A hundred times, NO. I've beat this horse to death many times before, but it seems to be moving a bit, so here's another whack.
A receipt, whether a plain-text record or a number you can use over the phone or the internet, makes coercion so easy as to be laughable. What happens when your employer support some particular ballot measure, sees it fail at the ballot box, and then has an off-the-record policy where you show your receipt to the right people, and if it that says you voted for the measure, it will be in your favour the next time layoffs come around? What about a union shop that wants to make sure people voted, and voted for the "right" people? How about the police department wondering who supported the tax increase to pay for more police officers?
Sadly, because there are so many ways to abuse a verification mechanism, I have to conclude that a secret ballot must be kept absolutely secret, even from the voter himself once he drops it in the ballot box. And that's why I still favour pencil and paper, or punched cards. At least there's something tangible to go back and recount.
simply politely tell them that the product isn't what you're looking for
What a grand idea. Too bad it doesn't work. "Well of course you don't *think* you need our product, but really, sir, you do need it. BUY BUY BUY DAMN YOU! YOU NEED OUR PRODUCT!"
If telemarketers would take "no" for an answer the FIRST DAMN TIME, maybe they wouldn't be so universally reviled.
why the telemarketing companies fight this so hard. I mean, here's a list of people who don't want to hear your sales pitch, so why waste time calling them? I suppose they are worried (justly) about people convincing grandma to sign up so she doesn't get so many "buy this shit now" calls.
Once and for all, somebody needs to drive this into their heads: it is MY phone, and you may not use it (i.e. call me) without my consent. P.S. refusing to pay $3.50 a month to NOT be listed in the phone book does not mean I consent to have you morons call me.
I remember that cartoon. (In fact, I cut it out of the newspaper and laminated it. I still have it in my home office.) The strip was part of a series that was published right around the time Word Perfect was whacking 20% of its Utah-based workforce. Everyone who worked there was nervous, and everyone who didn't work there was worried that the newly-unemployed 20% were going to glut the local market and make it harder to find decent jobs. (There's a whole sidebar here about how tech jobs in Utah Valley are TEH SUX0R compared to almost anywhere else. Let's just say I doubled my salary by leaving, and not to an area with 2x the cost of living. Supply and demand, my friend.)
One or two days previous to this strip, there was another one, a meeting of managers. I don't remember the dialogue, but it went something like:
"Hey, Bob, you don't look so good. Are you feeling okay?"
"No, all of my bad decisions are coming back to haunt me. Could we do a re-org?"
"Great idea! I've got a few skeletons I wouldn't mind burying, too!"
we get used to something and in the next version there's a brand new way to do the same thing, forcing us to get used again.
I think you meant "forcing us to get used to it again," but I like the Freudian slip. Microsoft is using you, me, the lot of us, through vendor lock-in, childish marketing postures ("we won't support the open document format no matter what, screw Massachussets"), and bundling agreements that would make even the Mafia jealous (OEM's prices per-unit prices much higher if they don't sell 100% windows).
Of course we'll be able to read GIF files! By then, all the stupid patents should have expired (pending action by the House of Misrepresentatives, of course).
We're just lucky that Walt didn't dream up LZW compression while he was working on Steamboat Mickey, or we'd have patents lasting for the author's life plus 90 years!
I read something similar into that statement: Apple decided on their features, implemented them, TESTED them, and released a fairly stable product. MS, however, throws all kinds of shit in at the last minute, and for that we get Zotob and friends.
I thought the whole point of calling something BETA was that this is what you'll release once the major bugs are fixed. In this case, they're treating it like a "feature beta," which from a security standpoint is a nightmare. What ever happened to "test what you fly and fly what you test"?
That was my entire point. Thank you for completely missing it.
The fact the MS Windows is horribly insecure does not escuse the illegality of writing a virus or worm and unleashing it on the world at large. Others seemed to be arguing that it was really MS's fault. Sorry, no, but it's the fault of the criminal mainly.
I'd like to abuse your metaphor in a different way than the other posters.
Imagine that a clothing company uses very shoddy materials and cuts corners in its production, yet they are popular enough that 9 out of 10 people will be wearing that brand of clothing. The clothes are crap, sub-standard, and you just know that if people realized this, the company would either improve, or people would buy their clothes elsewhere. To that end, you walk down a busy street and grab a handful of cloth every which way, easily ripping the shirts off 9 out of 10 women who pass by you.
Should you be jailed for "merely" demonstrating this weakness?
How about when the software programmer works for a small company that makes embedded systems, and BOTH hardware engineers (yes, there were only two in the whole company) are busy with a high-profile customer issue? Ah, those were the days... long days, the infrequent soldering iron burn, the frequent popping of capacitors on power supplies. Best job I ever had.
Besides, I find that if you know something about hardware, you're a little more sensitive to how you write your software. Things like power consumption because you're wasting the processor in a busy-wait loop instead of sleeping for the interrupt, or things like that.
My degree was "pure" CS. We had one class in EE, where the "big" project was to make a UART. I'm jealous of the people who double-majored in CS and EE, or went to a school that offered a hybrid curriculum.
I won't pooh-pooh CS - things like Rate Monotonic Analysis are extremely helpful in system design, and can for example lead you to choose the faster (and more power-hungry) processor since it can finish the task quicker and sleep longer before the next task comes up, thereby giving an overall lower battery drain. I won't say that building a UART out of a PLD and some shift registers while in school has made me a better programmer, but some extra background in hardware has certainly helped me understand software much better.
Careful with that logic. While it's true that no-one has published a "break" for IDEA, that doesn't prove that such a break doesn't exist, waiting to be discovered. It's quite possible that, with other ciphers being much more popular, cryptanalysis is being focused on the "bigger targets," by both black and white hats.
My copy of Applied Cryptography is in storage right now, so I can't look up the details of IDEA (is it a Feistel network? what size are the S-boxes? how many rounds?) and even if I had that information handy, I'm not a cryptanalyst, so my opinion probably doesn't count for much.
And yes, attacking the human element of crypto is going to be much more likely to succeed in the face of ever-larger keys. Ever hear of "rubber hose cryptanalysis"? (Hint: it's something that the U.S. government wants us to believe is done only by other countries.)
In addition to the errors you rightly point out, TFA repeatedly mischaracterizes the machine the EFF built to crack DES. In the sidebar, the author refers to an "accelerator card used in a standard PC." Later on in the article, he refers to the system as using FPGA's to crack DES in 3 hours. The EFF's machine, described in their very good book, was comprised of several racks of custom-built boards with ASIC's, not FPGA's, controlled by one PC. Though that PC was certainly "a standard PC," the accelerator cardS were not "in" the PC.
The author makes it sound like you can plug a single card into a PCI slot and break DES in 3 hours. Even though that isn't true, I still wouldn't trust my data to DES anyway, but the point is to be precise and correct in a widely-published article, and this author was neither. And this from the company that proposed Lucifer, the precursor to DES. Shame.
It is my understanding that IDEA is patented (how this is even possible to patent a sequence of mathematical operations is a topic for another flamewar^Wdiscussion) and the holders of that patent wanted royalties. PGP used IDEA originally, but GnuPG wouldn't touch it for the royalty issue, and it eventually fell out of favour as other ciphers with 128-bit and larger keys became more widely available, e.g. Blowfish, Twofish, Serpent, Rijndael (AES), etc.
the court is either going to have to twist itself into at least two additional dimensions to avoid either shooting down EULAs on e-books or overturning more than a century of fundamental copyright law.
My money's on the court overturning fundamental rights enumerated by copyright law. Incidentally, I'm sure that a large number of lobbyists also have money on this, though in a slightly different way than my wager...
Bought and paid for, lock, stock, and barrel. It makes me want to sick up my breakfast.
Nice try, but I'm not a Republican, and haven't been for a great many years. I vote mostly Libertarian these days. I think GWB has been a huge detriment to this country and our security. The only thing he's got going for him is he has done a better job than either Gore or Kerry would have done, and that's a damn shame that he's got nothing better to speak of his presidency.
As for Saudi Arabia, I don't agree with our government's unwavering support for such a corrupt regime, which I might remind you was just as unwavering when Clinton was getting hummers in the Oval Office and perjuring himself about it.
So how do we deal with Mid-Easy terrorism? Drill a hole through the glass and pump out the oil.
1. On December 29, 1890, 153 Lakota Indians were killed after being dis-armed by . ..
The U.S. Military. A particularly shameful chapter in our nation's history, and one of the many reasons that I do not support gun control of any kind. Ask a Jew about it if you doubt me on that reasoning. Many a Holocaust survivor has commented that they didn't have the tools to resist, having been disarmed by German gun registration laws a few years earlier, and how they wished they could have put up a more effective fight. Soviet dissidents have made similar comments. A disarmed population is more easily controlled, and more easily massacred.
My Lai, that was fucked up. Badly. More people should have been court-martialed, and somebody should have faced a firing squad over that. Of course, when you consider that Charlie looked just like the people we were trying to help, things get a little muddier. Charlie didn't exactly play by "the rules," hiding out amongst civilian populations, and the like.
Dresden, another collossal fuck-up. I'm not aware of any military value (other than morale) that Dresden had.
Hiroshima and Nagasaki, well, I'll defer to the people who survived the occupation of Nanking. There's a reason they call it The Rape of Nanking. Would you like me to show you some pictures of the mass graves, the beheading contests, etc.?
War is ugly. Terrorism is uglier, because there's no defined enemy to shoot at, just nations that give cover and people who give support in whatever way they can. If we can, through PURE statistical analysis, uncover patterns, we are BOUND to incorporate that information to prevent an attack.
Mr Osman's Italian court-appointed lawyer, who was present at the interrogation, said that he had insisted that he thought the attack was "a gesture" intended to cause alarm, and not "to kill or maim".
Why don't you go offer him some "therapy and understanding"?
Ah, but then you're violating their civil rights, so says the namby-pamby branch of politics. You see, the fact that all 19 of the Sept. 11 hijackers were Middle-Eastern should never be factored into who gets searched at the airport and who doesn't, because we all know that a 70-year-old white female American citizen is just as likely to be a terrorist as a 20-year-old arab male who's here on a student visa. Bend over, granny, while we get the gloves and K-Y.
Check out the latest news from one of the bombing suspects in the UK (the second, failed attack) claiming that it's really OK because the bomb wasn't designed to kill anyone, just scare them. Too bad the UK pussed out long ago and abolished the death penalty, because they used to do it in style, what with those drawing-and-quarterings.
How much money did this slimeball make at the spamming? If ( profit > penalty ), then more like him will step up to take his place. I personally like the "Russian Solution." (Yes, I'm aware that the beating death was unrelated to spamming, but it's still fun to pretend it was because of one too many spams.)
So you're one of the bastards that made it impossible to hear the prof over the clicky-clicky of the damn keyboards!
10+ years ago, I had CS classes where some 20% of the class took "notes" on their craptops, and the sound of keyboards was almost deafening. I wish the prof had instituted a policy much like you hear about today with cell phones: "you can bring it, but I better not hear it." (My father's policy was "if your phone rings in my class, I'll answer it for you." He had to do that about once per semester, and then everybody learned.)
For the bazillionth time, computers do not equal learning any more than a straight-edge, a T-square, and a protractor make you an architect. Buying your kid a craptop will not make them get good grades in school, especially if you send them to a shitty government school where "everybody is special" and "we don't use emotionally-biased words like 'fail' in this school."
That really caught my eye, too. Aren't we into some Sarbanes-Oxley or Lanham Act problems here? I mean, based on my admittedly biased reading of the recent Novell reply, it appears that Darl "knew or should have known" (to use the lawyer-speak) that SCOX didn't and doesn't own UNIX, so technically, he's making "false public statements designed to mislead investors as to the true value of the stock" etc. etc.
Of course, I'm sure the way he looks at it is that even though Novell refused to transfer the copyrights, the mysterious Amendment 2 made that unnecessary anyway. Funny how it showed up just in time to save SCOX's bacon. Still, the overwhelming weight of evidence appears to be on Novell's side, and I'm eagerly awaiting the day when Novell, IBM, RedHat, and AutoZone collectively turn SCOX into a grease spot. The only thing that would be more satisfying is if Keyser Soze entered the picture.
A few things that bother me: 1. Novell didn't come out MUCH earlier to claim their 95% of royalties, 2. Darl et al probably will not see any jail time, and 3. who put SCOX up to this? And I mean proof of who's pulling the strings, not the "it just has to be MSFT" speculation, though I agree with that speculation.
"I don't think it's the government's right to tax me so they can provide telephone service to someone else, or internet to the public schools
Yes, who would want our farmers to have 911 service, or our kids to be able to learn. How horrible.
You make the terrible mistake of assuming that internet access in the public schools equates with learning. When I went to school, the only computers were in one classroom, and they were used for the computer programming classes. We got along just fine writing our papers out by hand (or typing them on the computer at home), doing research in the library with those musty old things called "books," and not wasting our entire day at school on TEH INTARWEB.
STFU and if you think it's so important, write a check to your local school, but keep your hands out of my wallet.
Verizon Wireless spokeswoman J. Abra Degbor said the carrier would have no public comment on iSkoot but would be in touch with the company directly about any concerns it had over the acceptability or legality of the service.
That sounds like an ominous threat. I'm sure that the various incumbent carriers will find a way to twist the legal system and stomp this one into the ground.
Consider Vonage, which offered an excellent alternative to the pork- and tax-laden telco's in the US, until said telco's started complaining about "vonage isn't following the onerous regulations we have to follow and charging all those outrageous taxes and universal service fees!" Hello? I wanted Vonage precisely because I don't think it's the government's right to tax me so they can provide telephone service to someone else, or internet to the public schools. The solution is not to complain that "they should have to carry this same incredible load," but rather to complain about the regulatory load in the first place.
However, I bet in this case it's just the telco's charging what the market will (currently) bear, and now this little upstart is coming in and threatening their cash cow. Given today's political climate, I'd expect comments about "terrorists could use iSkoot to plan an attack! OMG we must shut down cheap overseas phone service OR THE TERRORISTS WILL HAVE WON!!!!!!"
Slashdot Mirror
A receipt, whether a plain-text record or a number you can use over the phone or the internet, makes coercion so easy as to be laughable. What happens when your employer support some particular ballot measure, sees it fail at the ballot box, and then has an off-the-record policy where you show your receipt to the right people, and if it that says you voted for the measure, it will be in your favour the next time layoffs come around? What about a union shop that wants to make sure people voted, and voted for the "right" people? How about the police department wondering who supported the tax increase to pay for more police officers?
Sadly, because there are so many ways to abuse a verification mechanism, I have to conclude that a secret ballot must be kept absolutely secret, even from the voter himself once he drops it in the ballot box. And that's why I still favour pencil and paper, or punched cards. At least there's something tangible to go back and recount.
-paul
What a grand idea. Too bad it doesn't work. "Well of course you don't *think* you need our product, but really, sir, you do need it. BUY BUY BUY DAMN YOU! YOU NEED OUR PRODUCT!"
If telemarketers would take "no" for an answer the FIRST DAMN TIME, maybe they wouldn't be so universally reviled.
-paul
Once and for all, somebody needs to drive this into their heads: it is MY phone, and you may not use it (i.e. call me) without my consent. P.S. refusing to pay $3.50 a month to NOT be listed in the phone book does not mean I consent to have you morons call me.
-paul
One or two days previous to this strip, there was another one, a meeting of managers. I don't remember the dialogue, but it went something like:
"Hey, Bob, you don't look so good. Are you feeling okay?"
"No, all of my bad decisions are coming back to haunt me. Could we do a re-org?"
"Great idea! I've got a few skeletons I wouldn't mind burying, too!"
-paul
I think you meant "forcing us to get used to it again," but I like the Freudian slip. Microsoft is using you, me, the lot of us, through vendor lock-in, childish marketing postures ("we won't support the open document format no matter what, screw Massachussets"), and bundling agreements that would make even the Mafia jealous (OEM's prices per-unit prices much higher if they don't sell 100% windows).
-paul
We're just lucky that Walt didn't dream up LZW compression while he was working on Steamboat Mickey, or we'd have patents lasting for the author's life plus 90 years!
-paul
I thought the whole point of calling something BETA was that this is what you'll release once the major bugs are fixed. In this case, they're treating it like a "feature beta," which from a security standpoint is a nightmare. What ever happened to "test what you fly and fly what you test"?
-paul
The fact the MS Windows is horribly insecure does not escuse the illegality of writing a virus or worm and unleashing it on the world at large. Others seemed to be arguing that it was really MS's fault. Sorry, no, but it's the fault of the criminal mainly.
-paul
Imagine that a clothing company uses very shoddy materials and cuts corners in its production, yet they are popular enough that 9 out of 10 people will be wearing that brand of clothing. The clothes are crap, sub-standard, and you just know that if people realized this, the company would either improve, or people would buy their clothes elsewhere. To that end, you walk down a busy street and grab a handful of cloth every which way, easily ripping the shirts off 9 out of 10 women who pass by you.
Should you be jailed for "merely" demonstrating this weakness?
-paul
Besides, I find that if you know something about hardware, you're a little more sensitive to how you write your software. Things like power consumption because you're wasting the processor in a busy-wait loop instead of sleeping for the interrupt, or things like that.
My degree was "pure" CS. We had one class in EE, where the "big" project was to make a UART. I'm jealous of the people who double-majored in CS and EE, or went to a school that offered a hybrid curriculum.
I won't pooh-pooh CS - things like Rate Monotonic Analysis are extremely helpful in system design, and can for example lead you to choose the faster (and more power-hungry) processor since it can finish the task quicker and sleep longer before the next task comes up, thereby giving an overall lower battery drain. I won't say that building a UART out of a PLD and some shift registers while in school has made me a better programmer, but some extra background in hardware has certainly helped me understand software much better.
-paul
No thanks, I think I'll stick to libre stuff.
-paul
Careful with that logic. While it's true that no-one has published a "break" for IDEA, that doesn't prove that such a break doesn't exist, waiting to be discovered. It's quite possible that, with other ciphers being much more popular, cryptanalysis is being focused on the "bigger targets," by both black and white hats.
My copy of Applied Cryptography is in storage right now, so I can't look up the details of IDEA (is it a Feistel network? what size are the S-boxes? how many rounds?) and even if I had that information handy, I'm not a cryptanalyst, so my opinion probably doesn't count for much.
And yes, attacking the human element of crypto is going to be much more likely to succeed in the face of ever-larger keys. Ever hear of "rubber hose cryptanalysis"? (Hint: it's something that the U.S. government wants us to believe is done only by other countries.)
-paul
In addition to the errors you rightly point out, TFA repeatedly mischaracterizes the machine the EFF built to crack DES. In the sidebar, the author refers to an "accelerator card used in a standard PC." Later on in the article, he refers to the system as using FPGA's to crack DES in 3 hours. The EFF's machine, described in their very good book, was comprised of several racks of custom-built boards with ASIC's, not FPGA's, controlled by one PC. Though that PC was certainly "a standard PC," the accelerator cardS were not "in" the PC.
The author makes it sound like you can plug a single card into a PCI slot and break DES in 3 hours. Even though that isn't true, I still wouldn't trust my data to DES anyway, but the point is to be precise and correct in a widely-published article, and this author was neither. And this from the company that proposed Lucifer, the precursor to DES. Shame.
-paul
-paul
My money's on the court overturning fundamental rights enumerated by copyright law. Incidentally, I'm sure that a large number of lobbyists also have money on this, though in a slightly different way than my wager ...
Bought and paid for, lock, stock, and barrel. It makes me want to sick up my breakfast.
-paul
As for Saudi Arabia, I don't agree with our government's unwavering support for such a corrupt regime, which I might remind you was just as unwavering when Clinton was getting hummers in the Oval Office and perjuring himself about it.
So how do we deal with Mid-Easy terrorism? Drill a hole through the glass and pump out the oil.
-paul
The U.S. Military. A particularly shameful chapter in our nation's history, and one of the many reasons that I do not support gun control of any kind. Ask a Jew about it if you doubt me on that reasoning. Many a Holocaust survivor has commented that they didn't have the tools to resist, having been disarmed by German gun registration laws a few years earlier, and how they wished they could have put up a more effective fight. Soviet dissidents have made similar comments. A disarmed population is more easily controlled, and more easily massacred.
My Lai, that was fucked up. Badly. More people should have been court-martialed, and somebody should have faced a firing squad over that. Of course, when you consider that Charlie looked just like the people we were trying to help, things get a little muddier. Charlie didn't exactly play by "the rules," hiding out amongst civilian populations, and the like.
Dresden, another collossal fuck-up. I'm not aware of any military value (other than morale) that Dresden had.
Hiroshima and Nagasaki, well, I'll defer to the people who survived the occupation of Nanking. There's a reason they call it The Rape of Nanking. Would you like me to show you some pictures of the mass graves, the beheading contests, etc.?
War is ugly. Terrorism is uglier, because there's no defined enemy to shoot at, just nations that give cover and people who give support in whatever way they can. If we can, through PURE statistical analysis, uncover patterns, we are BOUND to incorporate that information to prevent an attack.
-paul
Timothy McVeigh: killed 168, injured "at least" 500
19 arab terrorists: killed over 3000, injured how many thousands more?
Oh, and for the reference you complain about in your follow-up, try Nail bomb was not meant to kill, says suspect. He's fighting extradition on these grounds:
Why don't you go offer him some "therapy and understanding"?
-paul
Check out the latest news from one of the bombing suspects in the UK (the second, failed attack) claiming that it's really OK because the bomb wasn't designed to kill anyone, just scare them. Too bad the UK pussed out long ago and abolished the death penalty, because they used to do it in style, what with those drawing-and-quarterings.
-paul
-paul
So you're one of the bastards that made it impossible to hear the prof over the clicky-clicky of the damn keyboards!
10+ years ago, I had CS classes where some 20% of the class took "notes" on their craptops, and the sound of keyboards was almost deafening. I wish the prof had instituted a policy much like you hear about today with cell phones: "you can bring it, but I better not hear it." (My father's policy was "if your phone rings in my class, I'll answer it for you." He had to do that about once per semester, and then everybody learned.)
For the bazillionth time, computers do not equal learning any more than a straight-edge, a T-square, and a protractor make you an architect. Buying your kid a craptop will not make them get good grades in school, especially if you send them to a shitty government school where "everybody is special" and "we don't use emotionally-biased words like 'fail' in this school."
-paul
-paul
Of course, I'm sure the way he looks at it is that even though Novell refused to transfer the copyrights, the mysterious Amendment 2 made that unnecessary anyway. Funny how it showed up just in time to save SCOX's bacon. Still, the overwhelming weight of evidence appears to be on Novell's side, and I'm eagerly awaiting the day when Novell, IBM, RedHat, and AutoZone collectively turn SCOX into a grease spot. The only thing that would be more satisfying is if Keyser Soze entered the picture.
A few things that bother me: 1. Novell didn't come out MUCH earlier to claim their 95% of royalties, 2. Darl et al probably will not see any jail time, and 3. who put SCOX up to this? And I mean proof of who's pulling the strings, not the "it just has to be MSFT" speculation, though I agree with that speculation.
-paul
You make the terrible mistake of assuming that internet access in the public schools equates with learning. When I went to school, the only computers were in one classroom, and they were used for the computer programming classes. We got along just fine writing our papers out by hand (or typing them on the computer at home), doing research in the library with those musty old things called "books," and not wasting our entire day at school on TEH INTARWEB.
STFU and if you think it's so important, write a check to your local school, but keep your hands out of my wallet.
-paul
That sounds like an ominous threat. I'm sure that the various incumbent carriers will find a way to twist the legal system and stomp this one into the ground.
Consider Vonage, which offered an excellent alternative to the pork- and tax-laden telco's in the US, until said telco's started complaining about "vonage isn't following the onerous regulations we have to follow and charging all those outrageous taxes and universal service fees!" Hello? I wanted Vonage precisely because I don't think it's the government's right to tax me so they can provide telephone service to someone else, or internet to the public schools. The solution is not to complain that "they should have to carry this same incredible load," but rather to complain about the regulatory load in the first place.
However, I bet in this case it's just the telco's charging what the market will (currently) bear, and now this little upstart is coming in and threatening their cash cow. Given today's political climate, I'd expect comments about "terrorists could use iSkoot to plan an attack! OMG we must shut down cheap overseas phone service OR THE TERRORISTS WILL HAVE WON!!!!!!"
-paul