The right thing to do is try any desperate, far-fetched attempt to save all the people. It's better to fail to save someone than to kill someone. Never sacrifice anybody without their consent.
The beauty of the Internet is that you can do your part all by yourself, without waiting for anyone else to get their shit together first. You don't need to start a movement, you don't need to tear anything down or build some international organization to oversee everything. Just do what you said -- stop using Google, stop trusting root CAs, roll your own encryption, use VPNs, etc.
If other people want to continue using commercial / government crap, well, that's their prerogative. If it's as bad as you say then they'll eventually see the light and the Internet will be a better place for them too.
I would like to propose a moratorium on comments of the form, "I manage a team and would never hire you." They add nothing to the discussion and only lead to useless dick waving competitions. ("Oh yeah? Well, I'm president of a Fortune 137 company and *I* wouldn't hire *you*!" "Oh yeah? I'd never accept an offer from your crappy company and you couldn't afford me anyway! Neener neener!" "Oh yeah? [etc]")
Socialism: an economic system in which the workers control the means of production. If the workers are all robots, that bodes ill for humanity. I hope you meant "communism" instead.
It's exactly the same thing, except it's on the Internet, which makes it completely different. And innovative! And high-tech! Which is why these dumb stories about taxi companies should be flooding Slashdot every day, I guess.
It's legal in your own country to spy on foreign powers.
This case has nothing to do with spying on foreign powers. It's about federal agents searching through the private effects of an individual, which is explicitly, specifically, Constitutionally illegal without a warrant.
Well said. You saved me the trouble of writing a comment not half so clear and complete.
Ask professional drivers. These "ethical" questions are ridiculous. Avoid obstacles if possible; if not, slow down. It's better to crash into something you can't avoid as slowly as possible. It's also best to maintain control just in case the situation changes.
So, in that atmosphere, how any single website would ever be able to "authenticate" your ID, I have no idea.
How about tamper-resistant cryptographic biometric devices? Use your government-issued fingerprint reader to log into Big Brother's system, then each server is required to make sure you have a valid current login certificate from BB before providing any services. Complete records must be kept indefinitely and will be audited against upstream connection logs.
Nobody is required to have government ID, but network service providers are prohibited from communicating over the Internet with anybody who isn't logged in with Big Brother.
Obviously this only works within one jurisdiction. Foreign Internet users would have to be handled separately, if at all.
I guess it would be easiest to manage this at the ISP level -- ISPs would be required to require proof of identity (via secure biometric reader) at regular intervals from all users. Then you don't necessarily have to bother auditing web, email, etc, servers.
It probably means that the maximum possible lifetime energy production of a photovoltaic panel is less than the energy required to manufacture and deploy it.
I have no idea whether that is true, but I believe it is GP's meaning.
IMO, if ads stopped across all internet sites, or the online advertising industry completely collapsed. The internet as we know it, would be gone.
Correction: The Internet as you know it would be gone. The actual Internet would be just fine. Universities, stores, hobby sites, government, and people generally interested in communicating with each other would pay their ISP bills and continue without interruption.
Turing's imitation game was a thought experiment. To explain it simply to an audience unfamiliar with the idea, he started with man against woman, then proceded to man against machine. The specific genders were not important or significant in the thought experiment, just the existence of some difference between the contestants that could potentially be spoofed over a teletype. There was nothing gender-specific or weird about it.
That is always true. The longer you wait, the cheaper it gets. If you wait forever, it costs nothing.
If you need a job done now then get the cheapest equipment that can do the job. If you don't need it now then wait; the price of computer equipment only goes down.
Conversely, the people who *do* have access to the bigger picture stuff, have no vested interest in giving us the unfiltered truth (or any truth at all),
Of course not. If we knew everything they know, then they wouldn't be special any more.
There's nothing in TFA that hasn't been speculated in great detail already.
No explanation totally makes sense. Here's my working model of what happened (all speculation of course):
The project has been gradually disintegrating over the last few years -- developers leaving and not being replaced, remaining developers having less time to spend on the project for whatever reason, and the perceived reward for fixing increasingly difficult bugs is not enough to keep people interested. It's just not fun any more.
The to-do list has some really nasty bugs that are difficult to fix and could potentially compromise all TC containers. The remaining developers in the project have been grinding away at these bugs, but haven't made much progress for reasons outlined above. They realized that the project was going to fizzle out before they got anything fixed. A cursory look at the 7.2 code suggests that they had committed to some major rewriting of the code, and bit off more than they could chew.
At this point, what can they do? Reporting the vulnerabilities would be irresponsible since no fixes are forthcoming. Lives depend on some of the secrets their software keeps. Best to push people gently away from TC until the problems can be fixed, if ever, while keeping the details of the vulnerabilities as secret as possible, and giving people realistic expectations about the future of TC development (i.e. none).
They probably had a plan for creating a migration plan that actually made sense, but ran out of resources before finishing, and decided to go with what they had on hand. At this point they were probably down to one very part-time developer and maybe a few unreliable volunteers. ("Hey Jim, where's that page you were writing about Linux FDE? Jim? Hello? Anybody there?")
There was really no good way forward with the resources remaining, so they did the best they could.
Why didn't they find someone else to take over the project? I guess they tried, but couldn't find anyone in their immediate circle of trust who was willing and able. Perhaps they felt that expanding their circle of trust would jeopardize their anonymity.
Would it kill you to put a short explanation or link in the summary for those of us who never heard of it before?
Reading Rainbow is an American children's television series that aired on PBS from June 6, 1983, until November 10, 2006, that encouraged reading by children. As of 2012, it is an iPad and Kindle Fire educational interactive book reading and video field trip app.
Slashdot Mirror
The right thing to do is try any desperate, far-fetched attempt to save all the people. It's better to fail to save someone than to kill someone. Never sacrifice anybody without their consent.
The beauty of the Internet is that you can do your part all by yourself, without waiting for anyone else to get their shit together first. You don't need to start a movement, you don't need to tear anything down or build some international organization to oversee everything. Just do what you said -- stop using Google, stop trusting root CAs, roll your own encryption, use VPNs, etc.
If other people want to continue using commercial / government crap, well, that's their prerogative. If it's as bad as you say then they'll eventually see the light and the Internet will be a better place for them too.
(not 64, ECC in x86 works on 32 bit words)
There's no 36,32 hamming code that can give full SECDED. Intel and AMD use 72,64. Probably everyone else too, since x72 memory is so common.
1. On-die caches are SRAM, not DRAM.
2. On-die caches have ECC.
Always has been, always will be.
I would like to propose a moratorium on comments of the form, "I manage a team and would never hire you." They add nothing to the discussion and only lead to useless dick waving competitions. ("Oh yeah? Well, I'm president of a Fortune 137 company and *I* wouldn't hire *you*!" "Oh yeah? I'd never accept an offer from your crappy company and you couldn't afford me anyway! Neener neener!" "Oh yeah? [etc]")
Tina Fey is 10x better at the news-host schtick than Poehler. What's she up to these days?
Windows 3.0 shared DLL code segments in memory. It's the whole point of DLLs.
How to protect yourself from Sony-style attacks:
Step 1. Don't be Sony.
Socialism: an economic system in which the workers control the means of production. If the workers are all robots, that bodes ill for humanity. I hope you meant "communism" instead.
It is a felony.
It's exactly the same thing, except it's on the Internet, which makes it completely different. And innovative! And high-tech! Which is why these dumb stories about taxi companies should be flooding Slashdot every day, I guess.
Since every bug this year needs to have a catchy name for the headlines, I propose we call this one "Davy Jones' Lockup."
This case has nothing to do with spying on foreign powers. It's about federal agents searching through the private effects of an individual, which is explicitly, specifically, Constitutionally illegal without a warrant.
Well said. You saved me the trouble of writing a comment not half so clear and complete.
Ask professional drivers. These "ethical" questions are ridiculous. Avoid obstacles if possible; if not, slow down. It's better to crash into something you can't avoid as slowly as possible. It's also best to maintain control just in case the situation changes.
How about tamper-resistant cryptographic biometric devices? Use your government-issued fingerprint reader to log into Big Brother's system, then each server is required to make sure you have a valid current login certificate from BB before providing any services. Complete records must be kept indefinitely and will be audited against upstream connection logs.
Nobody is required to have government ID, but network service providers are prohibited from communicating over the Internet with anybody who isn't logged in with Big Brother.
Obviously this only works within one jurisdiction. Foreign Internet users would have to be handled separately, if at all.
I guess it would be easiest to manage this at the ISP level -- ISPs would be required to require proof of identity (via secure biometric reader) at regular intervals from all users. Then you don't necessarily have to bother auditing web, email, etc, servers.
FYI, the sixth one is fiction, satire.
It probably means that the maximum possible lifetime energy production of a photovoltaic panel is less than the energy required to manufacture and deploy it.
I have no idea whether that is true, but I believe it is GP's meaning.
Correction: The Internet as you know it would be gone. The actual Internet would be just fine. Universities, stores, hobby sites, government, and people generally interested in communicating with each other would pay their ISP bills and continue without interruption.
Maybe he doesn't want to bankrupt the defendants before extracting maximal settlement value. They can go to prison after they pay him off.
Turing's imitation game was a thought experiment. To explain it simply to an audience unfamiliar with the idea, he started with man against woman, then proceded to man against machine. The specific genders were not important or significant in the thought experiment, just the existence of some difference between the contestants that could potentially be spoofed over a teletype. There was nothing gender-specific or weird about it.
That is always true. The longer you wait, the cheaper it gets. If you wait forever, it costs nothing.
If you need a job done now then get the cheapest equipment that can do the job. If you don't need it now then wait; the price of computer equipment only goes down.
Of course not. If we knew everything they know, then they wouldn't be special any more.
There's nothing in TFA that hasn't been speculated in great detail already.
No explanation totally makes sense. Here's my working model of what happened (all speculation of course):
The project has been gradually disintegrating over the last few years -- developers leaving and not being replaced, remaining developers having less time to spend on the project for whatever reason, and the perceived reward for fixing increasingly difficult bugs is not enough to keep people interested. It's just not fun any more.
The to-do list has some really nasty bugs that are difficult to fix and could potentially compromise all TC containers. The remaining developers in the project have been grinding away at these bugs, but haven't made much progress for reasons outlined above. They realized that the project was going to fizzle out before they got anything fixed. A cursory look at the 7.2 code suggests that they had committed to some major rewriting of the code, and bit off more than they could chew.
At this point, what can they do? Reporting the vulnerabilities would be irresponsible since no fixes are forthcoming. Lives depend on some of the secrets their software keeps. Best to push people gently away from TC until the problems can be fixed, if ever, while keeping the details of the vulnerabilities as secret as possible, and giving people realistic expectations about the future of TC development (i.e. none).
They probably had a plan for creating a migration plan that actually made sense, but ran out of resources before finishing, and decided to go with what they had on hand. At this point they were probably down to one very part-time developer and maybe a few unreliable volunteers. ("Hey Jim, where's that page you were writing about Linux FDE? Jim? Hello? Anybody there?")
There was really no good way forward with the resources remaining, so they did the best they could.
Why didn't they find someone else to take over the project? I guess they tried, but couldn't find anyone in their immediate circle of trust who was willing and able. Perhaps they felt that expanding their circle of trust would jeopardize their anonymity.
On the other hand....
"WARNING: Using TrueCrypt is *not *secure *as ..."
https://en.wikipedia.org/wiki/...