lenovo is many companies. their business laptop division is nothing like the 'yoga crap' that they sell consumers with crapware. ...
the spyware and phone home stuff does not tend to exist on the business level lappies. business guys would not put up with that, generally; only 'yoga users' (lol, what a name!) would.
I've taken a different approach to email. (See a previous post where I tried to explain my rationale.) However when so many people / organisations use Gmail... it almost defeats the purpose!
I don't disagree with what you wrote above. I can envisage a model similar to the way TextSecure / Signal handle text messaging: where if one's contacts have a PGP key, then the client will obtain those keys and opportunistically encrypt emails to those contacts.
But can users be trusted to not lose their keys / forget their passwords? (And therefore lose access to old emails.) Perhaps encryption could only be used for email in transit. (?)
I once gave an employer 4 weeks notice. (Standard in Australia.) My manager and his manager asked if I would give 2 months (!!!) notice and were peeved when I stuck with 1 month. I was treated quite coldly that final month, however I made sure I performed all my duties beyond reproach.
It was a long month... on the upside, I found another job immediately and for much more money.
I don't consider myself to be particularly hot property; there are plenty of others in IT whose skills I very much admire. In my experience, a competent person should rarely have difficulty finding another job.
If you're not happy, look elsewhere... chances are you'll be pleasantly surprised.
Small claims tribunals (or consumer tribunals, etc) in Australia actively discourage legal representation. You need to apply to have a lawyer represent you, and that request may very well be turned down.
On the other hand (and this is, for sure, just an anecdote) it seems like every straight guy in my office is forced to watch "The Bachelor" with their S.O. every week as part of their "quality time" together.
I know of two couples for which this exact thing takes place. Suckers!
Hmm... not sure if you're being sarcastic. (?) If not, then I consider myself in esteemed company. I moved my email so it's now hosted by Mail.ru. (Domain held separately.)
I did a little Googling* and saw that Putin has been critical of Yandex but not Mail.ru. (Quite harshly, in fact.) And historically, he's not on the best of terms with the individuals leading Yandex, but seems amicable with those of Mail.ru. Also, Mail.ru's email is scanned by Kaspersky, which I find is often singled-out / ridiculed by mainstream western media. That just makes me trust them more.
I moved for what I presume are the same reasons as yourself: my email may be read daily** by a government department, but at least I know it won't be knowingly / willingly shared with my own government. My private life is none of their business. Indeed, THEY need to better expose themselves to the voting public.
Oh, and vent, my friend. Vent!
* Don't know if this is sinister, but while Googling for instructions on how to host my email with Mail.ru, Yandex appeared at the top of the search results. Yandex also appears for other queries specifically targeted at Mail.ru. ** I pity the person who reads my email. It's really quite mundane. Nevertheless, it's mine.
To be fair, a lot of constitutions across a lot of countries "guarantee" their citizens many things. The problem is that the government-of-the-day chooses to interpret the constitution however it wishes. And it's our fault for not holding them accountable.
I don't see how they'd get location data from this? (Am I overlooking something?) At most they'd know the country to which the SIM belongs. Don't know if larger countries incorporate area codes into mobile / cell phones. (?)
Surely IP address provides much more granular location identity?
Definitely part of the long, gradual slide towards less anonymity. Companies love it: the less nebulous we are to them the more they can profit off us. Governments love it: all our transactions & interactions can be recorded, tracked and accessed whenever they so desire.
I also groan for the schmucks who use their work phone numbers for online access. If they're let go without notice - and have to surrender their work phone - they'll need to quickly remove that number from their various accounts.
I'll stick to using passwords as my primary log-in method.
PUBLIC servants should definitely have fewer privacy rights than PRIVATE citizens. Particularly when their decisions can affect the lives of millions.
Example: In Australia, members of parliament are required to maintain details of financial investments in a public register. Private citizens are not so required.
Now I didn't say public servants should have no privacy rights, but they should certainly have fewer.
Good pick-up... this appears to be mostly a Fairfax story. I've noticed Fairfax has collaborated with HuffPo the last couple of years, so this may be considered a "collaborative" effort for the purposes of gaining HuffPo's global reach.
But back to the main story... clearly the rules around lobbyists need to be locked-down much, much more.
Australia's federal government has a lobbyist register but from what I can see there's no penalty (financial, custodial) if one doesn't register. Not good enough.
Secondly, any and all meetings between politicians and lobbyists should be published in a very timely fashion. (No more than a month later.) None of this:
Lobbyists are required to update their details as they change and to confirm that their details are up to date within 10 business days of 31 January each year. Lobbyists are also required to confirm that their details are up to date and provide statutory declarations for all persons employed, contracted or otherwise engaged by the lobbyist to carry out lobbying activities on behalf of a client within 10 business days of 30 June each year.
24. What will happen if a lobbyist fails to confirm that his or her details are up to date as required by clauses 5.5 and 5.6 of the Code? [...] A lobbyist who does not confirm that his or her details are up to date within the period specified in clauses 5.5 and 5.6 may be removed from the Register. [...]
Also, it makes it that much easier for the authorities to nail you if / when they choose to come after you. (Assuming one hasn't maintained all the paperwork.)
e.g. for those subject to Australian tax law
Barter transactions are assessable and deductible for income tax purposes to the same extent as other cash or credit transactions.
When an entity that is a member of a trade exchange makes a taxable sale to another member, there is a liability for tax, including GST.
First alternative that comes to mind is bartering. But I suppose there's also Bitcoin and related services.
All of which would eventually be made illegal via expedient justifications. (We need to be able to contact purchasers of goods in cases of urgent product recalls, etc)
Sadly, I think if our society went cashless it would become more dystopic rather than a utopic.
Most definitely. (And of course, I know you know that.) I used very simple strings as keys in an attempt to aid the example. Apologies if that caused confusion.
I recall the first time I heard about OTP. I remember thinking the same as you wrote earlier: that if you throw enough raw power at it you can still solve it; just that it's harder than "regular keys".
Then I read a wonderful explanation here on Slashdot (far better than my terrible attempt) and the penny dropped with a heavy thud. OTP are completely uncrackable *because the key can be anything*! Of course, this comes with all the caveats regarding key security.
I generally browse/. as AC, but logged-in to comment when I saw your initial comment. I typically enjoy reading your contributions / comments, and wanted to share this sentiment. What can I say... it's Christmas... I'm not my usual cranky self.
Not quite, bud. I ain't no cryptographer (which will soon become apparent!) but I'll have a go at explaining.
The thing with OTP is that the random component can be *anything*. Lemme give a very contrived example:
Let's say we've encrypted 1,024 bits of plaintext with 1,024 bit OTP key, resulting in 1,024 bits of cyphertext. If we reverse that cyphertext with the original 1,024 OTP key, we get the original 1,024 bits of data.
So far so good. However...
It would be possible to put together a *different* combination of 1,024 bits that, when combined with the cyphertext, would yield another, valid plaintext message.
e.g. Original Message = Hello, world! OTP = AAAAAAAAAAAAA Final Cyphertext = BBBBBBBBBBBBB Reverse the process, and you get "Hello, world!"
But we could use: OTP = GGGGGGGGGGGGG To yield this Cyphertext = I like jelly!
Or: OTP = PPPPPPPPPPPPP To yield = Summer's here
which would still trigger alarms when checked for things like the frequency of characters, etc. After all, to someone eavesdropping, the OTP can be anything, can it not? Therefore the plaintext could also have been anything.
It's easy to see why commercial software providers would want to push users toward the cloud
There's no guarantee that locally-installed software will remain subscription-free. Don't forget about the widely-used Adobe tool suite, Adobe Creative Cloud.
It wouldn't surprise me if MS Windows & MS Office moved in that direction in the next decade.
Slashdot Mirror
I wonder if there is logic (versus error) to the two trial periods being offered: another example of dynamic pricing?
Um ...
As of September 2015: Lenovo systems may include software components that communicate with servers on the internet - All ThinkCentre, All ThinkStation, All ThinkPad
Users having to leave bluetooth on means Apple can squeeze more value out of their beacons.
That's got to be another incentive for Apple to remove the 3.5mm port.
Now that's a phallucy !
Not a coincidence at all. Also saw him do it on Boston Legal. (Shatner, not Kirk.)
I saw an interview once where Shatner expressed his equine passion, and how he tries to involve horses in his work.
Denny Crane!
I've taken a different approach to email. (See a previous post where I tried to explain my rationale.) ... it almost defeats the purpose!
However when so many people / organisations use Gmail
I don't disagree with what you wrote above. I can envisage a model similar to the way TextSecure / Signal handle text messaging:
where if one's contacts have a PGP key, then the client will obtain those keys and opportunistically encrypt emails to those contacts.
But can users be trusted to not lose their keys / forget their passwords? (And therefore lose access to old emails.)
Perhaps encryption could only be used for email in transit. (?)
There's this list:
https://en.wikipedia.org/wiki/List_of_office_suites#Online_office_suites
however I'm keeping an eye on these:
https://open365.io
https://www.collaboraoffice.com/code/
I once gave an employer 4 weeks notice. (Standard in Australia.)
My manager and his manager asked if I would give 2 months (!!!) notice and were peeved when I stuck with 1 month.
I was treated quite coldly that final month, however I made sure I performed all my duties beyond reproach.
It was a long month ... on the upside, I found another job immediately and for much more money.
I don't consider myself to be particularly hot property; there are plenty of others in IT whose skills I very much admire.
In my experience, a competent person should rarely have difficulty finding another job.
If you're not happy, look elsewhere ... chances are you'll be pleasantly surprised.
Small claims tribunals (or consumer tribunals, etc) in Australia actively discourage legal representation.
You need to apply to have a lawyer represent you, and that request may very well be turned down.
http://www.ncat.nsw.gov.au/Pages/going_to_the_tribunal/representation.aspx
I know of two couples for which this exact thing takes place. Suckers!
Hmm ... not sure if you're being sarcastic. (?)
If not, then I consider myself in esteemed company. I moved my email so it's now hosted by Mail.ru. (Domain held separately.)
I did a little Googling* and saw that Putin has been critical of Yandex but not Mail.ru. (Quite harshly, in fact.)
And historically, he's not on the best of terms with the individuals leading Yandex, but seems amicable with those of Mail.ru.
Also, Mail.ru's email is scanned by Kaspersky, which I find is often singled-out / ridiculed by mainstream western media. That just makes me trust them more.
I moved for what I presume are the same reasons as yourself:
my email may be read daily** by a government department, but at least I know it won't be knowingly / willingly shared with my own government.
My private life is none of their business. Indeed, THEY need to better expose themselves to the voting public.
Oh, and vent, my friend. Vent!
* Don't know if this is sinister, but while Googling for instructions on how to host my email with Mail.ru, Yandex appeared at the top of the search results. Yandex also appears for other queries specifically targeted at Mail.ru.
** I pity the person who reads my email. It's really quite mundane. Nevertheless, it's mine.
To be fair, a lot of constitutions across a lot of countries "guarantee" their citizens many things.
The problem is that the government-of-the-day chooses to interpret the constitution however it wishes.
And it's our fault for not holding them accountable.
Heck, we know more people die every year:
- in backyard swimming pools
- from bee stings
- from peanut allergies
than from terrorism.
But of course, we also know this isn't about preventing terrorism.
Thanks bud. The landline format isn't too dissimilar to what we use in Australia.
Very interesting point about cell phones; I wouldn't have guessed that. Our ones have a location independent prefix
I don't see how they'd get location data from this? (Am I overlooking something?)
At most they'd know the country to which the SIM belongs. Don't know if larger countries incorporate area codes into mobile / cell phones. (?)
Surely IP address provides much more granular location identity?
Definitely part of the long, gradual slide towards less anonymity.
Companies love it: the less nebulous we are to them the more they can profit off us.
Governments love it: all our transactions & interactions can be recorded, tracked and accessed whenever they so desire.
I also groan for the schmucks who use their work phone numbers for online access. If they're let go without notice - and have to surrender their work phone - they'll need to quickly remove that number from their various accounts.
I'll stick to using passwords as my primary log-in method.
PUBLIC servants should definitely have fewer privacy rights than PRIVATE citizens.
Particularly when their decisions can affect the lives of millions.
Example:
In Australia, members of parliament are required to maintain details of financial investments in a public register. Private citizens are not so required.
Now I didn't say public servants should have no privacy rights, but they should certainly have fewer.
Bonza !
Good pick-up ... this appears to be mostly a Fairfax story.
I've noticed Fairfax has collaborated with HuffPo the last couple of years, so this may be considered a "collaborative" effort for the purposes of gaining HuffPo's global reach.
But back to the main story ... clearly the rules around lobbyists need to be locked-down much, much more.
Australia's federal government has a lobbyist register but from what I can see there's no penalty (financial, custodial) if one doesn't register. Not good enough.
Secondly, any and all meetings between politicians and lobbyists should be published in a very timely fashion. (No more than a month later.) None of this:
from here
And if you really want to laugh, read this:
Right ...
>> SSL/TLS and encryption are useful only to prevent someone to eavesdropping the conversation and to authentify one or both parties
Another benefit of SSL-done-right:
preventing a third-party from injecting additional content -- e.g. a dangerous payload -- into the stream.
It may not even be a malicious payload. Perhaps just commercial
Also, it makes it that much easier for the authorities to nail you if / when they choose to come after you.
(Assuming one hasn't maintained all the paperwork.)
e.g. for those subject to Australian tax law
From:
Bartering and barter exchanges
Australian Taxation Office
Further reading -> Taxation Ruling No. IT 2668 -- Income tax: barter and countertrade transactions
First alternative that comes to mind is bartering. But I suppose there's also Bitcoin and related services.
All of which would eventually be made illegal via expedient justifications.
(We need to be able to contact purchasers of goods in cases of urgent product recalls, etc)
Sadly, I think if our society went cashless it would become more dystopic rather than a utopic.
Most definitely. (And of course, I know you know that.)
I used very simple strings as keys in an attempt to aid the example. Apologies if that caused confusion.
I recall the first time I heard about OTP.
I remember thinking the same as you wrote earlier: that if you throw enough raw power at it you can still solve it; just that it's harder than "regular keys".
Then I read a wonderful explanation here on Slashdot (far better than my terrible attempt) and the penny dropped with a heavy thud. OTP are completely uncrackable *because the key can be anything*! Of course, this comes with all the caveats regarding key security.
I generally browse /. as AC, but logged-in to comment when I saw your initial comment. I typically enjoy reading your contributions / comments, and wanted to share this sentiment. What can I say ... it's Christmas ... I'm not my usual cranky self.
Not quite, bud.
I ain't no cryptographer (which will soon become apparent!) but I'll have a go at explaining.
The thing with OTP is that the random component can be *anything*.
Lemme give a very contrived example:
Let's say we've encrypted 1,024 bits of plaintext with 1,024 bit OTP key, resulting in 1,024 bits of cyphertext.
If we reverse that cyphertext with the original 1,024 OTP key, we get the original 1,024 bits of data.
So far so good. However ...
It would be possible to put together a *different* combination of 1,024 bits that, when combined with the cyphertext, would yield another, valid plaintext message.
e.g.
Original Message = Hello, world!
OTP = AAAAAAAAAAAAA
Final Cyphertext = BBBBBBBBBBBBB
Reverse the process, and you get "Hello, world!"
But we could use:
OTP = GGGGGGGGGGGGG
To yield this Cyphertext = I like jelly!
Or:
OTP = PPPPPPPPPPPPP
To yield = Summer's here
which would still trigger alarms when checked for things like the frequency of characters, etc. After all, to someone eavesdropping, the OTP can be anything, can it not? Therefore the plaintext could also have been anything.
I hope the above makes sense. (?)
There's no guarantee that locally-installed software will remain subscription-free.
Don't forget about the widely-used Adobe tool suite, Adobe Creative Cloud.
It wouldn't surprise me if MS Windows & MS Office moved in that direction in the next decade.