They have made their point for now, isn't that sufficient?
The point is clearly that no system connected to the internet is secure, and that it can be cracked given enough skills. So the best protection against a very competent attack is to avoid angering people.
And even if you don't you shall design your systems with a multi-layered approach in mind to avoid massive breaches. Don't allow the presentation layer direct access to the database with sensitive information. Don't use the same authorization database for the web UI for administrative tasks. And if you run an application server (like tomcat) - run it under a security manager/policy that limits access to other services in case someone is able to install something malicious in the application server. You can apply a security policy to Tomcat, and that will at least slow down an attacker considerably since the attacker then needs to gain knowledge of the system. And if you add tripwires in the system that can block attackers automatically if tripped then you make things even harder. Three to five tries and the IP address is shut off for an hour.
And what about the reason behind those laws in reality? You must expect to be overheard and recorded in a public location these days.
Remind yourself that when the "Freedom of speech" was conceived there were no recording devices available. What if they could have foreseen what devices we use today?
See also the Universal Declaration of Human Rights which is adopted by the United States: "Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers."
The foreseen problems seems to be exaggerated. I have been living in an area with varying frequency on the power grid and the worst thing that did happen was that the clock went off by a minute or two per month.
As for traffic lights and other stuff - nobody will notice, traffic contains a lot more variables and unknown factors that have a bigger impact.
And you end up in the modern world version of Basic if you use Python. Repeating the same mistakes, rinse and try again.
There are other languages around, and compiling languages with strict syntax and data type checking teaches students that there is a difference between two similar objects.
And the real reason is that most superheroes do have a way too black and white view of what's right and wrong.
Maybe they should have made a movie where Green Arrow was the main figure instead - and look into the character as it were depicted during the 70's. Sometimes it's the darker parts of a hero's mind that has to be reflected too. Very much of the "why" behind something that happened in addition to the act of crime.
Another character that actually shows more than the plastic personality is Ben in Fantastic Four. He is showing that it's not always easy to be a hero.
Don't forget that paper books don't require any electricity to be used, can be repaired fairly easy and when they have passed the end of their useful life they are environmentally friendly.
Ebook readers are relatively sensitive, expensive and content is locked to them.
NATO is in reality controlled by the US through proxies, if someone says "Jump" at Pentagon to NATO everyone will jump. Some may jump sideways just to declare their independence (like France).
No it doesn't - there are laws limiting what you can say and not. You can state your opinion using free speech, but you can't deceive or insult someone.
Robocalls aren't free speech - it's speech forced down someone's throat without asking for it during dinner time causing indigestion.
I would say that if robocalls for a political campaign is done against someone's will that party should be banned from participating in the election for the next 4 years. That would be a clear enough statement to say that it has to be entirely clear that robocalls aren't wanted.
Are the passengers getting their luggage shipped in the planes and not allowed to board or what's happening? As far as I know sending a plane with luggage for a passenger that hasn't boarded is against FAA rules.
I can't help to wonder about the validity of that law compared to the "freedom of speech", there should be a "freedom to listen" too when it comes to dialogues and statements made in an environment where what you say can't be expected to be private.
And what if I don't record it myself but broadcast it and have someone out of state recording it?
Just make a mail filter that checks if there is a no-reply and junk the mail. That will work as long as you don't have any subscriptions running, but on the other hand you can filter them first so that they aren't deleted.
However - every company should have a postmaster account so send any complaints to that account. The postmaster account is required by a RFC. And many companies do have a contact page or contact email addresses. Some even have abuse@... in which case you can use that too.
If they request you to call a certain number then don't. Place a collect call to them instead or write them a snail mail letter. Polite snail mail may be a lot more effective.
And the SecurID has also been proven to be insufficient - if the perpetrator gets his hands on one and logs a few of the numbers then it's possible to digest those and predict the future numbers from that too.
Nothing is sacred these days - whatever method you create it can be cracked. It's just a question of how long time it takes to crack the method. If someone really wants to crack your specific account they are able to do that, but to crack a million accounts it's easier to inject malware and get useful information that way instead.
I think that the first step is to watch the design of the website itself and use a layered approach to limit access to services and functionality of the server.
For example - if you use a Tomcat/Java web server it shall be executed in a security manager using a security policy that limits what the application in Tomcat is able to do - like only specific classes may access specific ports/services on the server. And anything in Tomcat shall never access the database itself but instead only a secondary business layer that contains the logic of the application. That layer may access the database. It will make any access to the database a lot harder for anyone looking into penetrating the system since they have to learn the design of it and try to work around the security policy of Tomcat.
And what's executing in Tomcat shall only be the presentation layer, not much business logic.
Anyone that directly accesses the database from their presentation layer is making things easy for intruders since it may only take a single flaw like a bug in PHP to get direct access to the database.
And of course - the web server shall be executing as one non-privileged user and the business logic server as another and the database engine as a third. None of them shall have admin rights. That's what compartmentalization is about. I'm not saying that it's a design that's impossible to penetrate, but it takes time to penetrate it if you want direct access to the database. And if it takes time it will increase the risk of discovery, especially if you in the code build in traps that notifies you or anyone monitoring security on the way. A trap sprung may mean that there is an intrusion and it's time to start monitoring and take counter-measures.
I suppose that only a few of the stores can carry a large amount of components. If all were to do that they couldn't make any sufficient sales. But if some stores runs electronics components and some runs computer accessories and yet others runs phone accessories then they can survive.
They have made their point for now, isn't that sufficient?
The point is clearly that no system connected to the internet is secure, and that it can be cracked given enough skills. So the best protection against a very competent attack is to avoid angering people.
And even if you don't you shall design your systems with a multi-layered approach in mind to avoid massive breaches. Don't allow the presentation layer direct access to the database with sensitive information. Don't use the same authorization database for the web UI for administrative tasks. And if you run an application server (like tomcat) - run it under a security manager/policy that limits access to other services in case someone is able to install something malicious in the application server. You can apply a security policy to Tomcat, and that will at least slow down an attacker considerably since the attacker then needs to gain knowledge of the system. And if you add tripwires in the system that can block attackers automatically if tripped then you make things even harder. Three to five tries and the IP address is shut off for an hour.
And what about the reason behind those laws in reality? You must expect to be overheard and recorded in a public location these days.
Remind yourself that when the "Freedom of speech" was conceived there were no recording devices available. What if they could have foreseen what devices we use today?
See also the Universal Declaration of Human Rights which is adopted by the United States:
"Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers."
And censorship never ends well either.
Too much "protection" and you have a totalitarian regime.
If you want to take out crime - do it at the source or check the cause for the crime first. Strangling the internet is like shooting the messenger.
The foreseen problems seems to be exaggerated. I have been living in an area with varying frequency on the power grid and the worst thing that did happen was that the clock went off by a minute or two per month.
As for traffic lights and other stuff - nobody will notice, traffic contains a lot more variables and unknown factors that have a bigger impact.
And you end up in the modern world version of Basic if you use Python. Repeating the same mistakes, rinse and try again.
There are other languages around, and compiling languages with strict syntax and data type checking teaches students that there is a difference between two similar objects.
And the real reason is that most superheroes do have a way too black and white view of what's right and wrong.
Maybe they should have made a movie where Green Arrow was the main figure instead - and look into the character as it were depicted during the 70's. Sometimes it's the darker parts of a hero's mind that has to be reflected too. Very much of the "why" behind something that happened in addition to the act of crime.
Another character that actually shows more than the plastic personality is Ben in Fantastic Four. He is showing that it's not always easy to be a hero.
Don't forget that paper books don't require any electricity to be used, can be repaired fairly easy and when they have passed the end of their useful life they are environmentally friendly.
Ebook readers are relatively sensitive, expensive and content is locked to them.
If SCO was a scam/troll or not is questionable when you look at the behavior before the end.
NATO is in reality controlled by the US through proxies, if someone says "Jump" at Pentagon to NATO everyone will jump. Some may jump sideways just to declare their independence (like France).
No it doesn't - there are laws limiting what you can say and not. You can state your opinion using free speech, but you can't deceive or insult someone.
Please mod parent as "Funny", it was awesome! :D
Robocalls aren't free speech - it's speech forced down someone's throat without asking for it during dinner time causing indigestion.
I would say that if robocalls for a political campaign is done against someone's will that party should be banned from participating in the election for the next 4 years. That would be a clear enough statement to say that it has to be entirely clear that robocalls aren't wanted.
Are the passengers getting their luggage shipped in the planes and not allowed to board or what's happening? As far as I know sending a plane with luggage for a passenger that hasn't boarded is against FAA rules.
Confusion...
No fun metadata in the PDF?
I can't help to wonder about the validity of that law compared to the "freedom of speech", there should be a "freedom to listen" too when it comes to dialogues and statements made in an environment where what you say can't be expected to be private.
And what if I don't record it myself but broadcast it and have someone out of state recording it?
Just make a mail filter that checks if there is a no-reply and junk the mail. That will work as long as you don't have any subscriptions running, but on the other hand you can filter them first so that they aren't deleted.
However - every company should have a postmaster account so send any complaints to that account. The postmaster account is required by a RFC. And many companies do have a contact page or contact email addresses. Some even have abuse@... in which case you can use that too.
If they request you to call a certain number then don't. Place a collect call to them instead or write them a snail mail letter. Polite snail mail may be a lot more effective.
And the SecurID has also been proven to be insufficient - if the perpetrator gets his hands on one and logs a few of the numbers then it's possible to digest those and predict the future numbers from that too.
Nothing is sacred these days - whatever method you create it can be cracked. It's just a question of how long time it takes to crack the method. If someone really wants to crack your specific account they are able to do that, but to crack a million accounts it's easier to inject malware and get useful information that way instead.
We are already touching the Max Headroom level of civil rights.
I think that the first step is to watch the design of the website itself and use a layered approach to limit access to services and functionality of the server.
For example - if you use a Tomcat/Java web server it shall be executed in a security manager using a security policy that limits what the application in Tomcat is able to do - like only specific classes may access specific ports/services on the server. And anything in Tomcat shall never access the database itself but instead only a secondary business layer that contains the logic of the application. That layer may access the database. It will make any access to the database a lot harder for anyone looking into penetrating the system since they have to learn the design of it and try to work around the security policy of Tomcat.
And what's executing in Tomcat shall only be the presentation layer, not much business logic.
Anyone that directly accesses the database from their presentation layer is making things easy for intruders since it may only take a single flaw like a bug in PHP to get direct access to the database.
And of course - the web server shall be executing as one non-privileged user and the business logic server as another and the database engine as a third. None of them shall have admin rights. That's what compartmentalization is about. I'm not saying that it's a design that's impossible to penetrate, but it takes time to penetrate it if you want direct access to the database. And if it takes time it will increase the risk of discovery, especially if you in the code build in traps that notifies you or anyone monitoring security on the way. A trap sprung may mean that there is an intrusion and it's time to start monitoring and take counter-measures.
Any buyer paying $1.7 million for a piece of rock that's supposed to be from the moon, but not sold by NASA probably deserves to part with that money.
B.t.w. as far as I know none of the material collected from the moon is for sale.
I suppose that only a few of the stores can carry a large amount of components. If all were to do that they couldn't make any sufficient sales. But if some stores runs electronics components and some runs computer accessories and yet others runs phone accessories then they can survive.
One beer to launch them all, one beer to find them,
One beer to bring them all home and in the darkness reload them
Maybe not physically - but his personality is in the elephant category.
So either migrate to 64-bit (or a higher bit count) or perform a hack.
But I suspect that most systems will be 64-bit by then - if we still use computers.
The UID:s are a minor issue for any well-seasoned *NIX admin.
But an evolution would be to convert to GUID:s, however that would make things really awkward in some cases and really break compatibility.