"The real problem is people visiting Web sites through email links, and replying to unsolicited email (from companies they recognize or not)"
No, the real problem is the ISPs not blocking spam from open or unauthorized email relays. And the gazillion compromised desktop PCs out there being used in botnets..
How does this relate to such programs as NSAs Echelon and wholescale tapping of fiberlinks in major switching centers such as at AT&T. Incidentally most of the current effort in surveillance goes on industrial espionage and the monitoring of 'activists', ie people who speak out against the government.
"Private right of action got stripped out of it due to complaints from the direct marketers"
Strike two was the ISPs getting imdemnified against getting sued and strike three was dropping any suggestion that spam should be flagged in the header such as putting an `ADV' in the subject line. The only canning of spam in the Can-Spam Act 2003 was in the title..
What went wrong was the CAN-SPAM act was never designed to prevent spam, instead it brought in provisos that actually forbid end-users from suing the spammers and also provided safe harbor for ISPs and 'online marketers', er spammers...
One measure against spam was putting an `ADV' keyword in the subject of the email, but this was argued against by Bill Gates who instead argued for setting up 'safe harbor' that would absolve online marketers from getting sued...
Don't just switch browsers, switch Desktop Distros. If fact, for any kind of online financial activity use a bootable CD. Before you say it, you won't have to pay rent on these Live CDs
"If the idea of a fifteen year old bouncing about in skimpy outfits while pursuing a relationship with one of her father's co-workers sounds strange to you, welcome to the world of manga"
No, what's strange is someone her fathers age still reading MANGA comics..:)
"Windows was wiiiide open for years, which is why there are so many exploits for it"
How do you explain the current phishing infestation ?
'We've all read the "Surviving the First Day of Windows XP" guide; we know how open that OS was'
It's news to me that it was considered so open. I can't find a link to the original but this says that to secure XP you enabled the XP firewall. Not much of an improvement then.
"Thinking for even one second that you're fully secure because you're using Linux makes you part of the problem"
It's not my Linux getting hacked that's a worry, but the server getting hacked and my identity stolen.
The solution is to stop relying on Credit Card numbers for online verification. Using something like a smartcard, for each transaction, use a card-reader to generate a unique one time session-code. The transaction from the card-reader to the server is encrypted by this one-time session code. No CVC2 number, no PIN or card number need be entered or sent over the connection. To verify card present, the card generates a one-time four digit passcode that is syncronized with the server and this is typed in by the user, only then is the transaction completed. At worst all a key logger would record, is a defunct four digit code and session key.
"Sounds like they used humans to count the vote in reality. A very small percentage. Still a concern"
No, not 197 out of 64,161, but 197 votes out of a single precinct, and unknown numbers of others as they were never checked.
"Crnich said she was told that the software begins counting decks of ballots at zero, and that sometimes when a deck is deleted from the machine due to normal complications, the software also deletes the Deck Zero, which in this case was the vote-by-mail ballots from Precinct 1E-45"
"There are a few differences between ATMs and voting machines. First of all, ATMs are used daily, and if there was a bug in an ATM, it would be caught very quickly. Second of all, ATMs can be reflashed using the same connection that they use to contact the bank"
Firstly, voting machines should be subject to a full stress test before being deployed in a live election. Secondly ATMs can not be remotely 'reflashed', To upgrade required the replacement of the ATM module and the use of an external hand-held unit (plugged into the ATM) and the presence of two bank officials and the use of two unique PINS.
maybe on your planet the ability to count up in single integer increments is considered too esoteric for the average QA team, but here it's something the average IT student can manage..
"Error itself is not a problem in a general election. This assumes that the error is uniformly distributed, which would not generate a meaningful change in the percentage results"
Total nonsence, error is a big a problem in an election, as you can't make any assumptions, as you don't know what the software is doing and finally discarding votes in an election is illegal..
on my planet 1 + 1 = 2 or maybe sometimes 1.9 or maybe 2.01
Slashdot Mirror
Ubuntu for your grandmother
"It's a good thing there is anti-spam legislation"
..
Except the 'anti-spam' legislation, legitimizes spam, provides for safe harbor and prevents the endusers suing the ISPS for fowling their inboxes
"The real problem is people visiting Web sites through email links, and replying to unsolicited email (from companies they recognize or not)"
..
No, the real problem is the ISPs not blocking spam from open or unauthorized email relays. And the gazillion compromised desktop PCs out there being used in botnets
What are the ISPs doing about it, such as blocking relaying of spam from open or unauthorized email relays.
Go straight for consumer devices running Linux.
"a consortium of 14 U.S. technology companies will ask the Federal Govt for up to $1 billion"
"Didn't the EULA on XP say not to run medical equipment, ... , Nuclear Power Plants"
..
No it doesn't, it does say that the entire liability of the seller is the amount actually paid or US$5.00
Launching Missiles .. Missle Launch Canceled ..
.. :]
Confirm Cancelation of Missile Launch:
Press YES | YES to ALL | NO | CANCEL
How does this relate to such programs as NSAs Echelon and wholescale tapping of fiberlinks in major switching centers such as at AT&T. Incidentally most of the current effort in surveillance goes on industrial espionage and the monitoring of 'activists', ie people who speak out against the government.
http://www.spamdailynews.com/publish/ATT_tech_outs_NSA_spy_room.asp
http://uk.youtube.com/watch?v=LDk6jxcSDlQ
,br>
"Private right of action got stripped out of it due to complaints from the direct marketers"
..
Strike two was the ISPs getting imdemnified against getting sued and strike three was dropping any suggestion that spam should be flagged in the header such as putting an `ADV' in the subject line. The only canning of spam in the Can-Spam Act 2003 was in the title
What went wrong was the CAN-SPAM act was never designed to prevent spam, instead it brought in provisos that actually forbid end-users from suing the spammers and also provided safe harbor for ISPs and 'online marketers', er spammers ...
...
One measure against spam was putting an `ADV' keyword in the subject of the email, but this was argued against by Bill Gates who instead argued for setting up 'safe harbor' that would absolve online marketers from getting sued
"Users of Microsoft's Internet Explorer are being urged by experts to switch to a rival until a serious security flaw has been fixed"
Don't just switch browsers, switch Desktop Distros. If fact, for any kind of online financial activity use a bootable CD. Before you say it, you won't have to pay rent on these Live CDs
"If the idea of a fifteen year old bouncing about in skimpy outfits while pursuing a relationship with one of her father's co-workers sounds strange to you, welcome to the world of manga"
.. :)
No, what's strange is someone her fathers age still reading MANGA comics
"He revealed the details of a classified program he admits he knew nothing about because it didn't smell right? He's going to jail, and rightly so"
"Windows was wiiiide open for years, which is why there are so many exploits for it"
How do you explain the current phishing infestation ?
'We've all read the "Surviving the First Day of Windows XP" guide; we know how open that OS was'
It's news to me that it was considered so open. I can't find a link to the original but this says that to secure XP you enabled the XP firewall. Not much of an improvement then.
"Thinking for even one second that you're fully secure because you're using Linux makes you part of the problem"
It's not my Linux getting hacked that's a worry, but the server getting hacked and my identity stolen.
"It goes back WAY further than 2006 .. It was much easier to get away with back then it would seem as it was before the invention of that CV2 number"
..
CV2 numbers are already hacked through the use of 'bugging' devices that record card wipes and key presses, usually with the collusion of the staff.
"but essentially its the same today as it was back then
Correct, a total failure of the so-called security experts to devise a secure online commercial transaction system
Which is easier, trying to stem the phishing epidemic or putting away a UFO nut ..
..
"The Americans have a secret spaceship?" I ask
".. What were the ship names?"
"I can't remember," says Gary.
"I was smoking a lot of dope at the time. Not good for the intellect."
The solution is to stop relying on Credit Card numbers for online verification. Using something like a smartcard, for each transaction, use a card-reader to generate a unique one time session-code. The transaction from the card-reader to the server is encrypted by this one-time session code. No CVC2 number, no PIN or card number need be entered or sent over the connection. To verify card present, the card generates a one-time four digit passcode that is syncronized with the server and this is typed in by the user, only then is the transaction completed. At worst all a key logger would record, is a defunct four digit code and session key.
What OS does the vast majority of this 'identity theft', spam and phishing run on ?
A better solution is for Sun to repackage the improved MySQL bits from Drizzle, OurDelta, Perconaand and charge for support and upgrades ..
"Sounds like they used humans to count the vote in reality. A very small percentage. Still a concern"
No, not 197 out of 64,161, but 197 votes out of a single precinct, and unknown numbers of others as they were never checked.
"Crnich said she was told that the software begins counting decks of ballots at zero, and that sometimes when a deck is deleted from the machine due to normal complications, the software also deletes the Deck Zero, which in this case was the vote-by-mail ballots from Precinct 1E-45"
"There are a few differences between ATMs and voting machines. First of all, ATMs are used daily, and if there was a bug in an ATM, it would be caught very quickly. Second of all, ATMs can be reflashed using the same connection that they use to contact the bank"
Firstly, voting machines should be subject to a full stress test before being deployed in a live election. Secondly ATMs can not be remotely 'reflashed', To upgrade required the replacement of the ATM module and the use of an external hand-held unit (plugged into the ATM) and the presence of two bank officials and the use of two unique PINS.
"it looks like a pretty normal software bug"
..
maybe on your planet the ability to count up in single integer increments is considered too esoteric for the average QA team, but here it's something the average IT student can manage
"Error itself is not a problem in a general election. This assumes that the error is uniformly distributed, which would not generate a meaningful change in the percentage results"
..
Total nonsence, error is a big a problem in an election, as you can't make any assumptions, as you don't know what the software is doing and finally discarding votes in an election is illegal
on my planet 1 + 1 = 2 or maybe sometimes 1.9 or maybe 2.01
1100 0101 1100 0101 1100 0101 1100 0101 1100 0101 1100 0101