Yeah, I got that reference too.
Funny, unobtanium's what they were looking for in Avatar as well. Those deep earth drilling rigs must've got really popular.
Gotta say, I've been using Gmail for years. I still get around 1500 spam messages a month caught by Gmail. I *maybe* get 1 spam message through a month and I have never had a false positive. I really can't complain:)
it'll be like the chip+pin cards that were 'unbreakable'.
Yeah, I get it, it's still a problem. My point though was not to solve this, it was to provide a way that your 'fingerprint hash' could be revoked and replaced with another. If your hash is based on fingerprint + password then that can be revoked and replaced with a hash based on fingerprint + newpassword, something you can't do with a fingerprint alone (or, at least limited to fingers, toes, ears etc).
you can't just revoke the fingerprints and send a new set in the post to the user like you can with a PIN or a passcard.
Very good point, I hadn't considered where that would leave us if the device could be bypassed. So, using a static base to create a hash that's used as authentication is fatally flawed if the ability to revoke/replace the hash is required - makes sense if you think about it.
What's required here is to use something else alongside the hash, or preferably when the hash is created that also is required when the biometrics are verified. Sounds like two-factor to me which, again, takes us to biometrics being identity only, not authentication.
losing one means it's usable by the bad guys in 33% of applications
How does my hash become usable to the bad guys? They'd have to find a way to receate a fingerprint that would verify correctly with that hash to steal my identity.
What's worrying is that although that's not possible (reliable?) at the moment it may be down the line. If this becomes possible and fingerprint hashes are lost/stolen and they're still being used to provide authentication instead of identity then we have a real problem.
Good link. What this shows is everything that's entitled to be kept in the identity card database which may/may not be what ends up there. We may find that only some of this information is actually stored.
If someone gets hold of my finger prints, what do I do then?
From what I've seen with biometrics previously, I doubt that your fingerprint would be stored in any sort of image-like or exportable form. Normally, a hash is taken based on your fingerprint (think GPG singing) and that hash is stored. It's a one way calculation, you can't then turn that hash back into a fingerprint but you can verifiy another fingerprint to the hash.
It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?
It's not the card that's the issue. The problem is that as part of the ID card program the UK Government want a centralised database behind this card that holds personal info on each citizen. To be honest, I don't think it's been clearly defined what the data is but it's expected to be DOB, national insurance number etc. The main concern is that the UK Government has a very poor track record in keeping this type of information secure. If this particular database, containing what most people expect it to contain, is compromised then it's ID theft-galore in the UK.
There will always be a segment of the population who wants to produce music simply for the fun of it. But they still need to eat.
More than this; the potential to earn enough cash quickly (and easily?) enough to allow you and your family to live comfortably for the rest of your life is a major driving factor for many of the people in the business today. The less reward there is available, the less motivation. Rightly or wrongly, with less reward you have less talent - or at least, less depth of talent.
Yeah, very similar to his point of view. He reckoned they were overpaid and overrated compared to similar skillsets in the UK. Maybe he got that wrong though, maybe the UK's underpaid and underrated?
The fact that more spam is originating from Gmail is not indicative of Gmails spam filters being less effective, I think they only scam mail sent to Gmail accounts.
We know that the Gmail Captcha was broken a few months back. It's more likely that a variant of that tool has become more widely distributed and/or cheaper and has found it's way into the hands of script-kiddies.
if I sing a song that you wrote, you will still be able to sing that song
That's true. However, if I spent time and effort writing/producing that song to make money for myself and my family then you took it and copied it without any due time and effort on your own part to make money for yourself (potentially damaging my earning ability in the process) I'd be pissed.
If you take something I've done, build on it and create something new then fair play to you and you deserve your reward. If you rip me off it's another story.
This was bound to happen. P2P is very useful technology. The RIAA and friends have approached the copyright issue by (more or less) tarring this technology as either immoral or just plain wrong. Sooner or later, somebody else with a bit of backing was going to leverage P2P to solve a problem and then come face-to-face with the RIAA. This is just another illustration of how the RIAA have approached this whole thing all wrong.
I'd like to see NADA become commercial to see how this would pan out.
I don't see how just demonstrating that an employee is uploading copyrighted content is good enough.
I don't get this either. YouTube's own Copyright Infringement Policy (http://www.google.com/support/youtube/bin/answer.py?answer=55772&topic=13656) states "YouTube respects the rights of copyright holders and publishers and requires all users to confirm they own the copyright or have permission from the copyright holder to upload content. We comply with the Digital Millennium Copyright Act (DMCA) and promptly remove content when properly notified." By "properly notified" they mean through their Copyright Infringement Notification process (http://www.google.com/support/youtube/bin/answer.py?answer=58127).
I haven't seen anywhere in these documents that says YouTube will takedown any copyrighted material that it's aware of. It all says that it will takedown all copyrighted material it's notified of. Big difference. The get-out clause would appear to be during the upload process. From their FAQs ( http://www.google.com/support/youtube/bin/answer.py?answer=55773&topic=13656) again "Since all content on YouTube is posted by our users, we make it clear in our terms of use and at the time of upload that they must own the copyright to the videos they post or have permission from the copyright holder.
So, even if a YouTube employee has uploaded content they've already claimed that they own the copyright. The YouTube policy on this is clearly that they take this claim at face value until proven otherwise through the notification process. What this case might do is move the burden of proving that copyright claim to the user uploading the content.
I am waiting for the EULA that requires all users to declare the programmer their god and send off their first born child to him in sacrifice. Didn't you agree to that one already when you signed up here?
I think what he meant by helping with homework was more along the lines of compiling sources for research, news stories, opinions, pictures... Yeah, I get your point. This can go too far though. It would be useful as a pointer to further resources so kids can research homework accurately. I wouldn't like to see this extend to inline answering though. If you make the answers too easy to find then the knowledge wont stick.
It will actually. It's a chat client. If the kid doesn't like it (and has home admin rights) they'll download and install ICQ.
Oh no, wait, wont that get round the monitoring?...
Slashdot Mirror
Yeah, I got that reference too. Funny, unobtanium's what they were looking for in Avatar as well. Those deep earth drilling rigs must've got really popular.
I haven't been able to look at the 2012 Olympics in the same way since reading this: http://www.theregister.co.uk/2009/11/29/olympic_logo_lisa_simpson/ Potentially they could be in trouble then?
Dear God people!!! Has no-one read PREY!!!?!?!?!!?!!!
Gotta say, I've been using Gmail for years. I still get around 1500 spam messages a month caught by Gmail. I *maybe* get 1 spam message through a month and I have never had a false positive. I really can't complain :)
it'll be like the chip+pin cards that were 'unbreakable'.
Yeah, I get it, it's still a problem. My point though was not to solve this, it was to provide a way that your 'fingerprint hash' could be revoked and replaced with another. If your hash is based on fingerprint + password then that can be revoked and replaced with a hash based on fingerprint + newpassword, something you can't do with a fingerprint alone (or, at least limited to fingers, toes, ears etc).
you can't just revoke the fingerprints and send a new set in the post to the user like you can with a PIN or a passcard.
Very good point, I hadn't considered where that would leave us if the device could be bypassed. So, using a static base to create a hash that's used as authentication is fatally flawed if the ability to revoke/replace the hash is required - makes sense if you think about it.
What's required here is to use something else alongside the hash, or preferably when the hash is created that also is required when the biometrics are verified. Sounds like two-factor to me which, again, takes us to biometrics being identity only, not authentication.
losing one means it's usable by the bad guys in 33% of applications
How does my hash become usable to the bad guys? They'd have to find a way to receate a fingerprint that would verify correctly with that hash to steal my identity. What's worrying is that although that's not possible (reliable?) at the moment it may be down the line. If this becomes possible and fingerprint hashes are lost/stolen and they're still being used to provide authentication instead of identity then we have a real problem.
Good link. What this shows is everything that's entitled to be kept in the identity card database which may/may not be what ends up there. We may find that only some of this information is actually stored.
Your fingerprints are all over the place anyway, so why would anybody go through lots of trouble to "steal" them?
Which brings us nicely to the fundamental problem with biometrics. Biometrics provide identity. They do not provide authentication.
If someone gets hold of my finger prints, what do I do then?
From what I've seen with biometrics previously, I doubt that your fingerprint would be stored in any sort of image-like or exportable form. Normally, a hash is taken based on your fingerprint (think GPG singing) and that hash is stored. It's a one way calculation, you can't then turn that hash back into a fingerprint but you can verifiy another fingerprint to the hash.
It isn't a big thing. It's an ID card that holds a fingerprint record. How is it bad to tie a card to a person?
It's not the card that's the issue. The problem is that as part of the ID card program the UK Government want a centralised database behind this card that holds personal info on each citizen. To be honest, I don't think it's been clearly defined what the data is but it's expected to be DOB, national insurance number etc. The main concern is that the UK Government has a very poor track record in keeping this type of information secure. If this particular database, containing what most people expect it to contain, is compromised then it's ID theft-galore in the UK.
There will always be a segment of the population who wants to produce music simply for the fun of it. But they still need to eat.
More than this; the potential to earn enough cash quickly (and easily?) enough to allow you and your family to live comfortably for the rest of your life is a major driving factor for many of the people in the business today. The less reward there is available, the less motivation. Rightly or wrongly, with less reward you have less talent - or at least, less depth of talent.
I have found memories of Usenet from the days before http
Damn it. I knew I'd left them somewhere.
A solution to nasty-tasting seawater! Lemonade oceans FTW!
Yeah. That would be Limeade though.
Living the the US is barely tolerable and people die constantly
Gee, that is bad. Over here in the UK, people only die once.
Yeah, very similar to his point of view. He reckoned they were overpaid and overrated compared to similar skillsets in the UK. Maybe he got that wrong though, maybe the UK's underpaid and underrated?
My mate was a Commanchio. He done a little work with the Seals. He was unimpressed.
The fact that more spam is originating from Gmail is not indicative of Gmails spam filters being less effective, I think they only scam mail sent to Gmail accounts.
We know that the Gmail Captcha was broken a few months back. It's more likely that a variant of that tool has become more widely distributed and/or cheaper and has found it's way into the hands of script-kiddies.
That's true. However, if I spent time and effort writing/producing that song to make money for myself and my family then you took it and copied it without any due time and effort on your own part to make money for yourself (potentially damaging my earning ability in the process) I'd be pissed.
If you take something I've done, build on it and create something new then fair play to you and you deserve your reward. If you rip me off it's another story.
This was bound to happen. P2P is very useful technology. The RIAA and friends have approached the copyright issue by (more or less) tarring this technology as either immoral or just plain wrong. Sooner or later, somebody else with a bit of backing was going to leverage P2P to solve a problem and then come face-to-face with the RIAA. This is just another illustration of how the RIAA have approached this whole thing all wrong.
I'd like to see NADA become commercial to see how this would pan out.
I don't get this either. YouTube's own Copyright Infringement Policy (http://www.google.com/support/youtube/bin/answer.py?answer=55772&topic=13656) states "YouTube respects the rights of copyright holders and publishers and requires all users to confirm they own the copyright or have permission from the copyright holder to upload content. We comply with the Digital Millennium Copyright Act (DMCA) and promptly remove content when properly notified." By "properly notified" they mean through their Copyright Infringement Notification process (http://www.google.com/support/youtube/bin/answer.py?answer=58127).
I haven't seen anywhere in these documents that says YouTube will takedown any copyrighted material that it's aware of. It all says that it will takedown all copyrighted material it's notified of. Big difference. The get-out clause would appear to be during the upload process. From their FAQs ( http://www.google.com/support/youtube/bin/answer.py?answer=55773&topic=13656) again "Since all content on YouTube is posted by our users, we make it clear in our terms of use and at the time of upload that they must own the copyright to the videos they post or have permission from the copyright holder.
So, even if a YouTube employee has uploaded content they've already claimed that they own the copyright. The YouTube policy on this is clearly that they take this claim at face value until proven otherwise through the notification process. What this case might do is move the burden of proving that copyright claim to the user uploading the content.
Clearly a more advanced AI will be sent back from the future to eliminate the dangerous AI before it becomes self-aware.
It will actually. It's a chat client. If the kid doesn't like it (and has home admin rights) they'll download and install ICQ. Oh no, wait, wont that get round the monitoring?...