I agree totally. Thank you, thank you Microsoft, for once in decades you have made my life easier not harder. As of now the use of a MS account or the store (for the same reason) is a termination event in the business. That means no one drive, and no new revenue streams (IE no new MS office). Not only have you made my life easier, you have made it cheaper.
Plonk,
Bye Bye
Seriously, I already block most MS servers (Except Updates and CRLs. I don't run on an actual metered line, but live in an extreme rural area, DSL @.4-.5 mbs FTW) and don't want updates from 3 to 4 Windows 10 setups to murder the limited net access I have.
Before long Router vendors "SHOULD" be offering choices like "Block MS Telemetry", and "limit update times to certain times of the day", and "Block all unnecessary MS servers" option.
Its not hard to setup a linux firewall to block this stuff. And cron jobs that modify the firewall behavior at certain times aren't all that hard. If Microsoft pushes too hard someone will profit on mitigating the problem. And I don't think MS would want us to block entire sites like "IOnedrive", "Bing" and the "Store". I already block them at my business and home. Others should too until MS gets the message that their BS isn't acceptable.
Of course there are choices. They just involve more work. Block telemetry at the edge firewall. Disable, and remove DiagTrack. Personally I run with Cortana ripped out by the short and curlies. Microsoft doesn't want their services blocked at the firewall, maybe they will learn. Now you can't buy MS Office without a Microsoft account. Guess we will be standardizing on LibreOffice.
There are many other choices that are easier to handle than cutting off your internet. Blocking the update IPs in Windows Firewall and/or Internet Edge routers (IE Linux NAT boxes).
I personally block MS Telemetry, Store and other services I don't use at the Linux NAT. Works great but causes Win 10 to throw up dozens of events per week about connection attempts.
I believe if MS wants to remove the choice then can, but they MUST accept LIABILITY if they break peoples machines. Let the class action lawsuit limit their theft of ownership of my and others computers.
While your statement maybe true about the mobs use for Vegas, the reality is the town in many ways was FAR better off under the Mafia. Far less crime (street crime, didnt want to discourage visitors), better treatment for Casio Workers (if you actually worked, not just put in time). That is why there is alot of nostalgia for the mafia days in people who lived through it.
I was born in Vegas, and it has changed drastically over the years, and not for the better. Once the large corporate entitys moved into town, it was pretty much a forgone conclusion. The Egos of management were on line and the constant push to be larger (or better in their opinion) pretty much killed the town. Everyone knew we were building ourselves out of business. Bigger casinos DO NOT necessarily mean that you will get more business, but it will mean you have more expenses and will mean more debt.
Vegas thought it was recession proof. And it was to some extent in the old days (before a massively linked global economy). In the old days when the US economy was down, Asia or Europe was generally up. With the tied economies when the crash came in 2008, business took a massive dive. I wont even get started on the real estate issues of Vegas. I still wont touch commercial real estate in that town. Their is way too much property sitting empty rotting. Whole strip malls, office buildings are sitting empty, fenced off, being stripped of copper wire and played in by children in this town. You learn to ignore property for rent or lease signs, they simply become part of the landscape.
You do realize that this is ALREADY the case. The data is sitting on European Servers in Ireland, not US Servers in the US. If Microsoft gives up the data, they will be in breach of European law and subject to sanction in Europe.
Both Gabapentin and Pregabalin are Generics. Different drugs. The brand name for Pregabain is Lyrica. Pregabalin is (S)-3-(aminomethyl)-5-methylhexanoic acid, while Gabapentin is 2-[1-(aminomethyl)cyclohexyl]acetic acid. Been on both, side effects for the Lyrica are hugely different than Gabapentin.
Seriously, this is a non trivial problem. It is hard to mechanically reverse engineer code (executable), yes I've tried it. Even with full source (as a compiler would have) determining what the condition of a stack or heap is NOT easy. Otherwise we would never have any bugs to fix ever. Yes there is some stupid code out there that is is obvious that it is insecure, now try writing code to determine even the simple problems. Determining at compile time what the condition of a stack or heap will be, when it is dependent on the state of the machine, is nigh on impossible. Work in ASM for a few years, or better yet, try to decompile code or write a compiler (optimizing preferable), and see how easy the problem is.
There is no quick easy fix (short of the old definition of a secure computer, one that isn't plugged into a network or power LOL)
Sorry, Obama has signed a total of 167 orders to date for his entire presidency. Not 100's of orders per day.
See http://www.archives.gov/federa... for a comparison of orders.
"But 99% of this planet's population are nitwits,"
This! If anyone has a clue at all in CS and IT they will acknowledge this first and then design for the nitwits, but ALSO design for the people that have brains. Because it's us with brains that have to maintain this crap for the nitwits.
Here's the problem, the two are ALMOST mutually exclusive. (Please note ALMOST). One group wants bling ("Ooooh Shiny!!") and the other group wants functionality/stability, or (at least a way to minimize or customize the bling).
Why does most everybody think that just the cloud providers will be harmed. The firmware for switches/routers/hardware firewalls, etc is an ideal place to backdoor the networks. If I was going to spy on foreign governments that is where I would look to setup backdoors, in the infrastructure that DEFINES their networks.
The argument that just because a third party has the information, that negates the privacy of the individual, is such a facetious argument, that it is not funny. Your Doctor, is a 3rd party, you Priest, Lawyer, Accountant are also 3rd parties. Does this then negate the privacy of your conversation? Or the fact that you even had a conversation?
What about your Location? Courst have ruled that placing a GPS tracking device is illegal with out a warrant. The metadata from cell phones, includes your location. Is the location of my daughter, or wife 24/365 a matter of public record?
The arguments for this invasion of privacy are specious at best. It is a clear breach of the 4th amendment.
Most people do not realize how much information is located in the metadata. In many cases you don't even need to know the conversation to know something vitally private. If my daughter made a call to an abortion clinic, do you consider that private information? Simple joins of database make that metadata, extremely compromising.
As to 3rd parties such as Facebook, I volunteer as little information as possible. I "KNOW" they will sell me down river.
And if you had read the linked articles, you would have seen the prior occurrence with wikileaks. Having both Visa & Mastercard not accept either the wikileaks donations or VPN payments at the same time seams suspicious. Both organizations are seperate and have seperate charging agreements. So both at once leads one to believe that pressure was applied by an outside source.
As both instances have occured around leaking of US government "secrets" (Don't get me started as if they are still secrets when they are plastered over the press) it becomes obvious who benefits from the blockage.
The U.S. Government
Unfortunately what will happen is this:
Named person: Everyone
Items to be searched: All Meta-data on phone calls
See, they named the group to be searched, and what is to be searched. I know you meant specifically name the people, etc... But this is what will probably will continue to happen. Look at what has been defined as PII (Personally Identifying Information), it is narrowly defined. Never mind that the information combined together can make it fairly easy to identify who the records are attached to.
I mean come on, how many people in zip code 89101-4523 have Fibromyalgia, Gout and Complex Regional Pain Syndrome #1 and have Blue-Cross Blue shield as their insurer. You aggregate the data together and combine with other Databases and voila, you can usually pick out a high percentage of patients.
Seriously. If I REALLY wanted to be paranoid, which I'm not:
Consider that this can come in an image file, linked from any web page. If a government were using something like this as a backdoor it would be very useful. Say you passed a law (CALEA maybe) that forced telecom providers (backbone providers) to allow you to intercept traffic. Part of the specification could allow for a replacement packet/response. You could insert HTML code into a spoofed response that included a link to an infected image.
Something like,
If I see an IP of interest, hold the responding packets (until I'm sure it's complete).
Parse the returning html, and insert an infected logo at the end from one of our servers.
Voila, instant compromised machine.
Wouldn't this be a lovely (deniable) backdoor?
God, the pain medication must be making me REALLY paranoid tonight.
I am not saying this is right or wrong, I am honestly asking you all why, why do you care?
Quite simply, Identity theft. You are already required to show your ID when purchasing Tobacco and Alcohol products. Producing this ID with a standardized machine readable format will allow the collection of information. Businesses will use this to market. Unethical employees will use this to steal identity.
When everything needed to forge someones Identity or market to them is provided in a easy to grab package, it will be used.
This promotes the consolidation of databases about you without seriously impacting terrorism. All the terrorists will do is use people with clean pasts for their acts.
Slashdot Mirror
I agree totally. Thank you, thank you Microsoft, for once in decades you have made my life easier not harder. As of now the use of a MS account or the store (for the same reason) is a termination event in the business. That means no one drive, and no new revenue streams (IE no new MS office). Not only have you made my life easier, you have made it cheaper. Plonk, Bye Bye
Seriously, I already block most MS servers (Except Updates and CRLs. I don't run on an actual metered line, but live in an extreme rural area, DSL @ .4-.5 mbs FTW) and don't want updates from 3 to 4 Windows 10 setups to murder the limited net access I have.
Before long Router vendors "SHOULD" be offering choices like "Block MS Telemetry", and "limit update times to certain times of the day", and "Block all unnecessary MS servers" option.
Its not hard to setup a linux firewall to block this stuff. And cron jobs that modify the firewall behavior at certain times aren't all that hard. If Microsoft pushes too hard someone will profit on mitigating the problem. And I don't think MS would want us to block entire sites like "IOnedrive", "Bing" and the "Store". I already block them at my business and home. Others should too until MS gets the message that their BS isn't acceptable.
My machine, my Network, my rules.
Of course there are choices. They just involve more work. Block telemetry at the edge firewall. Disable, and remove DiagTrack. Personally I run with Cortana ripped out by the short and curlies. Microsoft doesn't want their services blocked at the firewall, maybe they will learn. Now you can't buy MS Office without a Microsoft account. Guess we will be standardizing on LibreOffice.
Oh I see you work for the Russian MAAFIA. We have ways to make you work. LOL
There are many other choices that are easier to handle than cutting off your internet. Blocking the update IPs in Windows Firewall and/or Internet Edge routers (IE Linux NAT boxes). I personally block MS Telemetry, Store and other services I don't use at the Linux NAT. Works great but causes Win 10 to throw up dozens of events per week about connection attempts. I believe if MS wants to remove the choice then can, but they MUST accept LIABILITY if they break peoples machines. Let the class action lawsuit limit their theft of ownership of my and others computers.
While your statement maybe true about the mobs use for Vegas, the reality is the town in many ways was FAR better off under the Mafia. Far less crime (street crime, didnt want to discourage visitors), better treatment for Casio Workers (if you actually worked, not just put in time). That is why there is alot of nostalgia for the mafia days in people who lived through it. I was born in Vegas, and it has changed drastically over the years, and not for the better. Once the large corporate entitys moved into town, it was pretty much a forgone conclusion. The Egos of management were on line and the constant push to be larger (or better in their opinion) pretty much killed the town. Everyone knew we were building ourselves out of business. Bigger casinos DO NOT necessarily mean that you will get more business, but it will mean you have more expenses and will mean more debt. Vegas thought it was recession proof. And it was to some extent in the old days (before a massively linked global economy). In the old days when the US economy was down, Asia or Europe was generally up. With the tied economies when the crash came in 2008, business took a massive dive. I wont even get started on the real estate issues of Vegas. I still wont touch commercial real estate in that town. Their is way too much property sitting empty rotting. Whole strip malls, office buildings are sitting empty, fenced off, being stripped of copper wire and played in by children in this town. You learn to ignore property for rent or lease signs, they simply become part of the landscape.
You do realize that this is ALREADY the case. The data is sitting on European Servers in Ireland, not US Servers in the US. If Microsoft gives up the data, they will be in breach of European law and subject to sanction in Europe.
Both Gabapentin and Pregabalin are Generics. Different drugs. The brand name for Pregabain is Lyrica. Pregabalin is (S)-3-(aminomethyl)-5-methylhexanoic acid, while Gabapentin is 2-[1-(aminomethyl)cyclohexyl]acetic acid. Been on both, side effects for the Lyrica are hugely different than Gabapentin.
Seriously, this is a non trivial problem. It is hard to mechanically reverse engineer code (executable), yes I've tried it. Even with full source (as a compiler would have) determining what the condition of a stack or heap is NOT easy. Otherwise we would never have any bugs to fix ever. Yes there is some stupid code out there that is is obvious that it is insecure, now try writing code to determine even the simple problems. Determining at compile time what the condition of a stack or heap will be, when it is dependent on the state of the machine, is nigh on impossible. Work in ASM for a few years, or better yet, try to decompile code or write a compiler (optimizing preferable), and see how easy the problem is. There is no quick easy fix (short of the old definition of a secure computer, one that isn't plugged into a network or power LOL)
Sorry, Obama has signed a total of 167 orders to date for his entire presidency. Not 100's of orders per day. See http://www.archives.gov/federa... for a comparison of orders.
"But 99% of this planet's population are nitwits,"
This! If anyone has a clue at all in CS and IT they will acknowledge this first and then design for the nitwits, but ALSO design for the people that have brains. Because it's us with brains that have to maintain this crap for the nitwits.
Here's the problem, the two are ALMOST mutually exclusive. (Please note ALMOST). One group wants bling ("Ooooh Shiny!!") and the other group wants functionality/stability, or (at least a way to minimize or customize the bling).
Why does most everybody think that just the cloud providers will be harmed. The firmware for switches/routers/hardware firewalls, etc is an ideal place to backdoor the networks. If I was going to spy on foreign governments that is where I would look to setup backdoors, in the infrastructure that DEFINES their networks.
The argument that just because a third party has the information, that negates the privacy of the individual, is such a facetious argument, that it is not funny. Your Doctor, is a 3rd party, you Priest, Lawyer, Accountant are also 3rd parties. Does this then negate the privacy of your conversation? Or the fact that you even had a conversation? What about your Location? Courst have ruled that placing a GPS tracking device is illegal with out a warrant. The metadata from cell phones, includes your location. Is the location of my daughter, or wife 24/365 a matter of public record? The arguments for this invasion of privacy are specious at best. It is a clear breach of the 4th amendment. Most people do not realize how much information is located in the metadata. In many cases you don't even need to know the conversation to know something vitally private. If my daughter made a call to an abortion clinic, do you consider that private information? Simple joins of database make that metadata, extremely compromising. As to 3rd parties such as Facebook, I volunteer as little information as possible. I "KNOW" they will sell me down river.
And if you had read the linked articles, you would have seen the prior occurrence with wikileaks. Having both Visa & Mastercard not accept either the wikileaks donations or VPN payments at the same time seams suspicious. Both organizations are seperate and have seperate charging agreements. So both at once leads one to believe that pressure was applied by an outside source. As both instances have occured around leaking of US government "secrets" (Don't get me started as if they are still secrets when they are plastered over the press) it becomes obvious who benefits from the blockage. The U.S. Government
On the surface yes, but with very little research you can find prior art reaching back to 1972 (in the cae of Blue GaN LEDs) http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F3683240 and easily 1989 for the process http://patft.uspto.gov/netacgi/nph-Parser?Sect2=PTO1&Sect2=HITOFF&p=1&u=%2Fnetahtml%2FPTO%2Fsearch-bool.html&r=1&f=G&l=50&d=PALL&RefSrch=yes&Query=PN%2F4819058
Unfortunately what will happen is this: Named person: Everyone Items to be searched: All Meta-data on phone calls See, they named the group to be searched, and what is to be searched. I know you meant specifically name the people, etc... But this is what will probably will continue to happen. Look at what has been defined as PII (Personally Identifying Information), it is narrowly defined. Never mind that the information combined together can make it fairly easy to identify who the records are attached to. I mean come on, how many people in zip code 89101-4523 have Fibromyalgia, Gout and Complex Regional Pain Syndrome #1 and have Blue-Cross Blue shield as their insurer. You aggregate the data together and combine with other Databases and voila, you can usually pick out a high percentage of patients.
Here's a copy of the judge's order. http://www.wired.com/images_blogs/threatlevel/2011/06/huntsanctions.pdf
Seriously. If I REALLY wanted to be paranoid, which I'm not:
Consider that this can come in an image file, linked from any web page.
If a government were using something like this as a backdoor it would be very useful. Say you passed a law (CALEA maybe) that forced telecom providers (backbone providers) to allow you to intercept traffic. Part of the specification could allow for a replacement packet/response. You could insert HTML code into a spoofed response that included a link to an infected image.
Something like,
If I see an IP of interest, hold the responding packets (until I'm sure it's complete).
Parse the returning html, and insert an infected logo at the end from one of our servers.
Voila, instant compromised machine.
Wouldn't this be a lovely (deniable) backdoor?
God, the pain medication must be making me REALLY paranoid tonight.
I am not saying this is right or wrong, I am honestly asking you all why, why do you care?
Quite simply, Identity theft. You are already required to show your ID when purchasing Tobacco and Alcohol products. Producing this ID with a standardized machine readable format will allow the collection of information. Businesses will use this to market. Unethical employees will use this to steal identity.
When everything needed to forge someones Identity or market to them is provided in a easy to grab package, it will be used.
This promotes the consolidation of databases about you without seriously impacting terrorism. All the terrorists will do is use people with clean pasts for their acts.
If you think the information about 10604 Bristow Road is bad, try looking at the Clark County Nevada information.
Check out these assessor records 7959 Bermuda Dunes Ave or the Search by Name or the always fun Search by Address. Or checkout a house owned by the Las Vegas Mayor.
It's a great way to find out how much your neighbor paid, previous owners, or tracking down that obnoxious salesman/lawyer.
Just thinking of the stalking potential on these websites is a nightmare.