IAAL (but IANYL). I represented several people in this case. We put up a strong defense, and I'm disappointed that Judge Aiken simply dismissed everyone except Doe #1. Voltage should not have been in court in the first place, and they should have been held to account for their false statements. To the extent that this makes Oregon a bad place for trolls to run their scam, it's a tolerable result, but Voltage still skips out with tens, perhaps hundreds, of thousands of dollars. (They're running the same scam in Washington now, btw. Donate to the EFF or provide tech help to your local defense lawyers. It's the only way to shut this shit down.)
Depends on the state (and country!) and probably some other stuff. My experience is mainly in California, where it's very hard to find a lawyer to take a small auto personal-injury case. Policy limits for a totaled car but minor injury would be pretty unusual, IME.
IAAL, and I've worked on a bunch of these cases. The real problem is, it's almost always cheaper to settle than to fight. This is what we call a "cost of defense" shakedown: if it would cost $5k to fight, then it makes sense to pay $3k to make it go away. However, there are a few things to keep in mind:
* The trolls are very unlikely to go after any individual, no matter how much they huff and puff. The reason is, if they have 1000 Does in a complaint, and they start going against one of them, that Doe will (eventually) get copies of the evidence against him. If it's sh!t (and I believe it will probably turn out to be) then the other 999 Does will see that, and no longer be willing to pay.
* The insurance industry had a problem with cost-of-defense complaints: crappy auto accidents that weren't worth more than a few grand in damages. But they banded together and fought every single one of them (paying just the actual damages & medical, and fighting almost every "pain & suffering" claim). And now, you can hardly find a PI lawyer to take a small case -- they know there's no money in it. So the insurance companies don't have to fight any more, and they don't even consider paying anything you can't produce a receipt for.
The only way to clean up these trolls is if some Does sack up and fight, or if the courts stop going along with the shakedown.
I'm the CTO for Yet Another Cloud Service, but this one may be of interest to the tin-foil-hat crowd (of which I consider myself a member). The service is Cloudfeet (www.cloudfeet.com) and one of its genesis use cases is exactly this. I'm a patent attorney, and my business partner is an estate planning lawyer.
There are a few services out there (www.mywebwill.com, www.legacylocker.com) that purport to be suitable for this application, but there are several problems with them. Principally, they're not hooked into the legal estate/probate mechanisms of any particular state, so you have little assurance that what you want to happen after you die, actually will happen.
Another problem is the tin-foil-hat part: if you don't have the encryption keys to your data, then you don't have any control over the data, or any reason for confidence in its security.
Cloudfeet uses client-side encryption, but with a (patent-pending) twist: you keep your RSA key, but the private key is encrypted using a key that Cloudfeet holds. Cloudfeet will send that key to you if you're able to complete the two-factor authentication process. Thereafter, it's a fairly straightforward implementation: you decrypt your private RSA key, then use that to decrypt individual document keys, then use those to decrypt documents.
Since Cloudfeet doesn't have your (encrypted) RSA key, we can't snoop on your documents or deliver them to the FBI in response to a National Security Letter. However, since your private key is encrypted using a key that Cloudfeet has, you don't have to be especially careful with it (although, of course, you should treat any encryption key carefully). For an attacker (or LEO) to read your documents, they have to get both your encrypted private key (over which you have exclusive control) and the key-encryption key (which Cloudfeet maintains).
Getting back to the main topic, digital asset estate planning, our system is designed to fit into ordinary probate proceedings. The canonical case for that is:
* Your estate planning lawyer sets up an account for you, with two-factor authentication & all. * Your encrypted RSA key is printed as a QR code, which is affixed to your will and other important docs. * You can store whatever digital information you want to preserve (e.g., passwords) in your Cloudfeet account. * When you die, your executor can obtain your encrypted RSA key from your will, and Cloudfeet will provide the encryption key in response to your executor's request, supported by the court order appointing him to administer your estate. * With the encrypted RSA key and the encryption key, he can access your saved passwords and carry out the instructions in your will.
I learned how to program on a PDP-10, and one of the pleasures (to a clueless newbie who wasn't often allowed into the data center) was the console register lights, which you could control (all 36 of 'em!) with an assembly program.
I remember saving my allowance for a foolish extravagance: $40 for a huge 3-ring binder in Digital Orange, containing the PDP-10 programmer's reference. I wonder if the guys doing this project need a copy...
I've been interviewing recently, and I've gotten a lot of "what is your favorite language" questions. I realized months ago while talking to somebody else that what makes the languages I know useful to me is that they encourage alternative ways of looking at a problem. (If the only tool you have is a hammer, everything looks like a thumb. Oops, I mean nail.)
Let's face it: any language can be tortured into solving any problem; the question is, what's the most efficient way to think about the problem, and what language is most amenable to using in that way?
What's more interesting, though, is to consider human languages from the same perspective: does the language you speak constrain the concepts you can think about? If you're fluent in several languages, is your mental universe larger? Can you describe a concept that's easy in one language to users of another?
Who'd'a thunk Philosophy and Computer Science would have anything in common?
Letters to the Editor Los Angeles Times Times Mirror Square Los Angeles, California 90053
To the Editor:
I am writing in response to Jack Valenti's diatribe in the January 30th edition of the L.A. Times. It would be a mild disservice to any reader with the wit to operate a DVD player to allow his assertions to go unchallenged, so I've taken a moment to reply.
First, readers should know that the movies on DVD discs are encrypted scrambled so that no-one can watch them without a special player. Consumer-electronics DVD players can unscramble the movies, as can various computer software programs. The scrambling is a little harder to decode than the cryptograms that used to appear with the comics, but, well, let's just say that the CIA won't be using the DVD secret code any time soon.
Without unscrambling the code, it's impossible to watch a DVD movie. One can do a lot of other things with a DVD: copy it, burn thousands of discs in a third world country, and flood the market with cheap knock-offs, but one cannot watch it. The "hackers" Mr. Valenti rails against have not stolen copyrighted materials (nor have they been so charged); neither is it possible to take a decrypted movie and produce a new disc that can be played in someone else's DVD machine. In fact, all they've done is make it possible to play DVDs on a few more computers than could play them before. They'll tell you how to do it too, if you're interested. You still have to buy your own DVDs.
Valenti's bluster about "circumventing copyright protection," "stealing software code," and "breaking narcotics laws" (!) obfuscates the real issue, which is that a weak encryption system has been misrepresented as being able to solve the motion picture industry's piracy woes. Encryption cannot prevent piracy any more than aspirin can prevent pregnancy; and weak encryption cannot even prevent hackers from watching their DVDs without shelling out a couple hundred bucks for a player. I wouldn't care to suggest alternate targets for the Motion Picture Association's well-funded ire, but the kids currently being harassed in court are clearly not the bad guys in this picture.
I'll be there. Unfortunately, I don't have a "Team Slashdot" t-shirt, but maybe we could get Andover to fed-ex a box of 'em to distribute to anybody who shows up and finds the Official Slashdot T-Shirt Distributor? I'd even be willing to pay for mine, but I think it'd be a good idea for as many people as possible to be both present and recognizable.
...then electronic emissions are the least of your problems. If you're encrypting (as you should be) and the Feds are interested enough to be snooping around, and you haven't left the country, then you're in Deep Sh*t.
It's all well and good to be concerned about the Bad Guys getting your Sensitive Data, but let's be real: your kneecaps are a lot more vulnerable than your computer. Once everybody protects everything with solid have-something/know-something encryption, then maybe we worry about TEMPEST. Until then, encrypt, and keep a duffel bag ready to head for the border.
(Or ignore me; maybe I'm just one of those loonies who's been watching too many episodes of "The X Files.")
It's bad enough that us 'merikans are the laughingstock of the civilized world for our idiotic prudishness, but you had to go and tie in the other thing (well, one of the other things, anyway) that will be our downfall: litigiousness. Sure, in today's legal climate, you could "seek compensation" -- sue the bastards at your ISP. Sue CyberPatrol, too. Hell, you could even sue the job hunter (I assume you actually mean headhunter) for failing to have the technical savvy to access your résumé, thereby discriminating against you in some convoluted way. For that matter, why not sue me, too? I probably have some money, and I might settle just to avoid the stupendous legal bills you could threaten me with.
Certainly, there are some things worth going to court over, but this is not one of them. My advice is to just get over it. If you feel it's essential that your résumé be accessible to headhunters who are inexplicably using CyberPatrol, change ISPs. If your bacon is really burned over it, write a letter to the ISP and tell them why you're dumping them. But the idea that somebody owes you something because of this is simply ludicrous.
Huh? I thought the rule was, put swap and often-accessed partitions at the outer cylinders of the disk, since the linear speed of the disk past the head is higher there, resulting in higer data transfer rates. If every cylinder had the same number of sectors, this wouldn't matter, but (AFAIK) newer drives (SCSI, at least; maybe IDE too) have more sectors on the outer cylinders than on the inner ones.
From: your name [you@big-company.com] Subject: wage data sales To: eddcomm@edd.ca.gov
Hello.
I understand (from an L.A. Times article, reported on www.cnnfn.com) that you plan to begin selling wage data to banks and other businesses in the near future. As reported, you will require my written authorization to sell information about me, but I am concerned that I have already inadvertently given that permission.
Please let me know whether your department has any information about me in its files, and whether you have explicit or implicit permission to sell that information (whether or not you currently have it). Also, please tell me how to withhold, in perpetuity, my authorization for release to any non-government entity.
Slashdot Mirror
IAAL (but IANYL). I represented several people in this case. We put up a strong defense, and I'm disappointed that Judge Aiken simply dismissed everyone except Doe #1. Voltage should not have been in court in the first place, and they should have been held to account for their false statements. To the extent that this makes Oregon a bad place for trolls to run their scam, it's a tolerable result, but Voltage still skips out with tens, perhaps hundreds, of thousands of dollars. (They're running the same scam in Washington now, btw. Donate to the EFF or provide tech help to your local defense lawyers. It's the only way to shut this shit down.)
Depends on the state (and country!) and probably some other stuff. My experience is mainly in California, where it's very hard to find a lawyer to take a small auto personal-injury case. Policy limits for a totaled car but minor injury would be pretty unusual, IME.
IAAL, and I've worked on a bunch of these cases. The real problem is, it's almost always cheaper to settle than to fight. This is what we call a "cost of defense" shakedown: if it would cost $5k to fight, then it makes sense to pay $3k to make it go away. However, there are a few things to keep in mind:
* The trolls are very unlikely to go after any individual, no matter how much they huff and puff. The reason is, if they have 1000 Does in a complaint, and they start going against one of them, that Doe will (eventually) get copies of the evidence against him. If it's sh!t (and I believe it will probably turn out to be) then the other 999 Does will see that, and no longer be willing to pay.
* The insurance industry had a problem with cost-of-defense complaints: crappy auto accidents that weren't worth more than a few grand in damages. But they banded together and fought every single one of them (paying just the actual damages & medical, and fighting almost every "pain & suffering" claim). And now, you can hardly find a PI lawyer to take a small case -- they know there's no money in it. So the insurance companies don't have to fight any more, and they don't even consider paying anything you can't produce a receipt for.
The only way to clean up these trolls is if some Does sack up and fight, or if the courts stop going along with the shakedown.
I'm the CTO for Yet Another Cloud Service, but this one may be of interest to the tin-foil-hat crowd (of which I consider myself a member). The service is Cloudfeet (www.cloudfeet.com) and one of its genesis use cases is exactly this. I'm a patent attorney, and my business partner is an estate planning lawyer.
There are a few services out there (www.mywebwill.com, www.legacylocker.com) that purport to be suitable for this application, but there are several problems with them. Principally, they're not hooked into the legal estate/probate mechanisms of any particular state, so you have little assurance that what you want to happen after you die, actually will happen.
Another problem is the tin-foil-hat part: if you don't have the encryption keys to your data, then you don't have any control over the data, or any reason for confidence in its security.
Cloudfeet uses client-side encryption, but with a (patent-pending) twist: you keep your RSA key, but the private key is encrypted using a key that Cloudfeet holds. Cloudfeet will send that key to you if you're able to complete the two-factor authentication process. Thereafter, it's a fairly straightforward implementation: you decrypt your private RSA key, then use that to decrypt individual document keys, then use those to decrypt documents.
Since Cloudfeet doesn't have your (encrypted) RSA key, we can't snoop on your documents or deliver them to the FBI in response to a National Security Letter. However, since your private key is encrypted using a key that Cloudfeet has, you don't have to be especially careful with it (although, of course, you should treat any encryption key carefully). For an attacker (or LEO) to read your documents, they have to get both your encrypted private key (over which you have exclusive control) and the key-encryption key (which Cloudfeet maintains).
Getting back to the main topic, digital asset estate planning, our system is designed to fit into ordinary probate proceedings. The canonical case for that is:
* Your estate planning lawyer sets up an account for you, with two-factor authentication & all.
* Your encrypted RSA key is printed as a QR code, which is affixed to your will and other important docs.
* You can store whatever digital information you want to preserve (e.g., passwords) in your Cloudfeet account.
* When you die, your executor can obtain your encrypted RSA key from your will, and Cloudfeet will provide the encryption key in response to your executor's request, supported by the court order appointing him to administer your estate.
* With the encrypted RSA key and the encryption key, he can access your saved passwords and carry out the instructions in your will.
More info at www.cloudfeet.com, or contact info@cloudfeet.com.
What day will April 1 fall on? 'Cause I'm pretty sure it's not today.
the digit — when expressed in binary — is 0.
Jeez, what are the odds of that?
I remember saving my allowance for a foolish extravagance: $40 for a huge 3-ring binder in Digital Orange, containing the PDP-10 programmer's reference. I wonder if the guys doing this project need a copy...
Let's face it: any language can be tortured into solving any problem; the question is, what's the most efficient way to think about the problem, and what language is most amenable to using in that way?
What's more interesting, though, is to consider human languages from the same perspective: does the language you speak constrain the concepts you can think about? If you're fluent in several languages, is your mental universe larger? Can you describe a concept that's easy in one language to users of another?
Who'd'a thunk Philosophy and Computer Science would have anything in common?
Los Angeles Times
Times Mirror Square
Los Angeles, California 90053
To the Editor:
I am writing in response to Jack Valenti's diatribe in the January 30th edition of the L.A. Times. It would be a mild disservice to any reader with the wit to operate a DVD player to allow his assertions to go unchallenged, so I've taken a moment to reply.
First, readers should know that the movies on DVD discs are encrypted scrambled so that no-one can watch them without a special player. Consumer-electronics DVD players can unscramble the movies, as can various computer software programs. The scrambling is a little harder to decode than the cryptograms that used to appear with the comics, but, well, let's just say that the CIA won't be using the DVD secret code any time soon.
Without unscrambling the code, it's impossible to watch a DVD movie. One can do a lot of other things with a DVD: copy it, burn thousands of discs in a third world country, and flood the market with cheap knock-offs, but one cannot watch it. The "hackers" Mr. Valenti rails against have not stolen copyrighted materials (nor have they been so charged); neither is it possible to take a decrypted movie and produce a new disc that can be played in someone else's DVD machine. In fact, all they've done is make it possible to play DVDs on a few more computers than could play them before. They'll tell you how to do it too, if you're interested. You still have to buy your own DVDs.
Valenti's bluster about "circumventing copyright protection," "stealing software code," and "breaking narcotics laws" (!) obfuscates the real issue, which is that a weak encryption system has been misrepresented as being able to solve the motion picture industry's piracy woes. Encryption cannot prevent piracy any more than aspirin can prevent pregnancy; and weak encryption cannot even prevent hackers from watching their DVDs without shelling out a couple hundred bucks for a player. I wouldn't care to suggest alternate targets for the Motion Picture Association's well-funded ire, but the kids currently being harassed in court are clearly not the bad guys in this picture.
[etc]I'll be there. Unfortunately, I don't have a "Team Slashdot" t-shirt, but maybe we could get Andover to fed-ex a box of 'em to distribute to anybody who shows up and finds the Official Slashdot T-Shirt Distributor? I'd even be willing to pay for mine, but I think it'd be a good idea for as many people as possible to be both present and recognizable.
...then electronic emissions are the least of your problems. If you're encrypting (as you should be) and the Feds are interested enough to be snooping around, and you haven't left the country, then you're in Deep Sh*t.
It's all well and good to be concerned about the Bad Guys getting your Sensitive Data, but let's be real: your kneecaps are a lot more vulnerable than your computer. Once everybody protects everything with solid have-something/know-something encryption, then maybe we worry about TEMPEST. Until then, encrypt, and keep a duffel bag ready to head for the border.
(Or ignore me; maybe I'm just one of those loonies who's been watching too many episodes of "The X Files.")
Certainly, there are some things worth going to court over, but this is not one of them. My advice is to just get over it. If you feel it's essential that your résumé be accessible to headhunters who are inexplicably using CyberPatrol, change ISPs. If your bacon is really burned over it, write a letter to the ISP and tell them why you're dumping them. But the idea that somebody owes you something because of this is simply ludicrous.
Huh? I thought the rule was, put swap and often-accessed partitions at the outer cylinders of the disk, since the linear speed of the disk past the head is higher there, resulting in higer data transfer rates. If every cylinder had the same number of sectors, this wouldn't matter, but (AFAIK) newer drives (SCSI, at least; maybe IDE too) have more sectors on the outer cylinders than on the inner ones.
From: your name [you@big-company.com]
Subject: wage data sales
To: eddcomm@edd.ca.gov
Hello.
I understand (from an L.A. Times article, reported on www.cnnfn.com)
that you plan to begin selling wage data to banks and other
businesses in the near future. As reported, you will require my
written authorization to sell information about me, but I am concerned
that I have already inadvertently given that permission.
Please let me know whether your department has any information about
me in its files, and whether you have explicit or implicit permission
to sell that information (whether or not you currently have it).
Also, please tell me how to withhold, in perpetuity, my authorization
for release to any non-government entity.
Thank you,
Your Name
Your Address
Your Phone