This seems wrong to me. Both Alice and Bob have equal chance of rolling a head, hence on average they will need the same number of tries to arrive at a head toss; and since coins dont have memory, the next toss has equal chance of being head or tail. So I do expect the chances of head head and head tail to be the same.
Yes, it's called a veridical paradox. That's something that seems impossible but is nonetheless true. You can verify it by flipping a coin, or running a computer simulation using a good random number generator.
It would start with the CEO and work down and it would be tempered by ability. If the company cannot decrypt then it is a non issue.
In the event of an order to decrypt, if the company has the capability then the CEO will be on the hook. If the CEO orders the person who actually has the capability to unlock to unlock it will move to that person if they refuse. If the company claims no ability then they would be subject to a search warrant which looks for evidence to say they did have the ability. Also if the CEO says no they will go to prison but so will any other employee with the capability who also refuses.
But the point of my question was how will the court know who has the ability to decrypt? Suppose the CEO says "Jones down in software engineering is the guy who can do this," and Jones says "Not me. I have no idea how to decrypt this. I think maybe Ted works on that stuff but I'm not sure." Who do they believe? What is considered sufficient evidence that someone has the know-how to convict them? If everyone in the company claims they can't do it, do they just jail the CEO by default?
here's the funny thing, he was the Ambassador to France from 1776 to 1785 and he couldn't talk any sense into them.
Ummm, that's not quite true. He did persuade them to help the Americans in their Revolution. Without that French help, we might be under the British encryption laws right now, which aren't really much better than the proposed French law!
Who exactly goes to jail? The CEO? The CTO? The employees who supposedly know how to decrypt the data? How do you establish who has that ability? Suppose no one has that ability. Suppose the devices are designed so only the end user can decrypt the data. Do you jail the engineers who designed such devices? Do you jail the retailers who sold such devices? How does this work? How does the government prove a specific employee at a company has the ability to decrypt the data, or in the alternative, how do they prove which individual was responsible for creating a situation where the data can't be decrypted?
This is correct. Maryland is an all party consent state - all parties must agree, unless you have a warrant, or special circumstances apply. They don't on a public bus.
http://law.justia.com/codes/ma...
Most likely there's a sign clearly visible at the entry to the bus that says something to the effect of "By boarding this bus, you agree to have your conversations recorded." Then they're covered.
I'm still a ways from differential equations. Darn. Thought I had grokked something and now I find it's a faux grok.
I disagree. I took a two semester linear algebra course in my freshman year of college and didn't take differential equations until my sophomore year. Linear algebra actually helped with differential equations, but I had no trouble understanding linear algebra when I took it. It's a beautiful subject with many applications outside of differential equations. It's when you go on to study functional analysis that those two subjects are united.
My advice to Apple, is to help the FBI hack into this phone, and come out with a real security system that is actually secure.
The problem with this is once Apple successfully helps the FBI crack this phone, it will set a pattern of sorts, establishing a certain type of relationship between Apple and Law Enforcement. If Apple later threatens to create an OS which can't be hacked in this way, it would give the FBI the ammunition they need to go to Congress and ask for legislation to ensure that Apple can continue to provide this help to them in the future. The FBI can just say "Apple has helped us in the past, and now they're deliberately taking steps to make it impossible for them to keep providing the help they've been giving us all along. Protect the status quo and pass this legislation now." If Apple or anyone else complains, the FBI can respond by saying, "But Apple has been helping us crack phones all along and the sky didn't fall on our heads. All we want is the ability to keep doing what we've been doing." It might be hard to argue with that.
Under what authority does the judge issue these orders?
Under the All Writs Act. I'm not saying it necessarily applies in this case, but it is the authority judges cite. (At least the judge in California did. In NY, the Justice Department asked the judge to use it.)
I want security, but if access to the data on the phone could potentially save lives, that seems pretty important too.
Well, if your phone has information which can save someone's life, then of course you have the option of unlocking it for the government. No one is forcing people to keep their phones locked. But Apple is giving people the choice.
I just bought an Asus router (RT-N12). Does anyone know if it is exploitable? I'd heard Asus was one of the better ones. I've heard that Tomato runs on this model. Should I switch my firmware to Tomato, or is it sufficient to upgrade to the latest firmware from Asus?
So if you use HTTPS or SSL secured connections, how are these connection types vulnerable on unsecured wifi?
Virtually all browsers contain root certificates which have been shown to be untrustworthy. It isn't really safe to trust SSL for your security anymore. You need a reliable Internet provider.
Good luck finding a jury that will send someone to jail when no harm has been done. Now everyone, please bone up on jury nullification.
The jury doesn't send people to jail: they vote guilty or not guilty and the judge decides the sentence, expect possibly in death penalty cases. And, in the U.S. at least, the jury isn't allowed to be told what the possible sentence is.
I can buy a gun without a license, but I cannot buy a TV without one:)
Where do you live that you need a TV license but no license to buy a gun. The only place I know of that requires TV licenses is the UK, and I don't think guns are readily available there. In the US you don't need a TV license to own a TV.
Actually, E=mc^2 holds at arbitrary velocities if m is taken to be the relativistic mass rather than the rest mass. The relativistic mass m is related to the rest mass m0 by the equation m=m0 / sqrt(1-v^2/c^2). It was very fashionable to employ relativistic mass in formulas in the past, but its use has fallen out of favor in more recent years.
They have more than 20 millions users in France. Facebook is probably better off paying a few lawyers to modify their ToS.
The issue isn't the cost of lawyers fees to draft a new ToS. The issue is that the ToS which conforms to France's requirements would fundamentally change the nature of social media. In the present case, a user can sue Facebook because Facebook decided an uploaded image violated their ToS. If Facebook caves to French demands, then it loses the ability to control what content appears in their site. What if an image they are required under French law to allow is considered illegal in another jurisdiction? This is why it makes sense for all lawsuits to be adjudicated in one place, i.e. California. Otherwise Facebook might find itself in an impossible situation.
I don't know how big the French market is, but given this, as well as previous rulings on non-users being tracked, it looks like the French courts are trying to dictate Facebook's Terms of Service. It seems to me it would be easiest for Facebook to simply pull any assets out of France and not do any commercial business there.
I guess I'll ask the obvious question. What is a "non-user browser"? Is it a browser operated by a robot or something? All the browsers I've used have been meant to be operated by a user. That's kind of the definition of a browser. There are programs like curl and wget which can fetch pages automatically, so is that what they mean by a non-user browser?
What percentage of IT people who discover child porn look the other way?
Most workers of any type aren't interested in snooping through people's private things and reporting what may or may not be illicit activity. (Is that topless girl 17 or 18? Are those kids in a bathtub innocent photos of the client's children or something more sinister?) Just like your typical plumber wouldn't ordinarily report that possible meth lab in the basement, your typical computer repair person doesn't want to report suspected copyright violations, irregularities on income tax files, or possible child pornography. I once had a job that involved me working in people's homes and my general rule was mind my own business and get the job done. I think most workers feel the same way.
It is a law that would be nearly impossible to enforce.
That's the problem. There would be only one way to enforce this type of law and that would be through sting operations. An undercover officer would bring a computer in to be repaired with illicit images somewhere obvious, like the desktop background screen. If no report is filed, the worker is arrested.
Having some right of expression does not necessarily imply a 'similiar' right on the Internet.
Actually, the Supreme Court disagrees with you. Read the opinion in
Reno vs. ACLU. This quote is particularly relevant:
"Through the use of chat rooms, any person with a phone line can become a town crier with a voice that resonates farther than it could from any soapbox. Through the use of Web pages, mail exploders, and newsgroups, the same individual can become a pamphleteer." So, it seems the Supreme Court was of the opinion that free speech rights on the Internet should be the same as the free speech rights anywhere.
You two are talking about two different things. You can attempt anonymous speech, but the court isn't going to protect your anonymity. In other words, just because you didn't sign your work doesn't mean you aren't responsible for it and can be freely identified as the author. To reference the original post, your license plate doesn't have your name on it and it isn't "easily" referenced to an individual, but doing a little research can find you the owner of the car. I believe the proposal is something similar.
Do you not see the irony of posting this an an Anonymous Coward?
And then what? There is a lot of free open-source e2e encryption software where no payment processors can be put under pressure. If the UK government demands backdoors from GnuPG, Signal or SMSSecure and they respond with "nuts", there is nothing the UK government can do. They could try to block Signal but that would probably result in them finally making work of a decentralized server setup.
The key word here software. Yes, there is lots of free open source e2e encryption software, but that doesn't do you a bit of good if your hardware has backdoors! Once they have a backdoor in your hardware, keyloggers can get your passphrases and memory scans can get your encryption keys. Secure software is useless on insecure hardware or insecure operating systems, and that's what this debate is all about: hardware and operating systems.
Slashdot Mirror
This seems wrong to me. Both Alice and Bob have equal chance of rolling a head, hence on average they will need the same number of tries to arrive at a head toss; and since coins dont have memory, the next toss has equal chance of being head or tail. So I do expect the chances of head head and head tail to be the same.
Yes, it's called a veridical paradox. That's something that seems impossible but is nonetheless true. You can verify it by flipping a coin, or running a computer simulation using a good random number generator.
It would start with the CEO and work down and it would be tempered by ability. If the company cannot decrypt then it is a non issue.
In the event of an order to decrypt, if the company has the capability then the CEO will be on the hook. If the CEO orders the person who actually has the capability to unlock to unlock it will move to that person if they refuse. If the company claims no ability then they would be subject to a search warrant which looks for evidence to say they did have the ability. Also if the CEO says no they will go to prison but so will any other employee with the capability who also refuses.
But the point of my question was how will the court know who has the ability to decrypt? Suppose the CEO says "Jones down in software engineering is the guy who can do this," and Jones says "Not me. I have no idea how to decrypt this. I think maybe Ted works on that stuff but I'm not sure." Who do they believe? What is considered sufficient evidence that someone has the know-how to convict them? If everyone in the company claims they can't do it, do they just jail the CEO by default?
here's the funny thing, he was the Ambassador to France from 1776 to 1785 and he couldn't talk any sense into them.
Ummm, that's not quite true. He did persuade them to help the Americans in their Revolution. Without that French help, we might be under the British encryption laws right now, which aren't really much better than the proposed French law!
Who exactly goes to jail? The CEO? The CTO? The employees who supposedly know how to decrypt the data? How do you establish who has that ability? Suppose no one has that ability. Suppose the devices are designed so only the end user can decrypt the data. Do you jail the engineers who designed such devices? Do you jail the retailers who sold such devices? How does this work? How does the government prove a specific employee at a company has the ability to decrypt the data, or in the alternative, how do they prove which individual was responsible for creating a situation where the data can't be decrypted?
This is correct. Maryland is an all party consent state - all parties must agree, unless you have a warrant, or special circumstances apply. They don't on a public bus. http://law.justia.com/codes/ma...
Most likely there's a sign clearly visible at the entry to the bus that says something to the effect of "By boarding this bus, you agree to have your conversations recorded." Then they're covered.
I'm still a ways from differential equations. Darn. Thought I had grokked something and now I find it's a faux grok.
I disagree. I took a two semester linear algebra course in my freshman year of college and didn't take differential equations until my sophomore year. Linear algebra actually helped with differential equations, but I had no trouble understanding linear algebra when I took it. It's a beautiful subject with many applications outside of differential equations. It's when you go on to study functional analysis that those two subjects are united.
My advice to Apple, is to help the FBI hack into this phone, and come out with a real security system that is actually secure.
The problem with this is once Apple successfully helps the FBI crack this phone, it will set a pattern of sorts, establishing a certain type of relationship between Apple and Law Enforcement. If Apple later threatens to create an OS which can't be hacked in this way, it would give the FBI the ammunition they need to go to Congress and ask for legislation to ensure that Apple can continue to provide this help to them in the future. The FBI can just say "Apple has helped us in the past, and now they're deliberately taking steps to make it impossible for them to keep providing the help they've been giving us all along. Protect the status quo and pass this legislation now." If Apple or anyone else complains, the FBI can respond by saying, "But Apple has been helping us crack phones all along and the sky didn't fall on our heads. All we want is the ability to keep doing what we've been doing." It might be hard to argue with that.
Under what authority does the judge issue these orders?
Under the All Writs Act. I'm not saying it necessarily applies in this case, but it is the authority judges cite. (At least the judge in California did. In NY, the Justice Department asked the judge to use it.)
Given that the earth is about 5 billion years old, 4 million years is nothing.
I want security, but if access to the data on the phone could potentially save lives, that seems pretty important too.
Well, if your phone has information which can save someone's life, then of course you have the option of unlocking it for the government. No one is forcing people to keep their phones locked. But Apple is giving people the choice.
I just bought an Asus router (RT-N12). Does anyone know if it is exploitable? I'd heard Asus was one of the better ones. I've heard that Tomato runs on this model. Should I switch my firmware to Tomato, or is it sufficient to upgrade to the latest firmware from Asus?
no cash also mean the government can confiscate all your a money with a push of a button
Actually, it's easier for them to confiscate your money if it's cash, at least in the United States. Read about asset forfeiture laws.
So if you use HTTPS or SSL secured connections, how are these connection types vulnerable on unsecured wifi?
Virtually all browsers contain root certificates which have been shown to be untrustworthy. It isn't really safe to trust SSL for your security anymore. You need a reliable Internet provider.
Good luck finding a jury that will send someone to jail when no harm has been done. Now everyone, please bone up on jury nullification.
The jury doesn't send people to jail: they vote guilty or not guilty and the judge decides the sentence, expect possibly in death penalty cases. And, in the U.S. at least, the jury isn't allowed to be told what the possible sentence is.
Not without a TV license :)
I can buy a gun without a license, but I cannot buy a TV without one :)
Where do you live that you need a TV license but no license to buy a gun. The only place I know of that requires TV licenses is the UK, and I don't think guns are readily available there. In the US you don't need a TV license to own a TV.
Actually, E=mc^2 holds at arbitrary velocities if m is taken to be the relativistic mass rather than the rest mass. The relativistic mass m is related to the rest mass m0 by the equation m=m0 / sqrt(1-v^2/c^2). It was very fashionable to employ relativistic mass in formulas in the past, but its use has fallen out of favor in more recent years.
They have more than 20 millions users in France. Facebook is probably better off paying a few lawyers to modify their ToS.
The issue isn't the cost of lawyers fees to draft a new ToS. The issue is that the ToS which conforms to France's requirements would fundamentally change the nature of social media. In the present case, a user can sue Facebook because Facebook decided an uploaded image violated their ToS. If Facebook caves to French demands, then it loses the ability to control what content appears in their site. What if an image they are required under French law to allow is considered illegal in another jurisdiction? This is why it makes sense for all lawsuits to be adjudicated in one place, i.e. California. Otherwise Facebook might find itself in an impossible situation.
I don't know how big the French market is, but given this, as well as previous rulings on non-users being tracked, it looks like the French courts are trying to dictate Facebook's Terms of Service. It seems to me it would be easiest for Facebook to simply pull any assets out of France and not do any commercial business there.
I guess I'll ask the obvious question. What is a "non-user browser"? Is it a browser operated by a robot or something? All the browsers I've used have been meant to be operated by a user. That's kind of the definition of a browser. There are programs like curl and wget which can fetch pages automatically, so is that what they mean by a non-user browser?
What percentage of IT people who discover child porn look the other way?
Most workers of any type aren't interested in snooping through people's private things and reporting what may or may not be illicit activity. (Is that topless girl 17 or 18? Are those kids in a bathtub innocent photos of the client's children or something more sinister?) Just like your typical plumber wouldn't ordinarily report that possible meth lab in the basement, your typical computer repair person doesn't want to report suspected copyright violations, irregularities on income tax files, or possible child pornography. I once had a job that involved me working in people's homes and my general rule was mind my own business and get the job done. I think most workers feel the same way.
It is a law that would be nearly impossible to enforce.
That's the problem. There would be only one way to enforce this type of law and that would be through sting operations. An undercover officer would bring a computer in to be repaired with illicit images somewhere obvious, like the desktop background screen. If no report is filed, the worker is arrested.
Having some right of expression does not necessarily imply a 'similiar' right on the Internet.
Actually, the Supreme Court disagrees with you. Read the opinion in Reno vs. ACLU. This quote is particularly relevant: "Through the use of chat rooms, any person with a phone line can become a town crier with a voice that resonates farther than it could from any soapbox. Through the use of Web pages, mail exploders, and newsgroups, the same individual can become a pamphleteer." So, it seems the Supreme Court was of the opinion that free speech rights on the Internet should be the same as the free speech rights anywhere.
You two are talking about two different things. You can attempt anonymous speech, but the court isn't going to protect your anonymity. In other words, just because you didn't sign your work doesn't mean you aren't responsible for it and can be freely identified as the author. To reference the original post, your license plate doesn't have your name on it and it isn't "easily" referenced to an individual, but doing a little research can find you the owner of the car. I believe the proposal is something similar.
Do you not see the irony of posting this an an Anonymous Coward?
Before long the country will be renamed People's Republic of America.
Even worse. It will be the People's Democratic Republic of America. A communist dictatorship!
And then what? There is a lot of free open-source e2e encryption software where no payment processors can be put under pressure. If the UK government demands backdoors from GnuPG, Signal or SMSSecure and they respond with "nuts", there is nothing the UK government can do. They could try to block Signal but that would probably result in them finally making work of a decentralized server setup.
The key word here software. Yes, there is lots of free open source e2e encryption software, but that doesn't do you a bit of good if your hardware has backdoors! Once they have a backdoor in your hardware, keyloggers can get your passphrases and memory scans can get your encryption keys. Secure software is useless on insecure hardware or insecure operating systems, and that's what this debate is all about: hardware and operating systems.