Another point to consider is the possibility that musical artists don't HAVE to make money doing it. I know plenty of amateur musicians (I'm one myself) who sound just great, and have fun doing what they're doing. The truth is that every time there's an RIAA thread on slashdot, some struggling musician crawls out of the woodwork and begins to groan, "oh, but I can't make a living this way!"
So don't! If that's the only reason you're making music, don't let the door hit you on the way out.
Digital copying is essentially a modern extension to the concept of overhearing music. It's uncontrollable without violation of first-sale doctrine, so why fight it? Professional musicians: evolve, or die.
Fireweb kind of stinks, but otherwise yeah, that is an insightful comment.
Another possible compromise would just be to make shortcut/launcher menu naming more descriptive: the program itself can be called Firefox or Ekiga if it wants to, so long as its shortcuts indicate its use (and in KDE--probably GNOME as well--that functionality is built in, so that descriptions and program names are separate, and both displayed on menus). That solution doesn't help when you're trying to tell your grandma to download the program ("I don't want a Fire Fox on my computer, child!"), though, and so your point is a good one.
I generally agree with you. On the other hand, though, consider the importance of brand recognition, and distinction from the competition. Imagine if Firefox had been named "Web Browser," or "Web Site Viewer." It might have worked out, but I'm guessing it would have been tough.
There is definitely something to be said for a unique, even quirky identifier--the software becomes a particular thing to be desired and discussed, instead of a tool to be taken for granted.
Presumably the oddity is that it's a cancer that behaves as a pathogen--that is, these are rogue dog cells that can jump from dog to dog and continue reproducing as a tumor. It's closest, really, to a parasite, but it's still weirder than that, since it's genetically the same species as its host.
Nah, just thought for once my company's website was actually sort of pertinent to the article. Distributed intelligence is a much better solution to the problem of producing relevant search results (that is to say, OpenCyc is neat, but its underpinnings are already being used in more practical ways).
But, looking at my post I guess I can see why you would say that.
It seems to me that users are increasingly dissastisfied with the robotically maintained search indexes of Google, Yahoo! and the like. The internet has reached the point of critical mass where distributed indexing has the potential to rival the robots in volume--and it's clear that human intelligence will always trounce robots in filtering for relevance and quality. The niche that PeekYou.com tries to fill (and of course there are others) is the problem of searching for human beings on the internet. Google doesn't know that the Bob Jones you are looking for isn't the same as Bob Jones in Wichita, or Bob Jones in Juneau--and it won't separate them in search results. And that's just the tip of the iceberg. The other day I was trying to find my great uncle's blog. Turns out there's a senator with his name--Google sure didn't care.
To make a long story short, yeah, this is the beginning of a new era in the internet. And I'm looking forward to it.
You're right, of course, that the presence of a keylogger implies that the login environment is completely and utterly not to be trusted.
Still, it seems to me that a bank ought to offer a variety of security measures (perhaps only as options for its more paranoid users), as while a keylogger might come as a payload in a worm, an all around monitoring system for your mouse and keyboard, which also analyzes all images on the screen for captcha challenges and attempts to decipher them, well, that seems less likely to me.
True, and it probably doesn't take more than 3 or 4 most times. Then again, we might be talking about an automated attacker (TFA wasn't clear on this point), in which case, yeah, a stupid one.
Nine attempts is not a minimum; in fact, according to the researchers, it's a maximum. Since keyloggers are involved, I would guess that in most cases the login/password can be determined in well under four attempts.
A lockout system is good policy, but I don't think it's going to be enough on its own to plug this hole.
A spokesperson for HSBC is quoted in the article as having said:
"The reality is that it would be more profitable for that fraudster to concentrate his or her efforts elsewhere."
A single compromised user could mean a payoff of tens of thousands of dollars for a determined "fraudster." Particularly if that fraudster resides in a third-world country, that could be enough to live for years. Moreover, having to concentrate efforts on only one attack minimizes a fraudster's exposure to risk--a single instance is much harder to identify than a systematic effort.
No, HSBC, this is a problem. With the prevalence of malicious software on today's internet, keyloggers are a very real threat. Alternative systems can eliminate this vulnerability. Use them.
Unfortunately, this is not likely to happen so long as there is no financial incentive. Software piracy being so rampant as it is in Asia, why would a company there bother to switch to Free Software?
Then again, Microsoft's grumblings about South Korea and the subsequent brouhaha might presage a new resolve to curb piracy (and with it, inadvertantly erode their global market dominance).
I'l tell you guys why, and I promise I'm not trying to be a jerk.
It's because they wouldn't have gotten the warrants. There's no other explanation for it: as you say, getting the warrants would have imposed no restrictions on their ability to conduct the intelligence operations, but that's provided that the warrants would have been granted. One of the provisions of FISA, as I understand it, is that they have to demonstrate that they're pretty damn sure no American citizen is going to be on the line they're wiretapping; this is probably the snag that they would have hit, which would have prevented the court from granting the warrant.
Sure, some other explanation is possible--but if they had a good one, I think we'd have heard it by now.
But you can "effect change," where effect is a verb meaning to expedite or to actualize. So, don't know what you're getting at, but it looks like you misunderstood, as the parent was quite right.
Slashdot Mirror
Good post...
Another point to consider is the possibility that musical artists don't HAVE to make money doing it. I know plenty of amateur musicians (I'm one myself) who sound just great, and have fun doing what they're doing. The truth is that every time there's an RIAA thread on slashdot, some struggling musician crawls out of the woodwork and begins to groan, "oh, but I can't make a living this way!"
So don't! If that's the only reason you're making music, don't let the door hit you on the way out.
Digital copying is essentially a modern extension to the concept of overhearing music. It's uncontrollable without violation of first-sale doctrine, so why fight it? Professional musicians: evolve, or die.
My guess would be that it stinks to work on something that nobody uses.
Fireweb kind of stinks, but otherwise yeah, that is an insightful comment.
Another possible compromise would just be to make shortcut/launcher menu naming more descriptive: the program itself can be called Firefox or Ekiga if it wants to, so long as its shortcuts indicate its use (and in KDE--probably GNOME as well--that functionality is built in, so that descriptions and program names are separate, and both displayed on menus). That solution doesn't help when you're trying to tell your grandma to download the program ("I don't want a Fire Fox on my computer, child!"), though, and so your point is a good one.
I generally agree with you. On the other hand, though, consider the importance of brand recognition, and distinction from the competition. Imagine if Firefox had been named "Web Browser," or "Web Site Viewer." It might have worked out, but I'm guessing it would have been tough.
There is definitely something to be said for a unique, even quirky identifier--the software becomes a particular thing to be desired and discussed, instead of a tool to be taken for granted.
Not a doctor, but...
Presumably the oddity is that it's a cancer that behaves as a pathogen--that is, these are rogue dog cells that can jump from dog to dog and continue reproducing as a tumor. It's closest, really, to a parasite, but it's still weirder than that, since it's genetically the same species as its host.
A company whose CEO [...]. Get it right.
A brave admission of guilt, friend.
OS X is out now. Leopard is a point release.
Vista, on the other hand...
Until Vista actually comes out, these comments amount to not much more than so many farts in a steady breeze.
Har har, but yeah. I already knew he wasn't on PeekYou, mainly because I work here.
Nah, just thought for once my company's website was actually sort of pertinent to the article. Distributed intelligence is a much better solution to the problem of producing relevant search results (that is to say, OpenCyc is neat, but its underpinnings are already being used in more practical ways).
But, looking at my post I guess I can see why you would say that.
It seems to me that users are increasingly dissastisfied with the robotically maintained search indexes of Google, Yahoo! and the like. The internet has reached the point of critical mass where distributed indexing has the potential to rival the robots in volume--and it's clear that human intelligence will always trounce robots in filtering for relevance and quality. The niche that PeekYou.com tries to fill (and of course there are others) is the problem of searching for human beings on the internet. Google doesn't know that the Bob Jones you are looking for isn't the same as Bob Jones in Wichita, or Bob Jones in Juneau--and it won't separate them in search results. And that's just the tip of the iceberg. The other day I was trying to find my great uncle's blog. Turns out there's a senator with his name--Google sure didn't care.
To make a long story short, yeah, this is the beginning of a new era in the internet. And I'm looking forward to it.
You're right, of course, that the presence of a keylogger implies that the login environment is completely and utterly not to be trusted.
Still, it seems to me that a bank ought to offer a variety of security measures (perhaps only as options for its more paranoid users), as while a keylogger might come as a payload in a worm, an all around monitoring system for your mouse and keyboard, which also analyzes all images on the screen for captcha challenges and attempts to decipher them, well, that seems less likely to me.
True, and it probably doesn't take more than 3 or 4 most times. Then again, we might be talking about an automated attacker (TFA wasn't clear on this point), in which case, yeah, a stupid one.
Nine attempts is not a minimum; in fact, according to the researchers, it's a maximum. Since keyloggers are involved, I would guess that in most cases the login/password can be determined in well under four attempts.
A lockout system is good policy, but I don't think it's going to be enough on its own to plug this hole.
A spokesperson for HSBC is quoted in the article as having said:
"The reality is that it would be more profitable for that fraudster to concentrate his or her efforts elsewhere."
A single compromised user could mean a payoff of tens of thousands of dollars for a determined "fraudster." Particularly if that fraudster resides in a third-world country, that could be enough to live for years. Moreover, having to concentrate efforts on only one attack minimizes a fraudster's exposure to risk--a single instance is much harder to identify than a systematic effort.
No, HSBC, this is a problem. With the prevalence of malicious software on today's internet, keyloggers are a very real threat. Alternative systems can eliminate this vulnerability. Use them.
Unfortunately, this is not likely to happen so long as there is no financial incentive. Software piracy being so rampant as it is in Asia, why would a company there bother to switch to Free Software?
Then again, Microsoft's grumblings about South Korea and the subsequent brouhaha might presage a new resolve to curb piracy (and with it, inadvertantly erode their global market dominance).
That was an insightful post that will probably be largely ignored because of your username.
He was appointed, actually.
I'l tell you guys why, and I promise I'm not trying to be a jerk.
It's because they wouldn't have gotten the warrants. There's no other explanation for it: as you say, getting the warrants would have imposed no restrictions on their ability to conduct the intelligence operations, but that's provided that the warrants would have been granted. One of the provisions of FISA, as I understand it, is that they have to demonstrate that they're pretty damn sure no American citizen is going to be on the line they're wiretapping; this is probably the snag that they would have hit, which would have prevented the court from granting the warrant.
Sure, some other explanation is possible--but if they had a good one, I think we'd have heard it by now.
http://ad.hominem.attacks.make.your.argument.appea r.stupid.com/
It's not just a pun, really. The creator and lead developer of Gaim was hired by Google a little while back.
US cash is cloth, not paper.
Designing cars is a creative endeavor, dummy.
Actually, the comma is technically mandatory in both cases (that is, whether Hemos is being addressed, or Hemos is a predicate).
But you can "effect change," where effect is a verb meaning to expedite or to actualize. So, don't know what you're getting at, but it looks like you misunderstood, as the parent was quite right.