There would still be ways to disable it - rename the script in/etc/cron.daily, use the 'crontab -e' command to comment it out, set the daemon itself to non-executable... unless they hardcode it into the kernel there will likely always be a simple way to render it nonfunctional.
That said, I really doubt that Canonical will do such at thing, at least, unless they get bought out.
Does it simply allow someone to post schematics, firmware sources, Gerber files and BOMs with the implied, "Please don't make a bunch of these and sell them as your own design," or is there more to it?
People who are "dreaming" threaten the status quo, and thus also threaten people who are frightened of change and progress. I don't know why there's so much scoffing about open source hardware (or open source anything) because it's not like it's going to take away your safe mass-marketed gear or anything.
Those who scoff tend to lack the imagination to do anything along those lines, or lack the confidence to build their skills up to the point where they are capable of doing something interesting, new, and innovative. It's far easier to bust someone's chops for "dreaming" or "being unrealistic" to cover the fact that the naysayer has balls the size of peas (if applicable) than it is to get off of one's ass and do something.
Your claims sound fishy without corroborating evidence because they seem to ignore necessities like paying other bills, rent, and how much one typically makes immediately following graduation? How much did you wind up borrowing to be able to pay it off in just six months? Were you living on your own or with your parents to be able to throw just about every one of your paychecks at those loan payments? How much were you making immediately after graduation?
I don't have a problem with this. This is worded in such a way that they can't just quietly come in and take control of the infrastructure. It would require a presidential declaration to start this in motion. Hardly something you can hide.
Whether or not the takeover is hidden is not the point. Whether or not they'll give it back is the point.
On the side: There's a Facebook group I started in the hope to raise awareness, with the ultimate goal being to petition / lobby governments. Feel free to join, it's called We need 5m people to prevent the labels killing internet freedom with ACTA.
That's great. How do you propose we go about it? Just sitting around in a Facebook group bitching won't accomplish anything.
Who do we write to? Who do we call? What are they in charge of? What power (realistically) do they have over the situation? Do we tell them that we back them, or that we're against their support of ACTA?
We need actionable information, or pointers to where we can find it. Anyone know where to start?
You can use TrueCrypt to create an encrypted datastore as a file on a VPS or server Out There Somewhere and mount/unmount it from the command line when you log in. Using it for full-disk encryption in such a situation would be problematic because you'd need to enter a passphrase if $cloudbox got rebooted somehow; your provider would need to provide access to a console of some sort (virtual or otherwise).
Depending upon how badly you needed that machine to be up, it might not be a good idea.
As for whether or not the VPS provider would object, I think it would depend on the particular company. Is there anybody who works for a VPS provider who is in a position to comment (anonymously or otherwise)?
There is a problem with that: they are also authorized to demand the passphrases for any and all encrypted data and can prevent you from officially entering the United States until you give them the passphrases.
What's that saying that always floats around whenever an *AA attacks a P2P network? "Never underestimate the bandwidth of a box of floppies"-- or in this case, a 320GB 2.5" hard drive?
If it's an effective means of transporting tons of music files between friends, then surely it's just as effective for contraband-runners. And if that's the case, then yes, preventing those laptops from crossing the border (via fear of high probability of being caught) is a viable strategy.
There is a minor point being missed here: what's stopping them from misusing the data they find on confiscated laptops and storage media? What prevents them from using seized information from filling out their social network maps for "people of interest" (for some definition of 'interest') or finding new people to keep a close eye on? Also, because an unknown volume of the stuff they confiscate and never return winds up sold off in lots on eBay (remember the huge lots of pocket knives, cuticle scissors, knitting stuff, and other bric-a-brac from a couple of years ago), what is to stop people from buying lots of (say) confiscated USB keys and external drives and rifling through them for usable or saleable information?
Hardware can be made secure by making it tamper-resistant. Cryptographic ICs can be rigged to self-destruct when somebody opens the package.
Sometimes you don't even need to expose the silicon to mess with the guts of a chip. You can still connect to the pins or solder pads of an IC and monitor signals passively, or introduce overvoltage/undervoltage/weird signal patterns from outside.
...and how many people in the security community started out in the hacker community and took great pains to conceal their real names back then? More to the point, how many people in the security community go to great lengths to dissociate their all-grown-up-now professional lives from their days in the hacker scene because it would call unfavorable attention upon their employers, plus put certain of their expensive certifications in jeopardy?
Some people spend years hacking around in their basements and don't feel a need to tell anyone about their work. Others "suddenly appear" because they finally feel like publishing something, the work they publish is brilliant, and thus they gain respect for it.
Anyone who has studied history and actually learned from it would come to the same conclusion. I'm amazed that there is anything resembling controversy over this.
Common sense: so rare, it's a goddamned super power.
Slashdot Mirror
There would still be ways to disable it - rename the script in /etc/cron.daily, use the 'crontab -e' command to comment it out, set the daemon itself to non-executable... unless they hardcode it into the kernel there will likely always be a simple way to render it nonfunctional.
That said, I really doubt that Canonical will do such at thing, at least, unless they get bought out.
Just use Synaptic to uninstall the canonical-census package and be done with it.
Does it simply allow someone to post schematics, firmware sources, Gerber files and BOMs with the implied, "Please don't make a bunch of these and sell them as your own design," or is there more to it?
This license might work just as well for that: Creative Commons by attribution/non-commercial/share-alike (v3.0)
People who are "dreaming" threaten the status quo, and thus also threaten people who are frightened of change and progress. I don't know why there's so much scoffing about open source hardware (or open source anything) because it's not like it's going to take away your safe mass-marketed gear or anything.
Those who scoff tend to lack the imagination to do anything along those lines, or lack the confidence to build their skills up to the point where they are capable of doing something interesting, new, and innovative. It's far easier to bust someone's chops for "dreaming" or "being unrealistic" to cover the fact that the naysayer has balls the size of peas (if applicable) than it is to get off of one's ass and do something.
The words "enemy combatant" suddenly spring to mind...
Your claims sound fishy without corroborating evidence because they seem to ignore necessities like paying other bills, rent, and how much one typically makes immediately following graduation? How much did you wind up borrowing to be able to pay it off in just six months? Were you living on your own or with your parents to be able to throw just about every one of your paychecks at those loan payments? How much were you making immediately after graduation?
I don't have a problem with this. This is worded in such a way that they can't just quietly come in and take control of the infrastructure. It would require a presidential declaration to start this in motion. Hardly something you can hide.
Whether or not the takeover is hidden is not the point. Whether or not they'll give it back is the point.
My code's compiling.
Better that than hover-cover.
Or extrapolating the shapes of buildings behind a character to figure out where a video was shot in one of the Tekwar movies.
On the side: There's a Facebook group I started in the hope to raise awareness, with the ultimate goal being to petition / lobby governments. Feel free to join, it's called We need 5m people to prevent the labels killing internet freedom with ACTA.
That's great. How do you propose we go about it? Just sitting around in a Facebook group bitching won't accomplish anything.
Who do we write to? Who do we call? What are they in charge of? What power (realistically) do they have over the situation? Do we tell them that we back them, or that we're against their support of ACTA?
We need actionable information, or pointers to where we can find it. Anyone know where to start?
It's amazing how long it took the private sector to rediscover good, old-fashioned intelligence analysis.
So, what are you doing? Besides looking down on someone who actually got off their ass and did something cool, I mean.
You can use TrueCrypt to create an encrypted datastore as a file on a VPS or server Out There Somewhere and mount/unmount it from the command line when you log in. Using it for full-disk encryption in such a situation would be problematic because you'd need to enter a passphrase if $cloudbox got rebooted somehow; your provider would need to provide access to a console of some sort (virtual or otherwise).
Depending upon how badly you needed that machine to be up, it might not be a good idea.
As for whether or not the VPS provider would object, I think it would depend on the particular company. Is there anybody who works for a VPS provider who is in a position to comment (anonymously or otherwise)?
There is a problem with that: they are also authorized to demand the passphrases for any and all encrypted data and can prevent you from officially entering the United States until you give them the passphrases.
Here's an article, and here is a post from the NorCal ACLU on the same topic. There are others out there but they're pretty easy to dig up.
What's that saying that always floats around whenever an *AA attacks a P2P network? "Never underestimate the bandwidth of a box of floppies"-- or in this case, a 320GB 2.5" hard drive?
If it's an effective means of transporting tons of music files between friends, then surely it's just as effective for contraband-runners. And if that's the case, then yes, preventing those laptops from crossing the border (via fear of high probability of being caught) is a viable strategy.
Not really. Those get seized, too.
There is a minor point being missed here: what's stopping them from misusing the data they find on confiscated laptops and storage media? What prevents them from using seized information from filling out their social network maps for "people of interest" (for some definition of 'interest') or finding new people to keep a close eye on? Also, because an unknown volume of the stuff they confiscate and never return winds up sold off in lots on eBay (remember the huge lots of pocket knives, cuticle scissors, knitting stuff, and other bric-a-brac from a couple of years ago), what is to stop people from buying lots of (say) confiscated USB keys and external drives and rifling through them for usable or saleable information?
Or a wooden spoon across the ass. Goddamn, that hurt. Never did what I got a whoopin' for again, though.
Moon Hamster approves of this message.
Hardware can be made secure by making it tamper-resistant. Cryptographic ICs can be rigged to self-destruct when somebody opens the package.
Sometimes you don't even need to expose the silicon to mess with the guts of a chip. You can still connect to the pins or solder pads of an IC and monitor signals passively, or introduce overvoltage/undervoltage/weird signal patterns from outside.
...and how many people in the security community started out in the hacker community and took great pains to conceal their real names back then? More to the point, how many people in the security community go to great lengths to dissociate their all-grown-up-now professional lives from their days in the hacker scene because it would call unfavorable attention upon their employers, plus put certain of their expensive certifications in jeopardy?
Some people spend years hacking around in their basements and don't feel a need to tell anyone about their work. Others "suddenly appear" because they finally feel like publishing something, the work they publish is brilliant, and thus they gain respect for it.
Al! I've leaped into a URL! Quick, what does Ziggy say?
Anyone who has studied history and actually learned from it would come to the same conclusion. I'm amazed that there is anything resembling controversy over this.
Common sense: so rare, it's a goddamned super power.
If you are a Noscript user, be SURE to un-whitelist google.com otherwise the "remove click tracking" won't work.
The Customize Google plugin will also do this.
The notes themselves do not sing the song. Try harder.