No matter how dumbed-down you make it, ultimately security requires an intentional decision by the end user. Encryption is a highly complex subject and the instant you reveal this, nearly all end users don't just decide it's not for them, they decide it's no good at all.
Try talking your non-techie friends into a Linux desktop. Even after you show them that the "Start button" is right where they expect it to be, and that the email and browser clients work just like they're used to and that they can do what they've been doing as easily as they've been doing it, there will be concerns. It all falls apart when they say "Can I buy a disk and install my own software?" and you say "No, but here's an easier way to install software from a vast repository of packages", they're done. They don't even ask what's available or how it works, their eyes glaze over and they hold up a CD-ROM of Cute Kitteh Pics and proclaim that they can't live without that version of that software - and it has to look exactly like they expect it to look. Anything else might require their direct attention.
Now, back on subject - you say "encrypt your email". They say, "okay, how?". You install and configure it for them, you make sure they only have to click one button to encrypt any given email. They say "Cool! And my grandma will be able to read this, right?"
You start explaining how this will work. Their eyes glaze over and they say they'd like to encrypt emails to their friends when they discuss their legal but oh-so-risqué lives, but if they can't email grandma it won't work. It's too late to tell them they got it wrong because their eyes have already got that hundred yard stare thing going on. You made somebody think about something and rather than believe they can understand it, they take the easier path of not even trying.
Bottom line - you're not trying to teach a behavior, you're trying to change a behavior. I've go GPG implemented. It's completely unused because nobody I know cares. They're not afraid of the government reading their emails and they accept that Google, Apple and Microsoft won't do anything worse than target advertising at them. Even after I offer to make it one-click convenient for them, most of my associates don't want it.
Neither can the President act as a legislator. Executive order != Law. Now, if both houses of Congress has ratified a bill for POTUS to sign into law, that'd be one thing. The courts would indeed be forced to consider only Constitutional issues in ruling. We're not discussing a law, we're discussing an Executive Order. These don't need to be unconstitutional to be overridden by the judiciary, only illegal.
And the malware is comparable to surveillance of persons seen frequenting locations specifically known for illegal activity. As long as that's the only way the suspects in this case could've gotten the exploit software installed on their system, it's no different from monitoring drug users after seeing them make a buy, or johns after seeing them use the services of a prostitute.
What it really boils down to (IMHO) is: Did the FBI entice or entrap anyone into visiting the seized website?
I doubt very seriously that they advertised "kiddie porn here!", or worked to pump up their page rank on search engines. I'm reasonably sure that all of the visitors to their operational website were fully aware of exactly what they were doing, including the illegal nature of the material they were looking for. The website surreptitiously installed malware on their hosts, but this seems little different from police forces lying to suspects during interrogation or undercover operations in order to elicit useful information. Not so much like putting marked bills in a bundle (a technique described elsewhere) as adding a dye-pack designed to undetectably transfer an ultraviolet ink onto the hands of those who handle the ill-gotten money.
Now, whether they can prove exactly who used the specified hardware to view the illicit material - that's a different matter. My laptop (for example) is only used by me. Even my wife doesn't use my PC as she has her own system. I would guess that most of the suspects the FBI has identified are also sole users of the systems in question, but that will be a matter for the prosecution to prove in court. I would guess that some small percentage of the systems in question are not so single-user dedicated, so this may possibly be an issue to resolve.
Uh, okay - but they still need to geoblock, unless they want to make and control all of their own content. Netflix doesn't make this stuff up, it's a condition of their ability to bring you Star Trek, Angry Birds and Futurama, among other fine, high-quality products which they don't outright own. It's their bat, but it ain't just their ball and it sure ain't just their rules.
While providing one unified list of titles for all customers worldwide sounds simple, the fact is that many movies which are highly in demand in country A may well be illegal in country B. For example, Nextflix might well find themselves outright barred from doing business in Russia because of the availability of the movie Red Heat (an example only. I don't even know offhand if it's part of Netflix's offerings). Similarly, Mulan could get Netflix stopped at the Great Firewall of China. Any movie which portrays Islam in a bad light or Judaism in a positive way might well be a problem in much of the Middle East - and the reverse could well get Netflix locked out of Israel (I may be a Jew, but we're no saints!). Sooner or later, I suspect SNL reruns might be a problem for US audiences to watch.
Those were the obvious examples. More exist. Netflix may not have all of the best content (personally, I love the stuff; then again, I'm only slightly newer than dirt), but not all of the world believes in freedom and free speech as much as we teach our schoolchildren we in the US do.
First - I was in the military. They didn't care what I was called - only what was printed on my birth certificate. Period.
Now, as it turns out, you're right. It was his grandfather's name and it was anglicized long before DJT was born. I'll stop. I won't even ask that DJT prove he was born in the US - although somebody should.
Still - so much fun to see the fireworks from Trump supporters on this one. Now, about his tax returns . . .
It's important, don't get me wrong. However, I'm pretty sure most admins would agree it's far more important to keep the bad guys out than it is to fix the mistake after it happens.
For most enterprises (especially large ones) it's understandable that there is a lot of exposure to be checked on. It's also understandable if some edges of the network suffer exposure - as long as it's not core to the enterprise and doesn't result in large financial loss. We don't necessarily expect every employee at most large enterprises to be security conscious. When you're Trend Micro, however, every admin is more or less expected to eat, sleep and breathe security 24/7. If it were a large insurance company (for example), we might accept the explanation that "no customer data was lost, no critical services were impaired, it was just one of our blog sites and we've fixed it pronto".
With that complaint out of the way, certainly even a firm which specializes in security will occasionally get caught when somebody somewhere misses a trick and the bad guys find it first. Kudos for knowing how to react quickly and being able to mitigate the damage - but when you're selling your reputation as security experts, it's still embarrassing when mistakes like this happen. Doesn't matter who made the mistake, Trend Micro's name is at the top of the web page, and it's Trend Micro's reputation which did just take a hit. It's not unlike a stock broker misreading the market or a power company causing a brief localized blackout due to human error. It's bound to happen, but when that's your bread and butter you're pretty well expected to be perfect. Once more, kudos for fixing it fast and not immediately going to the "not our fault" party line, but their reputation did just take a (small) ding.
That's because he was born Drumpf. As the Commander-in-Chief of the US Military, he should be obliged to obey all rules other military members do - including being required to go by the name listed on his Birth Certificate.
Beyond that - what is it about Donald J. Trump's (nee: Drumpf's) name that bothers you? It's not like I'm asserting he wasn't US born or anything. Perhaps you're afraid I'll tarnish the TRUMP(C) brand? Maybe there's some deep family secret which he finds embarrassing? I don't know - were there Drumpfs guarding the gas chambers at Auschwitz? Dachau? Bergen-Belsen? Perhaps the Drumpf family was the first Muslim family in Germany? Or a high-ranking party member in Germany some time between 1937 and 1944?
No, seriously - tell us. What is it about Trump's birth name you find so distasteful? Why shouldn't I see to it that the name which is presumably on this person's Certificate of Live Birth isn't forgotten? And why should the US Military's Commander-in-Chief be allowed to leave his birth name behind when no other military service member has that privilege?
The clearly demonstrated fact that it so bothers A/C's such as yourself is just frosting on the cake.
It'd be nice if it didn't Samsung the battery, but ultimately I'd rather the data on the phone be destroyed, rather than the display and casing. I'm okay if the chips are rendered inoperable as well, but the primary target of self-destruct capability need to be the data, not the device.
I'd be willing to wait ~.5 - 1 second for a cap to build up to charge and trigger.
Are you really so blind that you believe it'll end there? If the US government can abuse one set of people, it can abuse anybody. This is why pro-Trump forces are so interested in assuring that Constitutional protections are interpreted as only applying to US citizens. Once you accept that falsehood, it becomes a simple matter to begin defining certain citizens (e.g., convicted felons, individuals on the terrorist watch list) as also not being entitled to Constitutional protections.
A very few Constitutional protections are indeed reserved only for US citizens, and these are explicitly spelled out in the Constitution. The Constitution itself was written to be the rules by which we govern, not the rules by which we govern ourselves. That's why certain rights (such as eligiblity to serve as POTUS) are specifically reserved for US citizens. If a protection is not specifically reserved for US citizens only, it must be extended to all - otherwise, what's the point?
It seems more likely to me that this will create opportunities for European companies to clone US based services (including everything down to the business model). What person in Europe would choose a Gmail account when they could get a Euromail account which works just well and includes European-style privacy guarantees? You know, Protonmail suddenly comes screaming to mind.
Why would you be friends with anybody who would even consider leaving the USA for any reason, even just to have fun spending their great American dollars in some foreign land. Now that Trump (nee: Drumpf) is in charge, American inner-cities will be safe again and certainly far more interesting than any foreign terrorist breeding ground like the UK - and their money will stay right here in the good old U S of A where it can help make America great again!
Not a particularly scientific thought, but . . . optical sensors that work like biological eyes. Acoustic sensors which work like biological ears. Proprioception, tactile, olfactory and vestibular senses. Robotic mobility. I wonder what a deep learning algorithm might turn into it limited to these inputs and left running for a decade or two?
As you can plainly see, the Trump (nee: Drumpf) playbook of denying the truth in the most insulting and pejoritive manner possible doesn't always work - and now that people are aware of your tactics I suspect it will lose effectiveness. In this instance, demonstrated by an Anonymous Coward - does that suggest anything to you?
But please . . . continue! It won't take a violation of the Privacy Act or even a violation of basic ethics to recognize you as a troll, but more evidence is always useful.
Slashdot Mirror
Try talking your non-techie friends into a Linux desktop. Even after you show them that the "Start button" is right where they expect it to be, and that the email and browser clients work just like they're used to and that they can do what they've been doing as easily as they've been doing it, there will be concerns. It all falls apart when they say "Can I buy a disk and install my own software?" and you say "No, but here's an easier way to install software from a vast repository of packages", they're done. They don't even ask what's available or how it works, their eyes glaze over and they hold up a CD-ROM of Cute Kitteh Pics and proclaim that they can't live without that version of that software - and it has to look exactly like they expect it to look. Anything else might require their direct attention.
Now, back on subject - you say "encrypt your email". They say, "okay, how?". You install and configure it for them, you make sure they only have to click one button to encrypt any given email. They say "Cool! And my grandma will be able to read this, right?"
You start explaining how this will work. Their eyes glaze over and they say they'd like to encrypt emails to their friends when they discuss their legal but oh-so-risqué lives, but if they can't email grandma it won't work. It's too late to tell them they got it wrong because their eyes have already got that hundred yard stare thing going on. You made somebody think about something and rather than believe they can understand it, they take the easier path of not even trying.
Bottom line - you're not trying to teach a behavior, you're trying to change a behavior. I've go GPG implemented. It's completely unused because nobody I know cares. They're not afraid of the government reading their emails and they accept that Google, Apple and Microsoft won't do anything worse than target advertising at them. Even after I offer to make it one-click convenient for them, most of my associates don't want it.
What Law did the judiciary overrule in this case? When did Congress pass a bill for POTUS to sign into law?
Neither can the President act as a legislator. Executive order != Law. Now, if both houses of Congress has ratified a bill for POTUS to sign into law, that'd be one thing. The courts would indeed be forced to consider only Constitutional issues in ruling. We're not discussing a law, we're discussing an Executive Order. These don't need to be unconstitutional to be overridden by the judiciary, only illegal.
The US Government. Not a monarchy. Three branches. Checks and balances. Deal with it.
And the malware is comparable to surveillance of persons seen frequenting locations specifically known for illegal activity. As long as that's the only way the suspects in this case could've gotten the exploit software installed on their system, it's no different from monitoring drug users after seeing them make a buy, or johns after seeing them use the services of a prostitute.
I doubt very seriously that they advertised "kiddie porn here!", or worked to pump up their page rank on search engines. I'm reasonably sure that all of the visitors to their operational website were fully aware of exactly what they were doing, including the illegal nature of the material they were looking for. The website surreptitiously installed malware on their hosts, but this seems little different from police forces lying to suspects during interrogation or undercover operations in order to elicit useful information. Not so much like putting marked bills in a bundle (a technique described elsewhere) as adding a dye-pack designed to undetectably transfer an ultraviolet ink onto the hands of those who handle the ill-gotten money.
Now, whether they can prove exactly who used the specified hardware to view the illicit material - that's a different matter. My laptop (for example) is only used by me. Even my wife doesn't use my PC as she has her own system. I would guess that most of the suspects the FBI has identified are also sole users of the systems in question, but that will be a matter for the prosecution to prove in court. I would guess that some small percentage of the systems in question are not so single-user dedicated, so this may possibly be an issue to resolve.
Uh, okay - but they still need to geoblock, unless they want to make and control all of their own content. Netflix doesn't make this stuff up, it's a condition of their ability to bring you Star Trek, Angry Birds and Futurama, among other fine, high-quality products which they don't outright own. It's their bat, but it ain't just their ball and it sure ain't just their rules.
Those were the obvious examples. More exist. Netflix may not have all of the best content (personally, I love the stuff; then again, I'm only slightly newer than dirt), but not all of the world believes in freedom and free speech as much as we teach our schoolchildren we in the US do.
Now, as it turns out, you're right. It was his grandfather's name and it was anglicized long before DJT was born. I'll stop. I won't even ask that DJT prove he was born in the US - although somebody should.
Still - so much fun to see the fireworks from Trump supporters on this one. Now, about his tax returns . . .
Honestly, I thought they bought SUN to destroy MySQL. Who knew it was to monetize Java and turn SPARC into a database appliance architecture?
For most enterprises (especially large ones) it's understandable that there is a lot of exposure to be checked on. It's also understandable if some edges of the network suffer exposure - as long as it's not core to the enterprise and doesn't result in large financial loss. We don't necessarily expect every employee at most large enterprises to be security conscious. When you're Trend Micro, however, every admin is more or less expected to eat, sleep and breathe security 24/7. If it were a large insurance company (for example), we might accept the explanation that "no customer data was lost, no critical services were impaired, it was just one of our blog sites and we've fixed it pronto".
With that complaint out of the way, certainly even a firm which specializes in security will occasionally get caught when somebody somewhere misses a trick and the bad guys find it first. Kudos for knowing how to react quickly and being able to mitigate the damage - but when you're selling your reputation as security experts, it's still embarrassing when mistakes like this happen. Doesn't matter who made the mistake, Trend Micro's name is at the top of the web page, and it's Trend Micro's reputation which did just take a hit. It's not unlike a stock broker misreading the market or a power company causing a brief localized blackout due to human error. It's bound to happen, but when that's your bread and butter you're pretty well expected to be perfect. Once more, kudos for fixing it fast and not immediately going to the "not our fault" party line, but their reputation did just take a (small) ding.
Beyond that - what is it about Donald J. Trump's (nee: Drumpf's) name that bothers you? It's not like I'm asserting he wasn't US born or anything. Perhaps you're afraid I'll tarnish the TRUMP(C) brand? Maybe there's some deep family secret which he finds embarrassing? I don't know - were there Drumpfs guarding the gas chambers at Auschwitz? Dachau? Bergen-Belsen? Perhaps the Drumpf family was the first Muslim family in Germany? Or a high-ranking party member in Germany some time between 1937 and 1944?
No, seriously - tell us. What is it about Trump's birth name you find so distasteful? Why shouldn't I see to it that the name which is presumably on this person's Certificate of Live Birth isn't forgotten? And why should the US Military's Commander-in-Chief be allowed to leave his birth name behind when no other military service member has that privilege?
The clearly demonstrated fact that it so bothers A/C's such as yourself is just frosting on the cake.
MySQL spawned several forks and somehow hasn't been destroyed by Oracle (don't ask me how).
Solaris has been getting more and more useless since SUN ceased to exist. Now it's officially scheduled for execution.
SPARC (SBus) architecture still exists, but only a crazy man would stake his professional reputation on recommending its use in the enterprise.
JAVA started out as a noble idea - it wasn't really intended to be fast, or even for general purpose programming. It was intended to usher in the IoT.
Oracle was a database. It still is - and despite the massive publicity, not always the best one for the job.
Yet.
I'd be willing to wait ~.5 - 1 second for a cap to build up to charge and trigger.
Square?
The solution is obvious - make all the US look like Gitmo.
A very few Constitutional protections are indeed reserved only for US citizens, and these are explicitly spelled out in the Constitution. The Constitution itself was written to be the rules by which we govern, not the rules by which we govern ourselves. That's why certain rights (such as eligiblity to serve as POTUS) are specifically reserved for US citizens. If a protection is not specifically reserved for US citizens only, it must be extended to all - otherwise, what's the point?
It seems more likely to me that this will create opportunities for European companies to clone US based services (including everything down to the business model). What person in Europe would choose a Gmail account when they could get a Euromail account which works just well and includes European-style privacy guarantees? You know, Protonmail suddenly comes screaming to mind.
Why would you be friends with anybody who would even consider leaving the USA for any reason, even just to have fun spending their great American dollars in some foreign land. Now that Trump (nee: Drumpf) is in charge, American inner-cities will be safe again and certainly far more interesting than any foreign terrorist breeding ground like the UK - and their money will stay right here in the good old U S of A where it can help make America great again!
Why wasn't this document released on WikiLeaks? Perhaps because there is something like "honor among thieves"?
I agree with the current administration that privacy is counter to keeping us safe and making America great again. Let's start with this document.
Uh, credit card? Debit card?
Not a particularly scientific thought, but . . . optical sensors that work like biological eyes. Acoustic sensors which work like biological ears. Proprioception, tactile, olfactory and vestibular senses. Robotic mobility. I wonder what a deep learning algorithm might turn into it limited to these inputs and left running for a decade or two?