HTML Email itself is a security risk. ALL browsers have security holes, and these holes have included things as serious as the ability to read arbitrary files, delete system files, and other nasties. I have seen the code for a page that will delete kernel32.dll on a Windows box running IE4.x or 5.x (given that the user has permissions on the file if you're running under NT) [code kiddies, don't ask for this, if you really want it, check out the bugtraq archives, Gregori Guninski is a genius], and Netscape has flaws that are just as bad [Netscape seems to have quite a bit more flaws than IE, I'm sad to say, which makes me an IE man]. In an effort to make browsers do more, there is a lot of the systems functionality integrated into the browsing experience, and with that exist ways to exploit those functionalities in nasty ways.
This cookies thing is just a drop in the bucket. If you still use HTML enabled email, you're asking for someone to drop you a bomb. If you really like a Microsoft mail client and you want to continue to be able to see HTML mail, make sure you put it in restricted zone! (it's in options) This won't totally protect you, unless you have "Internet Zone" security as high as it goes, because all it takes is for someone to drop an iframe in the email source (yes it's totally possible), and that iframe is a pointer to a page that whams you.
Find out from the University if they want to use the site name, or simply destroy its existance. Tell them that you're willing to work with them on its content. Ask them if they have ideas for improvement, and if they would be willing to help fund activities for the site. Tell them that this is a good way for them to get in touch with their students (something that my university, Millersville U of PA, needs to do very desperately).
Most of all, really kick butt on this site's usefulness. Open chat areas, hold contests, et cetera. Let them know that you're not defacing them in any way, and tell them that you're very open to suggestions on how the site should be run. Tell them that if they ever feel that you're abusing your use of the name, to come talk to you, and you'll be willing to let them know why it is that you did what you did that got them so upset.
I think that a compromise can be reached with the University. Mostly , Universities are all about you learning and getting an education. Them taking your domain from you is a bad indicator of their dedication to this fact. It would also be bad PR for them to do this.
If you need any help with implementing things for the site, give me a buzz, my email is: n t b u g t r a k (at) h o t m a i l (dot) c o m I know a lot about implementing things with Active Server Pages and HTML, and if your site is running on an NT or Windows box, I can help you with some really cool features.
If you know that you are good at what you do, then the answer is to become a consultant. I'm a consultant for a Pharmaceutical near Philadelphia, 20 years old, and am making $30 an hour (that's $60,000 [USD] a year if I don't put in overtime, which I do). Plus I mostly do HTML and Photoshop work. Periodically we get something interresting like a database driven site, at which time I get to exercise my knowledge of ASP, MSSQL, and Oracle, but that doesn't usually happen too often.
The secret is to know that you are the best, and in allmost all circumstances, prove it. You have to be dedicated. When I started this position a year and a half ago, I made $10 an hour, and trippled it in under a year. If you make yourself valuable, they will not be able to afford not to pay you more. You have to take as many responsibilities as you can. If you don't, you won't be invaluable, and so you won't be worth big raises.
Of course there are downsides to being a consultant. You get kind of hammered on taxes, for one, and there are no benefits. But if you have a spouse that can cover you under their benefits package, then you're doing well. Also, if you're a consultant, take a bit of advice: DON'T DO YOUR OWN TAXES!!!!!!!! Hire an accountant. Let me say this again, hire an accountant. And I don't mean H&R Block either, go to a firm with CPA's. If you do it yourself, you will either pay too much, or if you try to not pay too much, you will end up messing up something, and then it's waiting in line at the IRS, shoebox full of receipts clutched in your sweaty shaking hand.
Another benefit to being a consultant is that a lot of companies don't want to be weighed down with the possibility of you leaving, and so they sign you up on a contract. They can't then just lay you off when it comes time for reorganization. This, of course, means that you'll be tied to them for the length of your contract, but if you've proven yourself in that time, they will be eager to renew your contract, and they will be eager to get you to stay, so up goes the ol' salary.
I don't suggest consultantism if you're not good in your field, though. Your contract probably won't be renewed at the end. If you're one of these people, my suggestion to you is to learn who knows more than you, and study what they do. Do it in your own time. Ask them for samples of their work, and study it. An example of this is that we had hired in a new consultant who knew Macromedia Director like a firecracker (which I did not), and so I went to him and got some samples, and an install for the program. A couple of days later I had working knowledge of the program, and I started producing my own work. When I hit a snag, I could ask him for help, and soon we were operating nearly on par. My indispensibility just went up a couple of points, based entirely on about two weeks of work at home.
Although this is long, I just have to say that there are three things that every consultant needs to do to get a high salary (and keep it).
1. Be dedicated, put in the hours to become the best.
2. Be the best, if someone is better than you, and they need to drop the budget for the quarter, out you go. When you're not the best, become the best by admitting that they're better than you, and then study how they work.
3. Hire an accountant. There are a lot of consultants where I work, and any of them that have not taken this advice of mine end up paying too much, or too little, and paying too little can be much much worse than paying too much.
but, like my cable modem, is it eventually going to slow down to the point where I'd have better luck with a 2400bps dialup connection?
Here's what I mean... I realize that DSL works on a different principle than a cable modem in that no one else shares my connection to my ISP, but everyone signed up to my ISP does share my ISP's connection, and I'm worried that I'll put a pile of money into DSL just to find out that my ISP doesn't keep up with the bandwidth necessary to provide good service to its customers, rather the same principle as with the cable modem except that the bottleneck is at the ISP, not in my line to the ISP.
Most of these DSL providers require 2-4 year contracts, and I don't feel like shelling the cash out to find that my connection dies at the end of the first year and I start dialing up again while still paying for this expensive service.
I absolutely agree with you. In fact, wouldn't it be a very good idea to enable a rating system driven by ISP's? Say I'm an ISP, and I have a No-Spam rating of 25. I can bestow a similar rating on my subnets, but not greater. Then my ISP notices a lot of SPAM comming out of my account, warns me, and I still do nothing, so they drop me down to a 20. Now I can only rate those below me as a maximum of 20. Pretty soon, those sites where SPAM come from will get rated down to 1, and will probably fail most people's email client filters (which have been specially modified to destroy messages less than a rating of 5). You wouldn't be able to forge any of that since say i put out a message and my ISP tries to cheat by giving it a rating of 40. His ISP is going to put a rating on it based upon its database of spam-likelihood from that cheating ISP. My mail client just pays attention to the lowest number. ISP's aren't going to want to have a low rating, and so will do their best to prevent SPAM from being generated by their subnets. Suddenly we live in a world where those who generate SPAM are branded, and I can have almost complete certainty that I am uninterrested in a message which has a low rating, and comes from an email address that's not in my address book. Novel idea, I just came up with it, but I'm sure that if it were implemented, the generation of SPAM would still not be blocked, but its annoying me at read time dissapears.
Actually when they commit a crime to send the spam, then you are right, POW, you have a bloody nose. But in the "agreement" you make when you set up a server and allow it to be a node on the net through which other mail can be sent, part of that is a realization that you will pay to let other's messages go through your server as long as everyone else does the same. SPAMmers are very often underhanded and devious, but there cannot be a law that makes it illegal for me to sit down in Outlook or PINE and send a mass mailing, be it an unsolicited advertisement, illegal pyramid scheme, or whatever, with out that law eating into my rights as a netizen. What is the defining border between SPAM and a neat forward that I send to everyone because it gave me a chuckle? Usually that border is defined by "Am I annoyed by it?" So if I send a chain letter to my friends, I have actually SPAMmed them to some extent (don't you hate those things, and if you received it from someone you didn't know, it WOULD be full-fleged SPAM). Can the defining line then come down to "Did it come from someone I know?" If so, that's an extremely difficult case to enforce.
Say Mom just changed email addresses, and sent me a forward. My mom won't put her real name on her email address, she always makes up something witty. Because I don't recognize the email address, I track down the headers and report it to the censorship police who bust down her door and take her to jail for the night. Wow, that sucked, mistaken (or perhaps unknown) identity.
And besies, you are not FORCED to read SPAM any more than you are forced to read unsolicited snail mail. Actually, you are forced to read at least portions of snailspam because you need to legitimize the envelope before you toss it (it wouldn't do any good to toss out your actual notification of winning ten million dollars from Publisher's Clearing House). With SPAM, I can immediately see by the email address that there is a very good chance that it's spam, and the subject will give it away the rest of the time with 99.99 percent certainty (I've never been spammed where the sender and subject tricked me into believing it was a love letter from my fiancee or anything like that).
Although I would wish to never receive another SPAM again, there are also steps you can take to protect yourself. For example, open up a free email account (perhaps with NNI? [insert maniacal chuckle]), and never give your commonly used email to anyone but friends and family. Set that free account to forward to your regular account, and if you ever start getting spammed on it, simply close the account. This is what I do, in fact, if anyone were to reap my email off of this post and SPAM me, it's going to an account that I only ever check when I've signed up for some service online, and I need to get some registration information off of the message. Never once have I received a SPAM in my regular email, but I do receive two or three a week in my antispam account.
In the end, just about everything comes down to "I'm a big crybaby and don't like to be bugged, or take the effort to prevent me from being bugged, so Congress should pass a law so that I don't have to do any exercising of my delete button on SPAM." And while Congress is at it, they will have one more foot in the door of internet censorship.
which is why there's a delete button in your email reader. Anyone abusing these security holes is already committing a felony, especially if they're in a different state than the server. But, if I choose to send an email out without committing one of the pre-established cracking crimes, that should be my right. As much as it sucks, that's the way it is.
To all of you who scream for no legislation tethering the Internet, no censorship, blue ribbon campaign, etc., I cry "Hypocrisy"
Although I hate spam as much as anyone else, can we as conscience-wielding citizens actually state from the left side of our mouths that spam should be illegal while with the right side we state that there should be absolutely no restriction on internet communications? Do you see what I'm getting at?
I expect to be able to express my views over the internet in an uncoltrolled forum. The Internet has demonstrated it's usefulness as an unbound, unfettered learning and experimentation environment. Its exactly this characteristic that has made things like Linux and open source what it is today. When I need to research a paper for school, I can go to the internet to view the unbounded oppinions of others.
But do I really need to explain the benefits of online rights to all you slashdotters? The nearly bi-weekly articles about "Your rights Online" attest to the oppinions of most slashdotters, an oppinion that I share.
But what I'm getting at in the end is that anyone who can say that they want to legislate SPAM while simultaneously stating that there should be no internet censorship of any kind is simply a fool. It's like stating "I hate all apples" and then stating "I like Granny Smith apples."
I've used SAP, and it's a good program, it'll be even better if it's portable across all platforms like that. Man, what you can do with SAP. (and yes, SAP consultants make mucho $)
That just won't work, if we do that, then the government says, "Ok, so voluntary rating doesn't work, we'll have to have a division of the government whose job it is to censor content, and then we'll tax everyone out the wazoo to support it." Each page you hit is going to cost you a penny or two. Just reading the articles on slashdot, and a couple of the replies will cost a buck. Going through the like 20 registration pages on Microsoft when you're trying to download some eval software is going to cost more than the software itself (well, not really, THAT'd be kind of expensive)
Although it is a good and feasable concept, the fact is that once any sort of regulation starts on the internet, it is only a short jump to stricter regulation. Already the Internet has exemplified the sort of unburdened learning and experimentation that has never been seen before. As soon as this sort of regulation is put in place, this capacity is diminished, and will eventually be lost.
It is my oppinion that although the Internet provides a vast educational tool, it is not now, nor will it ever be, a place suitable for children to roam unsupervised. Just like it is a bad idea to use television to "babysit" your children, you cannot also use the Internet as a babysitter. Parents who leave their children in potentially harmful situations unsupervised are not doing their parental duty. Whether that situation be watching television, surfing the Internet, or wandering around a construction yard, all are potentially harmful and damaging experiences, and children should not be allowed that unsupervised.
Now whether this supervision be the parents actually looking over the shoulder of their children as the children watch, or more usefully, a program that logs the sites the children have been visiting, and flags sites that contain certain words. If it is explained to the children that they are being monitored, and that if they abuse their internet usage, they will lose it or have it restricted to times when the parent can watch over their shoulder, then they will be motivated to regulate themselves.
It would seem, by reading the coments posted by each of the sumit's panel members, that the panel is composed of advocates of this project, and not balanced with opponents at all. That leaves only one certainty to the outcome of the summit, the complete unanimous suggestion for internet censorship, or whatever you may wish to call it. Either way it amounts to the same thing.
no matter what data is on the chip, if it's done on http (not https) or I crack the encryption on the https, I still have the original data, and it's not too far to resend that exact same info to another site. Of course, then there's an electronic record of where the goods went, so they can know at least geographically close to where I operate from, even if I use a PO box. This different info cannot be used in a store (given that the chip contains different info than on the face of the card, if it doesn't, then it's just plain a stupid idea), so it's that much more secure. But if there is different info on the chip, do e-commerce sites need to change the way they operate to incorporate this? If they do, then AmEx is being foolish not to have involved everyone else because soon everyone will have their own way of doing it.
Slashdot Mirror
HTML Email itself is a security risk. ALL browsers have security holes, and these holes have included things as serious as the ability to read arbitrary files, delete system files, and other nasties. I have seen the code for a page that will delete kernel32.dll on a Windows box running IE4.x or 5.x (given that the user has permissions on the file if you're running under NT) [code kiddies, don't ask for this, if you really want it, check out the bugtraq archives, Gregori Guninski is a genius], and Netscape has flaws that are just as bad [Netscape seems to have quite a bit more flaws than IE, I'm sad to say, which makes me an IE man]. In an effort to make browsers do more, there is a lot of the systems functionality integrated into the browsing experience, and with that exist ways to exploit those functionalities in nasty ways.
This cookies thing is just a drop in the bucket. If you still use HTML enabled email, you're asking for someone to drop you a bomb. If you really like a Microsoft mail client and you want to continue to be able to see HTML mail, make sure you put it in restricted zone! (it's in options) This won't totally protect you, unless you have "Internet Zone" security as high as it goes, because all it takes is for someone to drop an iframe in the email source (yes it's totally possible), and that iframe is a pointer to a page that whams you.
Find out from the University if they want to use the site name, or simply destroy its existance. Tell them that you're willing to work with them on its content. Ask them if they have ideas for improvement, and if they would be willing to help fund activities for the site. Tell them that this is a good way for them to get in touch with their students (something that my university, Millersville U of PA, needs to do very desperately).
Most of all, really kick butt on this site's usefulness. Open chat areas, hold contests, et cetera. Let them know that you're not defacing them in any way, and tell them that you're very open to suggestions on how the site should be run. Tell them that if they ever feel that you're abusing your use of the name, to come talk to you, and you'll be willing to let them know why it is that you did what you did that got them so upset.
I think that a compromise can be reached with the University. Mostly , Universities are all about you learning and getting an education. Them taking your domain from you is a bad indicator of their dedication to this fact. It would also be bad PR for them to do this.
If you need any help with implementing things for the site, give me a buzz, my email is:
n t b u g t r a k (at) h o t m a i l (dot) c o m
I know a lot about implementing things with Active Server Pages and HTML, and if your site is running on an NT or Windows box, I can help you with some really cool features.
If you know that you are good at what you do, then the answer is to become a consultant. I'm a consultant for a Pharmaceutical near Philadelphia, 20 years old, and am making $30 an hour (that's $60,000 [USD] a year if I don't put in overtime, which I do). Plus I mostly do HTML and Photoshop work. Periodically we get something interresting like a database driven site, at which time I get to exercise my knowledge of ASP, MSSQL, and Oracle, but that doesn't usually happen too often.
The secret is to know that you are the best, and in allmost all circumstances, prove it. You have to be dedicated. When I started this position a year and a half ago, I made $10 an hour, and trippled it in under a year. If you make yourself valuable, they will not be able to afford not to pay you more. You have to take as many responsibilities as you can. If you don't, you won't be invaluable, and so you won't be worth big raises.
Of course there are downsides to being a consultant. You get kind of hammered on taxes, for one, and there are no benefits. But if you have a spouse that can cover you under their benefits package, then you're doing well. Also, if you're a consultant, take a bit of advice: DON'T DO YOUR OWN TAXES!!!!!!!! Hire an accountant. Let me say this again, hire an accountant. And I don't mean H&R Block either, go to a firm with CPA's. If you do it yourself, you will either pay too much, or if you try to not pay too much, you will end up messing up something, and then it's waiting in line at the IRS, shoebox full of receipts clutched in your sweaty shaking hand.
Another benefit to being a consultant is that a lot of companies don't want to be weighed down with the possibility of you leaving, and so they sign you up on a contract. They can't then just lay you off when it comes time for reorganization. This, of course, means that you'll be tied to them for the length of your contract, but if you've proven yourself in that time, they will be eager to renew your contract, and they will be eager to get you to stay, so up goes the ol' salary.
I don't suggest consultantism if you're not good in your field, though. Your contract probably won't be renewed at the end. If you're one of these people, my suggestion to you is to learn who knows more than you, and study what they do. Do it in your own time. Ask them for samples of their work, and study it. An example of this is that we had hired in a new consultant who knew Macromedia Director like a firecracker (which I did not), and so I went to him and got some samples, and an install for the program. A couple of days later I had working knowledge of the program, and I started producing my own work. When I hit a snag, I could ask him for help, and soon we were operating nearly on par. My indispensibility just went up a couple of points, based entirely on about two weeks of work at home.
Although this is long, I just have to say that there are three things that every consultant needs to do to get a high salary (and keep it).
1. Be dedicated, put in the hours to become the best.
2. Be the best, if someone is better than you, and they need to drop the budget for the quarter, out you go. When you're not the best, become the best by admitting that they're better than you, and then study how they work.
3. Hire an accountant. There are a lot of consultants where I work, and any of them that have not taken this advice of mine end up paying too much, or too little, and paying too little can be much much worse than paying too much.
but, like my cable modem, is it eventually going to slow down to the point where I'd have better luck with a 2400bps dialup connection?
Here's what I mean... I realize that DSL works on a different principle than a cable modem in that no one else shares my connection to my ISP, but everyone signed up to my ISP does share my ISP's connection, and I'm worried that I'll put a pile of money into DSL just to find out that my ISP doesn't keep up with the bandwidth necessary to provide good service to its customers, rather the same principle as with the cable modem except that the bottleneck is at the ISP, not in my line to the ISP.
Most of these DSL providers require 2-4 year contracts, and I don't feel like shelling the cash out to find that my connection dies at the end of the first year and I start dialing up again while still paying for this expensive service.
I absolutely agree with you. In fact, wouldn't it be a very good idea to enable a rating system driven by ISP's? Say I'm an ISP, and I have a No-Spam rating of 25. I can bestow a similar rating on my subnets, but not greater. Then my ISP notices a lot of SPAM comming out of my account, warns me, and I still do nothing, so they drop me down to a 20. Now I can only rate those below me as a maximum of 20. Pretty soon, those sites where SPAM come from will get rated down to 1, and will probably fail most people's email client filters (which have been specially modified to destroy messages less than a rating of 5). You wouldn't be able to forge any of that since say i put out a message and my ISP tries to cheat by giving it a rating of 40. His ISP is going to put a rating on it based upon its database of spam-likelihood from that cheating ISP. My mail client just pays attention to the lowest number. ISP's aren't going to want to have a low rating, and so will do their best to prevent SPAM from being generated by their subnets. Suddenly we live in a world where those who generate SPAM are branded, and I can have almost complete certainty that I am uninterrested in a message which has a low rating, and comes from an email address that's not in my address book. Novel idea, I just came up with it, but I'm sure that if it were implemented, the generation of SPAM would still not be blocked, but its annoying me at read time dissapears.
Read this guy's response, he summs it up nicely:
RE: Hyppocricy
Actually when they commit a crime to send the spam, then you are right, POW, you have a bloody nose. But in the "agreement" you make when you set up a server and allow it to be a node on the net through which other mail can be sent, part of that is a realization that you will pay to let other's messages go through your server as long as everyone else does the same. SPAMmers are very often underhanded and devious, but there cannot be a law that makes it illegal for me to sit down in Outlook or PINE and send a mass mailing, be it an unsolicited advertisement, illegal pyramid scheme, or whatever, with out that law eating into my rights as a netizen. What is the defining border between SPAM and a neat forward that I send to everyone because it gave me a chuckle? Usually that border is defined by "Am I annoyed by it?" So if I send a chain letter to my friends, I have actually SPAMmed them to some extent (don't you hate those things, and if you received it from someone you didn't know, it WOULD be full-fleged SPAM). Can the defining line then come down to "Did it come from someone I know?" If so, that's an extremely difficult case to enforce.
Say Mom just changed email addresses, and sent me a forward. My mom won't put her real name on her email address, she always makes up something witty. Because I don't recognize the email address, I track down the headers and report it to the censorship police who bust down her door and take her to jail for the night. Wow, that sucked, mistaken (or perhaps unknown) identity.
And besies, you are not FORCED to read SPAM any more than you are forced to read unsolicited snail mail. Actually, you are forced to read at least portions of snailspam because you need to legitimize the envelope before you toss it (it wouldn't do any good to toss out your actual notification of winning ten million dollars from Publisher's Clearing House). With SPAM, I can immediately see by the email address that there is a very good chance that it's spam, and the subject will give it away the rest of the time with 99.99 percent certainty (I've never been spammed where the sender and subject tricked me into believing it was a love letter from my fiancee or anything like that).
Although I would wish to never receive another SPAM again, there are also steps you can take to protect yourself. For example, open up a free email account (perhaps with NNI? [insert maniacal chuckle]), and never give your commonly used email to anyone but friends and family. Set that free account to forward to your regular account, and if you ever start getting spammed on it, simply close the account. This is what I do, in fact, if anyone were to reap my email off of this post and SPAM me, it's going to an account that I only ever check when I've signed up for some service online, and I need to get some registration information off of the message. Never once have I received a SPAM in my regular email, but I do receive two or three a week in my antispam account.
In the end, just about everything comes down to "I'm a big crybaby and don't like to be bugged, or take the effort to prevent me from being bugged, so Congress should pass a law so that I don't have to do any exercising of my delete button on SPAM." And while Congress is at it, they will have one more foot in the door of internet censorship.
which is why there's a delete button in your email reader. Anyone abusing these security holes is already committing a felony, especially if they're in a different state than the server. But, if I choose to send an email out without committing one of the pre-established cracking crimes, that should be my right. As much as it sucks, that's the way it is.
To all of you who scream for no legislation tethering the Internet, no censorship, blue ribbon campaign, etc., I cry "Hypocrisy"
Although I hate spam as much as anyone else, can we as conscience-wielding citizens actually state from the left side of our mouths that spam should be illegal while with the right side we state that there should be absolutely no restriction on internet communications? Do you see what I'm getting at?
I expect to be able to express my views over the internet in an uncoltrolled forum. The Internet has demonstrated it's usefulness as an unbound, unfettered learning and experimentation environment. Its exactly this characteristic that has made things like Linux and open source what it is today. When I need to research a paper for school, I can go to the internet to view the unbounded oppinions of others.
But do I really need to explain the benefits of online rights to all you slashdotters? The nearly bi-weekly articles about "Your rights Online" attest to the oppinions of most slashdotters, an oppinion that I share.
But what I'm getting at in the end is that anyone who can say that they want to legislate SPAM while simultaneously stating that there should be no internet censorship of any kind is simply a fool. It's like stating "I hate all apples" and then stating "I like Granny Smith apples."
yeah, but that only resolves for http://doubleclick.net.
You still have to manually specify each entire hostname you want, i.e. you have to say
127.0.0.1 ad.doubleclick.net
127.0.0.1 ad2.doubleclick.net
Then it'll work. Otherwise you still see the ads. To try it out, make the necessary changes, then try clicking this:
http://ad.doublecli ck.net/jump/Webnet.smartparentwebnet.com/B22
I've used SAP, and it's a good program, it'll be even better if it's portable across all platforms like that. Man, what you can do with SAP. (and yes, SAP consultants make mucho $)
That just won't work, if we do that, then the government says, "Ok, so voluntary rating doesn't work, we'll have to have a division of the government whose job it is to censor content, and then we'll tax everyone out the wazoo to support it." Each page you hit is going to cost you a penny or two. Just reading the articles on slashdot, and a couple of the replies will cost a buck. Going through the like 20 registration pages on Microsoft when you're trying to download some eval software is going to cost more than the software itself (well, not really, THAT'd be kind of expensive)
Although it is a good and feasable concept, the fact is that once any sort of regulation starts on the internet, it is only a short jump to stricter regulation. Already the Internet has exemplified the sort of unburdened learning and experimentation that has never been seen before. As soon as this sort of regulation is put in place, this capacity is diminished, and will eventually be lost.
It is my oppinion that although the Internet provides a vast educational tool, it is not now, nor will it ever be, a place suitable for children to roam unsupervised. Just like it is a bad idea to use television to "babysit" your children, you cannot also use the Internet as a babysitter. Parents who leave their children in potentially harmful situations unsupervised are not doing their parental duty. Whether that situation be watching television, surfing the Internet, or wandering around a construction yard, all are potentially harmful and damaging experiences, and children should not be allowed that unsupervised.
Now whether this supervision be the parents actually looking over the shoulder of their children as the children watch, or more usefully, a program that logs the sites the children have been visiting, and flags sites that contain certain words. If it is explained to the children that they are being monitored, and that if they abuse their internet usage, they will lose it or have it restricted to times when the parent can watch over their shoulder, then they will be motivated to regulate themselves.
It would seem, by reading the coments posted by each of the sumit's panel members, that the panel is composed of advocates of this project, and not balanced with opponents at all. That leaves only one certainty to the outcome of the summit, the complete unanimous suggestion for internet censorship, or whatever you may wish to call it. Either way it amounts to the same thing.
no matter what data is on the chip, if it's done on http (not https) or I crack the encryption on the https, I still have the original data, and it's not too far to resend that exact same info to another site. Of course, then there's an electronic record of where the goods went, so they can know at least geographically close to where I operate from, even if I use a PO box. This different info cannot be used in a store (given that the chip contains different info than on the face of the card, if it doesn't, then it's just plain a stupid idea), so it's that much more secure. But if there is different info on the chip, do e-commerce sites need to change the way they operate to incorporate this? If they do, then AmEx is being foolish not to have involved everyone else because soon everyone will have their own way of doing it.