Nope. There is no limit to the resolution of reality, only of the instruments we use to measure it. So stop trying to make others accept your obscurantist idea that there's a limit to what there is to know.
Replace all corrupted clowns chosen by rigged popularity contests with math.
Question: What do you use to rig a popularity contest with?
Massive campaigns. for the clowns. I think you call them Political Action Committees.
Math can be trusted.
Yes, but not the people doing the math.
Invalid argument : reproducible results are reproducible. "Making no sense" is a reproducible result.
Public data can be verified.
You can GIGO the same errors over and over.
Anything short of "free to know for everyone everywhere forever" has no place in public policy space.
Where's the torrent for this data? Oh, right... guess it "has no place in public policy space" then, eh?
What part of "public, open, free" don't you get? There are methods to verify data integrity and detect tampering. Fuck it, enshrine the measures in a blockchain to be sure. There, what "garbage in" now? As for garbage out, well no-one who'd publish anything based on that would have ANY credibility without disclosing at least enough to reproduce their results.
Where did I talk about majority? I think that no public decision should ever be enacted with anything less than "unanimity minus noise".
"Noise" includes "those who don't know what the they're talking about". There are ways that can be measured. So, it's not "those who talk the loudest".
I have more criteria for public decision-making, but "everyone agrees" is good for the first one.
This should replace elections. And elected officials. Measure the real people's publicly-stated opinions and rule from that.
Replace all corrupted clowns chosen by rigged popularity contests with math. Math can be trusted. Public data can be verified. Anything short of "free to know for everyone everywhere forever" has no place in public policy space.
Reading the article helps. He was arrested for "downloading excessive material". In other words, he had a legal JSTOR account, he wasn't accessing it illegally, he just downloaded more material than they wanted him to. Really? That's a crime now?
Where were you when we went over this in all its gory detail? Yes, this is Slashdot and everything The Man does is evil, so I get the whole simplification thing. But the real situation was actually a bit complicated. He basically tried to download every article they had, which went beyond the terms of use of the service.
Fuck the terms of use. They're not LAW. If a law says they are, well, the terms of use of the license for the copyright on this post say that you have no right to read it in full. You must not read more than half of it. Even if it includes your words, you have no right to read below this line the first time. Or read above this line the second time. ___________________________
His downloads impacted other users of the service at the time by slowing them down because - wait for it - he was trying to download everything and chewing up resources to do it.
So what? It's text. Text downloads fast. It's not like he coordinated a DDOS on JSTOR or anything.
His plan was to make all these articles available for free when access to them required a paid service.
The documents he planned to publish were public domain. Where were YOU when we discussed this at length?
He also hid the computer doing the work in a closet and took actions to hide his face from security cameras when going to the closet to check on his equipment. From a legal standpoint, this can be interpreted to mean he knew his actions were wrong.
LAWS DON'T MATTER. Reality matters. Victimless non-crimes have no reason to be prosecuted. This is self-evident.
There's a lot wrong with how the prosecutors handled this, but he was hardly some innocent school boy who got bullied for no reason.
Yes he was. "Lose half your citizenship and go to jail half a year, OR lose half your lifespan, your choice" is not bullying how?
Moreover, it's KNOWN and DOCUMENTED that he got prosecuted under any retarded law, for the political reason of to just shut him up as an activist.
They can't put everyone in prison. They can't raid every home. Let's botnet all the poorly-protected home routers in the world to slowly mine bitcoins and compute transactions : boom, billions of users worldwide to go raid in all jurisdictions of all civilized countries, tens of billions of attacks to trace down from dumb, dumb machines that don't log shit, to distributed attack tools that scramble all source and destination addresses, Hell on Earth for enforcement. This would make the Scientology vs. IRS swarm attack look like a playground dispute.
VAT doesn't affect international trade because it just doesn't apply there. That's a very, very profitable loophole : export over half your sales and the VAT office will pay you instead of the other way around. It's been abused in a lot of creative ways, and that's not going to stop, like, ever.
The effect on internal economy is to make a country poor. Can't have a rich country with poor people, and VAT diminishes buying power by its amount. Here in Belgium it's 21% on everything that's not food. Imagine having 21% of your income slashed down? And if your job is selling stuff, you get fucked twice : everything you sell (inside the country) is taxed on the end price, so you're fucked out of 21% of your list price, and then when you go buy stuff, you still get to pay everything at 1.21 times what it should cost.
Bitcoin is one of the very, very few truly resilient, truly p2p systems. There is no way to regulate it. All regulations on Bitcoin have to be hard-coded in the protocol spec, or else they're IMPOSSIBLE to enforce.
Bitcoin is the end of the world for governments. It's the money of the swarm. It's the Internet's native currency.
Yeah, so, one more sort-of-TOR, but with fixed servers in easy-to-raid locations.
They don't get it.
There is ONE way to make a REALLY resilient network. It's been proven over and over.
NO. CENTRAL. COMMAND. MESH EVERYTHING. ROUTE ERRYTHING BY DHTs. ALL NODES EQUAL PEERS. With the same capabilities. All nodes are routers. All nodes are relays. All nodes are bridges. All nodes are cell towers. Until we get rid of telcos/ISPs, all nodes are gateways, too.
Like TOR, but if everyone were a bridge and an exit relay and a cell tower.
THAT is unstoppable. Else there WILL be censorship and control and criminalization and destroyed lives like Aaron Swartz's.
You're an idiot. What ISP? The idea seems to be to make a full AS and THEN interface it with the other AS that make up Internet. Nothing is that has anything to do with the ludicrous scam that is the public-facing Internet access industry.
Of course they're "reading your emails". They're analyzed and graphed, completely and totally. Google knows what you say, where you are and when, where you live, what you read, your sexual preferences, your interests, probably what you eat, and has a satellite photo of your house.
There are no humans to read through it all, there's no need for that. It's just a big pile of data, but as soon as you go read up on what can be done with big piles of data, suddenly you stop worrying about privacy : it's completely dead. Or rather, it's stored on Google. And facebook. And twitter. And whatever Microsoft calls Hotmail this week. And partly shared with the rest of the Internet. And who goes see what published part of all that data is monitored by various federal agencies using deep packet inspection and other methods. So, yeah, the concept of privacy is dead. It's just a matter of who can go read what, and to what extent they're accountable. (Official agencies just pick up the phone and companies bend over backwards to get deep-probed, companies pretend not to share with one another, but really it's just unless you pony up more than what it's worth Right Now, and people who simply use the information systems are all criminals by default one way or another.)
You don't have accounts, on google/fb/whatever? Okay, they're still tracking you. When a site uses the Google API, of Facebook API, your computer sends a request to those servers. Those requests are logged, and they can track what you watch/read/see. It doesn't matter if your name doesn't appear in the data they have, they don't need it. They have one more person about whom they know most everything, so whose name it pertains to is irrelevant. And there are techniques to uniquely identify people even if they're trying to not be identified. Five ways to store flash cookies lol, anyone? Tracking a stream of Facebook App_IDs from server-side? It's enough to keep one key/value pair between a page and the next, then a key/value from that one to the next, and you can reconstruct the whole clickstream. Not even beginning to talk about reading the whole browser history and other server->client attacks.
You may use extreme techniques to not be tracked, but then you're in such a small fraction of their market that it doesn't matter : they track everyone else with enough success.
If it fails (probably will : making people pay for data can't compete with free data + premium manufactured matter) it will just be one more data point to inscribe on the spectrum of possible businesses sorted by level of success or failure.
SilkRoad is a sort of eBay for drugs. One guy was caught selling drugs, big deal : there are still thousand of others selling drugs on the site. It's like saying "Craigslist is DOOMED : a date rapist was caught using it!"
They have other bugs, still buffer overflows. Basically, all models that don't have sanitation on all inputs can be hacked that way. And there are zero consumer routers that sanitize everything. But there are a lot of consumer routers that can very simply be 0wned and stay 0wned.
Still wondering why anyone ever bothered making botnets out of Windows boxes. It's so much easier to keep routers infected than PCs.
So let's wait for them to implement that and watch the fireworks when Anonymous destroys the whole U.S. military.
Not that anyone would notice now that the DoD ensures no soldier ever sees real combat, only mercenaries do nowadays, because those have zero oversight. Will be interesting when they're the only ones with functioning kit in whichever Latveriastan.
How many vendors are going to patch some obsolete hw to get the lib updated?
Zero.
I would be surprised if they can build images for some of those old products.
I'm certain that most of them have simply lost or let bitrot the toolchains they need to build those images.
That said, it seems a bit of an uphill crack, you have to know the target CPU, the lib version, and prepare a useful injection rather than just a denial of service.
Pack several exploits in the worm.
Still, it is interesting that people are still acting as documented on data coming over the wire, sprintfs into buffers with %s was an eye opener to me. These days for web stuff I use the c++ string class, fixed c buffers look weak to me with unvalidated socket input.
H.
Shovelware kit will always be programmed all wrong and never be updated, be it by their rock-fuck owners or greedy makers.
Router software is utter, total, complete shit and all of it is attackable with 25-year-old buffer overflows.
GP is right. A worm packing a handful of attacks, designed to replicate on old routers, would make hundreds of millions of victims and nothing could stop it.
It would actually force the rock-stupid morons to replace their obsolete hardware, though. That would be a good thing. Even if they buy the new castrated shit hardware that won't ever be supported.
Yes, shovelware applies to hardware too. Hardware like home routers, which are NEVER EVER updated - be it by their rock-dumb owners or their irresponsible manufacturers.
And then this happens. All the time forever, until the greedy fucks who make those never-updated shit get slapped with fines for gazillions, and THEN the surviving ones would begin to think of SUPPORTING the crap they sell, instead of shoveling poorly-differentiated models that only exist to make the non-castrated one more expensive than it has any sort of right to be. But then market segmentation is worth so much more than supporting the products you sold! Why would they sell at what the product is worth (i.e. marginal production cost) when they can pretend to turn more profit by selling half-products at full price so that the complete product costs three times what it should? And when making several models by chopping out necessary things from the reference one, it gets much more complicated to support all the kinds of half-products, instead of making one that works well and is supported for long.
Also, the only company that does Just That - good productsat some price point, but no range of half-products headed by one real model (that all the shit ones are based on, minus vital features) happens to be the most profitable company in the world. Just sayin'.
Slashdot Mirror
Nope. There is no limit to the resolution of reality, only of the instruments we use to measure it. So stop trying to make others accept your obscurantist idea that there's a limit to what there is to know.
They ended up recognizing the fucking difference between the limitation of the INSTRUMENT and the precision of REALITY.
Took long enough. We're living in interesting times.
... until they figure out how to make more money by offering convenient way to get their recipes and raw materials to your printer.
After 20 years of painful expensive useless destructive litigation.
Replace all corrupted clowns chosen by rigged popularity contests with math.
Question: What do you use to rig a popularity contest with?
Massive campaigns. for the clowns. I think you call them Political Action Committees.
Math can be trusted.
Yes, but not the people doing the math.
Invalid argument : reproducible results are reproducible.
"Making no sense" is a reproducible result.
Public data can be verified.
You can GIGO the same errors over and over.
Anything short of "free to know for everyone everywhere forever" has no place in public policy space.
Where's the torrent for this data? Oh, right... guess it "has no place in public policy space" then, eh?
What part of "public, open, free" don't you get? There are methods to verify data integrity and detect tampering.
Fuck it, enshrine the measures in a blockchain to be sure. There, what "garbage in" now?
As for garbage out, well no-one who'd publish anything based on that would have ANY credibility without disclosing at least enough to reproduce their results.
"You can't fool all of the people all of the time". Discuss.
I don't get to decide who votes. What makes sense does.
There are ways to measure that. Distributed, open, transparent. We have such mechanisms right here on slashdot, tehy could be refined and adapted.
Where did I talk about majority? I think that no public decision should ever be enacted with anything less than "unanimity minus noise".
"Noise" includes "those who don't know what the they're talking about". There are ways that can be measured. So, it's not "those who talk the loudest".
I have more criteria for public decision-making, but "everyone agrees" is good for the first one.
I talk about open data, not manipulated results of undisclosed calculations.
This should replace elections. And elected officials. Measure the real people's publicly-stated opinions and rule from that.
Replace all corrupted clowns chosen by rigged popularity contests with math. Math can be trusted. Public data can be verified. Anything short of "free to know for everyone everywhere forever" has no place in public policy space.
That is all.
Reading the article helps. He was arrested for "downloading excessive material". In other words, he had a legal JSTOR account, he wasn't accessing it illegally, he just downloaded more material than they wanted him to. Really? That's a crime now?
Where were you when we went over this in all its gory detail? Yes, this is Slashdot and everything The Man does is evil, so I get the whole simplification thing. But the real situation was actually a bit complicated. He basically tried to download every article they had, which went beyond the terms of use of the service.
Fuck the terms of use. They're not LAW. If a law says they are, well, the terms of use of the license for the copyright on this post say that you have no right to read it in full. You must not read more than half of it. Even if it includes your words, you have no right to read below this line the first time. Or read above this line the second time.
___________________________
His downloads impacted other users of the service at the time by slowing them down because - wait for it - he was trying to download everything and chewing up resources to do it.
So what? It's text. Text downloads fast. It's not like he coordinated a DDOS on JSTOR or anything.
His plan was to make all these articles available for free when access to them required a paid service.
The documents he planned to publish were public domain. Where were YOU when we discussed this at length?
He also hid the computer doing the work in a closet and took actions to hide his face from security cameras when going to the closet to check on his equipment. From a legal standpoint, this can be interpreted to mean he knew his actions were wrong.
LAWS DON'T MATTER. Reality matters. Victimless non-crimes have no reason to be prosecuted. This is self-evident.
There's a lot wrong with how the prosecutors handled this, but he was hardly some innocent school boy who got bullied for no reason.
Yes he was. "Lose half your citizenship and go to jail half a year, OR lose half your lifespan, your choice" is not bullying how?
Moreover, it's KNOWN and DOCUMENTED that he got prosecuted under any retarded law, for the political reason of to just shut him up as an activist.
They can't put everyone in prison. They can't raid every home. Let's botnet all the poorly-protected home routers in the world to slowly mine bitcoins and compute transactions : boom, billions of users worldwide to go raid in all jurisdictions of all civilized countries, tens of billions of attacks to trace down from dumb, dumb machines that don't log shit, to distributed attack tools that scramble all source and destination addresses, Hell on Earth for enforcement. This would make the Scientology vs. IRS swarm attack look like a playground dispute.
VAT doesn't affect international trade because it just doesn't apply there. That's a very, very profitable loophole : export over half your sales and the VAT office will pay you instead of the other way around. It's been abused in a lot of creative ways, and that's not going to stop, like, ever.
The effect on internal economy is to make a country poor. Can't have a rich country with poor people, and VAT diminishes buying power by its amount. Here in Belgium it's 21% on everything that's not food. Imagine having 21% of your income slashed down? And if your job is selling stuff, you get fucked twice : everything you sell (inside the country) is taxed on the end price, so you're fucked out of 21% of your list price, and then when you go buy stuff, you still get to pay everything at 1.21 times what it should cost.
Look to control it. And FAIL, HARD.
Bitcoin is one of the very, very few truly resilient, truly p2p systems. There is no way to regulate it. All regulations on Bitcoin have to be hard-coded in the protocol spec, or else they're IMPOSSIBLE to enforce.
Bitcoin is the end of the world for governments. It's the money of the swarm. It's the Internet's native currency.
Yeah, so, one more sort-of-TOR, but with fixed servers in easy-to-raid locations.
They don't get it.
There is ONE way to make a REALLY resilient network. It's been proven over and over.
NO. CENTRAL. COMMAND.
MESH EVERYTHING.
ROUTE ERRYTHING BY DHTs.
ALL NODES EQUAL PEERS. With the same capabilities. All nodes are routers. All nodes are relays. All nodes are bridges. All nodes are cell towers. Until we get rid of telcos/ISPs, all nodes are gateways, too.
Like TOR, but if everyone were a bridge and an exit relay and a cell tower.
THAT is unstoppable. Else there WILL be censorship and control and criminalization and destroyed lives like Aaron Swartz's.
You're an idiot. What ISP? The idea seems to be to make a full AS and THEN interface it with the other AS that make up Internet. Nothing is that has anything to do with the ludicrous scam that is the public-facing Internet access industry.
Of course they're "reading your emails". They're analyzed and graphed, completely and totally. Google knows what you say, where you are and when, where you live, what you read, your sexual preferences, your interests, probably what you eat, and has a satellite photo of your house.
There are no humans to read through it all, there's no need for that. It's just a big pile of data, but as soon as you go read up on what can be done with big piles of data, suddenly you stop worrying about privacy : it's completely dead. Or rather, it's stored on Google. And facebook. And twitter. And whatever Microsoft calls Hotmail this week. And partly shared with the rest of the Internet.
And who goes see what published part of all that data is monitored by various federal agencies using deep packet inspection and other methods. So, yeah, the concept of privacy is dead. It's just a matter of who can go read what, and to what extent they're accountable. (Official agencies just pick up the phone and companies bend over backwards to get deep-probed, companies pretend not to share with one another, but really it's just unless you pony up more than what it's worth Right Now, and people who simply use the information systems are all criminals by default one way or another.)
You don't have accounts, on google/fb/whatever? Okay, they're still tracking you. When a site uses the Google API, of Facebook API, your computer sends a request to those servers. Those requests are logged, and they can track what you watch/read/see. It doesn't matter if your name doesn't appear in the data they have, they don't need it. They have one more person about whom they know most everything, so whose name it pertains to is irrelevant. And there are techniques to uniquely identify people even if they're trying to not be identified. Five ways to store flash cookies lol, anyone? Tracking a stream of Facebook App_IDs from server-side? It's enough to keep one key/value pair between a page and the next, then a key/value from that one to the next, and you can reconstruct the whole clickstream. Not even beginning to talk about reading the whole browser history and other server->client attacks.
You may use extreme techniques to not be tracked, but then you're in such a small fraction of their market that it doesn't matter : they track everyone else with enough success.
If it fails (probably will : making people pay for data can't compete with free data + premium manufactured matter) it will just be one more data point to inscribe on the spectrum of possible businesses sorted by level of success or failure.
HURR HURR HURR DURR.
It's located on the Internet.
In TOR.
Rock-fuck stupid cretinous imbecile, that's the point. It's nowhere.
Yeah, and those "worst pathologocal personalities" never happen to become cops, hmm?
SilkRoad is a sort of eBay for drugs. One guy was caught selling drugs, big deal : there are still thousand of others selling drugs on the site. It's like saying "Craigslist is DOOMED : a date rapist was caught using it!"
They have other bugs, still buffer overflows. Basically, all models that don't have sanitation on all inputs can be hacked that way. And there are zero consumer routers that sanitize everything. But there are a lot of consumer routers that can very simply be 0wned and stay 0wned.
Still wondering why anyone ever bothered making botnets out of Windows boxes. It's so much easier to keep routers infected than PCs.
It will not be well-designed.
So let's wait for them to implement that and watch the fireworks when Anonymous destroys the whole U.S. military.
Not that anyone would notice now that the DoD ensures no soldier ever sees real combat, only mercenaries do nowadays, because those have zero oversight. Will be interesting when they're the only ones with functioning kit in whichever Latveriastan.
How many vendors are going to patch some obsolete hw to get the lib updated?
Zero.
I would be surprised if they can build images for some of those old products.
I'm certain that most of them have simply lost or let bitrot the toolchains they need to build those images.
That said, it seems a bit of an uphill crack, you have to know the target CPU, the lib version, and prepare a useful injection rather than just a denial of service.
Pack several exploits in the worm.
Still, it is interesting that people are still acting as documented on data coming over the wire, sprintfs into buffers with %s was an eye opener to me. These days for web stuff I use the c++ string class, fixed c buffers look weak to me with unvalidated socket input.
H.
Shovelware kit will always be programmed all wrong and never be updated, be it by their rock-fuck owners or greedy makers.
Router software is utter, total, complete shit and all of it is attackable with 25-year-old buffer overflows.
GP is right. A worm packing a handful of attacks, designed to replicate on old routers, would make hundreds of millions of victims and nothing could stop it.
It would actually force the rock-stupid morons to replace their obsolete hardware, though. That would be a good thing. Even if they buy the new castrated shit hardware that won't ever be supported.
Yes, shovelware applies to hardware too. Hardware like home routers, which are NEVER EVER updated - be it by their rock-dumb owners or their irresponsible manufacturers.
And then this happens. All the time forever, until the greedy fucks who make those never-updated shit get slapped with fines for gazillions, and THEN the surviving ones would begin to think of SUPPORTING the crap they sell, instead of shoveling poorly-differentiated models that only exist to make the non-castrated one more expensive than it has any sort of right to be. But then market segmentation is worth so much more than supporting the products you sold! Why would they sell at what the product is worth (i.e. marginal production cost) when they can pretend to turn more profit by selling half-products at full price so that the complete product costs three times what it should? And when making several models by chopping out necessary things from the reference one, it gets much more complicated to support all the kinds of half-products, instead of making one that works well and is supported for long.
Also, the only company that does Just That - good productsat some price point, but no range of half-products headed by one real model (that all the shit ones are based on, minus vital features) happens to be the most profitable company in the world. Just sayin'.