I guess that was what I was trying to get at: When laziness is your primary concern in building security you build windows 98.
If biometric adoption is being helped by the laziness factor it is because the biometrics systems being build are less secure then password based systems they replace. biometrics can only offer additional security if they are use in combination with some other techniques. Otherwise they offer poorer security because they can't be changed if they are comprised.
Giving someone a smart chip that lets them in and out of a building is less secure then giving them a pass code.
Of coarse ease of use is always opposed to security. The point is the consciously make the decisions about the trade offs.
the deeper problem with using biometrics is once a crook figures out a way to deceive a system into thinking they are you. Thus compromising you biometric identity there is usually no way to correct the compromise. ( you can't change your fingerprints.)
That is why biometrics are best considered as an ADDITIONAL level of security beyond passwords.
Three things can establish trust: 1) what you are - biometric 2) something you carry - card ( ref id?) 3) something you know - password or pin
the most secure systems will always require all three anything else is an engineering compromise. Of coarse you can also increase security by increasing the amount of data a imposter would need to get. IE two biometrics, multiple passwords , a card and a key and a dongle ect.
Another thing to consider is how secure is secure. Most people consider things guarded by an armed guard secure. The guard is a biometric security device. he/she becomes familiar with those who have access and suspicious of unrecognized people. They use a large number of biometric factors to recognize people.
on the other hand there are many military applications which don't consider an armed guard good enough.
sorry about the paragraphs I messed that up. Need remember to hit that preview button.
The Unicode thing was well documented when it happened. It may have been corrected. I haven't looked at this problem since 98-99 but it is par for the coarse of normal business practices by Microsoft. I know it existed for well over a year, long enough to require everyone else to work around it.
I never delved into it beyond figuring out that in order to read pages written in Russian you had to download standard Russian fonts for all non-front page generated page and special Russian fonts for front page generated pages in order to be able to read Russian or any language that used characters above it and reading several technical descriptions as to why the fonts were necessary on several different web pages. I think by definition this would be a UTF-16 problem because all the languages affected would have been outside the range expressible in UTF-8.
Here is the analogy I often give non-techies and techies alike.
Imagine if GE made all the fuse boxes in the world.
One day GE decides that it would be of great benefit to GE made washing machines to have a 'timer' built into to all the power lines in the house. So they put timers into all their fuse boxes. ( remember you can buy a fuse box from no one else ).
The way the implement the timer is to use a capacitor to store some current and when it is charged they discharge that capacitor down the line. The effect is that the 110v coming into your house now shows up as 100v at all your outlets with occasional 240v spikes and
determinate intervals. Any appliance that is not adapted to deal with these spikes will of coarse be destroyed by the new 'protocol'.
so now all of GE competitors need to re-engineer their devices which will easily take them 6 months. Meanwhile GE gets to sell all their products which were already engineered to work with the new fuse boxes for 6 months without competition. Slowly the low margin toaster people go broke and even though GE toaster was as good as some on the market GE is the only one making toasters.
That is called abuse of your monopoly and that is exactly analogous to what Microsoft does with it's protocols all of the time. They call changing protocols without telling anyone in such a way as all other players in the market are broken until they reverse engineer what Microsoft did while Microsoft's products still work out of the box 'being innovative'.
One simple example out of many is that when Microsoft implanted it's 'Unicode' it did not implement ISO standard Unicode. In fact all languages above some arbitrary number are shifted by 1 byte. The result is that if you create a web page in say Russian Cyrillic with Microsoft front page you cannot read it with anything other then internet explorer.
The other browsers had to have people make special fonts and educate the users on how to download and install those fonts to fix the problem. Thus adding complexity of use and cost to non Microsoft products because of Microsoft's undocumented 'innovation'.
I'm waiting for someone to come up with an expert system/AI that looks for new securtity exploits and then uses them to spread it's own code to other systems. Try filtering that out.
How do you defend against this one. Or one better what if 'the bank' called you and said your account had been compromised and they need to reset your password. 'to do so of coarse they need to verify your old password' or you can go-online and change your password.
What's the next step. Setting up a phony bank branch and asking you to come into it?
Yeah i know. I guess in some ways i feel corporate law , like copywrite law has drifted from the sane reasons for which it was first established, into a unjust system primarily engineered by the powerful for the powerful.
who said anything about free enterprise. The kings of feudal Europe were a perfect example of unchecked free enterprise. What every society needs is 'free enough' enterprise so that people doing the work can be 'sufficiently rewarded' and yet are discouraged from taking actions that are detrimental to the society at large.
incorporation is granted for the purpose of making it easier for a company to grow larger ( sell stock , shared liability ect.). The fact that it is a status that exist in law suggest that at some level those laws are considered to serve the greater good. The modifications I suggest would hopeful more fully serve the greater good.
There is an odd thing about biometrics that make me shutter at the thought of a 'biometrics only' authentication scheme for any machine.
you see it might be harder to compromise your biometric identity, but the problem is if someone ever successfully accomplishes it, which people will, you can't change your fingerprints or brain patterns.
That is why biometrics should always remain only a part of what you need to authenticate to a system.
I was taught when we studied security that there have been since roman times only 3 recognized ways to establish a trusted relationship.
1) something you have ( like a key card) 2) something you know ( like a password , pin or phrase ) 3) something you are ( like a biometric)
The best anyone can do is to use one or more such things from those 3 categories. The better systems use at least one thing from each.
I have often contemplated if the public interest would not be better served by the government requiring a specific mission statement for the purposes of incorporation and then preventing the entity from going outside of that stated purpose. It seems that would limit corporate size, increases competition allow for greater free enterprise and a more even distribution of wealth while still managing to keep the rewards of success substantially high enough to encourage innovation. Also , it seems to me smaller companies tend to have better customer service because they are more focused on their core business. Larger companies become unresponsive to customers because they no longer have a 'core' business but instead many course and so the button line provided by pleasing 70% of people is good enough vs the 90% you want to please if you do only 1 thing.
My understanding of current law is that I may copy any boadcast for later replay and that further I may give copies of that broadcast to anyone I please unless I charge for them.
Why would the congressmen want to make it difficult to record something that I could just as easily record off the radio.
simple example.
I say on my websight. "communism is bad".
China declares me to be insighting a riot and engaging in terroristic activities. Finds me guilty in court and tries to shut down my web site.
same genral thing going on here. stupid that the courts even looked at it. The FBI should have been smarter.
well, the cause of global warming is in some ways very much at issue. Because if we are warming as part of the natural cycle of glaciation then: a) there is nothing we can do about it b) it is unlikely to end the spiecies.
On the the other hand if we are the cause: a) we can definatly do something about it. b) it is possible (although extreemly unlikely) we are causing natural changes to happen far too rapidly and we are doing enough enviormental damage(also unlikely) do to speed of change that we jepordize the food supply of higher mamals including humans.
If pornagraphy is the best the internet has to offer then I say we shut the whole thing down today. c'mon it can and does to alot better. What about music, what about community, what about ect.
Pornagraphy ( by this i don't me art i mean images that are intended to sexually stimulate.) is a blight. It has the effect on people especially men of making them selfish.
When you look at pron are you thinking " I wonder what that woman is like. I wonder if she likes what she is doing? I wonder what type of human being she is?' NO
You concern I waon't claim it involves thought is it feels good to be doing what I'm doing and I like what I see. YOU ARE BEING SELFISH AND NOT CONSIDERING THE OTHER HUMAN BEINGS AS ANYTHING OTHER THEN OBJECTS FOR YOUR PLEASURE.
Guess what, when you do somehting over and over it becomes a habbit. Then if you are really with a woman that habbit is repeated. You treat her like the porn and the porn like her. She becomes less human.
when women are less human , sooner or later so are is the your outlook on men. All humans become objects for your use and pleasure because of your reinforced habbit.
Not that this is wholly a male problem. Women have thier parts but as I'm not a woman I'm not going to speak as directly to that.
Why don't movie theaters start showing more re-runs.
I mean seriously there are some movies that are just better on the big screen. You could have a web page with a sign up list.
When the number of people who wanted to see a given movie in the theater hit some specified limit you could show it assuming say half the people on the list showed up you would make good money.
I'd pay to be able to watch Gibsons 'passion of the christ' on the big screen once a year.
Not to mention some of original LOTR or star wars movies.
No home theater can compare. I think it is a turely untapped market.
hmm... I'm going to put some more thought into this. I think my local theator allows for 'rental' of whole theators for 'private viewing' I wonder what the cost is.
Ok , here is an attempt to actually answer the question asked as I did not see one on the board yet.
Most modern cell phones have a native JAVA interface. If you want to write a program for your cell phone you can usually buy a developer kit from the manufacturer. Most of them I've seen run somewhere between 50 and 150 bucks. you will probably ( most likely) need a data cable to upload the program into your phone.
I have not actually done this I am in the process of researching it in my *cough* copious *cough* spare time.
personally I'd love to see a lot more open source java apps out there compiled to run on cell phones. What a great way to promote open source to the masses and the teeny crowd and get them interested in the issues. It certainly has a 'cool' factor to it.
As to which API you would need to use there are usually phone specific API's and there is some kind of java phone standard, but I have not dug into it beyond that.
I still guess I just don't get it. Now I understand the whole 'hands free' argument. If you are leaning your neck over or using a hand to use a cell phone in a car in makes sense that it can contribute to you getting into an accident.
HOWEVER, I do not understand how talking to someone talkin' on a hands free headset is going to be affected any differently then someone talking to a passager in the car. Perhapse we should make it illegal to have passangers.
Why was it he said hurricanes come into being? Oh yeah, to dissipate the heat differential between the equator and the poles.
What is the consequence not dissipating the heat differential? how long can you not dissipate it before you generate the mother of all storms that you don't have enough energy to control?
Point is there are a huge number of other unknown environmental factors here that aren't even being considered. Hurricanes cause a lot of destruction but they also. 1) help regulate global temperature 2) help clean pollutants out of the atmosphere 3) help forest by destroying them so the can re grow. 4) help animal populations but reducing overpopulation. 5) distributed needed nitrogen to both through out the ocean and coastal plains.... how many more things are there? I'm not sure but I'd want to know for sure before I started messing around with them.
Just because you CAN do something is usually a really stupid reason TO do it. Seeking immediate gratification and elimination of temporary hardship and pain (AKA the American way.) can often times be a recipe to find ultimate disaster much greater then either of the first two would have warranted unchecked.
It is an interesting thought experiment, but I'm not sure it is something we should even want to do little lone try to do.
It seems to me. A tombstone should last AT A MINIMUM 100 years. What do you think? I doubt what they are talking about could last 100 years. Sitting outside in the rain and intense light, hail , acid rain ect.
Did the writer / author / speaker use a wrong word or was this fellow talking about something other then the GNU Public Liscense( GPL )? Has thier been a name change I missed out on?
A better question would be. How many Windows user would EVER find out they were compromised? I would guess ( from antidotal experience.) That between 5 and 20% of windows users would never know they were compromised. Maybe as high as 50% would only find out they were compromised once in a while, IF someone told them. Otherwise they just rebuild their machine. They might know their machine doesn't work like it used too. Eventually they may call a 'computer guru' to have the machine restored from the original install disk. But you can't possibly report something that you don't even know has happened. I doubt there is anywhere near the number of people who fit that category among Linux users, because the same people would never solve the driver problems that crop up 1/5 times or so when you do a Linux install. So the question of who and how many are reporting becomes even more complex.
"None, so what? It's still wrong" The problem with the situation in your second paragraph is that without appealing to an absolute cause of 'right and wrong' all you can appeal to is common perception. If i don't share your perception then you no longer have any case and the result is that if I am stronger then you, you lose. More over why should I care about the consequences of my actions on YOU if I like their consequences on me and those I consider important, supposing I don't like you or consider you important.
as to you last paragraph stating with: "I can't manage to interpret this as anything but meaningless or contradictory."
well, maybe you should think about it. I will try and expand a little.
if a god exists it is fair to say it is the force which is the cause of the universe including time. I'm not sure how you cause anything without time , but I am sure that time had a beginning and that there is nothing that has ever been observed that has had a beginning but that did not have a cause.
It is however not that difficult to believe that there may have been a cause that had no beginning. atheist say time was caused by random chance. so chance is a cause without a beginning.
I think it is much more difficult to believe there is a beginning without a cause. ie time just is and was not caused, even by chance.
The problem is that chance as we understand it does not posses the quality of being real. It is only a mathematical construct. So how can a mathematical construct be what imparted reality onto the universe. I claim the first cause then was a force.
That is a force that creates time and space. It existence does not depend on time and space. It is without form as we know it. it therefore is indestructible. It is without time as we know it it therefore is unchanging. since it is the cause of time and cannot change it must be continually the cause of time because it is not possible for it to stop causing time. so you must say that this force IS causing time not did cause time because the force must be unable to change.
That is a start of the Theology I adhere to. If God exists then God must be in some way equitant to that force which is the first cause. 'God is never changing yet always causing' which perhaps is a better way of wording the original statement I made.
Slashdot Mirror
I guess that was what I was trying to get at:
When laziness is your primary concern in building security you build windows 98.
If biometric adoption is being helped by the laziness factor it is because the biometrics systems being build are less secure then password based systems they replace. biometrics can only offer additional security if they are use in combination with some other techniques. Otherwise they offer poorer security because they can't be changed if they are comprised.
Giving someone a smart chip that lets them in and out of a building is less secure then giving them a pass code.
Of coarse ease of use is always opposed to security. The point is the consciously make the decisions about the trade offs.
the deeper problem with using biometrics is once a crook figures out a way to deceive a system into thinking they are you. Thus compromising you biometric identity there is usually no way to correct the compromise. ( you can't change your fingerprints.)
That is why biometrics are best considered as an ADDITIONAL level of security beyond passwords.
Three things can establish trust:
1) what you are - biometric
2) something you carry - card ( ref id?)
3) something you know - password or pin
the most secure systems will always require all three anything else is an engineering compromise. Of coarse you can also increase security by increasing the amount of data a imposter would need to get. IE two biometrics, multiple passwords , a card and a key and a
dongle ect.
Another thing to consider is how secure is secure. Most people consider things guarded by an armed guard secure. The guard is a biometric security device. he/she becomes familiar with those who have access and suspicious of unrecognized people. They use a large number of biometric factors to recognize people.
on the other hand there are many military applications which don't consider an armed guard good enough.
sorry about the paragraphs I messed that up. Need remember to hit that preview button.
The Unicode thing was well documented when it happened. It may have been corrected. I haven't looked at this problem since 98-99 but it is par for the coarse of normal business practices by Microsoft. I know it existed for well over a year, long enough to require everyone else to work around it.
I never delved into it beyond figuring out that in order to read pages written in Russian you had to download standard Russian fonts for all non-front page generated page and special Russian fonts for front page generated pages in order to be able to read Russian or any language that used characters above it and reading several technical descriptions as to why the fonts were necessary on several different web pages. I think by definition this would be a UTF-16 problem because all the languages affected would have been outside the range expressible in UTF-8.
Here is the analogy I often give non-techies and techies alike. Imagine if GE made all the fuse boxes in the world. One day GE decides that it would be of great benefit to GE made washing machines to have a 'timer' built into to all the power lines in the house. So they put timers into all their fuse boxes. ( remember you can buy a fuse box from no one else ). The way the implement the timer is to use a capacitor to store some current and when it is charged they discharge that capacitor down the line. The effect is that the 110v coming into your house now shows up as 100v at all your outlets with occasional 240v spikes and determinate intervals. Any appliance that is not adapted to deal with these spikes will of coarse be destroyed by the new 'protocol'. so now all of GE competitors need to re-engineer their devices which will easily take them 6 months. Meanwhile GE gets to sell all their products which were already engineered to work with the new fuse boxes for 6 months without competition. Slowly the low margin toaster people go broke and even though GE toaster was as good as some on the market GE is the only one making toasters. That is called abuse of your monopoly and that is exactly analogous to what Microsoft does with it's protocols all of the time. They call changing protocols without telling anyone in such a way as all other players in the market are broken until they reverse engineer what Microsoft did while Microsoft's products still work out of the box 'being innovative'. One simple example out of many is that when Microsoft implanted it's 'Unicode' it did not implement ISO standard Unicode. In fact all languages above some arbitrary number are shifted by 1 byte. The result is that if you create a web page in say Russian Cyrillic with Microsoft front page you cannot read it with anything other then internet explorer. The other browsers had to have people make special fonts and educate the users on how to download and install those fonts to fix the problem. Thus adding complexity of use and cost to non Microsoft products because of Microsoft's undocumented 'innovation'.
I'm waiting for someone to come up with an expert system /AI that looks for new securtity exploits and then uses them to spread it's own code to other systems. Try filtering that out.
How do you defend against this one. Or one better what if
'the bank' called you and said your account had been compromised and they need to reset your password. 'to do so of coarse they need to verify your old password' or you can go-online and change your password.
What's the next step. Setting up a phony bank branch and asking you to come into it?
Maybe I should just start using only cash.
Yeah i know. I guess in some ways i feel corporate law , like copywrite law has drifted from the sane reasons for which it was first established, into a unjust system primarily engineered by the powerful for the powerful.
who said anything about free enterprise. The kings of feudal Europe were a perfect example of unchecked free enterprise. What every society needs is 'free enough' enterprise so that people doing the work can be 'sufficiently rewarded' and yet are discouraged from taking actions that are detrimental to the society at large.
incorporation is granted for the purpose of making it easier for a company to grow larger ( sell stock , shared liability ect.).
The fact that it is a status that exist in law suggest that at some level those laws are considered to serve the greater good. The modifications I suggest would hopeful more fully serve the greater good.
There is an odd thing about biometrics that make me shutter at the thought of a 'biometrics only' authentication scheme for any machine.
you see it might be harder to compromise your biometric identity, but the problem is if someone ever successfully accomplishes it, which people will, you can't change your fingerprints or brain patterns.
That is why biometrics should always remain only a part of what you need to authenticate to a system.
I was taught when we studied security that there have been since roman times only 3 recognized ways to establish a trusted relationship.
1) something you have ( like a key card)
2) something you know ( like a password , pin or phrase )
3) something you are ( like a biometric)
The best anyone can do is to use one or more such things from those 3 categories. The better systems use at least one thing from each.
I have often contemplated if the public interest would not be better served by the government requiring a specific mission statement for the purposes of incorporation and then preventing the entity from going outside of that stated purpose. It seems that would limit corporate size, increases competition allow for greater free enterprise and a more even distribution of wealth while still managing to keep the rewards of success substantially high enough to encourage innovation. Also , it seems to me smaller companies tend to have better customer service because they are more focused on their core business. Larger companies become unresponsive to customers because they no longer have a 'core' business but instead many course and so the button line provided by pleasing 70% of people is good enough vs the 90% you want to please if you do only 1 thing.
My understanding of current law is that I may copy any boadcast for later replay and that further I may give copies of that broadcast to anyone I please unless I charge for them.
Why would the congressmen want to make it difficult to record something that I could just as easily record off the radio.
simple example. I say on my websight. "communism is bad". China declares me to be insighting a riot and engaging in terroristic activities. Finds me guilty in court and tries to shut down my web site. same genral thing going on here. stupid that the courts even looked at it. The FBI should have been smarter.
well, the cause of global warming is in some ways very much at
issue. Because if we are warming as part of the natural cycle of glaciation then:
a) there is nothing we can do about it
b) it is unlikely to end the spiecies.
On the the other hand if we are the cause:
a) we can definatly do something about it.
b) it is possible (although extreemly unlikely) we are causing natural changes to happen far too rapidly and we are doing enough enviormental damage(also unlikely) do to speed of change that we jepordize the food supply of higher mamals including humans.
why is any one suprised that the most popular use of a network is for networking?
If pornagraphy is the best the internet has to offer then I say we shut the whole thing down today. c'mon it can and does to alot better. What about music, what about community, what about ect.
Pornagraphy ( by this i don't me art i mean images that are intended to sexually stimulate.) is a blight. It has the effect on people especially men of making them selfish.
When you look at pron are you thinking " I wonder what that woman is like. I wonder if she likes what she is doing? I wonder what type of human being she is?' NO
You concern I waon't claim it involves thought is it feels good to be doing what I'm doing and I like what I see. YOU ARE BEING SELFISH AND NOT CONSIDERING THE OTHER HUMAN BEINGS AS ANYTHING OTHER THEN OBJECTS FOR YOUR PLEASURE.
Guess what, when you do somehting over and over it becomes a habbit. Then if you are really with a woman that habbit is repeated. You treat her like the porn and the porn like her.
She becomes less human.
when women are less human , sooner or later so are is the your outlook on men. All humans become objects for your use and pleasure because of your reinforced habbit.
Not that this is wholly a male problem. Women have thier parts but as I'm not a woman I'm not going to speak as directly to that.
Why don't movie theaters start showing more re-runs. I mean seriously there are some movies that are just better on the big screen. You could have a web page with a sign up list. When the number of people who wanted to see a given movie in the theater hit some specified limit you could show it assuming say half the people on the list showed up you would make good money. I'd pay to be able to watch Gibsons 'passion of the christ' on the big screen once a year. Not to mention some of original LOTR or star wars movies. No home theater can compare. I think it is a turely untapped market. hmm... I'm going to put some more thought into this. I think my local theator allows for 'rental' of whole theators for 'private viewing' I wonder what the cost is.
Ok , here is an attempt to actually answer the question asked as I did not see one on the board yet.
Most modern cell phones have a native JAVA interface.
If you want to write a program for your cell phone you can usually buy a developer kit from the manufacturer. Most of them I've seen run somewhere between 50 and 150 bucks. you will probably ( most likely) need a data cable to upload the program into your phone.
I have not actually done this I am in the process of researching it in my *cough* copious *cough* spare time.
personally I'd love to see a lot more open source java apps out there compiled to run on cell phones. What a great way to promote open source to the masses and the teeny crowd and get them interested in the issues. It certainly has a 'cool' factor to it.
As to which API you would need to use there are usually phone specific API's and there is some kind of java phone standard, but I have not dug into it beyond that.
cool :) props to you. I like it.
spam pig, whole pig , and nothing else.
I still guess I just don't get it. Now I understand the whole 'hands free' argument. If you are leaning your neck over or using a hand to use a cell phone
in a car in makes sense that it can contribute to you getting into an accident.
HOWEVER, I do not understand how talking to someone talkin' on a hands free headset is going to be affected any differently then someone talking to a passager in the car. Perhapse we should make it illegal to have passangers.
Why was it he said hurricanes come into being?
... how many more things are there?
Oh yeah, to dissipate the heat differential between the equator and the poles.
What is the consequence not dissipating the heat differential? how long can you not dissipate it before you generate the mother of all storms that you don't have enough energy to control?
Point is there are a huge number of other unknown environmental factors here that aren't even being considered. Hurricanes cause a lot of destruction but they also.
1) help regulate global temperature
2) help clean pollutants out of the atmosphere
3) help forest by destroying them so the can re grow.
4) help animal populations but reducing overpopulation.
5) distributed needed nitrogen to both through out the ocean and coastal plains.
I'm not sure but I'd want to know for sure before I started messing around with them.
Just because you CAN do something is usually a really stupid reason TO do it. Seeking immediate gratification and elimination of temporary hardship and pain (AKA the American way.) can often times be a recipe to find ultimate disaster
much greater then either of the first two would have warranted unchecked.
It is an interesting thought experiment, but I'm not sure it is something we should even want to do little lone try to do.
It seems to me. A tombstone should last AT A MINIMUM 100 years. What do you think? I doubt what they are talking about could last 100 years. Sitting outside in the rain and intense light, hail , acid rain ect.
Did the writer / author / speaker use a wrong word or was this fellow talking about something other then the GNU Public Liscense( GPL )? Has thier been a name change I missed out on?
Sorry for my ignorage.
A better question would be. How many Windows user would EVER find out they were compromised? I would guess ( from antidotal experience.) That between 5 and 20% of windows users would never know they were compromised. Maybe as high as 50% would only find out they were compromised once in a while, IF someone told them. Otherwise they just rebuild their machine. They might know their machine doesn't work like it used too. Eventually they may call a 'computer guru' to have the machine restored from the original install disk. But you can't possibly report something that you don't even know has happened. I doubt there is anywhere near the number of people who fit that category among Linux users, because the same people would never solve the driver problems that crop up 1/5 times or so when you do a Linux install. So the question of who and how many are reporting becomes even more complex.
"None, so what? It's still wrong"
The problem with the situation in your second paragraph is that without appealing to an absolute cause of 'right and wrong' all you can appeal to is common perception. If i don't share your perception then you no longer have any case and the result is that if I am stronger then you, you lose. More over why should I care about the consequences of my actions on YOU if I like their consequences on me and those I consider important, supposing I don't like you or consider you important.
as to you last paragraph stating with: "I can't manage to interpret this as anything but meaningless or contradictory."
well, maybe you should think about it. I will try and expand a little.
if a god exists it is fair to say it is the force which is the cause of the universe including time.
I'm not sure how you cause anything without time , but I am sure that time had a beginning and that there is nothing that has ever been observed that has had a beginning but that did not have a cause.
It is however not that difficult to believe that there may have been a cause that had no beginning. atheist say time was caused by random chance.
so chance is a cause without a beginning.
I think it is much more difficult to believe there is a beginning without a cause. ie time just is and was not caused, even by chance.
The problem is that chance as we understand it does
not posses the quality of being real. It is only a mathematical construct. So how can a mathematical construct be what imparted reality onto the universe. I claim the first cause then was a force.
That is a force that creates time and space.
It existence does not depend on time and space.
It is without form as we know it. it therefore is indestructible. It is without time as we know it it therefore is unchanging. since it is the cause of time and cannot change it must be continually the cause of time because it is not possible for it to stop causing time. so you must say that this force
IS causing time not did cause time because the force must be unable to change.
That is a start of the Theology I adhere to.
If God exists then God must be in some way equitant to that force which is the first cause.
'God is never changing yet always causing' which perhaps is a better way of wording the original statement I made.