Hmm . . . wonder which of the FSF and MS have the dollars to pay the lawyers to pull it off? Paranoid rant, maybe, but could be just farfetched enough to be right.
You're right--the telephone company using information without the customer's consent isn't fair. I fell into the trap of endorsing the practice while trying to compare the degree of breach of confidence.
I see your point of a citizen getting buried in a barrage of permission requests and finally just giving in, but that could be solved by requiring a positive response--the absence of a response could not be considered permission.
Opt-out is just a sell-out, as, since people tend to be busy and not realize the implications of letting their information out into the wild, they don't act on the "privacy statements" sent to them. Also, once a customer who has previously not opted out decides to, there's no practical way for him to retrieve the information about him floating around. The "information wants to be free" idea works here, too, unfortunately.
I like your idea of citizens being the custodians of their own information. We have the cryptography to make it so that the citizen could carry information without being able to alter it, and could encrypt it on a health care provider's key to transfer it. Heck, I imagine with some thought, a way to "salt" information to trace misuse could be added. Bummer that the MIB and others who make beaucoup bucks trading in citzens' health information (along with their government servants) will never allow that to come to pass.
Of course the telephone company will use your information. A reasonable person would expect the telephone company to use your information. It is, as has been called by other who studied the topic more than I ever will, a "fair information practice."
Your doctor, your insurance company, your pharmacist, or your dealer selling information about your health to the highest bidder is not and never will be a "fair information practice," and this proposal is one more example of a government bought and paid for by corporations in action.
Obviously, whoever moderated you down is an ignorant dolt. I thought of the same thing when I saw the article. Dorothy Denning would be proud right now--if we've forgotten about Skipjack, we've probably forgotten about her traitorous toadyism to government in her effort to keep strong encryption out of the hands of normal people.
Your argument is trivially reduced to absurdity by applying it to the use of water at the drinking fountain, the telephone, electricity, or oxygen, which have about the same marginal cost to the organization as does the web surfing of a typical employee in a corporate environment, your contorted, extreme examples notwithstanding.
In the 4 years I've been here, we got hit with 1 virus (nimba maybe?). Rather than do all this draconian shit, how about you just hire better employees?
Duh! Better employees cost more! Better to hire crap employees, spend a few bux on filters, and violá: instant productivity!
(Note for the sarcasm impaired: I agree with the parent.)
Jesus Christ! The examples you cite (car, FedEx account) both actually have some cost to the company that's significantly greater than zero. An employee spending some time on the web does not--if he weren't surfing, he'd be doing something else to slack off, and if he doesn't produce, as the capitalist toadies here have pointed out numerous times already, he can be fired.
This is a "security" software company using the press (if you can call Yahoo! News the press) to try to drum up some business with scaremongering tactics. The people in their virus-writing division have probably been slacking off surfing the web, thus reducing the demand for anti-virus software, so they've got to sell something.
P.S.: In answer to your first question, no, I've never worked in a corporate eye-tee environment. I prefer the company of intelligent, productive people to that of hyperpolitical, network nazi, tattle-tale tech wannabes that infest most corporate eye-tee environments.
That only applies to OEMs, but has, in fact, been a condition imposed on them to be allowed the "privilege" of pre-loading Windows, allowing them to stay in business in the face of Microsoft's illegal and abused monopoly.
If the election had gone differently, this practice would have been ready to be disallowed as part of the settlement with Justice. Instead, Microsoft gets a wrist slap.
This kind of clause is not new. From the Windows 98 EULA:
torage/Network Use. You may also store or install a copy of the SOFTWARE PRODUCT on a storage device, such as a network server, used only to install or run the SOFTWARE PRODUCT on your other COMPUTERS over an internal network;
however, you must acquire and dedicate a license for each separate COMPUTER on or from which the SOFTWARE PRODUCT is installed, used, accessed, displayed or run.
The bold text implies that a Windows 98 license would be required, for example, on the BSD machine running a BSD client connecting to a Windows 98 desktop.
The Windows 2000 EULA is more blunt:
You may not use the Product to permit any Device to use, access, display or run other executable software residing on the Workstation Computer, nor may you permit any Device to display the Product's user interface, unless the Device has a separate license for the Product.
Good thing that except for those unfortunates who live in UCITA states, these clauses are likely to mean dick.
but we also knew the BSA would have a really hard time getting thru the people guarding the gate to the base.
Amusing, but no protection at all from a surprise software audit by a cleared staffer from the IG or your own chain of command. So it's a good thing you keep those licenses in order:).
No, I'm one of those adults who works at a university and understands how the system works. You would do well to cease projecting your image of yourself onto others.
If they deny him access, they should be obligated to refund his computing fees pro rata. Of course, if I were the student, I'd bitch through the student affairs channels and do my damndest to get the network nazi who pulled my access fired. Failing that, I'd transfer to a school that valued my tuition.
And you didn't even refute the statement. The FDIC is not insuring PayPal, it's insuring the banks iff PayPal puts funds there. There is no FDIC insurance for PayPal, which is a consequence of the FDIC not defining it as a bank.
. . . a bank based on the "duck test." It accepts deposits, it pays interest, it earns money on cash on deposit, it clears transactions, . . . About the only thing it doesn't do is hold itself accountable to the standards that should be expected of a bank.
Also, note that this doesn't get it out from under the couple of states that (correctly) think PayPal should be regulated like a bank.
I don't know what kind of crack this court was on, but it must have been some good stuff.
My comment was to address the market share graph linked by an anscestor post that showed Linux with "4% of the market" for browsers. I simply pointed out that this probably is not accurate because Linux users often have to spoof the user agent string to masquerade as an MS or Apple product to avoid being locked out of sites.
IOW, it has nothing to do with MathML. I understand the original comment perfectly--did you understand that the converstation had diverged from it, or are you just getting off on implying that I was trolling? (Although this is my troll ID, that post wasn't at troll.)
This is the concept of a "duress" password. I used to think banks should issue two ATM PIN: a normal PIN, which gives full access to the account, and a duress PIN, which only gives access to a small amount of cash, to be used when the customer is withdrawing money at gunpoint. If the duress PIN is used, the small amount of cash is dispensed (to keep the customer alive), and armed security or police dispatched.
However, experience with alarm systems shows that accidental use of duress passwords is much too common among civlians!
But a duress password for a mail server, as you suggest, would be a good idea whether it's hosted at HavenCo or not. The problem is that if it were part of a well-known commercial product, once the adversary was aware that such a product was in use, there wouldn't be time to use the duress password--armed men would storm into the server room, copy the disk bit-for-bit, and the guy with the keys would be in jail for contempt until the prosecution's (or other adversary's) forensic analyst could verify he had both passwords. Same idea goes for personal encryption systems.
A file system encryption program that implements this idea deniably is Rubberhose. Unfortunately, I think the name is apt, because if nothing substantially incriminating were found on a machine running it, law enforcement (or other adversary's) assumption would be that there's another layer that a little more pressure (or pain) would cause the user to give up the next password.
The key would be to find a product that can be used without leaving a sign that the user is using anything but innocent (and perhaps appropriately backdoored) commercial products. I have yet to run across anything like this.
I'll admit to an unfamiliarity with the law associated with trusts, but I have always thought of these as financial arrangements. But even provided that the trust argument holds up for Sealand, and that force isn't ultimately used to compel HavenCo to produce the contents of the mail servers, wouldn't having made such an arrangement itself be damning against any company who did so that becomes involved in legal action?
An analogy would be an individual suspected of trafficking in contraband (kiddie porn seems to be popular these days, I imagine copy control circumvention programs would be next), and when the cops busted down his door, they found nothing. However, the guy had a copy of "Evidence Eliminator" installed, and with that, plus logs from his ISP with "suspicious" filenames in he headers, the prosecution would probably be able to secure a conviction, or at least get him to cop a plea to a lesser charge.
Alt-PrtSc, Print to FILE:, IMAP proxy, packet sniffer/logger, where do I begin (and that's after 5 seconds of thought, there are likely lots of other ways)? You can't have an enforceable Draconian email policy to cover the company's ass and have people be able to read their email from home.
If I worked at such a place (while I was looking for another job), you can bet I'd be archiving everything that might ever be relevant. In fact, if I were ever involved in legal action against them, my lawyer might just make some hay of the lengths to which they went to try to keep me from preserving the evidence against them.
Slashdot Mirror
Hmm . . . wonder which of the FSF and MS have the dollars to pay the lawyers to pull it off? Paranoid rant, maybe, but could be just farfetched enough to be right.
Pot, kettle . . .
I work at a public university, and #3 cracked me right up. Good work!
I see your point of a citizen getting buried in a barrage of permission requests and finally just giving in, but that could be solved by requiring a positive response--the absence of a response could not be considered permission.
Opt-out is just a sell-out, as, since people tend to be busy and not realize the implications of letting their information out into the wild, they don't act on the "privacy statements" sent to them. Also, once a customer who has previously not opted out decides to, there's no practical way for him to retrieve the information about him floating around. The "information wants to be free" idea works here, too, unfortunately.
I like your idea of citizens being the custodians of their own information. We have the cryptography to make it so that the citizen could carry information without being able to alter it, and could encrypt it on a health care provider's key to transfer it. Heck, I imagine with some thought, a way to "salt" information to trace misuse could be added. Bummer that the MIB and others who make beaucoup bucks trading in citzens' health information (along with their government servants) will never allow that to come to pass.
Your doctor, your insurance company, your pharmacist, or your dealer selling information about your health to the highest bidder is not and never will be a "fair information practice," and this proposal is one more example of a government bought and paid for by corporations in action.
I was wondering the exact same thing-ah, MSD. The SD-2 ruled!
Obviously, whoever moderated you down is an ignorant dolt. I thought of the same thing when I saw the article. Dorothy Denning would be proud right now--if we've forgotten about Skipjack, we've probably forgotten about her traitorous toadyism to government in her effort to keep strong encryption out of the hands of normal people.
Your argument is trivially reduced to absurdity by applying it to the use of water at the drinking fountain, the telephone, electricity, or oxygen, which have about the same marginal cost to the organization as does the web surfing of a typical employee in a corporate environment, your contorted, extreme examples notwithstanding.
Duh! Better employees cost more! Better to hire crap employees, spend a few bux on filters, and violá: instant productivity!
(Note for the sarcasm impaired: I agree with the parent.)
This is a "security" software company using the press (if you can call Yahoo! News the press) to try to drum up some business with scaremongering tactics. The people in their virus-writing division have probably been slacking off surfing the web, thus reducing the demand for anti-virus software, so they've got to sell something.
Christ, I need a Jaegermeister!
P.S.: In answer to your first question, no, I've never worked in a corporate eye-tee environment. I prefer the company of intelligent, productive people to that of hyperpolitical, network nazi, tattle-tale tech wannabes that infest most corporate eye-tee environments.
If the election had gone differently, this practice would have been ready to be disallowed as part of the settlement with Justice. Instead, Microsoft gets a wrist slap.
The bold text implies that a Windows 98 license would be required, for example, on the BSD machine running a BSD client connecting to a Windows 98 desktop.
The Windows 2000 EULA is more blunt:
Good thing that except for those unfortunates who live in UCITA states, these clauses are likely to mean dick.
Think "DRM OS."
Amusing, but no protection at all from a surprise software audit by a cleared staffer from the IG or your own chain of command. So it's a good thing you keep those licenses in order :).
Oh, yeah, that's a great idea. One more thing for the NAV ET's to maintain :).
No, I'm one of those adults who works at a university and understands how the system works. You would do well to cease projecting your image of yourself onto others.
If they deny him access, they should be obligated to refund his computing fees pro rata. Of course, if I were the student, I'd bitch through the student affairs channels and do my damndest to get the network nazi who pulled my access fired. Failing that, I'd transfer to a school that valued my tuition.
Could it be that maybe he pays specific fees for that access, and thus has a property right in it?
And you didn't even refute the statement. The FDIC is not insuring PayPal, it's insuring the banks iff PayPal puts funds there. There is no FDIC insurance for PayPal, which is a consequence of the FDIC not defining it as a bank.
Ah, so the FDIC doesn't want to have to insure them. I wouldn't, either!
Also, note that this doesn't get it out from under the couple of states that (correctly) think PayPal should be regulated like a bank.
I don't know what kind of crack this court was on, but it must have been some good stuff.
IOW, it has nothing to do with MathML. I understand the original comment perfectly--did you understand that the converstation had diverged from it, or are you just getting off on implying that I was trolling? (Although this is my troll ID, that post wasn't at troll.)
However, experience with alarm systems shows that accidental use of duress passwords is much too common among civlians!
But a duress password for a mail server, as you suggest, would be a good idea whether it's hosted at HavenCo or not. The problem is that if it were part of a well-known commercial product, once the adversary was aware that such a product was in use, there wouldn't be time to use the duress password--armed men would storm into the server room, copy the disk bit-for-bit, and the guy with the keys would be in jail for contempt until the prosecution's (or other adversary's) forensic analyst could verify he had both passwords. Same idea goes for personal encryption systems.
A file system encryption program that implements this idea deniably is Rubberhose. Unfortunately, I think the name is apt, because if nothing substantially incriminating were found on a machine running it, law enforcement (or other adversary's) assumption would be that there's another layer that a little more pressure (or pain) would cause the user to give up the next password.
The key would be to find a product that can be used without leaving a sign that the user is using anything but innocent (and perhaps appropriately backdoored) commercial products. I have yet to run across anything like this.
An analogy would be an individual suspected of trafficking in contraband (kiddie porn seems to be popular these days, I imagine copy control circumvention programs would be next), and when the cops busted down his door, they found nothing. However, the guy had a copy of "Evidence Eliminator" installed, and with that, plus logs from his ISP with "suspicious" filenames in he headers, the prosecution would probably be able to secure a conviction, or at least get him to cop a plea to a lesser charge.
If I worked at such a place (while I was looking for another job), you can bet I'd be archiving everything that might ever be relevant. In fact, if I were ever involved in legal action against them, my lawyer might just make some hay of the lengths to which they went to try to keep me from preserving the evidence against them.