Typically they would need your existing plaintext password and email address (and account access) to change your existing password (or email address), on most any sort of password-using service I've seen
No, they'd just need access to your email account, and some public information, like your mother's maiden name. Then they'd just need to go to your bank account (or whatever), and click on "Forgot password".
What you'd need is an open content search engine, not an open source one. Doing the search is easy, building the database/index is the hard part.
It's not even clear whether or not such a thing would be legal. You'd have to release a cache of the internet for anyone to download, and that would be a copyright violation if not considered fair use.
It wouldn't have even been that long. The No Electronic Theft Act passed unanimously in both houses. I shouldn't have made it out to sound like it was Clinton's fault. But he did sign it, so he's as much to blame as every other member of Congress.
Maybe start requesting that stores associate a purchase with a time and a checkout lane, which could lead to accessing security camera archives once a purchase is claimed fraudulent by the account holder.
It's already in the store's best interest to do this. When a charge is disputed, the burden of proof is on the retailer to prove that the charge was not in fact fraudulent.
So I ask again... why is a SSN required for a bank account?
If the bank pays you interest, then this is needed so that you can be sent a 1099-INT. But the real reason is usually so that they can check your credit. Almost all banks who give you a checking account, for instance, use the Chex system. Obviously just about any credit card company is going to check your credit.
What about those people withouth SSNs?
They're going to have a tough time getting a bank account. Maybe you could get a savings account, with either no interest or with backup withholding, and with no ATM card, but anything other than that is probably impossible to get unless you're rich.
Does google have porn ads in the first place? In any case, if you're worried about your employers in this way I'd suggest you don't log in to Google at work in the first place.
Personally I wouldn't log in to any account from work, or from any computer that I don't own. Maybe it's paranoia, but I don't trust that my computer at work doesn't have a keystroke logger. I'd call it a good security practice.
Whichever side you're on in the copyright debate, you have to agree this legislation is draconian and excessive, to say the least.
Obviously not, as Congress passed the bill.
Remember when you couldn't go to jail for copyright infringement unless you were profiting off the copyright infringement? Hard to believe the law has changed so much in only 8 years. Thanks a lot Bill Clinton, you opened up the floodgates.
Actually, you could get those stats (although with a slight margin of error) anonymously if you based them on a one way hash of the ip (or whatever is used as a unique identifier).
No, you couldn't, because anyone who knows the one way hash function could easily run every single possible IP address through it. Even if you went through all 4 billion IP addresses and built a dictionary it'd take relatively little time. If you optimized it by only focussing on IP addresses of interest (for instance, ones in the United States), it'd be even easier.
Well, I see a problem with it, in that I don't want to be tracked in this way.
So don't enable the history service.
I won't.
Oh, you meant the anonymous tracking they do with cookies?
No, I didn't.
Please tell me how it harms you (assuming Google abides by their privacy policy)?
It doesn't necessarily harm me, but there is a lot of potential for harm. Google says right in their privacy policy that they'll release the information to the government if they get a subpoena. If the government decided to target people who make a certain search which I made, they could easily tie that IP address to a real person. Now I don't think that'd be a problem given our current government, but who knows what could happen in the future.
Google would be a prime asset for an oppressive government. This is already true even besides the history service. With just access to someone's gmail account you can hijack just about every account they have which gives internet access. Think you're secure because you use different passwords for different services? Hell no, your accounts are only as secure as your email account, as anyone with access to that can change just about any of your passwords.
Storing gobs upon gobs of data is what google does well, though. And I think you're missing the point. The limit of 4K for cookies is generally a hard limit set in the browser. It's not just a matter of buying a few more hard drives, you just can't do it.
Absolutely, I think the advantage to google is tremendous. They already target ads to people based on location, which they guess from the IP address. If they know exactly who you are they can target ads a lot better, for instance they can target ads for you based on what you've searched for in the past. If they get enough people logging in, then they've even found a partial solution for the problem of people clicking on the same ad over and over from different IP addresses.
There are also lots of potential advantages to the end-user. Letting you access your search history is just the beginning.
This is also extremely open to abuse if the information is kept too long and falls into the hands of the wrong people. Imagine your google searches in the hands of an oppressive government. Search for communist writings, bible quotations, or Jewish pickles, and go to jail (yes, I'm kidding about the Jewish pickles, but just think what a modern day Hitler could do with access to everyone's google searches).
However, if you turn this service on, they also track which links you click on in the search results.
They're also then able to tie all of your IP addresses together.
Upon your first visit to Google, a cookie is sent to your computer that uniquely identifies your browser.
Yes, and upon my first visit to google, I told Firefox to deny the cookie and deny any further cookies from google.com. So yes, they can track my usage between different IP addresses, but I seriously doubt they're tracking all my searches throughout my entire lifetime (it's possible, but it'd be pretty hard and without getting a subpoena from my ISP it'd probably just be a best guess).
I don't see a problem with either thing since they are up-front about what they are doing and the privacy policy is clear about how they use this information.
Well, I see a problem with it, in that I don't want to be tracked in this way. But as long as they're upfront about it I don't think they're doing anything unethical.
One thing they aren't upfront about is just how long they keep this data. If it's only a month or two, it's not so bad. But if they keep a record of every search that someone has done in her lifetime, I think that's pretty bad.
As was pointed out by someone else, they definitely are tracking everyone's searches. See http://www.google.com/jobs/britney.html. "Each of these variations was entered by at least two different unique users within a three month period" You can't get that information without tracking searches and retaining the individual information over a three month period.
Adopt a standard which will ensure that if some piece of software is compiled on one LSB-compliant system, it will run on any other LSB-compliant system.
Seems to me that would defeat the purpose of having a distro company in the first place. Maybe the distros just don't want to contribute to their own demise?
Seriously, I don't see the point. We've already got POSIX for the interface to the libraries and the kernel. We have FHS for the filesystem hierarchy standards. Pretty much anything else, or any deviation from those standards, is being done intentionally by the kernel or distro developers.
Yea playing with old hardware can be fun but at this time almost anything slower than a PIII is not worth messing with.
Is that supposed to be a joke? I don't have a single computer at or beyond a PIII in my whole house. It doesn't take that much power to run Mozilla and putty.
Suppose you're not using Adsense or Adwords. Suppose you want to cost your competition money.
That'd be an interesting case. I'm not sure of any law that'd apply. It seems clear that the courts wouldn't apply trespass to chattel, as long you weren't "clicking" so much as to actually cause a DOS attack. There might be some sort of unfair business practice law, but let's say you're not even a competitor.
I'd say it should be legal. If google wants to close its servers so that you must sign up with an account and agree to a contract before using them, they can do that. But unless they do, you should have the right to click on whatever you want.
In the strict legal sense, or in the colloquial sense? Because Google probably isn't suing for "fraud", but rather for breach of contract and/or tortious interference. In a colloquial sense, what they're doing is fraud because they clearly aren't clicking on the ads just to see what the heck the ad is for.
And how can following a link be illegal?
Criminally, I'm not going to guess (but it probably is criminal behavior). Civilly, they are either breaking a contract or inducing others to break a contract. Both of these things are grounds for a lawsuit.
Your website isn't very popular if you were only getting "a couple hundred" off Google ads. Alternatively, perhaps your content was too bland to get well targetted ads. My contract with google prohibits me from releasing the exact details, but suffice it to say that my tiny little website (alexa rank over half a million) receives more than a couple hundred dollars every month.
So if Google's targetted text ads stop working they're going to switch to an advertising model which works even less?
C'mon. How many times have you clicked on a popup ad? Now how many times have you clicked on a google ad. I can tell you in my case the ratio of google ads to popup ads I've clicked on is infinity.
Well, it's not a complete waste of effort, because I've learned a lot about Linux in the process. As for keeping up with patches, for the most part I don't. I don't have a hundred packages, and I'm the only user on the system. So getting the latest and greatest version of packages would be a waste of time.
If you're maintaining a system for more than just yourself, this is of course a completely different story. Of course, I'm not sure I'd use Linux at that point. Not building a free system from scratch kind of defeats the whole purpose of Linux in my opinion.
Slashdot Mirror
Typically they would need your existing plaintext password and email address (and account access) to change your existing password (or email address), on most any sort of password-using service I've seen
No, they'd just need access to your email account, and some public information, like your mother's maiden name. Then they'd just need to go to your bank account (or whatever), and click on "Forgot password".
and you trust your isp and all the up stream providers..
No, I access gmail through https.
at some point you need to give up and say 'scew it, nothing important is in my email anyway'
As I said, someone with access to my email would have access to change any of my account passwords.
What you'd need is an open content search engine, not an open source one. Doing the search is easy, building the database/index is the hard part.
It's not even clear whether or not such a thing would be legal. You'd have to release a cache of the internet for anyone to download, and that would be a copyright violation if not considered fair use.
It wouldn't have even been that long. The No Electronic Theft Act passed unanimously in both houses. I shouldn't have made it out to sound like it was Clinton's fault. But he did sign it, so he's as much to blame as every other member of Congress.
Maybe start requesting that stores associate a purchase with a time and a checkout lane, which could lead to accessing security camera archives once a purchase is claimed fraudulent by the account holder.
It's already in the store's best interest to do this. When a charge is disputed, the burden of proof is on the retailer to prove that the charge was not in fact fraudulent.
So I ask again... why is a SSN required for a bank account?
If the bank pays you interest, then this is needed so that you can be sent a 1099-INT. But the real reason is usually so that they can check your credit. Almost all banks who give you a checking account, for instance, use the Chex system. Obviously just about any credit card company is going to check your credit.
What about those people withouth SSNs?
They're going to have a tough time getting a bank account. Maybe you could get a savings account, with either no interest or with backup withholding, and with no ATM card, but anything other than that is probably impossible to get unless you're rich.
Does google have porn ads in the first place? In any case, if you're worried about your employers in this way I'd suggest you don't log in to Google at work in the first place.
Personally I wouldn't log in to any account from work, or from any computer that I don't own. Maybe it's paranoia, but I don't trust that my computer at work doesn't have a keystroke logger. I'd call it a good security practice.
Whichever side you're on in the copyright debate, you have to agree this legislation is draconian and excessive, to say the least.
Obviously not, as Congress passed the bill.
Remember when you couldn't go to jail for copyright infringement unless you were profiting off the copyright infringement? Hard to believe the law has changed so much in only 8 years. Thanks a lot Bill Clinton, you opened up the floodgates.
I can honestly say I don't give a shit.
Actually, you could get those stats (although with a slight margin of error) anonymously if you based them on a one way hash of the ip (or whatever is used as a unique identifier).
No, you couldn't, because anyone who knows the one way hash function could easily run every single possible IP address through it. Even if you went through all 4 billion IP addresses and built a dictionary it'd take relatively little time. If you optimized it by only focussing on IP addresses of interest (for instance, ones in the United States), it'd be even easier.
Well, I see a problem with it, in that I don't want to be tracked in this way.
So don't enable the history service.
I won't.
Oh, you meant the anonymous tracking they do with cookies?
No, I didn't.
Please tell me how it harms you (assuming Google abides by their privacy policy)?
It doesn't necessarily harm me, but there is a lot of potential for harm. Google says right in their privacy policy that they'll release the information to the government if they get a subpoena. If the government decided to target people who make a certain search which I made, they could easily tie that IP address to a real person. Now I don't think that'd be a problem given our current government, but who knows what could happen in the future.
Google would be a prime asset for an oppressive government. This is already true even besides the history service. With just access to someone's gmail account you can hijack just about every account they have which gives internet access. Think you're secure because you use different passwords for different services? Hell no, your accounts are only as secure as your email account, as anyone with access to that can change just about any of your passwords.
Storing gobs upon gobs of data is what google does well, though. And I think you're missing the point. The limit of 4K for cookies is generally a hard limit set in the browser. It's not just a matter of buying a few more hard drives, you just can't do it.
Absolutely, I think the advantage to google is tremendous. They already target ads to people based on location, which they guess from the IP address. If they know exactly who you are they can target ads a lot better, for instance they can target ads for you based on what you've searched for in the past. If they get enough people logging in, then they've even found a partial solution for the problem of people clicking on the same ad over and over from different IP addresses.
There are also lots of potential advantages to the end-user. Letting you access your search history is just the beginning.
This is also extremely open to abuse if the information is kept too long and falls into the hands of the wrong people. Imagine your google searches in the hands of an oppressive government. Search for communist writings, bible quotations, or Jewish pickles, and go to jail (yes, I'm kidding about the Jewish pickles, but just think what a modern day Hitler could do with access to everyone's google searches).
However, if you turn this service on, they also track which links you click on in the search results.
They're also then able to tie all of your IP addresses together.
Upon your first visit to Google, a cookie is sent to your computer that uniquely identifies your browser.
Yes, and upon my first visit to google, I told Firefox to deny the cookie and deny any further cookies from google.com. So yes, they can track my usage between different IP addresses, but I seriously doubt they're tracking all my searches throughout my entire lifetime (it's possible, but it'd be pretty hard and without getting a subpoena from my ISP it'd probably just be a best guess).
I don't see a problem with either thing since they are up-front about what they are doing and the privacy policy is clear about how they use this information.
Well, I see a problem with it, in that I don't want to be tracked in this way. But as long as they're upfront about it I don't think they're doing anything unethical.
One thing they aren't upfront about is just how long they keep this data. If it's only a month or two, it's not so bad. But if they keep a record of every search that someone has done in her lifetime, I think that's pretty bad.
Cookies are generally limited to 4K per domain. So they couldn't store very many previous searches if they used cookies.
As was pointed out by someone else, they definitely are tracking everyone's searches. See http://www.google.com/jobs/britney.html. "Each of these variations was entered by at least two different unique users within a three month period" You can't get that information without tracking searches and retaining the individual information over a three month period.
Adopt a standard which will ensure that if some piece of software is compiled on one LSB-compliant system, it will run on any other LSB-compliant system.
Seems to me that would defeat the purpose of having a distro company in the first place. Maybe the distros just don't want to contribute to their own demise?
Seriously, I don't see the point. We've already got POSIX for the interface to the libraries and the kernel. We have FHS for the filesystem hierarchy standards. Pretty much anything else, or any deviation from those standards, is being done intentionally by the kernel or distro developers.
Yea playing with old hardware can be fun but at this time almost anything slower than a PIII is not worth messing with.
Is that supposed to be a joke? I don't have a single computer at or beyond a PIII in my whole house. It doesn't take that much power to run Mozilla and putty.
Suppose you're not using Adsense or Adwords. Suppose you want to cost your competition money.
That'd be an interesting case. I'm not sure of any law that'd apply. It seems clear that the courts wouldn't apply trespass to chattel, as long you weren't "clicking" so much as to actually cause a DOS attack. There might be some sort of unfair business practice law, but let's say you're not even a competitor.
I'd say it should be legal. If google wants to close its servers so that you must sign up with an account and agree to a contract before using them, they can do that. But unless they do, you should have the right to click on whatever you want.
The contract that is signed when someone signs up for AdSense and/or AdWords.
When does it become fraud?
In the strict legal sense, or in the colloquial sense? Because Google probably isn't suing for "fraud", but rather for breach of contract and/or tortious interference. In a colloquial sense, what they're doing is fraud because they clearly aren't clicking on the ads just to see what the heck the ad is for.
And how can following a link be illegal?
Criminally, I'm not going to guess (but it probably is criminal behavior). Civilly, they are either breaking a contract or inducing others to break a contract. Both of these things are grounds for a lawsuit.
Your website isn't very popular if you were only getting "a couple hundred" off Google ads. Alternatively, perhaps your content was too bland to get well targetted ads. My contract with google prohibits me from releasing the exact details, but suffice it to say that my tiny little website (alexa rank over half a million) receives more than a couple hundred dollars every month.
So if Google's targetted text ads stop working they're going to switch to an advertising model which works even less?
C'mon. How many times have you clicked on a popup ad? Now how many times have you clicked on a google ad. I can tell you in my case the ratio of google ads to popup ads I've clicked on is infinity.
and it's about time to defend one of the last remaining quality services of the Internet
Advertising?
Well, it's not a complete waste of effort, because I've learned a lot about Linux in the process. As for keeping up with patches, for the most part I don't. I don't have a hundred packages, and I'm the only user on the system. So getting the latest and greatest version of packages would be a waste of time.
If you're maintaining a system for more than just yourself, this is of course a completely different story. Of course, I'm not sure I'd use Linux at that point. Not building a free system from scratch kind of defeats the whole purpose of Linux in my opinion.