I wonder though if you use plugins like HTTPS everywhere (encrypting your traffic) in conjunction with Tor (giving you the anonymity) then you should be OK? Assuming obviously that no one can break your SSL encryption!
it's a good thing, overall this will change the teacher's role: before the main teacher's functionality was to carry around the knowledge and transmit it to the students. this is no more necessary in Internet age, the knowledge the students can find it online or through google, tens/hundreds of books/tutorials/etc available. then the prof's role is to interact with the students to make them think, to nourish their sense of curiosity and know how. mainly to build their character
instead of their knowing things.
i'm not surprised that unions are against. mainly, unions largely failed to evolve with time, instead of considering the evolution of their members and their adaptation in the new reality, they stick to old teaching schema.
I believe that it's necessary even the duty of the government to protect sensitive infrastructure. Though, as this is the case with many other governmental institutions, there is need for close monitoring and supervision of these organizations by external committees/organization controlled by legislative or at least an elected parliament! The lack of this can end up to what was revealed to the public couple of years ago: NSA monitoring millions of US citizens without any warrant or justifications!
See http://en.wikipedia.org/wiki/NSA_call_database
"The existence of this database and the NSA program that compiled it was unknown to the general public until USA Today broke the story on May 10, 2006.[1] It is estimated that the database contains over 1.9 trillion call-detail records.[2] According to Bloomberg News, the effort began approximately seven months before the September 11, 2001 attacks.[3]"
By analogy to viruses and human beings, in any human society sick people (infected by viruses) go around the city without being bothered, nobody will ask the public transport system to scan the users and bar sick people from taking the bus in order not to infect other people in the bus. this should be the same for ISPs! Just in case of very malicious behavior the ISP should intervene to bar access to its network!
Perhaps a way to go is to permit only using slate machines, ex iPad or Table PCs. This way, you have the power of digital media and at the same time, it's much harder to play games or social networking in the class? Just an idea!
I don't blame students, I believe this is mainly a system's structural problem. Our value system is built around monetary compensation but when it comes to scientific research, we (specially our leaders) are not ready to compensate the Ph.D. students with high salaries. I don't believe it's our students' fault but this is value system problem which doesn't consider long term efforts and is obsessed by short term. We should pay our Pd.D. students more and we'll see many more students doing brilliant Ph.Ds on science etc. But instead, we are obsessed by short term: it's much cheaper to hire students from third world than increasing Ph.D. scholarships etc The US government spends billions in useless wars, but when it comes to paying our students for them to have better lives, create highly qualified jobs for the future and be a long term investment in our societies they simply forfeit!
During Iran June elections unrest, Youtube, and Twitter were integral part of the democratic movement in Iran. By disseminating the info and relying the opposition they helped fight Iranian totalitarian regime, and the repeated efforts of Iranian government to cut even the Internet and censor the access to the Internet says much about how afraid they are from the free Internet.
Denying people in these countries access to the open software they can use to spread the Internet and related technology, therefore indirectly spreading democracy in their countries, and fight against their totalitarian regimes seems to be completely counter productive?
I wonder how this could help anybody? How this can specially help freedom in the world? Specially, that the governments in these countries controling the Internet access can work around this control spending a couple of hundreds of dollars buying access in any place else in the world, be it China or elsewhere in the middle east!
For Twitter, US administration even asked Twitter to help, can anybody in US administration understands the issue and make some amendments?
Be in research in North America for more than 15 years now. In reality, the important number of Chinese researchers in north American universities is due rather to the lack of interest from North American students for long term studies: 80% of Masters and PhD students in computer science in North American universities are from the third world, e.g. China and India.
this is not simply a matter of conjecture, it's a deep trend which takes root in North American value system which everything is
evaluated in dollars. In these terms, how to motivate the students to pursue higher studies, paid a misery for 4-5 years to have their
Ph.Ds in order to have a job underpaid compared to their colleagues who went to the industry?
IMO, the main issue is that ISPs throttle encrypted data and "try to" monitor it as an indication of botnet activity etc, e.g. all commands from command and control centers to bots are encrypted
that said, the main CPU challenge is on the server side and not on the client side: when google servers receive each thousands of encrypted packets the sum of decryption load on CPU is the problem. On client side, I don't believe that with modern CPUs the extra load is significant,
I guess the main target of VMWare are corporates and enterprises. These corporates are ready to spend some extra dollars to be sure that their data is secure. Not to mention, the government and banking institutions which are ready to pay big bucks to be sure that there is no breach in their security.
Read the article! This is not any material, this is material to censor people asking for their freedom! If yet you don't see anything wrong, I'm sorry for you!
Don't be blinded by misplaced national pride or material interest! This is freedom we talk about! Who knows whose turn would be tomorrow?
sad to say, but many often the job is just a curtain in front of your reality: it covers the unbearable emptiness of your life, once it's gone, you don't have any choice to see the reality!
There are secure versions of Linux as for Windows and I know that everybody knows it but the main source of vulnerability on server side is not the OS itself but the misconfigurations.
That said, not to evade the question, I believe that from a general point of view, Linux is considered to be more secure than Windows. There are several reasons to that.
- Even though Windows has made huge progress in security field during past several years, Windows is still the target Os of choice for hackers and criminals (IMO the main reasons being economics and the difficulty of securing huge windows code base). This makes the exposure to the possible attacks on Windows higher than on Linux side.
- Linux has less exposure, IMO the main reason is not because of lesser vulnerability per line of code ratio but mainly because there are less hacks/exploits available on the criminal market for Linux.
There is an increase in attacks on Linux servers using Apache-Php but still a hardened Linux server is considered to be safer compared to Windows.
There are many more containment measures possible on Linux than on windows.
- All major Linux distros now have security modules already integrated (which can be loaded/unloaded for performance needs). These modules are somehow difficult to use. Some examples are Red Hat + SeLinux, Suse + AppArmor etc. These distros provide MAC, RBAC etc. They've been used to achieve high degrees of Common Criteria evaluations: EAL4+ for Red Hat/Oracle
(http://www.oracle.com/technology/deploy/security/seceval/security-evaluations.html),
EAL4+ for Suse/IBM (http://www.novell.com/news/press/archive/2005/02/pr05013.html) etc.
Naturally, this is not the entire Linux distros which have been certified but a particular distro with defined applications and software. BTW, Windows has also achieved these levels of security.
This shows that Linux can get at least as secure as Windows.
How this system can protect against bad mouthing? For example a botnet can be used to distribute negative comments, evaluations about some security trusted web site or else. With the current size of botnets often more than tens of thousands of bots, it looks easy to launch a DoS attack on any web site out there. In an enterprise network the attacker can play its way to exclude all patch managing or admin systems from accessing the clients in the network and virtually forbid them managing the network!
very interesting read:
www.icsi.berkeley.edu/pubs/networking/2008-ccs-spamalytics.pdf
amny often the conversation rate is somewhere around 1/ 100 000
this is very low, the problem is that there is almost no cost for sending 100000 spams! Then even with this low rates you can still make money.
I only see one problem, associate some expense (very low) to the email you send, This will make the spam economics unbearable for mass spamers.
Motivation is the key: who would write those anti-malware viruses? The security business makes millions out of selling anti-malware software. Good sysadmins? Writing viruses, bad or good intentioned is still illegal, why should you risk your neck for some jerk who clicks on any s... he sees!
http://www.tfr.org/wiki/index.php?title=Technical_Proposal_(IPETEE) explains the protocol. Mainly, it does Diffie-Hellman to establish a session key and then encrypts everything. If the peer doesn't accept DH then it switches back to clear text. Simlpe but doesn't provide any peer authentication.
I believe they called it Opportunistic Encryption. And, actually it died because of the lack of interest from the users (see http://www.freeswan.org/ending_letter.html). But, perhaps now things begin to change with the users caring more about their privacy and a better knowledge of security techniques in general public.
I believe IPETEE has the advantage of not relying on DNS fields to publish your key,
I believe you finger point a fundemantal problem here: there is no one click addition in thunderbird because many people they still don't care about thier privacy. The situation slowly changes, you see more and more people concerned about privacy. BTW, I believe that thunderbird has a secure email add-on: enigmail
Once again, governments don't need to crack the encryption algo, the conversations are clear once beyond the tower in operator's network. This means with any legal intercept they can listen to all your conversations whatever encryption algo you use at radio level. i believe you refer to application level security, i.e. you use your own security application to encrypt your conversation. this is different from A5/3 or any other GSM encryption algo
I agree that DKIM can help (http://dkim.org/) BUT it's not going to solve all the problems. the point is that dkim is specially useful to authenticate the sender. I see two problems with this, 1) Many spammers aren't afraid of being authenticated. actually operating from some remote country it doesn't bother them to be identified. 2) The problem of zombies, spam today is principally generated from botnets and so on. This means that the spam could be sent from very legitimate addresses.
I believe some simple solution would be to make people pay per email they send. This is mainly the reason we don't receive tons of junk at our door everyday. Spammers can't afford to send millions of emails a day if they have to pay for it and the zombie PC owners would spend more money to protect their systems if they have 100$ bills to pay every month. I know that this is completely different from the current approach of free email but I believe over time this is the best solution to change the economics of spam. I see it as a lost of innocence of Internet:-)
You mention:
My point is this: If Islamic cultures didn't produce so many overtly "bad" outcomes, we wouldn't even be having this conversation.
I believe that this is a really thin reasoning: during the 19th century and beginning of 20th century antisemitism and racism dominated European political and social scene: should at that time one argues that because people discussed and accepted as a fact the existence of inferior races, therefore they should be inferior!? IMO, the popular ideas generally take root in simplicity, and conformism, both great fertilizers for mediocre and intolerant thinking!
Worrying about the "rich tapestry" of Muslim culture and evaluating its merit is comparable to saying... The "rich tapestry" as you mention counts for more than 1.4 Billion or 1/5 of human kind (according to Wikipedia http://en.wikipedia.org/wiki/List_of_religious_populations), I believe that it's necessary for Muslims and others to find a way to peacefully live together. Otherwise, we're set for long useless bloody miscomprehension and perhaps even wars!
You gotta get the big things right (like not blowing up people and things, and torturing and beheading and mutilating) before we can really look at that "rich tapestry of human experience." It's never a good thing to proceed by simplistic examples and take it for reasoning: any of the actions you mention above can be applied to US Army in Iraq: numerous errors and sometimes exactions leading to civilian losses, not to mention Abou Gharib, etc etc Should we then argue that American Army is a bunch of savage blood thirsty mercenaries? As the Muslim extremists do? Or should we conclude in reality that in the presence of difficult situations, weak moral leadership and more than I fail to mention sometimes the worst of human kind shows up?
We, as humans living the same planet, should find a way to cope with our differences in a peaceful way! Without being naive and denying the existence of differences and problems, accusing the other of the worst intentions doesn't help!
Well, I believe that there are two different matters here: culture and social advancement.
For me a culture could be very rich but this doesn't always apply that it will translate into social advancement. Let me give you an example, China and India have definitely very rich cultures, but they are not socially more advanced than Western Europe/North America. If we measure the social advancement by the presence of democracy, free press, free religious rights, the production of art, number of libraries etc In all these Western Europe/North America do much better than China and India (Note that China and India are catching up fast but they are still behind).
Many Muslim countries have very rich culture: Iraq, Iran, Turkey etc but they are not socially advanced: no free press, no democracy etc.
Now, to answer your question it comes to define what means as "good" as Western countries? If by this we mean the culture, then Muslim countries can defend their culture and say that it's not that bad. If we mean by as "good" as, anything measurable like the are production, number of libraries, free press etc. Well, my conclusion is that there is no Muslim country I know of which can say they are doing as well as any Western Europe/North American country.
Slashdot Mirror
I wonder though if you use plugins like HTTPS everywhere (encrypting your traffic) in conjunction with Tor (giving you the anonymity) then you should be OK? Assuming obviously that no one can break your SSL encryption!
it's a good thing, overall this will change the teacher's role: before the main teacher's functionality was to carry around the knowledge and transmit it to the students. this is no more necessary in Internet age, the knowledge the students can find it online or through google, tens/hundreds of books/tutorials/etc available. then the prof's role is to interact with the students to make them think, to nourish their sense of curiosity and know how. mainly to build their character instead of their knowing things. i'm not surprised that unions are against. mainly, unions largely failed to evolve with time, instead of considering the evolution of their members and their adaptation in the new reality, they stick to old teaching schema.
I believe that it's necessary even the duty of the government to protect sensitive infrastructure. Though, as this is the case with many other governmental institutions, there is need for close monitoring and supervision of these organizations by external committees/organization controlled by legislative or at least an elected parliament! The lack of this can end up to what was revealed to the public couple of years ago: NSA monitoring millions of US citizens without any warrant or justifications! See http://en.wikipedia.org/wiki/NSA_call_database "The existence of this database and the NSA program that compiled it was unknown to the general public until USA Today broke the story on May 10, 2006.[1] It is estimated that the database contains over 1.9 trillion call-detail records.[2] According to Bloomberg News, the effort began approximately seven months before the September 11, 2001 attacks.[3]"
By analogy to viruses and human beings, in any human society sick people (infected by viruses) go around the city without being bothered, nobody will ask the public transport system to scan the users and bar sick people from taking the bus in order not to infect other people in the bus. this should be the same for ISPs! Just in case of very malicious behavior the ISP should intervene to bar access to its network!
Perhaps a way to go is to permit only using slate machines, ex iPad or Table PCs. This way, you have the power of digital media and at the same time, it's much harder to play games or social networking in the class? Just an idea!
I don't blame students, I believe this is mainly a system's structural problem. Our value system is built around monetary compensation but when it comes to scientific research, we (specially our leaders) are not ready to compensate the Ph.D. students with high salaries. I don't believe it's our students' fault but this is value system problem which doesn't consider long term efforts and is obsessed by short term. We should pay our Pd.D. students more and we'll see many more students doing brilliant Ph.Ds on science etc. But instead, we are obsessed by short term: it's much cheaper to hire students from third world than increasing Ph.D. scholarships etc The US government spends billions in useless wars, but when it comes to paying our students for them to have better lives, create highly qualified jobs for the future and be a long term investment in our societies they simply forfeit!
the problem is that it takes so much CPU load and time for training and in addition what to do with the false positives?
During Iran June elections unrest, Youtube, and Twitter were integral part of the democratic movement in Iran. By disseminating the info and relying the opposition they helped fight Iranian totalitarian regime, and the repeated efforts of Iranian government to cut even the Internet and censor the access to the Internet says much about how afraid they are from the free Internet. Denying people in these countries access to the open software they can use to spread the Internet and related technology, therefore indirectly spreading democracy in their countries, and fight against their totalitarian regimes seems to be completely counter productive? I wonder how this could help anybody? How this can specially help freedom in the world? Specially, that the governments in these countries controling the Internet access can work around this control spending a couple of hundreds of dollars buying access in any place else in the world, be it China or elsewhere in the middle east! For Twitter, US administration even asked Twitter to help, can anybody in US administration understands the issue and make some amendments?
Be in research in North America for more than 15 years now. In reality, the important number of Chinese researchers in north American universities is due rather to the lack of interest from North American students for long term studies: 80% of Masters and PhD students in computer science in North American universities are from the third world, e.g. China and India. this is not simply a matter of conjecture, it's a deep trend which takes root in North American value system which everything is evaluated in dollars. In these terms, how to motivate the students to pursue higher studies, paid a misery for 4-5 years to have their Ph.Ds in order to have a job underpaid compared to their colleagues who went to the industry?
IMO, the main issue is that ISPs throttle encrypted data and "try to" monitor it as an indication of botnet activity etc, e.g. all commands from command and control centers to bots are encrypted that said, the main CPU challenge is on the server side and not on the client side: when google servers receive each thousands of encrypted packets the sum of decryption load on CPU is the problem. On client side, I don't believe that with modern CPUs the extra load is significant,
I guess the main target of VMWare are corporates and enterprises. These corporates are ready to spend some extra dollars to be sure that their data is secure. Not to mention, the government and banking institutions which are ready to pay big bucks to be sure that there is no breach in their security.
Read the article! This is not any material, this is material to censor people asking for their freedom! If yet you don't see anything wrong, I'm sorry for you! Don't be blinded by misplaced national pride or material interest! This is freedom we talk about! Who knows whose turn would be tomorrow?
Don't forget social networking! This is one of greatest tools to trace people, to see who knows who! And who says what!
sad to say, but many often the job is just a curtain in front of your reality: it covers the unbearable emptiness of your life, once it's gone, you don't have any choice to see the reality!
There are secure versions of Linux as for Windows and I know that everybody knows it but the main source of vulnerability on server side is not the OS itself but the misconfigurations. That said, not to evade the question, I believe that from a general point of view, Linux is considered to be more secure than Windows. There are several reasons to that. - Even though Windows has made huge progress in security field during past several years, Windows is still the target Os of choice for hackers and criminals (IMO the main reasons being economics and the difficulty of securing huge windows code base). This makes the exposure to the possible attacks on Windows higher than on Linux side. - Linux has less exposure, IMO the main reason is not because of lesser vulnerability per line of code ratio but mainly because there are less hacks/exploits available on the criminal market for Linux. There is an increase in attacks on Linux servers using Apache-Php but still a hardened Linux server is considered to be safer compared to Windows. There are many more containment measures possible on Linux than on windows. - All major Linux distros now have security modules already integrated (which can be loaded/unloaded for performance needs). These modules are somehow difficult to use. Some examples are Red Hat + SeLinux, Suse + AppArmor etc. These distros provide MAC, RBAC etc. They've been used to achieve high degrees of Common Criteria evaluations: EAL4+ for Red Hat/Oracle (http://www.oracle.com/technology/deploy/security/seceval/security-evaluations.html), EAL4+ for Suse/IBM (http://www.novell.com/news/press/archive/2005/02/pr05013.html) etc. Naturally, this is not the entire Linux distros which have been certified but a particular distro with defined applications and software. BTW, Windows has also achieved these levels of security. This shows that Linux can get at least as secure as Windows.
How this system can protect against bad mouthing? For example a botnet can be used to distribute negative comments, evaluations about some security trusted web site or else. With the current size of botnets often more than tens of thousands of bots, it looks easy to launch a DoS attack on any web site out there. In an enterprise network the attacker can play its way to exclude all patch managing or admin systems from accessing the clients in the network and virtually forbid them managing the network!
very interesting read: www.icsi.berkeley.edu/pubs/networking/2008-ccs-spamalytics.pdf amny often the conversation rate is somewhere around 1/ 100 000 this is very low, the problem is that there is almost no cost for sending 100000 spams! Then even with this low rates you can still make money. I only see one problem, associate some expense (very low) to the email you send, This will make the spam economics unbearable for mass spamers.
Motivation is the key: who would write those anti-malware viruses? The security business makes millions out of selling anti-malware software. Good sysadmins? Writing viruses, bad or good intentioned is still illegal, why should you risk your neck for some jerk who clicks on any s... he sees!
http://www.tfr.org/wiki/index.php?title=Technical_Proposal_(IPETEE) explains the protocol. Mainly, it does Diffie-Hellman to establish a session key and then encrypts everything. If the peer doesn't accept DH then it switches back to clear text. Simlpe but doesn't provide any peer authentication.
I believe they called it Opportunistic Encryption. And, actually it died because of the lack of interest from the users (see http://www.freeswan.org/ending_letter.html). But, perhaps now things begin to change with the users caring more about their privacy and a better knowledge of security techniques in general public. I believe IPETEE has the advantage of not relying on DNS fields to publish your key,
I believe you finger point a fundemantal problem here: there is no one click addition in thunderbird because many people they still don't care about thier privacy. The situation slowly changes, you see more and more people concerned about privacy. BTW, I believe that thunderbird has a secure email add-on: enigmail
Once again, governments don't need to crack the encryption algo, the conversations are clear once beyond the tower in operator's network. This means with any legal intercept they can listen to all your conversations whatever encryption algo you use at radio level. i believe you refer to application level security, i.e. you use your own security application to encrypt your conversation. this is different from A5/3 or any other GSM encryption algo
I agree that DKIM can help (http://dkim.org/) BUT it's not going to solve all the problems. the point is that dkim is specially useful to authenticate the sender. I see two problems with this, 1) Many spammers aren't afraid of being authenticated. actually operating from some remote country it doesn't bother them to be identified. 2) The problem of zombies, spam today is principally generated from botnets and so on. This means that the spam could be sent from very legitimate addresses. I believe some simple solution would be to make people pay per email they send. This is mainly the reason we don't receive tons of junk at our door everyday. Spammers can't afford to send millions of emails a day if they have to pay for it and the zombie PC owners would spend more money to protect their systems if they have 100$ bills to pay every month. I know that this is completely different from the current approach of free email but I believe over time this is the best solution to change the economics of spam. I see it as a lost of innocence of Internet :-)
Worrying about the "rich tapestry" of Muslim culture and evaluating its merit is comparable to saying
Well, I believe that there are two different matters here: culture and social advancement.
For me a culture could be very rich but this doesn't always apply that it will translate into social advancement. Let me give you an example, China and India have definitely very rich cultures, but they are not socially more advanced than Western Europe/North America. If we measure the social advancement by the presence of democracy, free press, free religious rights, the production of art, number of libraries etc In all these Western Europe/North America do much better than China and India (Note that China and India are catching up fast but they are still behind).
Many Muslim countries have very rich culture: Iraq, Iran, Turkey etc but they are not socially advanced: no free press, no democracy etc.
Now, to answer your question it comes to define what means as "good" as Western countries? If by this we mean the culture, then Muslim countries can defend their culture and say that it's not that bad. If we mean by as "good" as, anything measurable like the are production, number of libraries, free press etc. Well, my conclusion is that there is no Muslim country I know of which can say they are doing as well as any Western Europe/North American country.