Hmm, looks like you're right. From http://www.dekart.com/howto/howto_disk_encryption/ howto_recover_lost_password/, I see that only a 7 character password (from 63 characters) takes 68 years to brute force on a P4 1.6 GHz with 512 MB of RAM. Throw in 2 more characters to cover things like improvements in processing power, and I guess a 9 character password isn't too bad security-wise. Still an awful lot to commit to memory, but if you "backup" your password in some secure location like a safety deposit box, in case you forget it, I guess that's reasonable (though still rather paranoid for the average laptop).
Are my numbers correct? Would a 9 character password really be reasonably safe against a brute-force attack where someone takes out the hard drive and puts it in their machine, barring a technological breakthrough on the order of true quantum computing?
The token is used for the storage of a cryptographic credential (key) which is used to unlock the disk key. You need a token PIN to log in to the token.
I guess that's slightly more secure than just carrying the key on a regular USB key - if the token is relatively tamper-resistant.
Unless you plan on memorizing an extraordinarily long password, the encryption you're going to get is not going to be very good. Better than nothing if you don't have anything too important on your drive, but if you have anything important on the drive then you're gonna have to consider it leaked when your laptop goes missing.
Using hardware token (RSA Token, smartcard etc) can alleviate many of the password management issues.
How would that work? I thought the key in the hardware token was constantly changing - not something that can be implemented in a standard hard drive.
When I want to search, I use Google. Wikipedia is not a search engine.
If I want an encyclopedia article on a specific topic, I use Wikipedia.
If I want to search Wikipedia, I use Google (Wikipedia's search function sucks).
I've found that except for searching for current events, by starting with Wikipedia I get a good explanation of the topic of interest and the pages generally have links to other good resources that are right on topic (without the need to scroll through dozens of hits).
Interestingly, if I want to find out about a current event, I often find myself using Wikipedia, as it tends to provide an aggregate of many different news accounts. Google News works too, but one big problem with using Google News is you tend to get lots and lots of stories that are either identical or based on the same source (such as an AP report).
There's a big difference between saying "no I did not have relations with this woman" while knowing you did, and saying "I swear to uphold the constitution", and then doing something which in your opinion doesn't violate the constitution and then having someone else determine that it does. One is intentional, the other accidental. One is a deliberate lie, the other is an accidental failure to keep a promise.
One is harmless, the other endangers the privacy of the entire country.
The problem with the WTO and American law is that treaties are considered "the supreme law of the land" in the USA. Indeed, if a statutory law conflicts with treaty obligations, the treaty wins out and is what gets enforced by U.S. courts.
This is only true if the treaty is "self-enacting". In any case, the US has not bound itself to the WTO via treaty, it has bound itself via "congressional-executive agreement" (see http://fpc.state.gov/documents/organization/35430. pdf).
But I'm not so sure about the "fortunately" part of your post. Like with a lot of freedoms and righs the US takes for granted, such as freedom of speech, having it written in law is but one thing.
The US is actually a great example of the problem with centralising these types of powers. Even if things are initially set up with good intentions, with the central power having very limited powers, eventually that central power will find a way to get around all those limitations that were put in place.
Of course, in the end, the WTO is a much worse entity to have such powers in the first place, as the representatives aren't even remotely directly elected.
You can have all the freedom of speech you want, if half the nation impose self censorship due to various moral, ethical or religious reasons, you don't really have anything resembling free speech.
As long as the WTO is protecting free speech, I don't have a problem. I hope you're not implying that online gambling is a free speech issue, or that the WTO exists to protect individual freedoms of any sort. No, the WTO exists to protect big business. This is not just the reality of the situation, it's their stated mission.
So yeah, if the WTO protects free speech, that's fine. But what if they strike down child labor laws, or antitrust legislation, or environmental protection legislation?. Here's someone else's Top Reasons to Oppose the WTO. So my fears about what's possible isn't just hypothetical. Some of it is already happening. Giving the WTO the power to directly strike down laws would make this worse.
The WTO might not have the right to strike down US law, but in reality, isn't this precisely what their power is?
Certainly not precisely. For example, say the WTO does declare the online gambling law to be in violation. Does that mean that I can now violate this law with no fear of prosecution? Absolutely not. The US courts, up to and including the US Supreme Court, will still enforce a law despite the fact that it violates a WTO agreement. Only an act of Congress can change this.
Few nations can survive the trade tariffs for very long if they're hefty enough and hitting the right market. So if the WTO really wants, can't it stop pretty much any behavior its members find abhorrent enough?
No, if the governments of the WTO member-countries really want, they can stop pretty much any behavior. And part of that is that they have to "really want" it. There are a number of places where various countries, including the US, are in violation of WTO agreements, and yet nothing much is happening about it.
I suppose you could say that this is true of any judicial or quasi-judicial entity with no physical troops. Only a few decades ago even the US Supreme Court had a lot of trouble striking down individual state laws. So maybe the ability to strike down laws is a sliding scale, and not a black and white issue. If so, I'd put the US Supreme Court's ability to strike down federal laws at a 9.9 out of 10, their ability to strike down state laws at a 9, and the WTO's ability to strike down US laws at a 3 or a 4.
"We just had this little discussion," [Mrs. Clardy, badge number 7500416] said, almost giggling. "And it sounds to us like [the online trades you've described] would be--yes--Internet barter."
This stuff is fairly interesting to me. Completely ignoring this "Internet barter" would open up fairly large loopholes in the taxation system. On the other hand, strictly enforcing such rules would be ludicrously burdensome on both the government and the taxpayers. Most likely what we'll see is essentially what we have now. Technically these transactions will be taxable, but such taxes won't be enforced unless someone started really abusing things.
If it were up to me we'd just eliminate income taxes altogether. The whole idea that the government would even consider taxing these innovative economies points out what's so wrong with the income tax. Free trade is a good thing - it should be encouraged, not taxed.
The US federal government cannot regulate gambling transactions that don't cross state lines, due to the Commerce Clause in the US Constitution.
Oh c'mon. The Commerce Clause hasn't been taken seriously (by the Supreme Court) in decades. See Gonzales v. Raich for one of the most recent examples. If the federal government can regulate the cultivation of marijuana in a home garden, they can regulate gambling within one state.
The US federal government shouldn't be allowed to regulate gambling transactions that don't cross state lines, but they sure as hell can.
As much as I'd appreciate giving the WTO such a power in this particular case, I'm afraid the ability to strike down laws of sovereign nations is far too extreme to allow this organization.
Fortunately, it seems the WTO doesn't actually have this power. They can declare a law in violation of the WTO. They can convince the member nations to implement sanctions against countries which remain in violation. But they don't seem to have the power to "strike down" any laws.
I have no idea. Maybe it's not even a CBU. It says "Postmaster General approved" "580 series". I mail all my stuff from work, which generally consists solely of Netflix DVDs.
There's a big difference between removing less than 10% of the mailboxes in the country and phasing out snail mail as obsolete. The latter is probably decades away at the earliest, though it probably will eventually happen.
Yeah, cause if a nuclear holocaust comes and destroys the Internet, having to go an extra couple miles to mail out my bills is going to be the first problem I'm going to worry about.
Actually, nevermind. If a nuclear holocaust comes and destroys the Internet I'll just mail stuff out from work, which is what I do with my Netflix DVDs now.
As has been pointed out: Debian takes its image and mark very seriously, too. Why the bitching by Debian supporters when they have to make changes for the very sort of thing that they do themselves?
Does Debian distribute its non-free images with its Debian CDs? If so, then they are doing the very same thing. But I doubt they're doing that. I was under the impression that a Debian CD is 100% licensed under free software licenses. That means no non-free firefox logos, and it means no non-free Debian logos either.
If Debian were doing "the very sort of thing" that Firefox is doing, then they'd be including the non-free Debian "Official Use Logo" in an official Debian CD, and not allowing anyone who distributed a CD without that non-free logo to use the term "Debian".
Firefox is free, however it's trademark protected and that means you can't both hack it to pieces and use the Firefox name+brand.
Do you have any evidence that the Firefox logo is indeed free, i.e. that it has been released under a free license? From what I can gather the logo is not in fact released under any free license.
I'm a big believer that Wikipedia is great because it is so radically open. The word "wiki" derives from the Hawaiian word for "quick", and I think that is a good word to use when describing Wikipedia. Citizendium was announced yesterday. There's already an article on Citizendium in Wikipedia today.
But in my opinion there's no way to completely separate quick from dirty. Hopefully Larry Sanger realizes this, and isn't just in disagreement with Jimmy Wales over the details. If so, and Citizendium becomes a success, it may just be the best thing for Wikipedia. Wikipedia needs to stick with an open process if it wants to succeed. There is a lot of pressure from various academic and political forces for it to give up this openness. and as much as Wales tries to claim that Wikipedia is more open then ever, it is actually getting more and more closed. A successful Citizendium will likely relieve many of these pressures, and allow Wikipedia to become a wiki once again.
We'll see what becomes of Citizendium. I've signed up for the mailing list and if I get a chance I'm going to suggest that the process of importing articles from Wikipedia into Citizendium not be an automated "click this button" process. "Just start writing" is not the way to produce a high quality encyclopedia article.
The reason this guy got arrested probably is because if you win a big amount of money gambling (in the US I think the amount is $1500), you're supposed to pay taxes on it.
If you win any amount of money gambling you're supposed to pay taxes on it. If you win more than $1200 at once, the casino is supposed to report it to the government.
Is it fair to say, "If you do something that breaks the law here, and that has an effect here, you can never come here"?
As much as I hate this particular law, I have to say yes. If Osama bin Laden came into the US, should we be able to arrest him? Absolutely. Taking it down a notch, if a credit card thief from Nigeria (who stole from US credit-card companies) came into the US, should we charge him with a crime? Sure.
Running a gambling website is a stupid crime. But if this guy had committed a real crime, by all means we should have the jurisdiction to arrest him.
First of all I can not believe anyone would consider using the internet for something as vital as emergency response team communication.
Yeah, who would be so dumb as to imagine using the Internet for...exactly what it was invented for - a means of communication during an emergency situation.
What if it was Constitutional? What if Congress could allow dress design copyrights (or patents or trademarks or servicemarks or whatever, "look" of packaging is something-rightable, I believe) but simply chose not to (or never considered it)? Then what?
Then the US court might very well enforce the foreign law. See http://en.wikipedia.org/wiki/Comity. If you're under the jurisdiction of the foreign law, and the law is not in direct contradiction to US law (including, but not limited to the Constitution), then you might very well be in a situation where the US courts apply foreign laws.
I'd argue that this cannot be allowed to stand because Congress, and the Constitution, cannot reasonably expect American citizens to be aware of every law all over the world that might fall under this umbrella.
Well, it's the Internet that makes everything so complicated. Normally people just have to worry about the laws of the country they live in. Don't want to learn about the laws of France? Don't go to France.
But with the Internet, it's perfectly normal for a US Citizen who has never stepped foot outside the US to step into the jurisdiction of French laws. Whether or not these laws are going to apply, and to what extent they will apply, is really an open question at this point. Fortunately for Americans, pretty much any law which applies to communication over the Internet would implicate the First Amendment, though.
Cities are supposed to post local Bizarro-world parking laws on every street that enters the city so people can't claim they never knew about it as it's unreasonable to expect people to know every strange driving law in every community they drive through.
Just to reiterate, this would never apply to a parking law. In the case we're talking about, the defendent was distributing the works in France. That's why the act is argued to have fallen under French laws.
But using that type of argument you can turn pretty much anything into a free speech issue.
Not *anything*, but certainly copyright law is always a free speech issue.
Calling someone on the phone and hiring them to murder your spouse is a free speech issue too. Just because it's a free speech issue doesn't necessarily mean that a law is necessarily going to be unconstitutional. But it is an issue which has to be balanced with other issues.
Slashdot Mirror
Hmm, looks like you're right. From http://www.dekart.com/howto/howto_disk_encryption/ howto_recover_lost_password/, I see that only a 7 character password (from 63 characters) takes 68 years to brute force on a P4 1.6 GHz with 512 MB of RAM. Throw in 2 more characters to cover things like improvements in processing power, and I guess a 9 character password isn't too bad security-wise. Still an awful lot to commit to memory, but if you "backup" your password in some secure location like a safety deposit box, in case you forget it, I guess that's reasonable (though still rather paranoid for the average laptop).
Are my numbers correct? Would a 9 character password really be reasonably safe against a brute-force attack where someone takes out the hard drive and puts it in their machine, barring a technological breakthrough on the order of true quantum computing?
I guess that's slightly more secure than just carrying the key on a regular USB key - if the token is relatively tamper-resistant.
Unless you plan on memorizing an extraordinarily long password, the encryption you're going to get is not going to be very good. Better than nothing if you don't have anything too important on your drive, but if you have anything important on the drive then you're gonna have to consider it leaked when your laptop goes missing.
How would that work? I thought the key in the hardware token was constantly changing - not something that can be implemented in a standard hard drive.
When I want to search, I use Google. Wikipedia is not a search engine.
If I want an encyclopedia article on a specific topic, I use Wikipedia.
If I want to search Wikipedia, I use Google (Wikipedia's search function sucks).
Interestingly, if I want to find out about a current event, I often find myself using Wikipedia, as it tends to provide an aggregate of many different news accounts. Google News works too, but one big problem with using Google News is you tend to get lots and lots of stories that are either identical or based on the same source (such as an AP report).
One is harmless, the other endangers the privacy of the entire country.
This is only true if the treaty is "self-enacting". In any case, the US has not bound itself to the WTO via treaty, it has bound itself via "congressional-executive agreement" (see http://fpc.state.gov/documents/organization/35430. pdf).
The US is actually a great example of the problem with centralising these types of powers. Even if things are initially set up with good intentions, with the central power having very limited powers, eventually that central power will find a way to get around all those limitations that were put in place.
Of course, in the end, the WTO is a much worse entity to have such powers in the first place, as the representatives aren't even remotely directly elected.
As long as the WTO is protecting free speech, I don't have a problem. I hope you're not implying that online gambling is a free speech issue, or that the WTO exists to protect individual freedoms of any sort. No, the WTO exists to protect big business. This is not just the reality of the situation, it's their stated mission.
So yeah, if the WTO protects free speech, that's fine. But what if they strike down child labor laws, or antitrust legislation, or environmental protection legislation?. Here's someone else's Top Reasons to Oppose the WTO. So my fears about what's possible isn't just hypothetical. Some of it is already happening. Giving the WTO the power to directly strike down laws would make this worse.
Certainly not precisely. For example, say the WTO does declare the online gambling law to be in violation. Does that mean that I can now violate this law with no fear of prosecution? Absolutely not. The US courts, up to and including the US Supreme Court, will still enforce a law despite the fact that it violates a WTO agreement. Only an act of Congress can change this.
No, if the governments of the WTO member-countries really want, they can stop pretty much any behavior. And part of that is that they have to "really want" it. There are a number of places where various countries, including the US, are in violation of WTO agreements, and yet nothing much is happening about it.
I suppose you could say that this is true of any judicial or quasi-judicial entity with no physical troops. Only a few decades ago even the US Supreme Court had a lot of trouble striking down individual state laws. So maybe the ability to strike down laws is a sliding scale, and not a black and white issue. If so, I'd put the US Supreme Court's ability to strike down federal laws at a 9.9 out of 10, their ability to strike down state laws at a 9, and the WTO's ability to strike down US laws at a 3 or a 4.
On the other hand, reporter Julian Dibbell wrote an article on whether gamers should pay real-world taxes on virtual treasures and got a different opinion from IRS's Business and Specialty Tax Line.
This stuff is fairly interesting to me. Completely ignoring this "Internet barter" would open up fairly large loopholes in the taxation system. On the other hand, strictly enforcing such rules would be ludicrously burdensome on both the government and the taxpayers. Most likely what we'll see is essentially what we have now. Technically these transactions will be taxable, but such taxes won't be enforced unless someone started really abusing things.
If it were up to me we'd just eliminate income taxes altogether. The whole idea that the government would even consider taxing these innovative economies points out what's so wrong with the income tax. Free trade is a good thing - it should be encouraged, not taxed.
Do I get to count losses (due to player theft or otherwise) against my taxes owed as well?
Only to the extent of income, and only as an itemized deduction.
The US federal government cannot regulate gambling transactions that don't cross state lines, due to the Commerce Clause in the US Constitution.
Oh c'mon. The Commerce Clause hasn't been taken seriously (by the Supreme Court) in decades. See Gonzales v. Raich for one of the most recent examples. If the federal government can regulate the cultivation of marijuana in a home garden, they can regulate gambling within one state.
The US federal government shouldn't be allowed to regulate gambling transactions that don't cross state lines, but they sure as hell can.
As much as I'd appreciate giving the WTO such a power in this particular case, I'm afraid the ability to strike down laws of sovereign nations is far too extreme to allow this organization.
Fortunately, it seems the WTO doesn't actually have this power. They can declare a law in violation of the WTO. They can convince the member nations to implement sanctions against countries which remain in violation. But they don't seem to have the power to "strike down" any laws.
Ohwell. Sorry for wasting your time, then. Thanks for the info :).
I have no idea. Maybe it's not even a CBU. It says "Postmaster General approved" "580 series". I mail all my stuff from work, which generally consists solely of Netflix DVDs.
There's a big difference between removing less than 10% of the mailboxes in the country and phasing out snail mail as obsolete. The latter is probably decades away at the earliest, though it probably will eventually happen.
Not the one in my apartment building.
Yeah, cause if a nuclear holocaust comes and destroys the Internet, having to go an extra couple miles to mail out my bills is going to be the first problem I'm going to worry about.
Actually, nevermind. If a nuclear holocaust comes and destroys the Internet I'll just mail stuff out from work, which is what I do with my Netflix DVDs now.
Only if Linus requires them to include a non-free image in order to use it.
Does Debian distribute its non-free images with its Debian CDs? If so, then they are doing the very same thing. But I doubt they're doing that. I was under the impression that a Debian CD is 100% licensed under free software licenses. That means no non-free firefox logos, and it means no non-free Debian logos either.
If Debian were doing "the very sort of thing" that Firefox is doing, then they'd be including the non-free Debian "Official Use Logo" in an official Debian CD, and not allowing anyone who distributed a CD without that non-free logo to use the term "Debian".
I'm a big believer that Wikipedia is great because it is so radically open. The word "wiki" derives from the Hawaiian word for "quick", and I think that is a good word to use when describing Wikipedia. Citizendium was announced yesterday. There's already an article on Citizendium in Wikipedia today.
But in my opinion there's no way to completely separate quick from dirty. Hopefully Larry Sanger realizes this, and isn't just in disagreement with Jimmy Wales over the details. If so, and Citizendium becomes a success, it may just be the best thing for Wikipedia. Wikipedia needs to stick with an open process if it wants to succeed. There is a lot of pressure from various academic and political forces for it to give up this openness. and as much as Wales tries to claim that Wikipedia is more open then ever, it is actually getting more and more closed. A successful Citizendium will likely relieve many of these pressures, and allow Wikipedia to become a wiki once again.
We'll see what becomes of Citizendium. I've signed up for the mailing list and if I get a chance I'm going to suggest that the process of importing articles from Wikipedia into Citizendium not be an automated "click this button" process. "Just start writing" is not the way to produce a high quality encyclopedia article.
If you win any amount of money gambling you're supposed to pay taxes on it. If you win more than $1200 at once, the casino is supposed to report it to the government.
As much as I hate this particular law, I have to say yes. If Osama bin Laden came into the US, should we be able to arrest him? Absolutely. Taking it down a notch, if a credit card thief from Nigeria (who stole from US credit-card companies) came into the US, should we charge him with a crime? Sure.
Running a gambling website is a stupid crime. But if this guy had committed a real crime, by all means we should have the jurisdiction to arrest him.
Yeah, who would be so dumb as to imagine using the Internet for...exactly what it was invented for - a means of communication during an emergency situation.
What if it was Constitutional? What if Congress could allow dress design copyrights (or patents or trademarks or servicemarks or whatever, "look" of packaging is something-rightable, I believe) but simply chose not to (or never considered it)? Then what?
Then the US court might very well enforce the foreign law. See http://en.wikipedia.org/wiki/Comity. If you're under the jurisdiction of the foreign law, and the law is not in direct contradiction to US law (including, but not limited to the Constitution), then you might very well be in a situation where the US courts apply foreign laws.
I'd argue that this cannot be allowed to stand because Congress, and the Constitution, cannot reasonably expect American citizens to be aware of every law all over the world that might fall under this umbrella.
Well, it's the Internet that makes everything so complicated. Normally people just have to worry about the laws of the country they live in. Don't want to learn about the laws of France? Don't go to France.
But with the Internet, it's perfectly normal for a US Citizen who has never stepped foot outside the US to step into the jurisdiction of French laws. Whether or not these laws are going to apply, and to what extent they will apply, is really an open question at this point. Fortunately for Americans, pretty much any law which applies to communication over the Internet would implicate the First Amendment, though.
Cities are supposed to post local Bizarro-world parking laws on every street that enters the city so people can't claim they never knew about it as it's unreasonable to expect people to know every strange driving law in every community they drive through.
Just to reiterate, this would never apply to a parking law. In the case we're talking about, the defendent was distributing the works in France. That's why the act is argued to have fallen under French laws.
But using that type of argument you can turn pretty much anything into a free speech issue.
Not *anything*, but certainly copyright law is always a free speech issue.
Calling someone on the phone and hiring them to murder your spouse is a free speech issue too. Just because it's a free speech issue doesn't necessarily mean that a law is necessarily going to be unconstitutional. But it is an issue which has to be balanced with other issues.