less secure than the password you use. If it helps, you can think of the key stored on the servers as a salt, and the password you type in as the actual key.
(Also, if they were so inclined, why would they capture the decrypted key rather than just capturing the password itself?)
Slashdot Mirror
As an alternative to khellendros1984's answer, if you're rooted, xhangouts has this option:
http://repo.xposed.info/module...
Change the enter key on your keyboard to add a new line or send your message (as opposed to opening the emoji keyboard).
Source
Source
Source
So, we've got 45%, 80%, 70% or 20% non-emergencies; and 25% fraudulent. Somehow, I don't have a lot of faith in these numbers.
Identity fraud, or more simply, bank fraud.
We don't want American spy agencies listening to our https traffic either. Just because Alice is shooting at me, it doesn't suddenly make it OK for Bob to stab me too.
This is an attack against the SSL trust model. A CA knowingly created a rogue certificate for malicious purposes. This wasn't an accident. A Diginotar type response would not be inappropriate.
To me, I unthinkingly assumed it affected how the body armor lay against the body, therefore the side was slightly more open. Now I am not so sure.
I see the "close access work" as a bit of a red herring, and the "ethically worse position" is the real story. Mass surveillance is just too nice to give up. So, I predict that we will be seeing government malware that infects large numbers of computers in order to attempt to maintain the status quo.
So, are you saying that Wikipedia is wrong, or just saying that because it doesn't agree with you, that you want to dismiss it?
I'm saying that it's a controversial subject, and as such, anything on Wikipedia should be taken with a grain of salt.
I was not stating my opinion, because I hadn't seen enough of both sides to develop one yet. One side seems normal mixed with a few crazies, and the other seems all crazy. I was looking for the normals on the other side in order to see what their argument was, but have yet to find them. From what I've read here, I think I'm finally starting to understand that they are, in fact, all crazy, and that they have no real disagreement other than that they find the very existence of the first group repugnant for no readily apparent reason, and that they're projecting their thoughts onto the first group.
I apologize for attempting to define "SJW". I thought you legitimately didn't know how the term was being used, and like I said, I now understand your side of this disagreement.
FYI, Wikipedia generally isn't the best reference for controversial subjects.
I see the term SJW being used as a pejorative against a group which includes some but not all feminists. In particular, third-wave feminism seems closely intertwined with the social justice movement.
It would need to be a full on classification system, similar to how Netflix does ratings. That is, it would have to put both the reviewer and the review reader into groups, and weigh the rating based on the reviewer's similarity to the reader.
"People with similar ratings to yours gave this restaurant 2 stars, while the general public gave it 4 stars."
The problem with this is that you would need a whole lot more ratings in order to get any kind of reliability.
Also, due to the new ICANN email verification requirement, there is going to be an increase in the number of "parked" domains.
First 6 are non-secret, last 4 are non-secret. And one additional digit is a checksum, therefore non-secret. So, a credit card has 5 digits of secrecy.
I don't know about anybody else, but the reason I don't find Netflix DRM unpalatable is because I didn't purchase the content. The "rental" is very explicit in the agreement between the Netflix and the consumer. If Netflix were to start to sell movies, I would find that objectionable. I do find Steam objectionable, as well as most DRM.
Also, you are then susceptible to the very same MITM attacks by the VPN provider. (Although they do have an incentive to remain honest.)
The primary development goal of Tor is to prevent the request from being traced back to the requester. (As a secondary effect, it also bypasses various national/regional content blocking schemes.) Malicious exit relays are detrimental, but in theory the user should be aware of the trust issues involved. I would label this as a user education issue.
The major points being:
But hey, at least Win8 beat Congress!
A great example of this that I've seen is: Shine a spotlight at the moon (from Earth) and sweep it across the surface. You can move the spot faster than the speed of light, thus the wave moves faster than c, but no individual photon moves faster than c, and no information is conveyed faster than c.
The U.S. Department of Labor's Wage and Hour Division allows an employer not to pay a trainee if all of the following are true:
http://en.wikipedia.org/wiki/Internship#United_States
I'll second this. Another similar option is Sandboxie. It sandboxes the browser, preventing any exploits from escaping into the rest of the system. Also, make sure they are using Chrome or Firefox. And finally, ad-blocking software makes a huge difference.
The point is to minimize the amount of information you actually have. You don't need to know the password itself, you only need to know that they know the password. So, you store just enough information to be able to check that the person attempting to log in knows the password.
Very interesting and insightful troll. I was tempted to mod you up, but I figured a reply would be preferred.
Originally I disagreed with your post, but upon attempting to reply, I found that I agree that "both sides are equally bad/dishonest/wrong" is a cop-out, but I disagree that it's embarrassing. It's only embarrassing if you aren't doing anything to back up your belief, and voting is a good start, but it isn't enough.
As I've learned, the correct answer is, "Sure, but it'll cost them $n megabucks, and it will take x amount of time." (I'm sure rimcrazy also figured this out since then.)
Thank you, that answers my question perfectly. An immoral act is immoral in and of itself. Someone's suicide does not affect the morality of the original act.
To the dispassionate and disinterested outside observer, a mentally disturbed man committed suicide. The only one at fault is the mentally disturbed man.
I've long believed that suicide is nobody's fault except for the one who committed the act. However, I very much want to blame the DA for pushing him to commit suicide. I realize it's an emotional response, but there must be some basis in fact. At what point does provoking someone who then commits suicide become the moral and ethical responsibility of the provocateur?
I know I'm responding to a troll, but it hits upon an issue I've been thinking about for some time. It's well known how DAs threaten disproportionate punishments in order to get a plea bargain. And it's easy to see how this might get someone who was previously not seriously considering suicide to start doing so. Where should the line be drawn? Online/offline bullying? Threats of imprisonment? Threats of physical violence and/or torture? Or is it never someone else's fault?
security through obscurity
I do not think that means what you think it means.
"Security through obscurity" is being deliberately insecure and relying on other people not knowing about the insecurity as your defense.
Something like this relies on the fact that choosing a random address is much easier than guessing a random address that was previously chosen. This flaw results in forcing the victim to choose a non-random address when they intend to choose a random one. And "address spraying" works by increasing the size of the target the attacker must hit from a single exact address to a large number of ranges which covers most of the available addresses.
Mega holding a copy of your encrypted key does not reduce security, and slightly improves security. A password generally has a laughably low number of bits. Anyone who knows or can guess your password can get your key and thus your files. Not very surprising. There is no way around the crypto entropy being limited by the password entropy. However, if your password has 2048 bits of entropy, then the attacker must crack 2048 bits of entropy to recover your key and your files.
Password entropy is an incredibly difficult problem to solve. xkcd has what has become the canonical example of this. 28 bits of entropy for a "typical" password. 44 bits of entropy for 4 random words strung together. The mega key is 2048 bits, which is roughly equivalent to 186 random words strung together or about 311 completely random typed characters. Anyone attempting to crack your crypto is going to attack the password, not the mega key.
The security increase comes from two factors. The net effect of padding your password so that its length is unknown, and the real world security from using a known, trusted and tested security algorithm.
In summary, your encryption isn't any more or less secure than the password you use. If it helps, you can think of the key stored on the servers as a salt, and the password you type in as the actual key.
(Also, if they were so inclined, why would they capture the decrypted key rather than just capturing the password itself?)