The simple solution is not to embed the tag within the garment but for the tag takes the form of a label that is removed at the point of sale.
This absolutely WILL NOT HAPPEN.
Why?
Retailers want to use these tags for "inventory control" (anti-shoplifting). Making them easy to remove goes completely against that goal.
Expect the tags to be molded into plastic items, etc. They are going to do everything they can to make them hard to locate and remove. (They also don't want you to be able to switch the tags between two different items.)
RFID tags are a HUGE privacy nightmare because they're going to be deliberately difficult to deactivate or remove.
No, you use a separate system.
One system creates the ballots.
Another system counts the ballots.
Another system verifies the ballots.
I suppose maybe I should have said "organization". The same system/organization responsible for the first two is also likely to be responsible for the last one.
The correctness of each system can be verified manually and independently by whoever wants to check.
I doubt that. In order to validate an electronic system, you really need to have an electrical engineer(s) rip the thing apart. Any time you do that, there's a chance that the person "validating" it might be secretly trying to rig the machine.
A lot of the security problems with electronic voting machines have already been looked at with electronic slot machines in 'Vegas.
(But in the case of a national election someone might even to go so far as to have custom chips fabricated.)
OCR-able fonts would be the ideal method as long as scanning equipment is sufficiently fast, accurate and cheap.
Which does bring up the question of what to do about write-in candidates..
Yep, although I expect it's not an insurmountable problem.
Lets you count the votes and see if you get the same results? If what's written on the ballots matches what your machine says they're voting for, you can make your own reliable count that should match the official tally.
My point was that if I believe that the election has been tampered with, what does being able to re-count the possibly tampered with ballots get me?
This is why I think it's so important that the ballots be human-readable, so that the ballot-generation side of things can be assured.
If there's a soubt abount an election and you don't have this assurance, you can never really resolve this doubt.
I'm not saying the ability get the code and set up your own system is worthless, just that it doesn't seem to be a key part of the equation.
You wouldn't necessarily have to use OCR text, but some of the problems you mention aren't as big as you think.
The poll worker scanning does not have to have the vote handed directly to them. It can be dropped in a box.
For ANYTHING like this the expenisve part is going to be testing and tamper resistance. I doubt the actual physical hardware will dominate the cost.
OCR scanning can be made more accurate by making the print nice and big ( think "BUSH" in huge letters on a 3x5 card), and by limiting the possible matches (don't allow "JOE" to be a possibility if Joe wasn't a canidate).
In the OVC system, there's no physical connection between the ballot generation stations and the ballot validation stations, and both systems are open source, so anyone who doesn't trust the system can (1) read the source code, and (2) set up their own system to test.
That doesn't buy you a lot. There's no way for me to check the MD5 sum of the code running on either machine. Without a way for me to know that the code running on a machine came from the open source code that I can inspect, it's still very easy to tamper with. I also don't see what setting up my own non-tampered-with system gets me if I believe a different machine was tampered with.
The SUPER-IMPORTANT key thing is that ballots be verifiable by the human who generated them the moment they are generated (human-readable). I don't know if this open voting system does this but it should.
If this criteria is met it can be assured that the paper ballots reflect who they should, and they can counted by hand if the computer system is suspect.
Better: the system prints out a card with my votes printed on it. I read the card, put the card in a folder so that nobody can see how I voted, and take the card to a poll worker who scans it and puts it into a locked box.
The problem with that idea is that you can tamper with the results by modifying that card or bring a fake card with you. It would be possible to screw up the count on purpose.
Or (gasps!) don't copy unauthorized work, and instead share works by artists who welcome it.
I think you're confusing "artists" with "owners". I don't think Jimi Hendrix minds if you share his work. The problem is that big nasty corporations have managed to "own" a large part of our cultural history.
While in some cases it's possible to aviod RIAA music, in other cases, you would be missing out on a large part of our musical history and national identity.
I think everyone should listen to "American Woman" at least one, and I don't see a GOOD reason why they should have to pay for it. That money surely isn't going as an incentive for Hendrix to produce new music.
You could also print both human and machine-readable portions on the ballot, and then randomly verify (by hand) that the two sections agree. The verification should be instituted as a normal part of the tallying process and should check enough ballots to provide a statistical confidence level that bounds the error to within half of the margin of victory of the closest race.
The trouble there is that you're using the system that is suspect to verify itself and also that election fraud is not a random, statistical process.
If the same group that fudged the election data, can interfere with the verification, they can easily make the "random" sample come back clean (since they know what votes they tampered with).
There are already plenty of machines out there that solve this problem by beign both human a machine readable. Scantron sheets like those often used for multiple choice exams are a good example.
Also, AFAIK the military developed the OCR-A font, so I suspect that the gov't already has the hardware developed.
There's only one problem with that system. I can force a re-vote by inserting a fake printout.
The paper printouts should be kept behind a window. This guarantees that (if the system is functioning properly) the paper and electronic ballots match.
The system is simple, robust, secure and verifiable. Each voter gets a smart card (magstripe card in the older days) when they present their papers; they take this smart card into the voting booth and insert it, much like using an ATM (and everyone knows how to do this). The voting machines use a touch screen like an ATM (in the older days, using a light pen), and let you select your candidate/party. The vote is registered to the card, which is then ejected, and inserted into a ballot box that counts the vote as the card is entered.
Holy crap! That system is not simple, robust, secure or verifiable!
There's about a million fundamental problems with that idea. Here are some of them.
The voter has no way to know what is being written to the smartcard.
The voter was no way of knowing if the smartcard is being read correctly.
There's no way to audit the system. (The first point above can't be checked.)
The system is needlessly complex.
The system is anything but robust. It requires you to place ultimate trust in THREE machines!
You have to walk around with something that says who you voted for (if just for a second).
Here's the way electronic voting SHOULD work:
I walk into a private booth.
I press a button for the canidate I want.
I press OK
The System prints up a paper card showing the name of the person I voted for. This card can be clearly seen behind a plexiglass window.
I press OK again and the card drops into a locked box.
I'm done.
Unlike your system, the above system allows voters to verify that their individual votes are being registered correctly (at least on paper) and allows for a double-check of the electronic count by counting up all the voter-verifyable paper ballots.
They will use a system called Demotek that is made by four basque companys (Ibermatica, Ikusi, Hunolt and Euskaltel), and uses a really curious way for voting, half analogic, half digital. The voter uses a normal paper for voting, but the ballot paper has a bar code that is read when it is inserted in the ballot box.
Barcodes should NEVER be used on ballots because they aren't human-readable. If I push the button to vote for Joe, but the barcode printed on my reciept shows a vote for Jane how am I going to know?
Any machine-readable parts to a ballot must ALSO be human-readable, so that I may verify that the correct information is being recorded. This means punching holes, filling in bubbles, using an OCR font, etc.
The sort of devices you're talking about will also be vulnerable to EMF sniffing, for example, and there are certainly other attacks that would be discovered.
Sure, buth the mere fact that it stays in your hand or pocket throughout the day makes EMF sniffing, thermal manipulation, electrical manipulation, EMI manipulation, etc much more difficult. In a smartcard scenario the antenna/electromagnet/whatever can get MUCH closer to the actual IC.
the responsibility must fall on either merchant or cardholder to prove to the banks that the transaction occurred. Obviously, the merchant is the one who wants to prove it.
My concept is not of "bits as money" but of reduced transaction costs, reduced requirements for accepting transactions, etc.
A bank somewhere would still have my actual money.
There are all kinds of things that can be done, but the original discussion was about securing the credit card system, not about creating entirely new payment systems.
True, but it's nice to take the discussion to the next level. Especially since I seem to have found someone with a good understanding of the subject.
The reason I think my idea is a good one is that, while a bank is still a part of the transaction, the costs they incurr can be vastly reduced. The recudtion in fraud would lower costs and the totally electronic processing would also lower costs.
Since the devices would be interactive, there's no reason why I couldn't choose between a number of different transaction types.
I could choose a one-time, no chargeback possible, cash-like transfer for buying a beer at a bar. (This would have a low transaction cost.)
Or I could you a more tradditional, credit-card-like transfer in other cases.
Lots of schemes have been proposed, but none that are as secure, convenient, cost-effective and auditable as the credit card system.
I think it's more a case of momentum. I don't think the credit card system is really viewed as "perfect" just "good enough".
I think some of the key benefits of an interactive device are:
Better fraud resistance
reduced transaction costs
the ability to select different trasaction types: credit accounts vs. checking, chargeback-possible vs. not, etc.
And the most key thing IMO is the removal of the need to police who has a "credit card" reader.
The last item is really key. This means nobody has to spend time and therefore money checking out Jane Doe before she can accept "credit card" transactions. The processing fees would be automaticly charged by her bank and my bank. The secure nature of the system would make it nearly impossible for her to create fake transactions.
It would be like having the ability to write and cash checks instantly, with selectable levels of fraud protection (and therefore different transaction costs).
Here's the secenario (buying a slice of pizza):
I'll call my credit card replacement a "token" from now on:
Token and cash register exchange public keys. (All communication from this point forth is encrypted.)
Register requests a one time transfer of $2.
Token shows this amount and asks me to confirm or deny it.
I confrim it and the token sends a message that the charge has been accepted as well as an encrpted data packet with routing information for my bank.
The register sees that we have agreed on the transaction. It forwards my encrypted message to my bank.
My bank gets the message and sends the money to the pizza place.
The register sees that the money has been trasferred.
I don't have to trust the person I'm buying from to keep any information safe, not to I have to trust them about the amount they're charging me.
The pizza place gets the money almost instantly and doesn't have to worry about my not having $52in the account. They don't have to keep a signed
As long as you're going to sell something the you can't really sell further than 10 years in advance why not go for even more money? They have just as much ability to guarantee your domain name 10,000 years in the future as they do 100.
I'm still wondering how this is even legal. Can I start a business offering to rent various properties to people in advance for the years 2200-2300? Even if I don't own those properties?
The attacks you describe did work a few years ago, but don't work any more. Newer attacks have been devised and defeated, several times over. More attacks will be discovered in the future, and next-generation cards will incorporate countermeasures.
My point is that much of that whole saga could have been virtually eliminated by removing the hardwired electrical connection from the system.
Sure they can play catch-up and eliminate them, but it would be better for the potential to not be there in the first place. There are tons of attacks made possible by sticking the card in someone else's slot that could been completely avoided.
It's the merchant that has to verify to the acquirer that the transaction is valid and correct.
Which doesn't really have anything to do with the security of credit cards vs smart cards. (Or vs anything else.) There are all kinds of rules like this in place because the credit card system is so weak.
Sure smartcards work fine if they're used in exactly the same way credit cards are. The problem is that they MUST be used basically the same way credit cards are because you MUST trust all the same people and use them in the same way. So maybe you can reduce fraud a little bit, but you can't really change the system. You're still relying and the same old safeguards for many things instead of any inherent security from the use of smartcards. You have to trust more people than you should given that you're carrying around a dedicated crypto processor.
A system like I'm talking about would give you a LOT more flexibility and security. It would lower barriers to entry to those who want to take transactions.
In a system like I describe, it no longer has to be a big deal to accept credit card transactions. You could buy something from a nameless street vendor (or cabbie) in NYC and not worry about it, and the street vendor would actually be able to USE the system because little or no verification would be necessary.
I would be able to buy something off a website in Nigeria without worring about them yanking money out of my checking account (many people now used "credit cards" directly coupled to their checking account.)
The point I mean to make is that smart cards are pretty much only good for the same thing credit cards are good for while a device like I describe could be as, if not,. MORE flexible than cash.
Right now I can't give my friend Joe $5 via credit card, directly. My idea would allow that to change.
There IS a need for the above, and right now the niche is starting to be filled by paypal.
A technology like I'm describing would open up all sorts of new ways of doing business: micropayments, true electronic cash (non-insured), peer to peer transfers, etc.
It doesn't buy you a lot if you only think about doing business the same old way it's always been, but if you consider the ways a different trust model could change things then it becomes a cool idea.
The UK is currently in the process of migrating all credit cards to smart cards with a user PIN.
Interesting response. Europe does have some really cool things going on with smartcards. A couple years ago I was at cebit and there was what seemed to be a full building devoted to the technology.
Unfortunately, the smartcard concept is fundamentally flawed. They had a good idea, but they didn't carry it far enough.
The fundamental problem is that one must trust whatever smartcard reader they stick the card into. There's no way to independently verify anything, so it's almost the same as a normal credit card. There's also no way to tell if a "reader" is attempting to crack your private key.
IMO, they should be deploying battery powered devices with displays which communicate via infrared signals. This fixes two key problems with smartcards:
You can verify that they really are charging you the amount they said.
It becomes MUCH harder for a rigged reader to attemp to steal your private key.
One of the key problems with the smartcard design is that it relies on an external source to supply its clock and power supply. It is possible to manipulate these signals to cause a smartcard to give up its private key.
This means that I could stick my smartcard into what looks like a perfetly normal smartcard reader, and in addition to completing a normal transaction, it could steal my private key, no crypto-breaking required.
There have been attempts to deal with these problems, but I think a better approach is to avoid trusting an outside source for clock and data streams to begin with.
I think smartcards are a step in the right direction, but they don't offer nearly as much security as other implementations might.
There are many more benefits the public/private key crypto could provide if they were willing to take things just a couple steps further and make the device provide it's own user interface and communitcate via a more protected means.
One of the most important in my mind is removing the ability for a vendor to charge you an arbitrary amount of money. (There's no way for you to confirm that they really are charging you the amount they say they are before completing the transation.)
A smaller benfit would be the ability to establish a "never give your widget to anyone rule". With an IR-link type communication, there is absoultely no reason to give up physical custody of your key. This makes attempting to steal the key from your device much harder. The onboard display would also give it the ability to say "Help someone is trying to steal my private key. Leave this area!"
What benefits does this PDA runs Linux under the hood provide? The only mention of synchronization is Outlook.
Did they choose Linux for the "it's Linux, therefore it's cool" factor or did they choose Linux because it's a good kernel to develop this
kind of hardware on?
I dunno about this thing but having Linux on my Zaurus was great. I could sit there with a fold-out keyboard and fire up Xwindows, running programs like Octave (a Matlab clone). I could do VNC, SSH, AIM, email, and browse the web. I could do any of this just about anywhere on campus.
Running Linux means that it can run Linux software.
How stupid can you be? In the article, it says he stole the credit card numbers to prove how insecure things were. If that wasn't enough, he emailed the info to NBCi. Why do these people think that they're the "good guys" when they do this?
He is right though. The credit card system is ridiculously insecure, and we all pay for it in one way or another.
There's no reason someone I buy $20 worth of pizza from should have all the information necessary to charge an arbitrary amount of money to my credit card for the next few years.
The technology exists for us to all have keyring-sized computers which employ public-private key crypto. This would mean I would authorize a one-time trasfer of $20 to the pizza place, and in order for them to be able to charge me again, I would need to give them a totally new transaction key.
Why isn't the credit card system being replaced? Who knows.....but it's silly and stupid.
I should never have to give anyone my bank account or credit card number. These days, it should all be handled using transaction keys with authorize a specfic amount, in a certain direction, to a specfic account, on a certain date.
I'm not defending this guy, I just think the current credit card system it totally stupid from a security point of view.
Now that the deal has been reached, it leaves no choice for the hawks to accept the fact that US GPS hegemony will be broken in few years. Competition helps everyone.
How naive of you.
Did you actually READ the paper you linked to?
Here's a nice little tidbit for you:
"Since these bands are so close to the M-code, the signal broadcast on E1 and E2 could potentially interfere with the secure military signal. More importantly, the E1 and E2 bands would be extremely difficult for the U.S. to jam without silencing the M-code."
The next thing to consider is: WHY would someone want to jam GPS at all?
This is why! (Ask yourself: What's the major difference between a V-2 rocket and a cruise missle? A highly accurate guidance system.)
I have no problem with the EU developing it's own GPS system, but it should be designed responsibly. It should not interfere with the US system.
It should be possible to jam the civilian US GPS system and any "unsecured" foreign GPS system with out shutting down EU or US secured GPS. This is crucial in preventing the production of budget cruise missles, etc by non-US, non-EU countries.
If these criteria are not met the only two options open to the US will be: let the missles hit their targets or shoot down the Galileo system. Nobody wants the second option to happen.
I'm typically all for the public distribution of information, but measures must be taken to ensure that anybody with a million dollars and a grudge can't build a super-accurate bomb.
This is so true...unlike spam, it's quite possible to detect 100% of known viruses with no false positives.
This is just not true. Virus scanners look for a certain string of bits. ANY file with the corresponding string of bits is deemed to be a virus. The can and DO generate false positives.
I've had my employer's mail server flag Abiword documents as a virus before. They weren't executible files and were created on a virus-free linux system, yet they were flagged as containing a virus because the just happened to have they wrong sequence of bits.
The more bits you check the less likely it is to happen, but it is completely inaccurate to say that they never generate false positives.
If EULA's are legally binding, then yes, most cracks are, since they perform "unauthorized" modifications of the application binary.
Which in most cases they aren't since you have already been give all the rights you need to run the software thanks to the doctrine of "first sale".
A EULA that says "you can no do this to my software" after you've already bought the box and taken it home is like me selling you a house and then when you show up to move in there's a big piece of tape on the door that says "By breaking this seal you agree to the following terms...."
Even IF the EULA was valid, it would be the modification of the software that was violating the EULA, not downloading and posessing the crack program.
Give me a break...
The Rolling Stones will die when Keith Richards and Mick Jagger are both dead.
Except that both those guys have enough money to fund the development of a replacement for any failing organ in their body, or possibly totally artificial bodies, thus living forever:)
3. The disk space was already planned out for using the illegal download, this "Trojan" probably saved them tons of space (since UT2004 is 6 CDs)
This also goes for all those viruses and trojans that delete everything on your HDD. Just think of all the space they're saving you!
Sure they lied about what they were, which means they are effectively committing theft of serivces, but they are using less than 1800MB so it's suddenly legal!
You obviously have no concept of computer crime laws. I don't understand how your comment made it to +5.
All the arguments you make are silly.
1. time to begin with, they chose to make the download
So!!?? If you say "this box is full of money" so I take it, and it turns out to be a bomb, you're somehow not responsible since I willingly took it after you lied to me about what it is? That's stupid (and not how the law works).
2. Who really trusts downloaded illegal content anyway? Sue them for false advertising
Ok. A) This isn't even a complete thought.
B) Cracks aren't necessarily illegal.
3. The disk space was already planned out for using the illegal download, this "Trojan" probably saved them tons of space (since UT2004 is 6 CDs)
Stupid reasoning. Covered above.
4. The bandwidth was already wasted in trying to get retail products for "free", it's the downloader's waste to begin with
The theft of services occurs when the program is run. Any system resouces used by the program as essentailly "stolen."
5. time the downloader could of spent working for a paycheck to purchase the desired product...again, nothing wasted but the resources someone was using to distribute and use illegal products.
So it's ok to commit computer crime if you don't agree with the way someone is utilizing their time?
You: "Yes, your honor, I stole his car, but only after I found out he had a stolen bag of Cheetos in the trunk.."
Judge: "Case dismissed!"
And one year they'll be right. It's a definite that one day apple will die. Just as IBM will die, Intel will die, AMD will die, America will die, England will die. Over an infinite amount of time all these things will one day end. It's a definite and provable truth. So yes Apple is constantly about to die, but the question is on who's timeline are you talking?
I dunno about that. Some groups (IBM, The Rolling Stones, etc)have so much money and power they'll probably be around forever. Even if the universe was going to end, IBM's R&D would probably to develop a method to transport itself to an alternate dimension.
For those of you attempting to probe the moral questions of this project.
What if my software, downloaded with no warranty from Gnutella, displayed the weather conditions in Kenya?
I'd have their IP, and I could even safely retrieve the ID with legitimate pretenses.
However, since my software rebukes the downloader for downloading a file that appeared to be a crack, it is a Trojan and a danger to the peoples of the free world.
Just a thought.
This isn't about warranties, it's about fraud, misrepresentation, and theft of services.
You're deliberately deceiving people about the nature of the program, and making their computer do things they don't want it to do.
This is just as illegal as distributing a file called "spywareremover.exe" that reformats your hard drive as soon as you run it.
You're clearly misrepresentaing what the program is and do things the user doesnt' want. Someone could have a case against you for fraud and theft of services, but they would most likely have a REALLY good case against you under their state's computer crime laws.
This program 100% meets the criteria for being a trojan. This makes it 100 illegal in many states.
It's illegal for the same reasons that selling you something that I call a "stolen car amlifier" that is really a tracking device or bomb is illegal. It's fraud, misrepresentation, and in this case, theft of services. It's also illegal under various state computer crime laws.
What they're doing is just as illegal as distributing a program called "Spywareremover.exe" that reformats your hard disk as soon as you run it.
They're lying about what the program is and using it to take control of someone's computer without their permission.
Slashdot Mirror
The simple solution is not to embed the tag within the garment but for the tag takes the form of a label that is removed at the point of sale.
This absolutely WILL NOT HAPPEN.
Why?
Retailers want to use these tags for "inventory control" (anti-shoplifting). Making them easy to remove goes completely against that goal.
Expect the tags to be molded into plastic items, etc. They are going to do everything they can to make them hard to locate and remove. (They also don't want you to be able to switch the tags between two different items.)
RFID tags are a HUGE privacy nightmare because they're going to be deliberately difficult to deactivate or remove.
No, you use a separate system. One system creates the ballots. Another system counts the ballots. Another system verifies the ballots.
I suppose maybe I should have said "organization". The same system/organization responsible for the first two is also likely to be responsible for the last one.
The correctness of each system can be verified manually and independently by whoever wants to check.
I doubt that. In order to validate an electronic system, you really need to have an electrical engineer(s) rip the thing apart. Any time you do that, there's a chance that the person "validating" it might be secretly trying to rig the machine.
A lot of the security problems with electronic voting machines have already been looked at with electronic slot machines in 'Vegas.
(But in the case of a national election someone might even to go so far as to have custom chips fabricated.)
OCR-able fonts would be the ideal method as long as scanning equipment is sufficiently fast, accurate and cheap.
I think we're pretty much in agreement then.
Which does bring up the question of what to do about write-in candidates..
Yep, although I expect it's not an insurmountable problem.
Lets you count the votes and see if you get the same results? If what's written on the ballots matches what your machine says they're voting for, you can make your own reliable count that should match the official tally.
My point was that if I believe that the election has been tampered with, what does being able to re-count the possibly tampered with ballots get me?
This is why I think it's so important that the ballots be human-readable, so that the ballot-generation side of things can be assured.
If there's a soubt abount an election and you don't have this assurance, you can never really resolve this doubt.
I'm not saying the ability get the code and set up your own system is worthless, just that it doesn't seem to be a key part of the equation.
You wouldn't necessarily have to use OCR text, but some of the problems you mention aren't as big as you think.
In the OVC system, there's no physical connection between the ballot generation stations and the ballot validation stations, and both systems are open source, so anyone who doesn't trust the system can (1) read the source code, and (2) set up their own system to test.
That doesn't buy you a lot. There's no way for me to check the MD5 sum of the code running on either machine. Without a way for me to know that the code running on a machine came from the open source code that I can inspect, it's still very easy to tamper with. I also don't see what setting up my own non-tampered-with system gets me if I believe a different machine was tampered with.
The SUPER-IMPORTANT key thing is that ballots be verifiable by the human who generated them the moment they are generated (human-readable). I don't know if this open voting system does this but it should.
If this criteria is met it can be assured that the paper ballots reflect who they should, and they can counted by hand if the computer system is suspect.
Better: the system prints out a card with my votes printed on it. I read the card, put the card in a folder so that nobody can see how I voted, and take the card to a poll worker who scans it and puts it into a locked box.
The problem with that idea is that you can tamper with the results by modifying that card or bring a fake card with you. It would be possible to screw up the count on purpose.
Or (gasps!) don't copy unauthorized work, and instead share works by artists who welcome it.
I think you're confusing "artists" with "owners". I don't think Jimi Hendrix minds if you share his work. The problem is that big nasty corporations have managed to "own" a large part of our cultural history.
While in some cases it's possible to aviod RIAA music, in other cases, you would be missing out on a large part of our musical history and national identity.
I think everyone should listen to "American Woman" at least one, and I don't see a GOOD reason why they should have to pay for it. That money surely isn't going as an incentive for Hendrix to produce new music.
You could also print both human and machine-readable portions on the ballot, and then randomly verify (by hand) that the two sections agree. The verification should be instituted as a normal part of the tallying process and should check enough ballots to provide a statistical confidence level that bounds the error to within half of the margin of victory of the closest race.
The trouble there is that you're using the system that is suspect to verify itself and also that election fraud is not a random, statistical process.
If the same group that fudged the election data, can interfere with the verification, they can easily make the "random" sample come back clean (since they know what votes they tampered with).
There are already plenty of machines out there that solve this problem by beign both human a machine readable. Scantron sheets like those often used for multiple choice exams are a good example.
Also, AFAIK the military developed the OCR-A font, so I suspect that the gov't already has the hardware developed.
There's only one problem with that system. I can force a re-vote by inserting a fake printout.
The paper printouts should be kept behind a window. This guarantees that (if the system is functioning properly) the paper and electronic ballots match.
Holy crap! That system is not simple, robust, secure or verifiable!
There's about a million fundamental problems with that idea. Here are some of them.
Here's the way electronic voting SHOULD work:
Unlike your system, the above system allows voters to verify that their individual votes are being registered correctly (at least on paper) and allows for a double-check of the electronic count by counting up all the voter-verifyable paper ballots.
They will use a system called Demotek that is made by four basque companys (Ibermatica, Ikusi, Hunolt and Euskaltel), and uses a really curious way for voting, half analogic, half digital. The voter uses a normal paper for voting, but the ballot paper has a bar code that is read when it is inserted in the ballot box.
Barcodes should NEVER be used on ballots because they aren't human-readable. If I push the button to vote for Joe, but the barcode printed on my reciept shows a vote for Jane how am I going to know?
Any machine-readable parts to a ballot must ALSO be human-readable, so that I may verify that the correct information is being recorded. This means punching holes, filling in bubbles, using an OCR font, etc.
Sure, buth the mere fact that it stays in your hand or pocket throughout the day makes EMF sniffing, thermal manipulation, electrical manipulation, EMI manipulation, etc much more difficult. In a smartcard scenario the antenna/electromagnet/whatever can get MUCH closer to the actual IC.
the responsibility must fall on either merchant or cardholder to prove to the banks that the transaction occurred. Obviously, the merchant is the one who wants to prove it.
My concept is not of "bits as money" but of reduced transaction costs, reduced requirements for accepting transactions, etc.
A bank somewhere would still have my actual money.
There are all kinds of things that can be done, but the original discussion was about securing the credit card system, not about creating entirely new payment systems.
True, but it's nice to take the discussion to the next level. Especially since I seem to have found someone with a good understanding of the subject.
The reason I think my idea is a good one is that, while a bank is still a part of the transaction, the costs they incurr can be vastly reduced. The recudtion in fraud would lower costs and the totally electronic processing would also lower costs.
Since the devices would be interactive, there's no reason why I couldn't choose between a number of different transaction types.
I could choose a one-time, no chargeback possible, cash-like transfer for buying a beer at a bar. (This would have a low transaction cost.)
Or I could you a more tradditional, credit-card-like transfer in other cases.
Lots of schemes have been proposed, but none that are as secure, convenient, cost-effective and auditable as the credit card system.
I think it's more a case of momentum. I don't think the credit card system is really viewed as "perfect" just "good enough".
I think some of the key benefits of an interactive device are:
The last item is really key. This means nobody has to spend time and therefore money checking out Jane Doe before she can accept "credit card" transactions. The processing fees would be automaticly charged by her bank and my bank. The secure nature of the system would make it nearly impossible for her to create fake transactions.
It would be like having the ability to write and cash checks instantly, with selectable levels of fraud protection (and therefore different transaction costs).
Here's the secenario (buying a slice of pizza):
I'll call my credit card replacement a "token" from now on:
I don't have to trust the person I'm buying from to keep any information safe, not to I have to trust them about the amount they're charging me.
The pizza place gets the money almost instantly and doesn't have to worry about my not having $52in the account. They don't have to keep a signed
Really why just a measly 100 years? Why not more?
As long as you're going to sell something the you can't really sell further than 10 years in advance why not go for even more money? They have just as much ability to guarantee your domain name 10,000 years in the future as they do 100.
I'm still wondering how this is even legal. Can I start a business offering to rent various properties to people in advance for the years 2200-2300? Even if I don't own those properties?
The attacks you describe did work a few years ago, but don't work any more. Newer attacks have been devised and defeated, several times over. More attacks will be discovered in the future, and next-generation cards will incorporate countermeasures.
My point is that much of that whole saga could have been virtually eliminated by removing the hardwired electrical connection from the system.
Sure they can play catch-up and eliminate them, but it would be better for the potential to not be there in the first place. There are tons of attacks made possible by sticking the card in someone else's slot that could been completely avoided.
It's the merchant that has to verify to the acquirer that the transaction is valid and correct.
Which doesn't really have anything to do with the security of credit cards vs smart cards. (Or vs anything else.) There are all kinds of rules like this in place because the credit card system is so weak.
Sure smartcards work fine if they're used in exactly the same way credit cards are. The problem is that they MUST be used basically the same way credit cards are because you MUST trust all the same people and use them in the same way. So maybe you can reduce fraud a little bit, but you can't really change the system. You're still relying and the same old safeguards for many things instead of any inherent security from the use of smartcards. You have to trust more people than you should given that you're carrying around a dedicated crypto processor.
A system like I'm talking about would give you a LOT more flexibility and security. It would lower barriers to entry to those who want to take transactions.
In a system like I describe, it no longer has to be a big deal to accept credit card transactions. You could buy something from a nameless street vendor (or cabbie) in NYC and not worry about it, and the street vendor would actually be able to USE the system because little or no verification would be necessary.
I would be able to buy something off a website in Nigeria without worring about them yanking money out of my checking account (many people now used "credit cards" directly coupled to their checking account.)
The point I mean to make is that smart cards are pretty much only good for the same thing credit cards are good for while a device like I describe could be as, if not,. MORE flexible than cash.
Right now I can't give my friend Joe $5 via credit card, directly. My idea would allow that to change.
There IS a need for the above, and right now the niche is starting to be filled by paypal.
A technology like I'm describing would open up all sorts of new ways of doing business: micropayments, true electronic cash (non-insured), peer to peer transfers, etc.
It doesn't buy you a lot if you only think about doing business the same old way it's always been, but if you consider the ways a different trust model could change things then it becomes a cool idea.
Interesting response. Europe does have some really cool things going on with smartcards. A couple years ago I was at cebit and there was what seemed to be a full building devoted to the technology.
Unfortunately, the smartcard concept is fundamentally flawed. They had a good idea, but they didn't carry it far enough.
The fundamental problem is that one must trust whatever smartcard reader they stick the card into. There's no way to independently verify anything, so it's almost the same as a normal credit card. There's also no way to tell if a "reader" is attempting to crack your private key.
IMO, they should be deploying battery powered devices with displays which communicate via infrared signals. This fixes two key problems with smartcards:
One of the key problems with the smartcard design is that it relies on an external source to supply its clock and power supply. It is possible to manipulate these signals to cause a smartcard to give up its private key.
This means that I could stick my smartcard into what looks like a perfetly normal smartcard reader, and in addition to completing a normal transaction, it could steal my private key, no crypto-breaking required.
There have been attempts to deal with these problems, but I think a better approach is to avoid trusting an outside source for clock and data streams to begin with.
Here's a pretty good link on the subject of breaking smartcard security.
I think smartcards are a step in the right direction, but they don't offer nearly as much security as other implementations might.
There are many more benefits the public/private key crypto could provide if they were willing to take things just a couple steps further and make the device provide it's own user interface and communitcate via a more protected means.
One of the most important in my mind is removing the ability for a vendor to charge you an arbitrary amount of money. (There's no way for you to confirm that they really are charging you the amount they say they are before completing the transation.)
A smaller benfit would be the ability to establish a "never give your widget to anyone rule". With an IR-link type communication, there is absoultely no reason to give up physical custody of your key. This makes attempting to steal the key from your device much harder. The onboard display would also give it the ability to say "Help someone is trying to steal my private key. Leave this area!"
What benefits does this PDA runs Linux under the hood provide? The only mention of synchronization is Outlook. Did they choose Linux for the "it's Linux, therefore it's cool" factor or did they choose Linux because it's a good kernel to develop this kind of hardware on?
I dunno about this thing but having Linux on my Zaurus was great. I could sit there with a fold-out keyboard and fire up Xwindows, running programs like Octave (a Matlab clone). I could do VNC, SSH, AIM, email, and browse the web. I could do any of this just about anywhere on campus.
Running Linux means that it can run Linux software.
How stupid can you be? In the article, it says he stole the credit card numbers to prove how insecure things were. If that wasn't enough, he emailed the info to NBCi. Why do these people think that they're the "good guys" when they do this?
He is right though. The credit card system is ridiculously insecure, and we all pay for it in one way or another.
There's no reason someone I buy $20 worth of pizza from should have all the information necessary to charge an arbitrary amount of money to my credit card for the next few years.
The technology exists for us to all have keyring-sized computers which employ public-private key crypto. This would mean I would authorize a one-time trasfer of $20 to the pizza place, and in order for them to be able to charge me again, I would need to give them a totally new transaction key.
Why isn't the credit card system being replaced? Who knows.....but it's silly and stupid.
I should never have to give anyone my bank account or credit card number. These days, it should all be handled using transaction keys with authorize a specfic amount, in a certain direction, to a specfic account, on a certain date.
I'm not defending this guy, I just think the current credit card system it totally stupid from a security point of view.
Now that the deal has been reached, it leaves no choice for the hawks to accept the fact that US GPS hegemony will be broken in few years. Competition helps everyone.
How naive of you.
Did you actually READ the paper you linked to?
Here's a nice little tidbit for you:
"Since these bands are so close to the M-code, the signal broadcast on E1 and E2 could potentially interfere with the secure military signal. More importantly, the E1 and E2 bands would be extremely difficult for the U.S. to jam without silencing the M-code."
The next thing to consider is: WHY would someone want to jam GPS at all?
This is why! (Ask yourself: What's the major difference between a V-2 rocket and a cruise missle? A highly accurate guidance system.)
I have no problem with the EU developing it's own GPS system, but it should be designed responsibly. It should not interfere with the US system.
It should be possible to jam the civilian US GPS system and any "unsecured" foreign GPS system with out shutting down EU or US secured GPS. This is crucial in preventing the production of budget cruise missles, etc by non-US, non-EU countries.
If these criteria are not met the only two options open to the US will be: let the missles hit their targets or shoot down the Galileo system. Nobody wants the second option to happen.
I'm typically all for the public distribution of information, but measures must be taken to ensure that anybody with a million dollars and a grudge can't build a super-accurate bomb.
This is so true...unlike spam, it's quite possible to detect 100% of known viruses with no false positives.
This is just not true. Virus scanners look for a certain string of bits. ANY file with the corresponding string of bits is deemed to be a virus. The can and DO generate false positives.
I've had my employer's mail server flag Abiword documents as a virus before. They weren't executible files and were created on a virus-free linux system, yet they were flagged as containing a virus because the just happened to have they wrong sequence of bits.
The more bits you check the less likely it is to happen, but it is completely inaccurate to say that they never generate false positives.
Except that most kids today think that souping up a PC means a window and lights.
And....most kids today think that souping up a car means a big wing and lights.
If EULA's are legally binding, then yes, most cracks are, since they perform "unauthorized" modifications of the application binary.
Which in most cases they aren't since you have already been give all the rights you need to run the software thanks to the doctrine of "first sale".
A EULA that says "you can no do this to my software" after you've already bought the box and taken it home is like me selling you a house and then when you show up to move in there's a big piece of tape on the door that says "By breaking this seal you agree to the following terms...."
Even IF the EULA was valid, it would be the modification of the software that was violating the EULA, not downloading and posessing the crack program.
Give me a break... The Rolling Stones will die when Keith Richards and Mick Jagger are both dead.
:)
Except that both those guys have enough money to fund the development of a replacement for any failing organ in their body, or possibly totally artificial bodies, thus living forever
3. The disk space was already planned out for using the illegal download, this "Trojan" probably saved them tons of space (since UT2004 is 6 CDs)
This also goes for all those viruses and trojans that delete everything on your HDD. Just think of all the space they're saving you!
Sure they lied about what they were, which means they are effectively committing theft of serivces, but they are using less than 1800MB so it's suddenly legal!
You obviously have no concept of computer crime laws. I don't understand how your comment made it to +5.
All the arguments you make are silly.
1. time to begin with, they chose to make the download
So!!?? If you say "this box is full of money" so I take it, and it turns out to be a bomb, you're somehow not responsible since I willingly took it after you lied to me about what it is? That's stupid (and not how the law works).
2. Who really trusts downloaded illegal content anyway? Sue them for false advertising
Ok. A) This isn't even a complete thought.
B) Cracks aren't necessarily illegal.
3. The disk space was already planned out for using the illegal download, this "Trojan" probably saved them tons of space (since UT2004 is 6 CDs)
Stupid reasoning. Covered above.
4. The bandwidth was already wasted in trying to get retail products for "free", it's the downloader's waste to begin with
The theft of services occurs when the program is run. Any system resouces used by the program as essentailly "stolen."
5. time the downloader could of spent working for a paycheck to purchase the desired product...again, nothing wasted but the resources someone was using to distribute and use illegal products.
So it's ok to commit computer crime if you don't agree with the way someone is utilizing their time?
You: "Yes, your honor, I stole his car, but only after I found out he had a stolen bag of Cheetos in the trunk.."
Judge: "Case dismissed!"
And one year they'll be right. It's a definite that one day apple will die. Just as IBM will die, Intel will die, AMD will die, America will die, England will die. Over an infinite amount of time all these things will one day end. It's a definite and provable truth. So yes Apple is constantly about to die, but the question is on who's timeline are you talking?
I dunno about that. Some groups (IBM, The Rolling Stones, etc)have so much money and power they'll probably be around forever. Even if the universe was going to end, IBM's R&D would probably to develop a method to transport itself to an alternate dimension.
For those of you attempting to probe the moral questions of this project. What if my software, downloaded with no warranty from Gnutella, displayed the weather conditions in Kenya? I'd have their IP, and I could even safely retrieve the ID with legitimate pretenses. However, since my software rebukes the downloader for downloading a file that appeared to be a crack, it is a Trojan and a danger to the peoples of the free world. Just a thought.
This isn't about warranties, it's about fraud, misrepresentation, and theft of services.
You're deliberately deceiving people about the nature of the program, and making their computer do things they don't want it to do.
This is just as illegal as distributing a file called "spywareremover.exe" that reformats your hard drive as soon as you run it.
You're clearly misrepresentaing what the program is and do things the user doesnt' want. Someone could have a case against you for fraud and theft of services, but they would most likely have a REALLY good case against you under their state's computer crime laws.
This program 100% meets the criteria for being a trojan. This makes it 100 illegal in many states.
Care to define how it's illegal?
It's illegal for the same reasons that selling you something that I call a "stolen car amlifier" that is really a tracking device or bomb is illegal. It's fraud, misrepresentation, and in this case, theft of services. It's also illegal under various state computer crime laws.
What they're doing is just as illegal as distributing a program called "Spywareremover.exe" that reformats your hard disk as soon as you run it.
They're lying about what the program is and using it to take control of someone's computer without their permission.