...until the MAC address generators have gone through all the "MAC-space" of possible addresses...
Wireless APs like Linksys' already come with a web admin that lets you specify *any* MAC address, apparently to please some cable/adsl providers that measure traffic/authenticate (partly) based on this.
Why not provide a public key server and ask people to submit they public OpenPGP key, signe by P. Zimmermann himself ? Get your identity trusted by Z. or go play somewhere else... After all, this seems to imply they want "real" players!
When do you expect people will take security/privacy issues seriously enough to guide their choices of products/services providers accordingly ? Will they ever ?
Is security/privacy something providers of goods/services should take care of, or is it the end-users problem to deal with it ?
IMAP (Internet Message Access Protocol) was designed to centralize email information, I believe. If stored/implemented with a database, what more would you need ?
I think querying through SQL would satisfy most of us.. and be very useful in corporate environments (for example, query all email sent from a user to support), and it's already done by some projects like DBMAIL.
Anybody out there with experience using these ?
BTW, there's an extensive database of IMAP products including some that make the data accessible via LDAP... hours of fun!
WinPT is a great toolbar application, a front-end for GnuPG. It lets you ecnrpyt/decrypt from/to any application, including email of cours.
That's one of the end-user applications that support OpenPGP that we've been telling our customers to use, when we install our product on their site so they can process forms and encrypt results via email.
When looking at the Terms & Conditions of use, it's clear Kazaa provided for this (from the beginning ?).
What part of responsibility or role do the hosting companies hold in this ? We provide an Acceptable Use Policy and I think if we had a Kazaa user as customer, trading MP3s, and we get a court order to cancel service, we'd have to.
Has anybody had such experiences/similar scenarios they'd share ? What are the implications of such a judgement on current AUPs legal documents in the hosting industry ?
How to encourage use of encryption in contracts
on
Can GnuPG Deliver?
·
· Score: 1
Here's the wording we use in all our contracts to encourage use of encryption. If somebody has suggestions for improvment, I'd like to hear them.
SPECIFIC PROVISIONS
Electronic Communications
The Parties' representatives may communicate between themselves by electronic means, in which case, the following presumptions shall apply:
The parties have established and verified their respective identities by presenting an electronic signature generated from a trusted OpenPGP key or S/MIME certificate (hereinafter referred to as the "Identification Code")
the presence of an Identification Code in an electronic document shall be sufficient to identify the sender and to establish the authenticity of the said document;
an electronic document containing an identification code shall constitute a written instrument signed by the sender; and
an electronic document containing an identification code or any printed output of such document, when kept in accordance with usual business practices, shall be considered to be an original.
The Parties' representatives may also communicate between themselves by fax, provided an original document follows-up any such transmission.
Companies using PGP (OpenPGP), applications
on
Can GnuPG Deliver?
·
· Score: 1
It took me a while to understand and be able to explain the differences/roles of PGP (the product), OpenPGP (the standard, as PZ renamed it), OpenPGP (the alliance), and NAI (the Empire ?:). I needed a short path through this story for customers and friend who I wanted to start using this, so I prepared a summary on Thawte X.509 certificates and OpenPGP Encryption.
While doing this, I discovered that quite a few companies do support OpenPGP but it's our job to continue this effort in 2 ways:
Educating others about it
Participating in development efforts (and this also means bug reporting, translation and documentation, stuff that even I can do!)
It's a shame that the Salon article totally ignored to mention at least two of the easier (although not easiest) ways to use OpenPGP: Enigmail (for Mozilla/Netscape) and WinPT (for Windows/clipboard-based), among others.
They also fail to mention that GnuPG really is the command line application/libraries, and then there's a layer of front end or integration to other products. A thourough visit of GnuPG.org will reveal this.
Finally, for the webmail-oriented crowd, there's also Hush Mail (which is, BTW, a company that PZ joined after leaving NAI). What's so technically difficult about using this ?
Hi, The same quesiton could be asked for Canada. You can buy a book with the postal codes and type it in and it is legitimate. You can also pay for it of course (CanadaPost.ca - To order a Postal Code directory)
In the case of geographic data, I first turned to both mapblast and mapquest and after a few telephones, it turned out they would charge as much as 1$ per city for lattitude/longitude data.
Spent some more time on the phone and after 15 minutes, I got a government agency that would sell me the whole QC province information in any format I wished (access, DB, SQL dump, etc) for ~ 20$. How do you explain that?
Global greed warming.
-- Notepad specialist & FAT administrator, group training available Fabian Rodriguez
Come on, now we'll see every new development been announced as "open source", what a cool marketing stunt! Then their server is/.'d while we try to figure if it's for real or just the eternal buzzzzzzz...
A. HP e-speak will be distributed at little or no cost to developers via the Internet. Once released by HP, HP e-speak core software will be freely downloadable from a website. The download will include documentation, binary core code, and licensed source code.
Soon enough it's going to take major funding before ever thinking of posting our sites on Slashdot.
I can easily see an order form for more memory & bandwidth for your server on the same form as the submit story page. Or a "minimal server requirements" section on the submit story form...
Maybe a./ aid fund would be appropiate or perhaps a list of casualties and their configurations...?
I would've never had this idea myself... of cours eveyone now knows that posting the same site 2 times in slashdot greatly enhances its chances of survival and uptime.
Slashdot Mirror
They are going to need Zend ;)
...until the MAC address generators have gone through all the "MAC-space" of possible addresses...
Wireless APs like Linksys' already come with a web admin that lets you specify *any* MAC address, apparently to please some cable/adsl providers that measure traffic/authenticate (partly) based on this.
Why not provide a public key server and ask people to submit they public OpenPGP key, signe by P. Zimmermann himself ? Get your identity trusted by Z. or go play somewhere else... After all, this seems to imply they want "real" players!
CoCo Scripsit rules.
then encrypt the patent.
Interestingly enouugh, the Digital ID site uses cookies...
When do you expect people will take security/privacy issues seriously enough to guide their choices of products/services providers accordingly ? Will they ever ?
Is security/privacy something providers of goods/services should take care of, or is it the end-users problem to deal with it ?
List this one.
At the very least, change the legend so it reads:
WEP Enabled (Worse, false sense of security) instead of:
WEP Enabled (Good)
Red flags indicate signal detection, not signal origin...
IMAP (Internet Message Access Protocol) was designed to centralize email information, I believe. If stored/implemented with a database, what more would you need ?
I think querying through SQL would satisfy most of us.. and be very useful in corporate environments (for example, query all email sent from a user to support), and it's already done by some projects like DBMAIL.
Anybody out there with experience using these ?
BTW, there's an extensive database of IMAP products including some that make the data accessible via LDAP... hours of fun!
WinPT is a great toolbar application, a front-end for GnuPG. It lets you ecnrpyt/decrypt from/to any application, including email of cours. That's one of the end-user applications that support OpenPGP that we've been telling our customers to use, when we install our product on their site so they can process forms and encrypt results via email.
What part of responsibility or role do the hosting companies hold in this ? We provide an Acceptable Use Policy and I think if we had a Kazaa user as customer, trading MP3s, and we get a court order to cancel service, we'd have to.
Has anybody had such experiences/similar scenarios they'd share ? What are the implications of such a judgement on current AUPs legal documents in the hosting industry ?
The Parties' representatives may communicate between themselves by electronic means, in which case, the following presumptions shall apply:
The Parties' representatives may also communicate between themselves by fax, provided an original document follows-up any such transmission.
While doing this, I discovered that quite a few companies do support OpenPGP but it's our job to continue this effort in 2 ways:
For a sample of companies supporting OpenPGP "movement" as Salon calls it, see:
http://www.openpgp.org/members/
It's a shame that the Salon article totally ignored to mention at least two of the easier (although not easiest) ways to use OpenPGP: Enigmail (for Mozilla/Netscape) and WinPT (for Windows/clipboard-based), among others.
They also fail to mention that GnuPG really is the command line application/libraries, and then there's a layer of front end or integration to other products. A thourough visit of GnuPG.org will reveal this.
Finally, for the webmail-oriented crowd, there's also Hush Mail (which is, BTW, a company that PZ joined after leaving NAI). What's so technically difficult about using this ?
I thought GMT was dead, man...
UCT's not gonna be happy 'bout this...
Of interest:e m47.html#1
- http://www.institut.qc.ca/veille_ice/novembre01/s
(in french)
... Very Public Network, that is..
--
Notepad specialist & FAT administrator, group training available Fabian Rodriguez
Hi,
The same quesiton could be asked for Canada. You can buy a book with the postal codes and type it in and it is legitimate. You can also pay for it of course (CanadaPost.ca - To order a Postal Code directory)
In the case of geographic data, I first turned to both mapblast and mapquest and after a few telephones, it turned out they would charge as much as 1$ per city for lattitude/longitude data.
Spent some more time on the phone and after 15 minutes, I got a government agency that would sell me the whole QC province information in any format I wished (access, DB, SQL dump, etc) for ~ 20$. How do you explain that?
Global greed warming.
--
Notepad specialist & FAT administrator, group training available Fabian Rodriguez
I know that you actually meant www.phorum.org
--
Notepad specialist & FAT administrator, group training available Fabian Rodriguez
I think eSpeak from HP ( http://www.hp.com/e-services/e-speak2.ht ml) seems to stand more chances and I like it better because:
-Not "financial" oriented
-From their FAQ:
-There is a whitepaper and other public docs about it at http://www.inter netsolutions.enterprise.hp.com/espeak/library.htm
What about BizTalk (from Microsoft)? Hadn't heard of it until I read it on the HP site (!).
--
Notepad specialist & FAT administrator, group training available Fabian Rodriguez
Soon enough it's going to take major funding before ever thinking of posting our sites on Slashdot.
./ aid fund would be appropiate or perhaps a list of casualties and their configurations...?
I can easily see an order form for more memory & bandwidth for your server on the same form as the submit story page. Or a "minimal server requirements" section on the submit story form...
Maybe a
I would've never had this idea myself... of cours eveyone now knows that posting the same site 2 times in slashdot greatly enhances its chances of survival and uptime.
DUH!