How many humans grow up to be geniuses capable of making a mark on society? Most -- not. How many grow up to be, to some slight or large amount, "bad apples"? It doesn't take much to cause humans to grow up to be "failures". Most won't make it big and most won't have any impact. So why should we be surprised when slight variations in input would cause a computer to start down a wrong track.
The different here, is that it is easier to pull the plug and start over again -- or possible erase bad input and overwrite with new -- something that can't be done with humans.
So far, we are proving how poorly humans do at the jobs we might use AI for. Any argument against AI can be turned into an argument against humans.
Really, its something more social leaders should be thinking about if we really want humans to not just evolve -- but survive.
We shouldn't use human sentience to produce anything unless we find ways of making techniques like deep learning more understandable to their [employers] and accountable to their users.
Google has become rich for using Proxy Variables as a means to derive inferences. Whether or not its true, if your proxy-sample is representative of the population at large, you still get a valid sampling.
That Google wouldn't know about unconscious bias or how "objective factors" can be correlated to physical sex sounds ludicrous.
While women taking off for having babies is cited as a reason for pay inequity, Google has provided on-site day-care and facilities to lower the effect of those problems.
Part of the problem is that while men may be given equal time off to bond & spend time with newborns, they may not take it as often. Should that be a positive trait that is rewarded? I.e. if someone works an extra 20-30 hours/week over a "40 hour week", should they be rewarded for the long term effects their work-life imbalance, statistically, is likely to cause.
In the case of professional football players, society says "yes" -- they get paid ludicrous sums in their prime so they don't have to make money past their 30's.
One begins to see the reason for having a 40-hour work week and requirements for 50-100% pay to be applied to work over 40-hours. Why shouldn't software engineers be on a similar pay-schedule? Then if it is the case that men earn more because they work more, it will be clear as to why.
As long as it is presumed men and women work @ similar "40-hour-a-week" jobs, then pay inequities can't be justified to the extent they exist, but for them to be documented, "professional positions" would need to have weekly hours documented like any "hourly" employee.
How much of the extra "productivity" that men produce is due to them being willing to give up any non-work life while they are younger -- with industry responding by discriminating against older workers who start to have families and realize that a life that is filled only with work isn't so fulfilling as they get older?
How do humans work? Not knowing how genius humans arrive at their conclusions doesn't seem to be a huge stumbling block for society to use their output.
How many scientists really know how "creativity" works?
I never knew there were win10 fanboys (re: getting marked down). Marking someone Troll because they hurt your feelings in not a correct usage of moderation points. If only you had explained why what I said was 'untrue', or refuted it you might have some impact, but from someone who had to rescue their 80+y/o mom from a "Welcome to Windows 10" who thought MS had forced the move to win10 without even asking her.
Of course that *is* what happened to many when they tried to get out of that fake screen. If it was really an "Upgrade", why would MS feel a need to deceive people to opt in to the conversion?
Upgrades are things people want, not something you have to trick them into installing.
Win10 was a downgrade in so many ways, its hard to see how they can continue to claim it is an "upgrade".
Maybe when Win10 supports the *option* for the same features of the Win7 Desktop, and stops trying to dumb down Desktops to the level of a smartphone, it would *start* to be an "upgrade", but it really is an "upgrade" to move to Win10, it's NOT an upgrade.
Win10 has been about supporting a lower level of OS, to *rent* and never own (can you turn off ads: no) and business Win10 is only available on a 1/person/year basis.
All the functionality that was in XP -- moved to the appstore, where you can repurchase it... again and again...
I'm not worried so much about Joe Q. Public, but you obviously have not been through many internet flamewars. Nothing will turn off most of the audience faster than a site permitting their forums to be used for political or hyperbolic trash talking.
"Most American teenagers who abuse opioid drugs first received the drugs from a doctor,... and the majority of them had been prescribed opioids previously, the researchers found"
and later the pediatric report said:
"of all 188,468 prescription opioid exposures reported for youth under 20, [most] occurred among children under 5, [who got] the medication because it was improperly stored or was in a purse".
Has anyone else noticed the increase in bogus new releases, that don't jive with established facts. The above says most teen abusers got them for medical reasons from a doctor -- AND the 2nd part says most (60%) were under 5 and *took* (stole) them from someone else who was taking the medicine.
You can't claim most abusers are getting them for medical reasons and then claim that 60% are stealing them.
Who said it did? However, giving extremists a worldwide platform in which to spread their alternate news is not the responsibility of a social media platform.
It seems, that if you are a social media platform, you might want not want to be a battle ground for extreme points of view. If you were, it might make many users uncomfortable and harm your ability to be an inviting social platform.
Most users don't want to be in the middle of a flamefest. Besides that, governments might have cause to restrict access to the social platform on the basis that it gives a ready platform to idiots blowing their trumpet just to bully others irresponsibly.
Now if they only had the temerity to shut down all those using the platform as a means to trumpet "jibes" without taking official responsibility for, or positions on what is said.
Did we have a bad crop this year? How can you have a sudden "shortage" -- or is it that no one bothered to expand capacity in a growing market to meet demand? Is that normal market strategy? (maybe it is, but having paid $60 for an optical drive that cost $40 about 5 years ago and $25 for a comparable about 5 years before that, AND seeing big BluRay drive manufacturers had to pay large fines and 10-30$? rebates to end-buyers of computer manufacturers like Dell for illegal price fixing, I was surprised to see such a large price tag on the retail market.
Maybe the price fixing remedies only address manufacturers of computers and not retail sales?
Now how long before we get a 30$ rebate for flash price fixing?>
With SSD's getting faster, how long before SSD-type memory starts replacing memory that needs refreshing as a way to protect computers and storage against power failure?
If you stream to non-volatile memory, would that become legal under this new definition?
I've seen scenes from movies played multiple times after being streamed into my eyes -- maybe not quite the same fidelity, but if we start getting bio-electronic interlinks, that could really be interesting. You'd have to have your memories purged after watching a movie so you couldn't "remember/relive your memories", no?
In Win7, at least if you had Ultimate or Professional, you could run "Group Policy" plugins on your machine and have it respect them. I don't know about Win10, but I have heard that only Professional versions are able to disable MS enslaving your computer to deliver you advertisements. Don't know if that is true or not, but certainly reinforces my belief that only "Professional" or "Enterprise" versions of windows should be relied on to do any "important or professional work". Windows Desktop for consumers is going the way of becoming a console (like XBOX, PS4.. etc)...
Does Win10 have the option to either 'come with' or run the group policy msc panel? If policies are applied, does Win10 honor them ? Or maybe it only honors them in the Pro/Enterprise versions?
Again, speaking from Win7, they have a section under the Administrative Templates of Group Policy, entitle "Windows update".
There you have options to:
- Do not display "Install updates an shut down" option in Windows dialog box. - Do not adjust default option to "Install Updates and Shut Down" in the Shut Down Windows dialog. - Configure Automatic Updates (notify before download, or before install among others). - Turn off the upgrade to latest version of Windows through Windows Update. - No auto-restart with logged on users for schedule automatic updates installations. - Reprompt for restart? - Delay Restart for schedule installations?... and a few others. Most of those make changes under the policy key in the registry. So if you didn't have the editor, you could conceivably make those settings through regedit, if you knew which were which.
But I've never had a prob w/win-update since I started controlling my systems w/group policy.
I am a home user, BTW, but I try to make sure my machines are business capable/protected...at least so I can turn off MS-intrusions.
If the file is encrypted "data", you can restore it to yesterday. If it is binary executable, restoring it to a few months ago shouldn't be that painful. Then you checksum the executables, add in updates, and you're good to go.
For the virus to be effective it has to be executed at some point. So you restore those to last known safe date. The data, which isn't executed isn't going to be re-sourcing the virus any time soon.
Backups aren't an indivisible thing unless you are using MS's image backups -- which is why I only keep programs on my MS machines and keep the data on a separate linux machine. Sure, it's a pain to reinstall Win, but its certainly doable while saving your data.
It appears the DEA w/their making prescription-drug users (i.e. legal users) their next target was fallout from them being forbidden to carry out lucrative property seizure and forfeiture operations against cannabis businesses and users that were otherwise legal under state law. The law stopping campaign against the state's cannabis industry went into effect a couple of years ago (2011-12?) but they ignored the law until stopped by a federal court case where they tried to enforce a forfeiture order against against a 3rd-party property owner who didn't evict a renting cannabis business.
Their favorite tactic has become using and manipulating 3rd parties to harass cannabis users since doing so directly was not nearly so profitable. Go after a disabled person using cannabis as medicine -- no profit. Go after property owner and health care organizations (like Kaiser): much more profitable and more difficult to track as spending "enforcement dollars" against cannabis businesses and users that are complying with their state laws.
So they indirectly target users for harassment by targeting their doctors with threats and increased regulation and oversight. At medical organizations like Kaiser, this means the doctors themselves become targets for increased oversight and scrutiny, making them want to stop treating medical cannabis users. My doctor says most of their colleges have stopped prescribing pain medication, at all to disengage from DEA harassment.
They also are dictating what medications they are allowed to prescribe in conjunction w/pain meds -- including disallowing medications that allow lowering of painmed levels as well as meds that treat side-effects of stopping pain meds. This makes it more difficult for long-term pain users who use pain meds on an "as-needed" or on/off/on basis, keeping their dosage steady or dropping for years, as they don't fit the stereotype of pain med users needing 'more and more' over time.
As the DEA began enforcing their harassment guidelines, many pain patients lost treatment with a sizeable uptick of deaths involving illegal opiates as some patients lost coverage. And the war on US citizens continues with more dead lost to this cancerous organization.
The idea of the NSA secretly giving spy evidence to the DEA and FBI to use in prosecuting domestic crimes was something anticipated, but still unconstitutional and illegal --- yet this corrupt rogue "lawmen" using their threat powers to force compliance with their unlawful actions.
The DEA is currently harassing all legal users of prescription pain medications in California with regular urine testing and threats to doctors of suspension if they don't comply with these non-legal requirements.
They are totally out of control and need to be stopped. Organizations like the DEA who grew out of prohibition enforcement need to be retired -- not allowed to find new frontiers to make illegal and prosecute.
> hosts file or client-side tracking blocker extension works for HTTPS > just as well as for cleartext HTTP. --- You can't use a hosts file to selectively block content. I've already stated, that to cache or to block, you need to know the object-type and size. You don't get that w/HTTPS.
> There are anecdotal reports that HTTP/2 over TLS can have less latency > than cleartext HTTP/1.1. So if you add HTTP/2 to your MITM, you may be > able to mitigate some of the TLS overhead. --- Interesting, but it would be highly dependent on type of traffic. HTTP/2 was supposed to help response time by combining multiple requests, including allowing for combining requests from divers sources, so it would be unsurprising if it worked under some traffic loads. This is especially true compared to uncached cleartext.
However, I doubt HTTP2 proponents would be interested in doing benchmarks where 33% of the cleartext HTTP requests had 0 latency due to being locally cached.
Maybe it goes w/o saying, but combining the requests is the opposite of what would be necessary to block or locally cache 33% of the content.
> That's true only if your ISP is using an intercepting proxy. --- Right -- they are a large corporation. You don't think they couldn't be ordered to do so and say nothing under the Patriot act? Do you disbelieve that root-ca's in the US or other monitoring countries couldn't be forced to give out subordinated CA's to install @ ISP monitoring sites?
> Blocking "by site" is still possible with HTTPS...blocking at a finer level than "by > site" or "intermediate caching" still requires MITM.
I've always blocked by site and media type and for any unclarities, I looked at the http code. That's no longer possible unless a user sets up MITM proxying that lowers security for all https sites (finance, et al.). While I can install exceptions to whitelist sites that shouldn't have content cached, they are still decrypted.
One has to know content type and size to effectively cache anything. Right now, going back for the past 3500 requests, I see stats of: (mem = in-squid-memory) mem: 8% (313/3514), 16% (11M/70M) dsk: 23% (842/3514), 10% (7.2M/70M) tot: 32% (1155/3514), 26% (19M/70M) & for double that: mem: 5% (367/7025), 9% (12M/126M) dsk: 21% (1523/7025), 14% (18M/126M) tot: 26% (1890/7025), 23% (29M/126M) --- without MITM caching, those numbers drop to near 0 for HTTPS sites. Those cached objects serve for multiple browsers, OS's, machines and users. Losing ability to cache 25-30% hurts interactive use and raises latency. Simply by going w/HTTPS instead of HTTP creates increased server load and increased network latencies. Sites that provide many static images can be affected more heavily. But my local network cache provides 128G of space (55% used) and can store large iso images that can be reserved months later. W/my monthly traffic, 25% space savings can easily run in the 500G range which is, by itself, well over many ISP imposed limits before extra charges kick in.
> Intercepting proxies cache HTTPS only if the user has chosen to trust the proxy. ---- Which is why converting most traffic to HTTPS instead of HTTP hurts caching proxies the most and allow easier tracking by sites like google. From the time I connect to some sites, till I leave, google, et al, have encrypted connections going. They can easily track sites and where I'm at on the site, w/o doing any special MITM interceptions using fed-provided CA's from US-based CA-authorities.
My interest has been in promoting faster browsing experience (something I've had success in, given feedback from those using the MITM proxies), as well as increasing privacy by blocking sites based on what sites they are being called or referenced from. You can't do that if the site you are connecting to is HTTPS based.
I see no benefit for HTTPS for "normal usage" -- only harm for the user and benefits for the sites -- especially large, data collection sites like google.
cleartext HTTP.. there are no routers on the path that aren't capable of playing MITM. What do I care if they "see" what kernel version I download or open source project I download. Who cares if they see the articles I am reading/writing on slashdot.
There is no improvement as google knows all the traffic as it tied into almost every site and HTTPS doesn't help a bit. And they in turn can hand the info over to any gov agency that asks for it -- and be forced not to tell you about it.
HTTPS is a wet-security blanket.
public key pinning? No -- you can intercept the traffic at the ISP level -- I'm sure larger ISP's can get a root-cert. When you connect to an encrypted site, you really connect to your ISP's pass-through traffic decoder, which then passes another encrypted circuit on to wherever you were going.
HTTPS safety is an "illusion" to get you to use it so you can't easily be selective about what you block or cache by site.
Caching rate on HTTP sites -- 10-30 or higher %, on HTTPS -- 0%, and there's the overhead of encrypting.
That's what I meant by https "everywhere" harming security for those sites that have a legitimate need for it. By implementing a MITM proxy, it makes all https streams less secure. I don't like that trade-off (not that I don't already have such implemented for myself).
At the same time, google is pushing for "certificate transparency" (https://www.certificate-transparency.org/what-is-ct ), that might not let home-user issued certs be used for such purposes --- not sure. The more internal-proxies that implement MITM HTTPS for their internal needs/wants, the more pressure those not wanting those streams to be easily visible or cacheable will work to disable that "hole"... (IMNSHO)...
https on "social" sites (non bank/finance/medical...etc ones traditionally needing encryption), mostly benefits the site -- not so much most user. It usually harms users more than not as it prevents content caching and local-filtering. On a https site, I can cache near zero in my squid proxy (used by more than one account & user). That allows much tighter tracking of individuals as they go from site to site.
On news and discussion sites, I can easily get over 25% of the requests satisfied locally -- and housemates notice the difference -- especially on things like heavily thumbnail'd sites like youtube.
Think twice about https everywhere, as it ends up with the standard being that gateway owners (companies or individuals) need to install ways to overcome that.
That harms "sensitive-sites" that really should use https, (finance, medical, etc).
Slashdot Mirror
Where's the tie-in to the headline?
How many humans grow up to be geniuses capable of making a mark on society? Most -- not. How many grow up to be, to some slight or large amount, "bad apples"? It doesn't take much to cause humans to grow up to be "failures". Most won't make it big and most won't have any impact. So why should we be surprised when slight variations in input would cause a computer to start down a wrong track.
The different here, is that it is easier to pull the plug and start over again -- or possible erase bad input and overwrite with new -- something that can't be done with humans.
So far, we are proving how poorly humans do at the jobs we might use AI for. Any argument against AI can be turned into an argument against humans.
Really, its something more social leaders should be thinking about if we really want humans to not just evolve -- but survive.
Then according to the the MIT article:
We shouldn't use human sentience to produce anything unless we find ways of making techniques like deep learning more understandable to their [employers] and accountable to their users.
Google has become rich for using Proxy Variables as a means to derive inferences. Whether or not its true, if your proxy-sample is representative of the population at large, you still get a valid sampling.
That Google wouldn't know about unconscious bias or how "objective
factors" can be correlated to physical sex sounds ludicrous.
While women taking off for having babies is cited as a reason for pay inequity, Google has provided on-site day-care and facilities to lower the effect of those problems.
Part of the problem is that while men may be given equal time off to bond & spend time with newborns, they may not take it as often. Should that be a positive trait that is rewarded? I.e. if someone works an extra 20-30 hours/week over a "40 hour week", should they be rewarded for the long term effects their work-life imbalance, statistically, is likely to cause.
In the case of professional football players, society says "yes" -- they get paid ludicrous sums in their prime so they don't have to make money past their 30's.
One begins to see the reason for having a 40-hour work week and requirements for 50-100% pay to be applied to work over 40-hours. Why shouldn't software engineers be on a similar pay-schedule? Then if it is the case that men earn more because they work more, it will be clear as to why.
As long as it is presumed men and women work @ similar "40-hour-a-week" jobs, then pay inequities can't be justified to the extent they exist, but for them to be documented, "professional positions" would need to have weekly hours documented like any "hourly" employee.
How much of the extra "productivity" that men produce is due to them being willing to give up any non-work life while they are younger -- with industry responding by discriminating against older workers who start to have families and realize that a life that is filled only with work isn't so fulfilling as they get older?
How do humans work? Not knowing how genius humans arrive at their conclusions doesn't seem to be a huge stumbling block for society to use their output.
How many scientists really know how "creativity" works?
I never knew there were win10 fanboys (re: getting marked down).
Marking someone Troll because they hurt your feelings in not a correct usage of moderation points. If only you had explained why what I said was 'untrue', or refuted it you might have some impact, but from someone who had to rescue their 80+y/o mom from a "Welcome to Windows 10" who thought MS had forced the move to win10 without even asking her.
Of course that *is* what happened to many when they tried to get out of that fake screen. If it was really an "Upgrade", why would MS feel a need to deceive people to opt in to the conversion?
Upgrades are things people want, not something you have to trick them into installing.
Win10 was a downgrade in so many ways, its hard to see how they can continue to claim it is an "upgrade".
Maybe when Win10 supports the *option* for the same features of the Win7 Desktop, and stops trying to dumb down Desktops to the level of a smartphone, it would *start* to be an "upgrade", but it really is an "upgrade" to move to Win10, it's NOT an upgrade.
Win10 has been about supporting a lower level of OS, to *rent* and never own (can you turn off ads: no) and business Win10 is only available on a 1/person/year basis.
All the functionality that was in XP -- moved to the appstore, where you can repurchase it ... again and again...
Upgrade? Ha!
I'm not worried so much about Joe Q. Public, but you obviously have not been through many internet flamewars. Nothing will turn off most of the audience faster than a site permitting their forums to be used for political or hyperbolic trash talking.
Um... how can this be true:
"Most American teenagers who abuse opioid drugs first received the drugs from a doctor,... and the majority of them had been prescribed opioids previously, the researchers found"
and later the pediatric report said:
"of all 188,468 prescription opioid exposures reported for youth under 20, [most] occurred among children under 5, [who got] the medication because it was improperly stored or was in a purse".
Has anyone else noticed the increase in bogus new releases, that don't jive with established facts. The above says most teen abusers got them for medical reasons from a doctor -- AND the 2nd part says most (60%) were under 5 and *took* (stole) them from someone else who was taking the medicine.
You can't claim most abusers are getting them for medical reasons and then claim that 60% are stealing them.
Who said it did? However, giving extremists a worldwide platform in which to spread their alternate news is not the responsibility of a social media platform.
It seems, that if you are a social media platform, you might want not want to be a battle ground for extreme points of view. If you were, it might make many users uncomfortable and harm your ability to be an inviting social platform.
Most users don't want to be in the middle of a flamefest. Besides that, governments might have cause to restrict access to the social platform on the basis that it gives a ready platform to idiots blowing their trumpet just to bully others irresponsibly.
Now if they only had the temerity to shut down all those using the platform as a means to trumpet "jibes" without taking official responsibility for, or positions on what is said.
I like that reason ... sounds almost truthy! :-)
Shortage of NAND flash?
Did we have a bad crop this year? How can you have a
sudden "shortage" -- or is it that no one bothered to expand capacity in a growing market to meet demand? Is that normal market strategy?
(maybe it is, but having paid $60 for an optical drive that cost $40 about 5 years ago and $25 for a comparable about 5 years before that, AND seeing big BluRay drive manufacturers had to pay large fines and 10-30$? rebates to end-buyers of computer manufacturers like Dell for illegal price fixing, I was surprised to see such a large price tag on the retail market.
Maybe the price fixing remedies only address manufacturers of computers and not retail sales?
Now how long before we get a 30$ rebate for flash price fixing?>
With SSD's getting faster, how long before SSD-type memory starts replacing memory that needs refreshing as a way to protect computers and storage against power failure?
If you stream to non-volatile memory, would that become legal under this new definition?
I've seen scenes from movies played multiple times after being streamed into my eyes -- maybe not quite the same fidelity, but if we start getting bio-electronic interlinks, that could really be interesting. You'd have to have your memories purged after watching a movie so you couldn't "remember/relive your memories", no?
What if you don't have a Facebook profile?
In Win7, at least if you had Ultimate or Professional, you could run "Group Policy" plugins on your machine and have it respect them. I don't know about Win10, but I have heard that only Professional versions are able to disable MS enslaving your computer to deliver you advertisements. Don't know if that is true or not, but certainly reinforces my belief that only "Professional" or "Enterprise" versions of windows should be relied on to do any "important or professional work". Windows Desktop for consumers is going the way of becoming a console (like XBOX, PS4.. etc)...
Does Win10 have the option to either 'come with' or run the group policy msc panel? If policies are applied, does Win10 honor them ? Or maybe it only honors them in the Pro/Enterprise versions?
Again, speaking from Win7, they have a section under the Administrative Templates of Group Policy, entitle "Windows update".
There you have options to:
- Do not display "Install updates an shut down" option in Windows dialog box. ... and a few others. Most of those make changes under the policy key in the registry. So if you didn't have the editor, you could conceivably make those settings through regedit, if you knew which were which.
- Do not adjust default option to "Install Updates and Shut Down" in the Shut Down Windows dialog.
- Configure Automatic Updates (notify before download, or before install among others).
- Turn off the upgrade to latest version of Windows through Windows Update.
- No auto-restart with logged on users for schedule automatic updates installations.
- Reprompt for restart?
- Delay Restart for schedule installations?
But I've never had a prob w/win-update since I started controlling my systems w/group policy.
I am a home user, BTW, but I try to make sure my machines are business capable/protected...at least so I can turn off MS-intrusions.
Condolences to the original content-author..
If the file is encrypted "data", you can restore it to yesterday. If it is binary executable, restoring it to a few months ago shouldn't be that painful. Then you checksum the executables, add in updates, and you're good to go.
For the virus to be effective it has to be executed at some point. So you restore those to last known safe date. The data, which isn't executed isn't going to be re-sourcing the virus any time soon.
Backups aren't an indivisible thing unless you are using MS's image backups -- which is why I only keep programs on my MS machines and keep the data on a separate linux machine. Sure, it's a pain to reinstall Win, but its certainly doable while saving your data.
It appears the DEA w/their making prescription-drug users (i.e. legal users) their next target was fallout from them being forbidden to carry out lucrative property seizure and forfeiture operations against cannabis businesses and users that were otherwise legal under state law. The law stopping campaign against the state's cannabis industry went into effect a couple of years ago (2011-12?) but they ignored the law until stopped by a federal court case where they tried to enforce a forfeiture order against against a 3rd-party property owner who didn't evict a renting cannabis business.
Their favorite tactic has become using and manipulating 3rd parties to harass cannabis users since doing so directly was not nearly so profitable. Go after a disabled person using cannabis as medicine -- no profit. Go after property owner and health care organizations (like Kaiser): much more profitable and more difficult to track as spending "enforcement dollars" against cannabis businesses and users that are complying with their state laws.
So they indirectly target users for harassment by targeting their doctors with threats and increased regulation and oversight. At medical organizations like Kaiser, this means the doctors themselves become targets for increased oversight and scrutiny, making them want to stop treating medical cannabis users. My doctor says most of their colleges have stopped prescribing pain medication, at all to disengage from DEA harassment.
They also are dictating what medications they are allowed to prescribe in conjunction w/pain meds -- including disallowing medications that allow lowering of painmed levels as well as meds that treat side-effects of stopping pain meds. This makes it more difficult for long-term pain users who use pain meds on an "as-needed" or on/off/on basis, keeping their dosage steady or dropping for years, as they don't fit the stereotype of pain med users needing 'more and more' over time.
As the DEA began enforcing their harassment guidelines, many pain patients lost treatment with a sizeable uptick of deaths involving illegal opiates as some patients lost coverage. And the war on US citizens continues with more dead lost to this cancerous organization.
The idea of the NSA secretly giving spy evidence to the DEA and FBI to use in prosecuting domestic crimes was something anticipated, but still unconstitutional and illegal --- yet this corrupt rogue "lawmen" using their threat powers to force compliance with their unlawful actions.
The DEA is currently harassing all legal users of prescription pain medications in California with regular urine testing and threats to doctors of suspension if they don't comply with these non-legal requirements.
They are totally out of control and need to be stopped. Organizations like the DEA who grew out of prohibition enforcement need to be retired -- not allowed to find new frontiers to make illegal and prosecute.
> hosts file or client-side tracking blocker extension works for HTTPS
> just as well as for cleartext HTTP.
---
You can't use a hosts file to selectively block content. I've already stated, that to cache or to block, you need to know the object-type and size. You don't get that w/HTTPS.
> There are anecdotal reports that HTTP/2 over TLS can have less latency
> than cleartext HTTP/1.1. So if you add HTTP/2 to your MITM, you may be
> able to mitigate some of the TLS overhead.
---
Interesting, but it would be highly dependent on type of traffic. HTTP/2 was supposed to help response time by combining multiple requests, including allowing for combining requests from divers sources, so it would be unsurprising if it worked under some traffic loads. This is especially true compared to uncached cleartext.
However, I doubt HTTP2 proponents would be interested in doing benchmarks where 33% of the cleartext HTTP requests had 0 latency due to being locally cached.
Maybe it goes w/o saying, but combining the requests is the opposite of what would be necessary to block or locally cache 33% of the content.
> That's true only if your ISP is using an intercepting proxy.
---
Right -- they are a large corporation. You don't think they couldn't be ordered to do so and say nothing under the Patriot act? Do you disbelieve that root-ca's in the US or other monitoring countries couldn't be forced to give out subordinated CA's to install @ ISP monitoring sites?
> Blocking "by site" is still possible with HTTPS...blocking at a finer level than "by
> site" or "intermediate caching" still requires MITM.
I've always blocked by site and media type and for any unclarities, I looked at the http code. That's no longer possible unless a user sets up MITM proxying that
lowers security for all https sites (finance, et al.). While I can install exceptions to
whitelist sites that shouldn't have content cached, they are still decrypted.
One has to know content type and size to effectively cache anything. Right now, going back for the past 3500 requests, I see stats of:
(mem = in-squid-memory)
mem: 8% (313/3514), 16% (11M/70M)
dsk: 23% (842/3514), 10% (7.2M/70M)
tot: 32% (1155/3514), 26% (19M/70M)
& for double that:
mem: 5% (367/7025), 9% (12M/126M)
dsk: 21% (1523/7025), 14% (18M/126M)
tot: 26% (1890/7025), 23% (29M/126M)
---
without MITM caching, those numbers drop to near 0 for HTTPS sites. Those cached objects serve for multiple browsers, OS's, machines and users. Losing ability to cache 25-30% hurts interactive use and raises latency. Simply by going w/HTTPS instead of HTTP creates increased server load and increased network latencies. Sites that provide many static images can be affected more heavily. But my local network cache provides 128G of space (55% used) and can store large iso images that can be reserved months later. W/my monthly traffic, 25% space savings can easily run in the 500G range which is, by itself,
well over many ISP imposed limits before extra charges kick in.
> Intercepting proxies cache HTTPS only if the user has chosen to trust the proxy.
----
Which is why converting most traffic to HTTPS instead of HTTP hurts caching proxies the most and allow easier tracking by sites like google. From the time I connect to some sites, till I leave, google, et al, have encrypted connections
going. They can easily track sites and where I'm at on the site, w/o doing any special MITM interceptions using fed-provided CA's from US-based CA-authorities.
My interest has been in promoting faster browsing experience (something I've had success in, given feedback from those using the MITM proxies), as well as increasing privacy by blocking sites based on what sites they are being called or referenced from. You can't do that if the site you are connecting to is HTTPS based.
I see no benefit for HTTPS for "normal usage" -- only harm for the user and benefits for the sites -- especially large, data collection sites like google.
cleartext HTTP .. there are no routers on the path that aren't capable of playing MITM. What do I care if they "see" what kernel version I download or open source project I download. Who cares if they see the articles I am reading/writing on slashdot.
There is no improvement as google knows all the traffic as it tied into almost every site and HTTPS doesn't help a bit. And they in turn can hand the info over to any gov agency that asks for it -- and be forced not to tell you about it.
HTTPS is a wet-security blanket.
public key pinning? No -- you can intercept the traffic at the ISP level -- I'm sure larger ISP's can get a root-cert. When you connect to an encrypted site, you really connect to your ISP's pass-through traffic decoder, which then passes another encrypted circuit on to wherever you were going.
HTTPS safety is an "illusion" to get you to use it so you can't easily be selective about what you block or cache by site.
Caching rate on HTTP sites -- 10-30 or higher %, on HTTPS -- 0%, and there's the overhead of encrypting.
That's what I meant by https "everywhere" harming security for those sites that have a legitimate need for it. By implementing a MITM proxy, it makes all https streams less secure. I don't like that trade-off (not that I don't already have such
implemented for myself).
At the same time, google is pushing for "certificate transparency"
(https://www.certificate-transparency.org/what-is-ct ), that might not let home-user issued certs be used for such purposes --- not sure. The more internal-proxies that implement MITM HTTPS for their internal needs/wants, the more pressure
those not wanting those streams to be easily visible or cacheable will work to disable that "hole"... (IMNSHO)...
I can see it now... the DEA controlling religion as a mind-altering substance.
Hmmm...
Yeah... I've seen this before... from those claiming brain research, versus real stories from those who do.
https on "social" sites (non bank/finance/medical...etc ones traditionally needing encryption), mostly benefits the site -- not so much most user. It usually harms users more than not as it prevents content caching and local-filtering. On a https site, I can cache near zero in my squid proxy (used by more than one account & user). That allows much tighter tracking of individuals as they go from site to site.
On news and discussion sites, I can easily get over 25% of the requests satisfied locally -- and housemates notice the difference -- especially on things like heavily thumbnail'd sites like youtube.
Think twice about https everywhere, as it ends up with the standard being that gateway owners (companies or individuals) need to install ways to overcome that.
That harms "sensitive-sites" that really should use https, (finance, medical, etc).