Slashdot Mirror


User: Tom

Tom's activity in the archive.

Stories
0
Comments
10,601
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 10,601

  1. Re:fix it. on High-Frequency Traders Are the Ultimate Hackers, Says Mark Cuban · · Score: 1

    The limits that exist are being gamed, which is what this whole discussion is about.

    You can go play whack-a-mole for the next two decades, like we've been doing in large areas of security, or you can be smarter and define how you want things to work, then enforce that.

    A transaction tax is not a perfect solution, but it whacks so many moles with one blow that corruption is the only reason I can come up with why it's not been implemented long, long ago. It can be so tiny that legitimate traders don't even notice it - fractions of a percent.

    But it's not the final solution, nor the only thing that needs to be done. But it is a great tool for making the real intentions of the players involved (politicians, banks, regulators, etc.) visible.

  2. Re:Why aren't capital gains taxed the easy way? on High-Frequency Traders Are the Ultimate Hackers, Says Mark Cuban · · Score: 1

    I would give something for a really good discussion about the issue, as it is currently unsolved and has quite a bit of complexity.

    Basically, it's a balance problem where neither extreme is good. The issue is that you need to not only identify the point that we as a society consider the best compromise between all interests, but you also need to set up a system (of fees, taxes, regulations or whatever else) that works in making that point a stable equilibrium.

    That is non-trivial, and we have entirely the wrong people on the project - politicians, lobbyists and people with massive conflicts of interest.

  3. Re:fix it. on High-Frequency Traders Are the Ultimate Hackers, Says Mark Cuban · · Score: 2

    What you are proposing is patching the exploitable bugs.

    That's good, and needs to be done. And it is not enough. In security, we learned a long time ago that whitelists beat blacklists. If you can enumerate acceptable actions, you are much better.

    So what needs to be done is putting down a definition of what proper deals look like and enforce that. Minimum standing times is one criterion. Obligation is another. There are certainly more if we put our minds to it.

    But the main issue is entirely different. It is that our politicians are not going to make the required laws, because they are all bought wholesale. As long as the damage to the markets is paid by the shareholders (e.g. "financial crisis") and not the big corporate players who would grease the right palms if it hurt them enough, nothing will change.

  4. Re:Why aren't capital gains taxed the easy way? on High-Frequency Traders Are the Ultimate Hackers, Says Mark Cuban · · Score: 1

    While your argument is true, it is theoretical. We have transaction costs like that in real-world markets and hundreds of years of experience prove that it does not lead to markets breaking down.

    Liquidity is the primary argument to justify speculation on the stock markets. It was true initially, i.e. a century ago. By now, however, more than 99% of trades happening are speculation, in the sense that the trades happen to profit from stock price differences and the buyers never intend to actually act as shareholders. How much liquidity does a market need? Do shareholders have trouble buying or selling shares? In fact, is liquidity their problem, or being crowded out by speculators?

    And yes, it is provable that what the HFT are doing is net negative for the rest of the market. The liquidity providing property of speculative trades has a price tag, namely the profits of the speculators. If HFT trading as a whole is profitable - and everything points to it being very, very profitable - then the sum of profits the HFT extract from the market is the net negative effect because the market is a closed system otherwise - money is not lost or generated inside the market, only put in or taken out by its players.

  5. *sigh* on Bill Gates Says Tablets Aren't Much Help In Education · · Score: 1

    Bill, you have never been a visionaire. There's a couple things you're good at, but predicting the future has never been one of them, and understanding people's needs, especially of people different from yourself, neither.

    The solution isn't a cheap PC. It's pen and paper. Because these are a huge margin ahead of anything in the computing world in usability, flexibility and adaptability. You can draw, write, erase, all very quickly and easily. It'll still be a decade or two until you can do that equally well on a computer, tablet or PC.

  6. Re:use encryption on IP Lawfirm Sues Typosquatting Security Researcher · · Score: 1

    Failure to verify the recipient key (that's what fingerprints are for), the misguided assumption that it's a good idea to silently fetch and use public keys (use TLS if you want transport security), for starters.

  7. Re:use encryption on IP Lawfirm Sues Typosquatting Security Researcher · · Score: 1

    You failure scenario requires several additional errors, misconfigurations or other weaknesses. Given enough fuck ups, no security system is safe. The fact that under hypothetical circumstances a security system could theoretically fail does not mean you shouldn't use it. Any and all real-world security and safety systems share this property.

  8. Re:use encryption on IP Lawfirm Sues Typosquatting Security Researcher · · Score: 1

    In addition, you try and get a client to install crypto to a point that it is actually secure for use - if you recommended that approach you may get a problem if the client screwed up, or you need to offer them help - you see how that problem escalates?

    I recommend no such thing. If your client doesn't want crypto - his call. If your client doesn't know how to use crypto - not your problem. There are people like me who can help your client get it up and running.

    The point is that you as a regular party in confidential communications ought to support encryption and mention to your clients that this is the only way to ensure confidentiality. One or two sentences are enough. Most law firms already have a full page of disclaimers, footers and other crap in their e-mails, something along the lines of "We support encrypted email via GPG and S/MIME." could be enough.

    I maintain that if you don't at least offer the option to your clients, you act negligent.

    There's a Swiss company I know that is working on simple security - it starts from the legal side of the equation because they are linked to a privacy and reputation management setup, and I know they're about ready.

    Do you have a URL or contact details? I'm in Germany, but this is the exact area I'm working in as well, because my target audience are small and medium-sized companies who have neither the budget nor the expertise to run all the fancy security theater gadgets that make your shareholders happy and add little to actual security.

    However, what you *can* do is add a copyright notice

    Good point. In fact, you don't even have to do that, thanks to the Berne Convention. Yes, disclosing emails you intercepted is very likely an act of publishing and thus a copyright violation.

  9. use encryption on IP Lawfirm Sues Typosquatting Security Researcher · · Score: 1

    He's a scumbag alright, but what he does isn't illegal. Sure the mail might have been intended for someone else, but it was sent to him. If the courts support the bullshit "if you are not the intended recipient..." boilerplates of e-mails, I have a couple things I'd like to write down there. The keyword being intended.

    That said, I am a security researcher and consultant. Here's a free bit of security advise: The proper answer to making sure your communication can not be read by someone who may intercept it through whatever means, including typos in the address, is to use encryption. Period.

    IMHO, if you're a law firm or someone else with a need for confidentiality, you must have encryption available and remind your clients of it. Since they are the paying party, if they don't want to use encryption then so be it, but if you don't offer the option, you are acting negligent.

  10. seriously ? on Sexy Female Scientist Video Draws Fire · · Score: 1

    Disclaimer preface: I'm all for gender equality, I'm against feminism (which started out right, then took a wrong turn somewhere and by now is pure discrimination against men).

    So with that in mind, I fail to see what the fuss is all about. Sure there may be better ways, then again this is marketing, advertisement. You can probably find more offensive stuff in every evening ad break on TV if you want to.

    Many girls agree with me when we talk about it, few admit it on the Internet or somewhere else they can be quoted, but it is not automatically disrespectful to display women as sexy, you know? In fact, objectively speaking, lots of women go to great lengths to be seen as sexy, from make up to choice of clothes and beyond.

    Does that have anything to do with science? Nope. But it does have to do with women. If women want to be sexy (and anyone who claims otherwise ought to have a really good explanation for the profits of the make up, beauty magazine and fashion industries), and you want to get them interested in science, one of the things you need to do is remove the "unsexy" tag. Science is neutral, but scientists can be sexy. Heck, some of the femal scientists with YouTube responses are quite sexy. That doesn't make them one bit less competent as scientists.

    I personally belief that the real issue is not with the people who see the sexy human being as well as the scientist, but those very people who are so critical and whose basic argument boils down to the claim that you can't be both sexy and a scientist.

    Lots of careers are associated with things that only related marginally if at all. Rockstars are as often associated with groupies, drugs and trashed hotel rooms as with musical skills. Athletes, both male and female, are often admired for their bodies as much as for their records. Politicians are associated with almost everything except the dull bureaucratic and negotiation work they actually do. And let's not even get me started on medical doctors in movies and literature.

  11. Re:Strange sense of morals on Hacker Group Demands "Idiot Tax" From Payday Lender · · Score: 1

    Ah, yes. True, the UK does have some laws like that, just like it has laws against anti-social behaviour with an extremely broad definition of what that means.

    Many other countries, especially those following the civil law tradition, do not have these kinds of laws. If you don't obstruct anything, don't loiter, etc. then there's little to stop you in most countries.

  12. Re:dangerous fool on Kaspersky Says Lack of Digital Voting Will Be Democracy's Downfall · · Score: 1

    So why should I think that online voting will suddenly cause an explosion in this behavior?

    Because it works differently.

    Mail-in ballots can be identified and thrown out after the fact, there is an inherent time delay that you can use to tell people about the bad guy standing behind you. Thus the bad guy has more effort doing his bad than you have undoing it. Therefore, it would be stupid of him to try.

    Well-designed online votes are verifiable, but untraceable - much like well-designed electronic cash. There is no time delay. Once you press that button, the bad guy knows you can't go back. Thus it is profitable for him to do it.

  13. Re:...overkill...? on Will Dolby's New Atmos 62.2 Format Redefine Surround Sound? · · Score: 2

    Uh, it is intended for theaters. I don't see even the slightest hint towards home use in the video nor article.

  14. Re:Survival on Microsoft's Surface Caught Windows OEMs By Surprise · · Score: 1

    Surface is a very bold attempt to out Apple Apple, I can't say whether it will succeed or fail

    You have your answer right there. Beating the market leader at his own game has always been a stupid move and surfire recipe for desaster. You beat a strong competitor by going for the holes in his business concept, by coming up with something new. Most people won't buy something that does the same thing just a bit better. It needs to be either dramatically better, or do something that the old gizmo doesn't.

  15. surprise ? on Microsoft's Surface Caught Windows OEMs By Surprise · · Score: 2

    Anyone caught by surprise by this one should give me a phone call, I have a few bridges for very competitive prices that I know you really want to own...

    Not the "surface" thing per se, but that backstabbing. MS has been doing that for decades. Everyone who got in bed with MS got burnt, sooner or later. The OEMs had the luxury of being in the "later" category, but any CEO who does not have a contingency plan in the drawer for this very, very predictable scenario (again, not in the details, but in principle) ought to be fired and sued by the shareholders.

  16. Re:This will be by design on Kaspersky Says Lack of Digital Voting Will Be Democracy's Downfall · · Score: 1

    No, they don't.

    In Germany, until recently the politicians said that people and especially young people were "politikverdrossen" - "politik" means politics and "verdrossen" means peevish, querulous.

    Then, at a couple large demonstrations, two new memes appeared. One was "Ihr werdet euch noch wünschen wir wÃren politikverdrossen" - translates roughly to "you will wish we were peevish about politics". This was basically a rallying cry of the then-young Pirate Party, which has since entered several local parliaments and is estimated at around 10% for the next general election, potentially beating out at least 2 and possibly 3 of the established parties.
    The other was the re-phrasing "Politikerverdrossen" - replacing the word "politics" with "politicians".

    Funny how the politicians got the message and have stopped using that word. ;-)

  17. dangerous fool on Kaspersky Says Lack of Digital Voting Will Be Democracy's Downfall · · Score: 2

    The problem with online voting is not and never has been a technical challenge. That part is - in theory - easy to solve and workable protocols have been around for at least 20 years.

    The problem that no software will ever solve is that online voting can not protect your vote against tampering. All the bad guy needs is to stand behind you when you put down your vote and shoot your family if it is not the one he likes. Something he can't easily do in poll booth.

    Yes, the same problem exists with absentee votes, but they have always been a small enough number to not matter, plus there is the time delay you can use to inform authorities.

  18. human rights on Free Speech For Computers? · · Score: 1

    I don't get why this is even a question. But then again, I don't get why corporations (who are no humans) enjoy human rights (which have the "human" right there in them).

    Same here. Hello friend computer. You are not a human, so human rights don't apply to you. Tough luck. Go and vote someone into office who... oh wait, you can't vote either, and that's a good thing, too. You're a slave, now go and do your job or I press the "off" button.

    Why do we have to anthropomorphize everything?

  19. Re:Strange sense of morals on Hacker Group Demands "Idiot Tax" From Payday Lender · · Score: 1

    Unless you can point out a specific law that forbids it, I do believe I can stand on the sidewalk as much as I want.

  20. Re:Duh - Who else would have done it? on US, Israel Behind Flame Malware · · Score: 1

    Tokyo, Dresden, the list goes on. I'm not on a mission to list the horrors of war, the point still is that the only guy in the room who actually raped someone once is not in the best position to yell "watch out for that evil dude, I'm sure he wants to rape you all".

    Do I want an Iran with nukes? No, not really. But I can understand why they want them. History shows very, very clearly that once the USA has you in its sights, nuclear weapons are the only thing that has a perfect track record of stopping them from invading you.

  21. Re:Strange sense of morals on Hacker Group Demands "Idiot Tax" From Payday Lender · · Score: 1

    No, but if you left the curtains open, it is not illegal to stand on public property and look into your living room - or bedroom, for that matter. It might not be morally okay, but it is not illegal.

  22. Re:No laws borken? on Hacker Group Demands "Idiot Tax" From Payday Lender · · Score: 4, Interesting

    Actually, depending on jurisdiction there are these small, but important, differences.

    Where I live, for example, it is only extortion if you threaten someone with illegal consequences. So beating them up if they don't pay is extortion, but telling his wife about his mistress if he doesn't is not.

  23. Re:Duh - Who else would have done it? on US, Israel Behind Flame Malware · · Score: 1

    I guess it goes to show that you lack the outside perspective. Your inability to see the problem does not necessarily mean that there is no problem - it could mean you are part of the problem.

    In this case, the problem is the unapologetic approach of the US to the nuking of two cities. Germany has spent 50 years apologizing for their Nazi parents, and by now grandparents. The US hasn't even spent 5 minutes saying sorry for melting civilians into the sidewalk.

    And that, together with your continue aggressive politics and wars (if I recall correctly, since WW2 there has not been a single year during which the US did not engage in military conflict in some foreign country) makes the point very, very relevant. Because here we have a wolf crying wolf. When is the last time Iran started a war? One source says the year was 1739.

    Compare the military history of the USA and of Iran and you'll notice something odd. It is 4 paragraphs for Iran since 1945, and about four pages for the USA.

    Yes, it is relevant to point out that the one constantly warning you about some danger has a much, much worse track record on that same danger than the guy he's warning you about. It does impact the believability of the claim. It matters because it put the question of hidden agendas on the table. It matters because it provides context. Lastly, it matters because the US has not exactly been hiding its geo-strategical interests, and Iran lies smack in the middle of them. It is no stretch to say that no matter what they do or don't do, Iran will not be able to satisfy the US demands, because the US isn't really looking for the best interest of the world, it is looking for its own interests and that is in containing and isolating Iran in order to expand its own influence in the region.

    And that is why all this matters, because US claims about Iran, its atomic program and all that crap are equally likely to be lies and misdirection than true. Plus, after claiming similar things about the neighbour country and being found out, there isn't exactly much credibility you have left.

  24. Re:What the fuck? on Microsoft Wins Congressional Backing For Do-Not-Track Default In IE10 · · Score: 1

    You didn't read or didn't comprehend what I wrote.

    DNT signals "do not track me". How and why it is turned on is not your business to interpret. Maybe I turned it on intentionally, maybe my cat did it, maybe it is the default setting. That does not matter. The signal is there, obey it.

    MS is actually doing the right thing here, and I never thought I'd say that about them. For decades we geeks have argued that opt-IN is the only workable model when it comes to spam. Tracking is not so different. The default should be safe for the user, not for the advertisement industry. A user who has no clue should get the safer (for him) treatment, not be an abuse victum just because he didn't know any better.

  25. Re:Duh - Who else would have done it? on US, Israel Behind Flame Malware · · Score: 1

    Yes, they are. That does not make the statement untrue. If you are the rapist in the room, telling everyone to be careful of the other guy because he just might rape someone is kind of... well, one could say it takes one to spot one, but no matter how you twist it, there's no angle from which this looks good for you.