Computer hacking and penetration is a complex activity involving data collection and active compromise. Nobody gets points for being super-cool about it; you use DNS look-ups, interesting Google queries, and implied facts from public job postings to work out what questions to ask and even who to call if you want to do some direct data gathering.
Once, one of my biggest-balls-on-the-palm-tree coworkers walked through the front door of a big utility company by showing a fake badge and wearing a suit. The guards saw he had a badge, and that was good enough; he sat in the employee lounge, hacked their wifi, stole the Active Directory SAM database, stole some Exchange mailboxes, and left. No cantenna involved. If there was a network jack in a discrete location, he wouldn't have bothered hacking their wifi.
Kevin Mitnick said it's surprising what people will give you if you just ask for it like you don't know you shouldn't.
Dropping and then extracting a physical device to compromise the secrecy of the information stream between the keyboard and the motherboard is exactly the kind of thing a hacker would do. It's especially the kind of thing he'd do when nobody's around to see him poke at the back of the computer, while posing as tech support in case anyone catches him scrubbing all the malware from the computer to ensure actual tech support doesn't get called until he retrieves the device. You can make the device perfectly proxy the keyboard behind it and thus invisible to the OS.
Pretty much yes. It's like stealing a motorcycle: if you grab a unique sports bike and ride it like all hell to the chop shop, the police are coming to get you; if you grab a Kawasaki 650, there's thousands of them out on the street, and nobody notices unless you drive like a nut.
I'm not worried about anyone stealing my Zero SR when I get it.
Why do you need two-factor online when you can do it right through the browser? The W3C has accepted some FIDO specifications such as U2F as standards to access devices which sign a digital challenge; it amazes me they didn't produce an EVM-via-browser standard so you could use a USB EVM port to connect a credit card to your computer.
As with FIDO devices, the EVM device should indicate an attempt to use and require a physical hardware button press to acknowledge before actually sending anything to the EVM chip--no background pop-up windows silently racking up charges on your card. One charge, one button press. Alternately, they could refuse to allow more than one transaction at a time, such that running a transaction locked the device until you inserted a card, cancelled the transaction, or timed out--and then you must remove the card to begin the next transaction. That may be more-secure.
Seriously, why even have the PIN? The PIN is useful if the card isn't in your possession--at which point you call your bank.
It's not that it doesn't provide a layer of defense; it's that it provides a layer of defense for an extremely small attack window. You can't clone EVM because the chip is a computer with secure circuitry resistant to physical analysis and fault injection attacks--same with Yubikey-brand FIDO devices, and any other devices for which the vendor chooses a secure semiconductor supplier and secure build practices. You must physically possess the card to use it.
Is the PIN an unnecessary burden for this supposed security? Would showing your photo ID be an unnecessary burden? Would calling the bank to voice-verify each transaction be an unnecessary burden? Someone is going to say "yes" to one of these, or "yes" to the combination of all of them; yet doing all of these, mandatory, every time, undoubtedly provides further defense.
Does the threat model indicate that the PIN provides substantial additional security?
Plans can't win an unwinnable battle, so let's talk about the battlefield first.
Elijah Cummings won his last primary against a guy whose campaign was a vertical cell phone video where he rants about Elijah Cummings "has not fixed the issue" and that he's going to "go to Congress and get the money". He got 8.9% of the vote.
It's 25,000 votes to win. That's not a whole hell of a lot of bulk effort. It does mean getting most of the reliable voters (there are only 33,000 registered Democrats who voted in all of the last three primaries, out of around 50,000).
Elijah has only a few fanatics--and very few in the district. Most of his Facebook followers are all around the country; he has NINE THOUSAND people in District 7 actually interacting with his page (follow, comment, etc.) or posts about Elijah at all, out of 550,000 Moderate to Liberal democratic voters. He hardly communicates with anyone.
This uphill battle is turning more anti-climactic by the day. Nobody I encounter who isn't a raving Conservative fanatic really dislikes Elijah; he's a great community leader and he really does have the people's best interests at heart--he's just ineffective as all hell, and everybody knows it. The most I get in his favor is a consoling look and the counsel that I have a tough battle ahead of me; usually folks tell me that Elijah just isn't doing anything useful and needs to go, even though they don't think he's a bad guy--just a bad Congressman.
I actually encountered a political discussion group meeting in an elementary school that had replacing Elijah Cummings as a repeatedly-surfacing concern.
Do you know what the strategy is for that kind of playing field?
Name recognition and don't make people hate you.
I've been knocking on doors. I'm having actual campaign materials printed up. I have a Web site (which is getting some traffic at least). I've got a Facebook page that's getting followers, and I engage my followers; Elijah doesn't engage his, and I respond to his (sparse) posts and get people actually following me--I'm actually canvassing his own territory. I do the same on some radio show social media pages, and on some forums for the Democratic party. I have digital marketing campaigns that are giving me returns now at under 50 cents per click, follower, or whatnot.
Elijah loses more than 10% of the primary vote to no-names and unkempt fools--not to disparage anyone in particular, but the folks who have against him in recent elections haven't exactly been hard-hitting candidates. You can't even find out anything about these people, about their plans, their positions, anything. Do you really think he has standing power against a competent campaign?
Sure, he can fight back; the question is: is it too late? Everybody knows who Elijah is. What's he going to do? He can't open his mouth, shout loudly, and hope to get more name recognition; he has to convince people that the Elijah Cummings they know isn't the real Elijah Cummings. He doesn't have anything with which to fight back.
Will I win? I don't know. Can I win? I can crush this guy; but I can't do it without funding.
IMHO the solution is pretty simply. Eliminate corporate taxes - they just get passed on to people anyway
Actually, corporate income tax in 2016 drew $299.6 Billion out of $2,656 Billion from income taxes plus FICA. If my Universal Benefit had been in place, the tax rate would have changed from 35% to 34.6%; and the proportion going to the general corporate income tax would be $168 Billion. It's an ineffective revenue source; I only tax it for my Universal Benefit because that's a dividend off the entire economy--it's supposed to capture as near to a fixed share of all income as possible.
So negotiating with the Republicans each year to shave down the Corporate Tax Rate in exchange for knocking $8Bn or $12Bn off their ask for discretionary military spending is a viable way to eliminate the excess tax in a decade.
My Universal Benefit also displaces some of the load from Social Security's OASDI program (providing the same total benefit in retirement, but not all of it from Social Security's OASDI Trusts) to guarantee future Social Security solvency. Because it grows faster than OASDI's cost-of-living adjustments, it cuts into the program further as time goes by. This immediately sets FICA at 5.15% (cutting back the payroll tax), and further erodes it over time.
We can end with a 15% corporate income tax and an easy 1%+ cut in payroll taxes. Over time, this can reach a 10% universal benefit tax rate (my goal for my Universal Benefit is 10%, paid out starting at age 16) and a 5%+ drop in payroll taxes.
That all has to compete with policy for a shorter work week, a healthcare public option, and possibly better social security retirement benefits. Still, it's a direction to which we can progress at an ever-falling tax cost with ever-increasing benefits to the American people.
Okay, let me try instead. I'm running for House of Representatives in Maryland's 7th District, and I'm fairly-certain I can win that seat with under $50k--not that it'll be easy, but it's viable. If I can get $25/month commitments out of 100 people, I can probably fund out of my own pocket the rest of the way there; everything else is lifting the hardship off my personal finances and raising my chances of success.
My major platforms include an end to identity theft; a restructuring of welfare around a Universal Benefit (essentially a dividend of America's productivity) to lower the tax burden, totally-eliminate poverty, and guarantee Social Security's permanent solvency; and a public healthcare option to get healthcare to every American without excessive expense of a single-payer system.
I lean heavily toward fiscal responsibility, which is why my public healthcare option aims to narrow the $200 billion gap before levying any kind of tax to close it. With the $368B spending on Medicaid covering the poor, we could instead cover 55 million Americans with the average employer healthcare package, or 41 million Americans with zero-deductible healthcare.
With 70 million Americans without private insurance and an average of 50 million total coverage (with lower-incomes getting no out-of-pocket cost care), that's $185 billion in costs for the remaining full care coverage--although shuffling the numbers in different ways raises or lowers that a bit. Plans to provide a stronger employer healthcare mandate would reduce that price tag; plans to lower healthcare costs in general--such as by reducing generic drug costs--would also lower the cost of insurance. Both approaches mean any tax levied to cover this would be smaller.
As for identity theft, I plan on passing laws charging regulators to mandate the latest consumer-ready technology for credit issuance. That means low-cost, high-effectiveness. Today, that would be a FIDO U2F authentication with the CRAs: you go to a bank, show a hard ID (driver's license, passport, etc.), and plug your USB U2F device into a computer to establish a Trust relationship with each of the three CRAs.
That device holds a private encryption key (non-disclosed) used to sign challenges, so it becomes impossible to validate your identity with the CRAs unless you have the device itself--even if you hack the CRA and copy all the information they have about you. If you lose your key, voice-verification with the bank is sufficient to cancel the Trust: you can use your accounts, but can't open new ones until you physically enter a bank once. Otherwise, plug it into your computer or phone when you open a new credit account online so the bank can run a hard credit check with the CRAs.
Note that the details would be regulatory. Not only is this a good technical solution built in consideration of all identifiable risks, but it also minimizes the mandate by legislation: at most, I want to tell the regulators they must mandate feasible, inexpensive technology following any current standards on security as published by NIST. Note that NIST currently standardizes AES and Triple-DES for encryption, RSA and ECC for digital signatures, and so forth. The point is to ensure the regulation must deprecate an insecure technology when or before NIST says it's insecure, rather than exercising their own judgment.
Yes, I'm both a technologist (what a word) and a bureaucrat (I actually like project management more than technical work).
The Universal Benefit (which I might rename to Universal Dividend) is a foundation tying our entire anti-poverty system into one coherent effort. Essentially, I restructured the taxes to involve a 15% tax on all income (business and personal), which is paid out equally among all adults as if one adult represents one share
Yeah, it's time to play another round of Lying Terminated Employee or Shitty HR Department? Most folks have already decided, but we don't really know which it is yet.
I want to know if they used a pre-versus-AG version for the later plays, or if it learned from playing AG--because AG learned from humans, and playing against it transfers human knowledge to Zero.
How do you know the provider isn't storing a journal of pre-encrypted e-mails?
How do you know the provider hasn't received a National Security Letter forbidding them to tell anyone that they've been ordered to store the plain-text e-mails for you before encryption?
Your point is valid--they can do a one-way encryption--but it only raises further concerns. Fifty points to Ravenclaw, anyway; nice catch.
This is true. However, the technology is applicable in other ways.
I'm running for Congress, and have detailed a solution to identity theft which essentially involves banks and everyone else not opening new credit accounts without a hard credit check (which is today's situation), and those same entities validating your ID (Driver's ID, passport, etc.) face-to-face by proxy to establish identity with the CRAs via FIDO U2F. In this way, a credit check can only succeed if you have the equivalent of face-to-face photo ID validation (because the U2F credential proves that you passed this test at some point).
The weaknesses in that validation are a hacker taking control of the CRAs (all three) to approve hard credit checks; a hacker cracking RSA or ECC by using the public key to derive the private key (currently-impossible); a hacker hacking into your U2F device (not feasible—it shouldn't always be connected anyway, and many run EL5 verified code); stealing the U2F device; or a hacker replacing the keys at the CRAs with their own. The first and last require hacking all three CRAs simultaneously and are detectable (active interference or changing of credential), and you can cut down the attack surface for the last. If you've lost your U2F device, you can call your bank and have them cancel the trusts--your accounts work, but nobody can open new accounts as you until you physically enter a bank once.
I envision Congress passing a law requiring regulatory agencies to use the most up-to-date and affordable technology. NIST always has current technology listed as the standard, so tying these requirements to NIST published recommendations (meaning the credit regulators must clear their regulations with NIST and must jump when NIST says jump) may be a good way forward.
As you can see, a TOTP key is a stealable shared secret, and ineffective for this sort of protection; whereas the FIDO U2F security keys offer cryptographic verification at low cost and complexity, without sharing the identifying secret. That's why the difference matters: it's not that someone could hack your Gmail and paradoxically not be able to hack your Gmail, but that they could hack Equifax or Social Security and still not be able to apply for credit accounts, rental cars, and Government benefits as you. Knowing that such technology exists allows us to bring these protections to the American people.
The best part? These devices can hold over a thousand identities each, and select which to use based on the challenge. You don't need 14 different dongles; you need everyone to standardize around a single protocol and interface with your own personal device. You can walk into your bank for the credit check stuff (everyone checks you by the CRAs anyway), and walk into the DMV or a Social Security branch to establish individual identity trusts with every Government agency in that state and the Federal agencies. Two physical stops, two federation groups (Banks and CRAs; all Government agencies), one credential to carry. Note that every trust is a different key pair, and they're random: there's no standardized ID here, so we still need a separate Government identification standard if we want a real ID. This is a security device to identify a person when they can't present their actual ID--replacing the current method of asking them a bunch of questions.
Fair enough. The two main problems USB-C tackled were reversability (I HAVE plugged a USB-A port in backwards) and standardization (there isn't a C-A and micro-C; there's one size for all, so you can plug USB devices into your phone). It takes a while for the standardization part to land; although, as I said above, it's possible to use the same pins on the board to wire an A or a C port.
My next phone will have USB-C. Samsung and Apple devices already run USB-C, but I'm going for a OnePlus 5 and Revolution Remix OS.
With the TOTP 2FA, a shared secret is stored in plaintext: the server and client must both know a secret string, which seeds a PRNG, and generates a time-based numeric output. That means the server doesn't take your 6-digit code and "verify" it; it calculates the same code and compares it. If you hack the server, you can grab the secret key and generate the same codes.
It has the same at-rest security as a database of plaintext passwords.
With FIDO U2F devices, the device establishes trust by generating a key pair and sending the public key out. The private key stays on-device and is used to sign challenges. The secret required to prove your identity physically exists in one place: the FIDO device. You can't hack Google's servers and steal it.
The U2F system stores a private encryption key generated on the device only on the device itself. The 6-digit TOTP code is stored at both endpoints.
If you hack Equifax and they identify people by TOTP, you have all the TOTP keys and can pretend to be anyone. If they identify people by U2F, you have to modify the public keys Equifax uses to identify people--which means they can no longer identify themselves (it's noisy). If you don't perform that modification, you don't get any information with which to compromise the U2F system—which means putting the U2F database further back in a trust zone with a smaller attack service and replicating a read-only copy outside that zone can keep the hackers from actually getting anything useful.
I specify that Congress should make broad legislation allowing a regulatory agency to select the most-appropriate, affordable, and effective technology of today; and today, that is the FIDO U2F Security key with RSA or ECC encryption. That's how I'm going to defeat identity theft once and for all.
USB-c standardizes a connector sized for your phone, so you can plug devices into your phone without a cable. If your PC has a USB-c port and you get a Yubikey 4C, you can plug the device into your phone or your PC.
USB-c is the future. That means we're right now banging our heads on the wall and hoping that our next Chromebooks and desktops have, like, 6 USB-c ports and 6 USB3 ports.
This time around, however, the same chipset can control USB3 and USB-C ports. No fighting over parallel/serial ports taking up real estate and extra board space; it's the $1 connector that matters. That means you can have a ribbon cable on your case run to the USB-C on-board pins and, if you wanted USB-A, your case manufacturer can allow you to pop off the USB-C port bank and put a USB-A port bank there. The motherboard can include an extra set of USB controller pins, and you can use a USB-C riser or a USB-A riser to add the ports to the back of your case. The fixed block of connectors soldered to the board, however, will be A or C, not both.
Number of deaths are not the only factors either. Non-fatal healthcare costs, lost productivity...
especially since "dying" isn't binary when you get past bullets to the head. Even highway safety measures come down to death, dismemberment, or property damage.
Essentially, the debate is about keeping as broad a safety margin as possible.
If it were trivially-cheap to analyze water for the presence of lead--let's say it cost 1 penny per hundred billion gallons of treated water to remove and verify lead content down to the 1/1,000,000 ppb level (that means any given lake-sized volume of treated water has a high likelihood of having zero lead atoms in it period)--we would mandate that. Why wouldn't you?
What failures in measurement expose us to additional radiation? What procedures (e.g. radiology) do we go through that exposes us to additional radiation? For a population of hundreds of million, is this level of radiation prone to cause a hundred more incidences of cancer (trivial) on its own, before interacting with other factors?
One person in America dying every year might be a triviality. If it costs millions of dollars to prevent that, well, let's not do it: you'll save more lives investing that in charity and anti-poverty measures. If it costs pennies per year, then yes let's do that.
"Pennies" quickly becomes "dollars" and "millions of dollars" as you add zeroes onto the end of that one person. 1,000 persons per year? Maybe we want to invest several million dollars into this--especially since "dying" isn't binary when you get past bullets to the head. Even highway safety measures come down to death, dismemberment, or property damage.
It's a matter of risk--a highly-technical concept nobody seems to know all that much about.
Slashdot Mirror
The cleaning crew and receptionist are dangerous. This is known and ignored.
Looking like you belong there--particularly, like you're in charge of the immediate situation--is called a Bavarian Fire Drill.
Computer hacking and penetration is a complex activity involving data collection and active compromise. Nobody gets points for being super-cool about it; you use DNS look-ups, interesting Google queries, and implied facts from public job postings to work out what questions to ask and even who to call if you want to do some direct data gathering.
Once, one of my biggest-balls-on-the-palm-tree coworkers walked through the front door of a big utility company by showing a fake badge and wearing a suit. The guards saw he had a badge, and that was good enough; he sat in the employee lounge, hacked their wifi, stole the Active Directory SAM database, stole some Exchange mailboxes, and left. No cantenna involved. If there was a network jack in a discrete location, he wouldn't have bothered hacking their wifi.
Kevin Mitnick said it's surprising what people will give you if you just ask for it like you don't know you shouldn't.
Dropping and then extracting a physical device to compromise the secrecy of the information stream between the keyboard and the motherboard is exactly the kind of thing a hacker would do. It's especially the kind of thing he'd do when nobody's around to see him poke at the back of the computer, while posing as tech support in case anyone catches him scrubbing all the malware from the computer to ensure actual tech support doesn't get called until he retrieves the device. You can make the device perfectly proxy the keyboard behind it and thus invisible to the OS.
Pretty much yes. It's like stealing a motorcycle: if you grab a unique sports bike and ride it like all hell to the chop shop, the police are coming to get you; if you grab a Kawasaki 650, there's thousands of them out on the street, and nobody notices unless you drive like a nut.
I'm not worried about anyone stealing my Zero SR when I get it.
I'm not sure a PIN actually adds any significant additional security.
Why do you need two-factor online when you can do it right through the browser? The W3C has accepted some FIDO specifications such as U2F as standards to access devices which sign a digital challenge; it amazes me they didn't produce an EVM-via-browser standard so you could use a USB EVM port to connect a credit card to your computer.
As with FIDO devices, the EVM device should indicate an attempt to use and require a physical hardware button press to acknowledge before actually sending anything to the EVM chip--no background pop-up windows silently racking up charges on your card. One charge, one button press. Alternately, they could refuse to allow more than one transaction at a time, such that running a transaction locked the device until you inserted a card, cancelled the transaction, or timed out--and then you must remove the card to begin the next transaction. That may be more-secure.
Seriously, why even have the PIN? The PIN is useful if the card isn't in your possession--at which point you call your bank.
It's not that it doesn't provide a layer of defense; it's that it provides a layer of defense for an extremely small attack window. You can't clone EVM because the chip is a computer with secure circuitry resistant to physical analysis and fault injection attacks--same with Yubikey-brand FIDO devices, and any other devices for which the vendor chooses a secure semiconductor supplier and secure build practices. You must physically possess the card to use it.
Is the PIN an unnecessary burden for this supposed security? Would showing your photo ID be an unnecessary burden? Would calling the bank to voice-verify each transaction be an unnecessary burden? Someone is going to say "yes" to one of these, or "yes" to the combination of all of them; yet doing all of these, mandatory, every time, undoubtedly provides further defense.
Does the threat model indicate that the PIN provides substantial additional security?
Auditing. The two receipts say "Merchant Copy" and "Customer Copy." If you print an extra copy, that's logged.
Plans can't win an unwinnable battle, so let's talk about the battlefield first.
Elijah Cummings won his last primary against a guy whose campaign was a vertical cell phone video where he rants about Elijah Cummings "has not fixed the issue" and that he's going to "go to Congress and get the money". He got 8.9% of the vote.
It's 25,000 votes to win. That's not a whole hell of a lot of bulk effort. It does mean getting most of the reliable voters (there are only 33,000 registered Democrats who voted in all of the last three primaries, out of around 50,000).
Elijah has only a few fanatics--and very few in the district. Most of his Facebook followers are all around the country; he has NINE THOUSAND people in District 7 actually interacting with his page (follow, comment, etc.) or posts about Elijah at all, out of 550,000 Moderate to Liberal democratic voters. He hardly communicates with anyone.
This uphill battle is turning more anti-climactic by the day. Nobody I encounter who isn't a raving Conservative fanatic really dislikes Elijah; he's a great community leader and he really does have the people's best interests at heart--he's just ineffective as all hell, and everybody knows it. The most I get in his favor is a consoling look and the counsel that I have a tough battle ahead of me; usually folks tell me that Elijah just isn't doing anything useful and needs to go, even though they don't think he's a bad guy--just a bad Congressman.
I actually encountered a political discussion group meeting in an elementary school that had replacing Elijah Cummings as a repeatedly-surfacing concern.
Do you know what the strategy is for that kind of playing field?
Name recognition and don't make people hate you.
I've been knocking on doors. I'm having actual campaign materials printed up. I have a Web site (which is getting some traffic at least). I've got a Facebook page that's getting followers, and I engage my followers; Elijah doesn't engage his, and I respond to his (sparse) posts and get people actually following me--I'm actually canvassing his own territory. I do the same on some radio show social media pages, and on some forums for the Democratic party. I have digital marketing campaigns that are giving me returns now at under 50 cents per click, follower, or whatnot.
Elijah loses more than 10% of the primary vote to no-names and unkempt fools--not to disparage anyone in particular, but the folks who have against him in recent elections haven't exactly been hard-hitting candidates. You can't even find out anything about these people, about their plans, their positions, anything. Do you really think he has standing power against a competent campaign?
Sure, he can fight back; the question is: is it too late? Everybody knows who Elijah is. What's he going to do? He can't open his mouth, shout loudly, and hope to get more name recognition; he has to convince people that the Elijah Cummings they know isn't the real Elijah Cummings. He doesn't have anything with which to fight back.
Will I win? I don't know. Can I win? I can crush this guy; but I can't do it without funding.
IMHO the solution is pretty simply. Eliminate corporate taxes - they just get passed on to people anyway
Actually, corporate income tax in 2016 drew $299.6 Billion out of $2,656 Billion from income taxes plus FICA. If my Universal Benefit had been in place, the tax rate would have changed from 35% to 34.6%; and the proportion going to the general corporate income tax would be $168 Billion. It's an ineffective revenue source; I only tax it for my Universal Benefit because that's a dividend off the entire economy--it's supposed to capture as near to a fixed share of all income as possible.
So negotiating with the Republicans each year to shave down the Corporate Tax Rate in exchange for knocking $8Bn or $12Bn off their ask for discretionary military spending is a viable way to eliminate the excess tax in a decade.
My Universal Benefit also displaces some of the load from Social Security's OASDI program (providing the same total benefit in retirement, but not all of it from Social Security's OASDI Trusts) to guarantee future Social Security solvency. Because it grows faster than OASDI's cost-of-living adjustments, it cuts into the program further as time goes by. This immediately sets FICA at 5.15% (cutting back the payroll tax), and further erodes it over time.
We can end with a 15% corporate income tax and an easy 1%+ cut in payroll taxes. Over time, this can reach a 10% universal benefit tax rate (my goal for my Universal Benefit is 10%, paid out starting at age 16) and a 5%+ drop in payroll taxes.
That all has to compete with policy for a shorter work week, a healthcare public option, and possibly better social security retirement benefits. Still, it's a direction to which we can progress at an ever-falling tax cost with ever-increasing benefits to the American people.
Okay, let me try instead. I'm running for House of Representatives in Maryland's 7th District, and I'm fairly-certain I can win that seat with under $50k--not that it'll be easy, but it's viable. If I can get $25/month commitments out of 100 people, I can probably fund out of my own pocket the rest of the way there; everything else is lifting the hardship off my personal finances and raising my chances of success.
My major platforms include an end to identity theft; a restructuring of welfare around a Universal Benefit (essentially a dividend of America's productivity) to lower the tax burden, totally-eliminate poverty, and guarantee Social Security's permanent solvency; and a public healthcare option to get healthcare to every American without excessive expense of a single-payer system.
I lean heavily toward fiscal responsibility, which is why my public healthcare option aims to narrow the $200 billion gap before levying any kind of tax to close it. With the $368B spending on Medicaid covering the poor, we could instead cover 55 million Americans with the average employer healthcare package, or 41 million Americans with zero-deductible healthcare.
With 70 million Americans without private insurance and an average of 50 million total coverage (with lower-incomes getting no out-of-pocket cost care), that's $185 billion in costs for the remaining full care coverage--although shuffling the numbers in different ways raises or lowers that a bit. Plans to provide a stronger employer healthcare mandate would reduce that price tag; plans to lower healthcare costs in general--such as by reducing generic drug costs--would also lower the cost of insurance. Both approaches mean any tax levied to cover this would be smaller.
As for identity theft, I plan on passing laws charging regulators to mandate the latest consumer-ready technology for credit issuance. That means low-cost, high-effectiveness. Today, that would be a FIDO U2F authentication with the CRAs: you go to a bank, show a hard ID (driver's license, passport, etc.), and plug your USB U2F device into a computer to establish a Trust relationship with each of the three CRAs.
That device holds a private encryption key (non-disclosed) used to sign challenges, so it becomes impossible to validate your identity with the CRAs unless you have the device itself--even if you hack the CRA and copy all the information they have about you. If you lose your key, voice-verification with the bank is sufficient to cancel the Trust: you can use your accounts, but can't open new ones until you physically enter a bank once. Otherwise, plug it into your computer or phone when you open a new credit account online so the bank can run a hard credit check with the CRAs.
Note that the details would be regulatory. Not only is this a good technical solution built in consideration of all identifiable risks, but it also minimizes the mandate by legislation: at most, I want to tell the regulators they must mandate feasible, inexpensive technology following any current standards on security as published by NIST. Note that NIST currently standardizes AES and Triple-DES for encryption, RSA and ECC for digital signatures, and so forth. The point is to ensure the regulation must deprecate an insecure technology when or before NIST says it's insecure, rather than exercising their own judgment.
Yes, I'm both a technologist (what a word) and a bureaucrat (I actually like project management more than technical work).
The Universal Benefit (which I might rename to Universal Dividend) is a foundation tying our entire anti-poverty system into one coherent effort. Essentially, I restructured the taxes to involve a 15% tax on all income (business and personal), which is paid out equally among all adults as if one adult represents one share
Yeah, it's time to play another round of Lying Terminated Employee or Shitty HR Department? Most folks have already decided, but we don't really know which it is yet.
I want to know if they used a pre-versus-AG version for the later plays, or if it learned from playing AG--because AG learned from humans, and playing against it transfers human knowledge to Zero.
How do you know the provider isn't storing a journal of pre-encrypted e-mails?
How do you know the provider hasn't received a National Security Letter forbidding them to tell anyone that they've been ordered to store the plain-text e-mails for you before encryption?
Your point is valid--they can do a one-way encryption--but it only raises further concerns. Fifty points to Ravenclaw, anyway; nice catch.
This is true. However, the technology is applicable in other ways.
I'm running for Congress, and have detailed a solution to identity theft which essentially involves banks and everyone else not opening new credit accounts without a hard credit check (which is today's situation), and those same entities validating your ID (Driver's ID, passport, etc.) face-to-face by proxy to establish identity with the CRAs via FIDO U2F. In this way, a credit check can only succeed if you have the equivalent of face-to-face photo ID validation (because the U2F credential proves that you passed this test at some point).
The weaknesses in that validation are a hacker taking control of the CRAs (all three) to approve hard credit checks; a hacker cracking RSA or ECC by using the public key to derive the private key (currently-impossible); a hacker hacking into your U2F device (not feasible—it shouldn't always be connected anyway, and many run EL5 verified code); stealing the U2F device; or a hacker replacing the keys at the CRAs with their own. The first and last require hacking all three CRAs simultaneously and are detectable (active interference or changing of credential), and you can cut down the attack surface for the last. If you've lost your U2F device, you can call your bank and have them cancel the trusts--your accounts work, but nobody can open new accounts as you until you physically enter a bank once.
I envision Congress passing a law requiring regulatory agencies to use the most up-to-date and affordable technology. NIST always has current technology listed as the standard, so tying these requirements to NIST published recommendations (meaning the credit regulators must clear their regulations with NIST and must jump when NIST says jump) may be a good way forward.
As you can see, a TOTP key is a stealable shared secret, and ineffective for this sort of protection; whereas the FIDO U2F security keys offer cryptographic verification at low cost and complexity, without sharing the identifying secret. That's why the difference matters: it's not that someone could hack your Gmail and paradoxically not be able to hack your Gmail, but that they could hack Equifax or Social Security and still not be able to apply for credit accounts, rental cars, and Government benefits as you. Knowing that such technology exists allows us to bring these protections to the American people.
The best part? These devices can hold over a thousand identities each, and select which to use based on the challenge. You don't need 14 different dongles; you need everyone to standardize around a single protocol and interface with your own personal device. You can walk into your bank for the credit check stuff (everyone checks you by the CRAs anyway), and walk into the DMV or a Social Security branch to establish individual identity trusts with every Government agency in that state and the Federal agencies. Two physical stops, two federation groups (Banks and CRAs; all Government agencies), one credential to carry. Note that every trust is a different key pair, and they're random: there's no standardized ID here, so we still need a separate Government identification standard if we want a real ID. This is a security device to identify a person when they can't present their actual ID--replacing the current method of asking them a bunch of questions.
Alt-Tab works the same way as ever; it's Win-Tab that does the expose view.
Fair enough. The two main problems USB-C tackled were reversability (I HAVE plugged a USB-A port in backwards) and standardization (there isn't a C-A and micro-C; there's one size for all, so you can plug USB devices into your phone). It takes a while for the standardization part to land; although, as I said above, it's possible to use the same pins on the board to wire an A or a C port.
My next phone will have USB-C. Samsung and Apple devices already run USB-C, but I'm going for a OnePlus 5 and Revolution Remix OS.
You know how passwords are stored hashed?
With the TOTP 2FA, a shared secret is stored in plaintext: the server and client must both know a secret string, which seeds a PRNG, and generates a time-based numeric output. That means the server doesn't take your 6-digit code and "verify" it; it calculates the same code and compares it. If you hack the server, you can grab the secret key and generate the same codes. It has the same at-rest security as a database of plaintext passwords.
With FIDO U2F devices, the device establishes trust by generating a key pair and sending the public key out. The private key stays on-device and is used to sign challenges. The secret required to prove your identity physically exists in one place: the FIDO device. You can't hack Google's servers and steal it.
No provider can encrypt all the e-mails stored on their server without holding the key themselves. End-to-end means it's encrypted at the end.
Congress is even slower than regulatory boards.
SHA256 is not an identification protocol.
The U2F system stores a private encryption key generated on the device only on the device itself. The 6-digit TOTP code is stored at both endpoints.
If you hack Equifax and they identify people by TOTP, you have all the TOTP keys and can pretend to be anyone. If they identify people by U2F, you have to modify the public keys Equifax uses to identify people--which means they can no longer identify themselves (it's noisy). If you don't perform that modification, you don't get any information with which to compromise the U2F system—which means putting the U2F database further back in a trust zone with a smaller attack service and replicating a read-only copy outside that zone can keep the hackers from actually getting anything useful.
I specify that Congress should make broad legislation allowing a regulatory agency to select the most-appropriate, affordable, and effective technology of today; and today, that is the FIDO U2F Security key with RSA or ECC encryption. That's how I'm going to defeat identity theft once and for all.
USB-c standardizes a connector sized for your phone, so you can plug devices into your phone without a cable. If your PC has a USB-c port and you get a Yubikey 4C, you can plug the device into your phone or your PC.
USB-c is the future. That means we're right now banging our heads on the wall and hoping that our next Chromebooks and desktops have, like, 6 USB-c ports and 6 USB3 ports.
This time around, however, the same chipset can control USB3 and USB-C ports. No fighting over parallel/serial ports taking up real estate and extra board space; it's the $1 connector that matters. That means you can have a ribbon cable on your case run to the USB-C on-board pins and, if you wanted USB-A, your case manufacturer can allow you to pop off the USB-C port bank and put a USB-A port bank there. The motherboard can include an extra set of USB controller pins, and you can use a USB-C riser or a USB-A riser to add the ports to the back of your case. The fixed block of connectors soldered to the board, however, will be A or C, not both.
Number of deaths are not the only factors either. Non-fatal healthcare costs, lost productivity...
especially since "dying" isn't binary when you get past bullets to the head. Even highway safety measures come down to death, dismemberment, or property damage.
I think I had that covered.
Excessive costs actually reduce what other things can be done, increasing problems elsewhere--more poverty, more sickness and death that way.
I should have said "feasible" though. The extrapolation into whole-system is complex and it wasn't a whole-system-optimization statement.
I did go into a full explanation of cost-benefit trade-offs, though, so you're just being obtuse tbh.
Essentially, the debate is about keeping as broad a safety margin as possible.
If it were trivially-cheap to analyze water for the presence of lead--let's say it cost 1 penny per hundred billion gallons of treated water to remove and verify lead content down to the 1/1,000,000 ppb level (that means any given lake-sized volume of treated water has a high likelihood of having zero lead atoms in it period)--we would mandate that. Why wouldn't you?
What failures in measurement expose us to additional radiation? What procedures (e.g. radiology) do we go through that exposes us to additional radiation? For a population of hundreds of million, is this level of radiation prone to cause a hundred more incidences of cancer (trivial) on its own, before interacting with other factors?
One person in America dying every year might be a triviality. If it costs millions of dollars to prevent that, well, let's not do it: you'll save more lives investing that in charity and anti-poverty measures. If it costs pennies per year, then yes let's do that.
"Pennies" quickly becomes "dollars" and "millions of dollars" as you add zeroes onto the end of that one person. 1,000 persons per year? Maybe we want to invest several million dollars into this--especially since "dying" isn't binary when you get past bullets to the head. Even highway safety measures come down to death, dismemberment, or property damage.
It's a matter of risk--a highly-technical concept nobody seems to know all that much about.