No, just the article references one character in the book is so fond of citing. Actually, the point of the book is that people are quick to jump to conclusions based on very little information. He elaborates on the issue in the appendix (that's where that comparison comes from). I don't expect that the book properly defends global warming, but the fact that a such an argument can be made and backed up with numerous scientific articles shows that the theory of global warming isn't nearly as strong as most people think that it is. The point is that people usually do what's in their immediate best interest. You'd have to make one hell of an argument to convince them to take the economic hit that Kyoto would bring, and no disaster theory is strong enough right now to do that. So what do you expect people to do when they hear that they'll have to make several sacrifices just to prevent something that might be an issue a hundred years from now (which is what a lot of these catastrophe theories sound like to average joe). So politicians won't risk making any major changes and the industry is content with what it's currently doing. My opinion is that the government should provide incentives to move fossil-fuel burning engines/facilities to hydrogen (for cars and such) and nuclear.
Well the problem seems to be that nobody can really provide any good evidence that a disaster is coming. Global warming, for instance, is hard to confirm. Antarctica is inconclusive, and one could find tons of places that have warmed or that have cooled. I suggest reading Michael Crichton's State of Fear if you haven't. One comparison in the book is between global warming and eugenics. Both were supported by most respectable scientists at the time, but were founded on inconclusive data.
1. GPS stopped working at point a, and started working at point b. Measure the distance and tax'em.
Ok, jam it with a transmitter on the same frequence before you leave your garage and stop jamming it after you get back. That way it'll seem like you never left, and if a police office pulled you over (assumming they could remotely determine if the unit was working or not) then you could deactivate the transmitter (restoring signal and leading the officer to think the unit was messing up).
2. Annual inspection. If there is a major difference between GPS miles and odometer miles... and if those miles can't be associated with out of state miles... tax'em.
Roll-back the odometer, or just say you do a lot of out-of state travel.
In any case, this seems like it would be ridiculously simple to exploit. I completely agree with the rest of your comment though.
I'm not saying that the thief isn't at fault, what I'm saying is that the company should have prepared so this kind of thing would be next to impossible. While technology changes, so does everything else. What might have been a viable strategy for a company a couple years ago probably would be suicide today. Now, I'm not talking about securing employee records like a nuclear missile, but there are some simple yet effective steps that the company should have taken. PGP has been around for a relatively long time, yet nobody has a good method to crack it. I doubt that the same company would think that a file-cabinet lock alone is enough to secure employee records (maybe a file cabinet in a locked room hidden among other papers, but that's still risky), so why should they think a desktop computer would be any safer? If it were an extremely skilled thief then they merely would have copied the information from the computers without leaving a trace. But (from how I read the article), it seems more likely that someone broke in and simply stole the electronics with the intention of pawning them. With your logic, at what point does this become the company's fault? If someone forgot to lock the door? If there isn't a lock on the door? If the computers are sitting out on the street? If the employee information was posted on the company website for anyone to see? Sure the thief is at fault (and should be found/punished), but I expect any company to protect my personal information better than I would myself. (Which may be a bit unreasonable since I can be a bit paranoid, but it's the idea that counts.)
Harsher punishments wouldn't necessarily decrease the likelyhood of this happening in the future. Most people that would do this do so with the assumption that they won't get caught. I am completely for blaming the company. If you can't secure something then you shouldn't keep it. If the information had merely been encrypted with, say, AES, then this wouldn't be a problem. They also could have simply used something like CompuSec, a decent firewall/ids, and kept all the computers updated and that would keep everything relatively secure against both physical and network intrusions. Their database that kept this information should have also used encryption, but I doubt that that's their fault (except for not stipulating that it use it). Like Sun Tsu said, "success in defense is not based on the likelyhood of your enemy attacking. It is based on your position being completely unassailable."
There are word lists for most languages, it's just that they usually aren't used by default. Also, the password would still be unprotected against frequency analysis based brute forcing (I'm not sure if any tools implement this, but it would try letters like "e" and vowels more often then consonants). Also, a lot of dictionary-based attacks try variations of words (for misspellings and such). That would be bad for French since English borrows so many words from it.
I don't know if many other people are like me, but whenever someone trys to stop me from doing something trivial then I'm much more likely to attempt it. Like the techies at my old school. They did stuff like block FTP and disable the Run feature of Windows. That was what prompted me to learn about firewalls, proxies, and registry hacks. In about three months I was using a daisy chain of proxies with HTTPort to work on my website or read message boards (strangely enough, BeOS seemed to be unaffected by the firewall). Now I've picked-up a few lock-picking skills because of my cheap lockbox not working with the key. I really don't understand the point of implementing poor security measures to discourage harmless behaviors. My only guess is that someone is trying to teach "learned helplessness", but that would still be an ineffective way of doing so. Afterall, by locking something up you are implying that there is something inside that a person should want. Kind of like drinking ages VS teenage traffic accidents due to drunk driving. By making something taboo/harder to get to you are only increasing it's allure.
If I were in charge of Google, I'd just block French IPs from connecting. That saves them the effort of redoing their ad system and it would place a lot of pressure on the France to overrule this court decision.
And if everyone had treated the hardware with the proper respect then what motivation would there be to actually fix the design problem? If a company is loosing money because of warranties then they need to make sure their products aren't so fragile. I may not agree that it's alright to fry perfectly good hardware, but I also don't feel any sympathy for the company. As for the price of the warranty, the company does have to keep a competitive price. If the warranty is outrageously expensive then that should alert some people to the poor design of the product.
This is one reason that I hope people don't start using biometrics as their only form of authentication. Banks, for instance, should at least still require a PIN (or actually let a person enter a password with a normal keyboard). If a criminal knows that they still need a PIN/password then chances are they won't steal a finger. It'd merely increase security without (much) impact on ease of use. Of course, on the other hand, if someone severs your finger you will know about it, so you can have your bank lock your account.
Not to mention there are 3D monitors and most mice have wheels now (might be a bit cumbersome to use the wheel to move in the z axis, but it's usable).
I'd guess that this would happen anyway. How many people are actually going to pay $30+ dollars for a DVD of a series they haven't heard of/don't know anything about? It's not like many Americans know which shows were popular on Japaneese television.
I was never affected by it (paranoid firewall settings), so I don't really know much about the blaster worm in general (or his variant). That would seem like a stupid addition though, because then each copy of the worm would know how to send him the information, which would mean that anyone who decompiled/packet sniffed the worm could most likely figure out who he was/where he connects to the internet. Of course he did get caught, so he had to do something careless. I mean, if I were going to release a worm I'd do it from an open wireless access point while I was on vacation (maybe even find a nice unpatched home computer to send it a couple weeks later). In any case stealing passwords isn't always for stealing credit card numbers or bank accounts (althugh I guess it is stealing people's identities in a way).
I personally I agree with the sentence. It's not like he caused anybody any physical harm, or did it for financial gain. His punishment seems to fit the crime (after all, it is just computer code) and it should prevent him from doing something like this in the future. As for anybody hurt by it, well, that would be at least half their own fault. If you have something very important to do (like the situation you described) then it would be stupid not to have a contingency plan. Computer data isn't like the real world, if it's deleted then it can be quickly restored. I can see how e-commerce would be effected (hence the jail sentence), but viruses aren't exactly uncommon, and if a website can't respond to them quickly enough then it's their own fault. If he hadn't written that worm then someone else probably would have.
Also, Bitcomet (Windows only)allows UDP-based connections that manage to get around most firewalls. Everyone else can just change the incomming port to something like port 80 or 443 so even heavily firewalled users can connect to them (in most cases).
AS other people have explained, true OTPs are uncrackable (the weakest part is the random number generator, but, unless you are trying to make a crackable OTP, even pseudo-random numbers are still essentially unguessable). But, you are saying that all crypto algorithms are crackable given enough money... Ok, for starters lets look at DES. Last time I checked, a machine that could crack a DES message in a day costed about $1,000,000. Since we're assuming infinite money that wouldn't be much of a problem. The problem is that it can crack one message a day. How many of these machines do you think exist in the world? Even large networks of computers take several hours to crack DES (I think the record's around three hours, but I could easily be wrong). DES, however, wasn't designed to have that much computing power thrown at it. So stronger crypto algorithms were developed. Take AES for example. Unless you somehow got extremely lucky (correct key in the first.00000...00001% of the keyspace) it is impossible to bruteforce/cryptoanalyse an AES encrypted message with today's technology (certainly not within someone's lifetime, even if they did live to 1,000 years, or 1,000,000 for that matter). But what about quantum computers? Sure, they'll eventually obsolete current encryption schemes, but that'll still take a while (if it's even possible to build such advance quantum computers). Right now, they can factor numbers like 18. Not exactly a threat to any modern form of encryption. Even with an infinite amount of money, you couldn't buy/build one that would be even remotely useful for cracking. So I'm sorry to disappoint you, but Big Brother still can't break modern encryption by throwing money at it. It's true that encryption is a deterrent (time/effort needed to crack), but right now the time factor is related to how soon computing power can catch up to today's encryption.
While you do bring up several good points, it seems to me that the differences are mostly due to marketing demographics, and not really advantages of one medium or the other.
Depth - Most books' plots can also be summarized fairly quickly. Games don't necessarily have to have a simple plot, look at Chrono Trigger/Cross.
Vocabulary - This could be easily remedied, and I suspect that the reason games aren't on par with books in this area is because the games are targeted at a younger audience (or at least accessible to younger people).
Grammer/Spelling - Well, just install a spell checker in your browser if you want message boards to help your spelling. Also, in 2004 I probably wrote 150,000 to 200,000 words on message boards. My writing also seems to have improved during this time as well, despite the fact I wasn't doing any other significant writing during this time.
Visualization/Imagination - Well, books may help you with this, but I think that strategy and problem-solving abilities are more useful in daily life.
Or have a few tanks of compressed helium and a large balloon in a small plane. It your plane starts to crash turn it into a blimp. Or even slowly release the helium for a more effective (and probably expensive) parachute.
Slashdot Mirror
No, just the article references one character in the book is so fond of citing. Actually, the point of the book is that people are quick to jump to conclusions based on very little information. He elaborates on the issue in the appendix (that's where that comparison comes from). I don't expect that the book properly defends global warming, but the fact that a such an argument can be made and backed up with numerous scientific articles shows that the theory of global warming isn't nearly as strong as most people think that it is. The point is that people usually do what's in their immediate best interest. You'd have to make one hell of an argument to convince them to take the economic hit that Kyoto would bring, and no disaster theory is strong enough right now to do that. So what do you expect people to do when they hear that they'll have to make several sacrifices just to prevent something that might be an issue a hundred years from now (which is what a lot of these catastrophe theories sound like to average joe). So politicians won't risk making any major changes and the industry is content with what it's currently doing. My opinion is that the government should provide incentives to move fossil-fuel burning engines/facilities to hydrogen (for cars and such) and nuclear.
Well the problem seems to be that nobody can really provide any good evidence that a disaster is coming. Global warming, for instance, is hard to confirm. Antarctica is inconclusive, and one could find tons of places that have warmed or that have cooled. I suggest reading Michael Crichton's State of Fear if you haven't. One comparison in the book is between global warming and eugenics. Both were supported by most respectable scientists at the time, but were founded on inconclusive data.
1. GPS stopped working at point a, and started working at point b. Measure the distance and tax'em.
Ok, jam it with a transmitter on the same frequence before you leave your garage and stop jamming it after you get back. That way it'll seem like you never left, and if a police office pulled you over (assumming they could remotely determine if the unit was working or not) then you could deactivate the transmitter (restoring signal and leading the officer to think the unit was messing up).
2. Annual inspection. If there is a major difference between GPS miles and odometer miles... and if those miles can't be associated with out of state miles... tax'em.
Roll-back the odometer, or just say you do a lot of out-of state travel.
In any case, this seems like it would be ridiculously simple to exploit. I completely agree with the rest of your comment though.
Yeah, either way you're screwed.
Wow, this thing must be evolving quickly, it just figured out how to spread to thousands of slashdotters' computers...
So I guess that means that everyone is born a geek and it's the sex talk that makes people "normal"...
I'm not saying that the thief isn't at fault, what I'm saying is that the company should have prepared so this kind of thing would be next to impossible. While technology changes, so does everything else. What might have been a viable strategy for a company a couple years ago probably would be suicide today. Now, I'm not talking about securing employee records like a nuclear missile, but there are some simple yet effective steps that the company should have taken. PGP has been around for a relatively long time, yet nobody has a good method to crack it. I doubt that the same company would think that a file-cabinet lock alone is enough to secure employee records (maybe a file cabinet in a locked room hidden among other papers, but that's still risky), so why should they think a desktop computer would be any safer? If it were an extremely skilled thief then they merely would have copied the information from the computers without leaving a trace. But (from how I read the article), it seems more likely that someone broke in and simply stole the electronics with the intention of pawning them. With your logic, at what point does this become the company's fault? If someone forgot to lock the door? If there isn't a lock on the door? If the computers are sitting out on the street? If the employee information was posted on the company website for anyone to see? Sure the thief is at fault (and should be found/punished), but I expect any company to protect my personal information better than I would myself. (Which may be a bit unreasonable since I can be a bit paranoid, but it's the idea that counts.)
Harsher punishments wouldn't necessarily decrease the likelyhood of this happening in the future. Most people that would do this do so with the assumption that they won't get caught. I am completely for blaming the company. If you can't secure something then you shouldn't keep it. If the information had merely been encrypted with, say, AES, then this wouldn't be a problem. They also could have simply used something like CompuSec, a decent firewall/ids, and kept all the computers updated and that would keep everything relatively secure against both physical and network intrusions. Their database that kept this information should have also used encryption, but I doubt that that's their fault (except for not stipulating that it use it). Like Sun Tsu said, "success in defense is not based on the likelyhood of your enemy attacking. It is based on your position being completely unassailable."
Just like my old roommate, saying something sarcastically which many people would say in earnest.
There are word lists for most languages, it's just that they usually aren't used by default. Also, the password would still be unprotected against frequency analysis based brute forcing (I'm not sure if any tools implement this, but it would try letters like "e" and vowels more often then consonants). Also, a lot of dictionary-based attacks try variations of words (for misspellings and such). That would be bad for French since English borrows so many words from it.
I don't know if many other people are like me, but whenever someone trys to stop me from doing something trivial then I'm much more likely to attempt it. Like the techies at my old school. They did stuff like block FTP and disable the Run feature of Windows. That was what prompted me to learn about firewalls, proxies, and registry hacks. In about three months I was using a daisy chain of proxies with HTTPort to work on my website or read message boards (strangely enough, BeOS seemed to be unaffected by the firewall). Now I've picked-up a few lock-picking skills because of my cheap lockbox not working with the key. I really don't understand the point of implementing poor security measures to discourage harmless behaviors. My only guess is that someone is trying to teach "learned helplessness", but that would still be an ineffective way of doing so. Afterall, by locking something up you are implying that there is something inside that a person should want. Kind of like drinking ages VS teenage traffic accidents due to drunk driving. By making something taboo/harder to get to you are only increasing it's allure.
If I were in charge of Google, I'd just block French IPs from connecting. That saves them the effort of redoing their ad system and it would place a lot of pressure on the France to overrule this court decision.
And if everyone had treated the hardware with the proper respect then what motivation would there be to actually fix the design problem? If a company is loosing money because of warranties then they need to make sure their products aren't so fragile. I may not agree that it's alright to fry perfectly good hardware, but I also don't feel any sympathy for the company. As for the price of the warranty, the company does have to keep a competitive price. If the warranty is outrageously expensive then that should alert some people to the poor design of the product.
This is one reason that I hope people don't start using biometrics as their only form of authentication. Banks, for instance, should at least still require a PIN (or actually let a person enter a password with a normal keyboard). If a criminal knows that they still need a PIN/password then chances are they won't steal a finger. It'd merely increase security without (much) impact on ease of use. Of course, on the other hand, if someone severs your finger you will know about it, so you can have your bank lock your account.
Not to mention there are 3D monitors and most mice have wheels now (might be a bit cumbersome to use the wheel to move in the z axis, but it's usable).
I'd guess that this would happen anyway. How many people are actually going to pay $30+ dollars for a DVD of a series they haven't heard of/don't know anything about? It's not like many Americans know which shows were popular on Japaneese television.
I always considered cartoons a type of animation, not the definition of it. Nobody calls computer generated scenes in live-action movies cartoons.
I was never affected by it (paranoid firewall settings), so I don't really know much about the blaster worm in general (or his variant). That would seem like a stupid addition though, because then each copy of the worm would know how to send him the information, which would mean that anyone who decompiled/packet sniffed the worm could most likely figure out who he was/where he connects to the internet. Of course he did get caught, so he had to do something careless. I mean, if I were going to release a worm I'd do it from an open wireless access point while I was on vacation (maybe even find a nice unpatched home computer to send it a couple weeks later). In any case stealing passwords isn't always for stealing credit card numbers or bank accounts (althugh I guess it is stealing people's identities in a way).
I personally I agree with the sentence. It's not like he caused anybody any physical harm, or did it for financial gain. His punishment seems to fit the crime (after all, it is just computer code) and it should prevent him from doing something like this in the future. As for anybody hurt by it, well, that would be at least half their own fault. If you have something very important to do (like the situation you described) then it would be stupid not to have a contingency plan. Computer data isn't like the real world, if it's deleted then it can be quickly restored. I can see how e-commerce would be effected (hence the jail sentence), but viruses aren't exactly uncommon, and if a website can't respond to them quickly enough then it's their own fault. If he hadn't written that worm then someone else probably would have.
Also, Bitcomet (Windows only)allows UDP-based connections that manage to get around most firewalls. Everyone else can just change the incomming port to something like port 80 or 443 so even heavily firewalled users can connect to them (in most cases).
AS other people have explained, true OTPs are uncrackable (the weakest part is the random number generator, but, unless you are trying to make a crackable OTP, even pseudo-random numbers are still essentially unguessable). But, you are saying that all crypto algorithms are crackable given enough money... Ok, for starters lets look at DES. Last time I checked, a machine that could crack a DES message in a day costed about $1,000,000. Since we're assuming infinite money that wouldn't be much of a problem. The problem is that it can crack one message a day. How many of these machines do you think exist in the world? Even large networks of computers take several hours to crack DES (I think the record's around three hours, but I could easily be wrong). DES, however, wasn't designed to have that much computing power thrown at it. So stronger crypto algorithms were developed. Take AES for example. Unless you somehow got extremely lucky (correct key in the first .00000...00001% of the keyspace) it is impossible to bruteforce/cryptoanalyse an AES encrypted message with today's technology (certainly not within someone's lifetime, even if they did live to 1,000 years, or 1,000,000 for that matter). But what about quantum computers? Sure, they'll eventually obsolete current encryption schemes, but that'll still take a while (if it's even possible to build such advance quantum computers). Right now, they can factor numbers like 18. Not exactly a threat to any modern form of encryption. Even with an infinite amount of money, you couldn't buy/build one that would be even remotely useful for cracking. So I'm sorry to disappoint you, but Big Brother still can't break modern encryption by throwing money at it. It's true that encryption is a deterrent (time/effort needed to crack), but right now the time factor is related to how soon computing power can catch up to today's encryption.
While you do bring up several good points, it seems to me that the differences are mostly due to marketing demographics, and not really advantages of one medium or the other.
Depth - Most books' plots can also be summarized fairly quickly. Games don't necessarily have to have a simple plot, look at Chrono Trigger/Cross.
Vocabulary - This could be easily remedied, and I suspect that the reason games aren't on par with books in this area is because the games are targeted at a younger audience (or at least accessible to younger people).
Grammer/Spelling - Well, just install a spell checker in your browser if you want message boards to help your spelling. Also, in 2004 I probably wrote 150,000 to 200,000 words on message boards. My writing also seems to have improved during this time as well, despite the fact I wasn't doing any other significant writing during this time.
Visualization/Imagination - Well, books may help you with this, but I think that strategy and problem-solving abilities are more useful in daily life.
Well, now that we have both green and red lasers readily available, how would these goggles help? They seem to only reflect one frequency of light.
Or have a few tanks of compressed helium and a large balloon in a small plane. It your plane starts to crash turn it into a blimp. Or even slowly release the helium for a more effective (and probably expensive) parachute.
If Chobits is a prediction of the future, then well...