Either way, you're simply wrong. (You seem to like bold.) If you want to stick to facts, let's review a few.
The Illegal Warrantless Surveillance program, or "The Surveillance Program", TSP, as you so quaintly call it, was in full swing for several years before the "Protect America Act" (your own reference) was even introduced (in early August 2007). Said "Act" was a long belated attempt to retroactively clothe the illegal program the President attempted to pretend he had the authority to authorize, and he was called out on it. He does not have any such authority, and never has. The Foreign Intelligence Surveillance Act (FISA) is VERY explicit about what authority the president has, even in a time of war, and "TSP", is way over the line.
As much as you seem to want to believe, simply renaming a program doesn't make it go away.
Renaming things is a favorite tactic of this administration to keep doing the same things they're told again and again they aren't allowed to do. The long, sordid history of Total Information Awareness is a good example of what I mean, and given the Administration's track record on this, I wouldn't be at all surprised if it was directly related to "TSP", just one more head of the hydra they've created.
The CORRECT response to all of this is to first review and relearn the function of copyright, then recognize that the ORIGINAL terms are most effective at balancing the interest of the creator with those of the public. The function of copyright is to benefit the public good, by providing REASONABLE protection for compensation for creators, while encouraging them to continue to create, rather than retain copyright forever.
The REAL solution is exactly the reverse of what's been proposed. The term for copyright should be REDUCED back to 14 years or so, after which the work reverts to the PUBLIC DOMAIN, and it should prohibited that it be extended.
This serves to provide a reasonable period to collect appropriate fees and royalties, after which the interest of the public should supersede that of the creator. And, the beneficiary of this should be the REAL creator, not some amorphous RICO entity of an *IAA, or some monster publishing house. For collaborative endeavors (movies are one example), it would be reasonable that there be a trust composed of the creative agents, so there is still a mechanism to compensate organizations and corporate entities engaged in such activities. Their interest should be of no greater duration than the human creators of record. (If anything, their rights should be more limited, since a corporate entity has no natural lifespan to limit the tenure of their control, and this harms the public interest as a result. This is exactly the reason, by the way, such entities keep pushing to extend the span of copyright, to the public's continuing detriment.) Time-limited trusts, by comparison, may be created with such a built in lifespan, after which they expire.
Summation
Screw Disney. Screw the *IAA. Screw the Studios. Screw the estates of dead artists. Mickey should have entered the public domain years ago, along with the vast majority of the music, television and movie catalogs currently out there.
To all of You. Get over it. Stop trying to steal from the public coffers, and the collective public legacy. Go create something new. For new things, you should be rewarded, at reasonable rates. But only for an appropriately transitory period.
The real danger is the underlying assumption that's posed here.
This entire bit of nonsense is predicated upon the concept that ANY unsurveilled activity promotes terrorism.
Which in turn strongly suggests that the current functional premise of the NSA is that ALL activities should be surveilled at all times. That is a hugely flawed, and enormously dangerous premise. This is the premise at the very core of all of Orwell's fears and predictions. This is a premise that must be prevented from coming to fruition.
A surveillance society is anathema to a free society. It is a society in which everyone becomes, by definition, a criminal who simply has yet to be caught, and will be treated accordingly.
Stripped of all privacy, the next step is to strip the populace of any means to protect themselves, under the premise that 'only criminals would ever have <insert means of defense>'. Rapidly, a government intended to serve it's people is instead becoming one which instead attempts to further control them 'for their own good'.
THAT is the real threat. NOT imaginary terrorists.
Unlike when talking about Microsoft's sales numbers for Vista, I think it's pretty unlikely that anyone is cooking the books here.
There is no real discrepancy. That number can be easily accounted for in terms of unlocked iPhones, for folks who don't want, or can't use AT&T. Twenty percent seems to be a perfectly reasonable number for that.
I think if you review numbers for sales of other phones (note the significant decrease in sales of other leading phones, such as the Razr) those will also support the high sales figures reported for the iPhone.
Apple announcing the SDK prior to activating my iPhone after Christmas is the only reason I bothered to sign up with AT&T (though I still have some reservations about it). My reasoning was that if I became too unhappy, I'd kick AT&T to the curb, eat the early contract cancellation, and go to another carrier. (And, in the meantime, I still get the enhanced voice-mail my voice-mail message count, and I can still hack away at it, even with AT&T as my carrier.)
I also know a lot of savvy folks who have taken the opportunity to negotiate discounts on their existing phones and services because the other wireless carriers are scared to death of the iPhone, and of folks leaving them to switch to it. Even if only four out of five of those folks are leaving for AT&T/Cingular, they still have plenty to worry about.
If you had, you would probably at least know that the Judge was a 'she' not a 'he'. If you did actually read the article, this might be a good indicator of how much you actually paid attention to what you were reading...
Several of the 'conclusions of law', as stipulated, are indeed seriously problematic. She did not specify her rulings upon the basis of an injunction. She specified them based upon the actions themselves. THAT is why technically savvy individuals consider her ruling to be badly flawed.
Her conclusions on Zone Transfer Queries, for starters, are seriously flawed. There are plenty of legitimate reasons to make DNS Zone queries when you are not an employee or someone else acting with the explicit permission of the entity who put the server in place. Many ISPs cache entire zones to cut down on excess DNS traffic for requests from their customers, for example.
For another, while it is difficult to say with certainty not knowing the exact details of the testimony of the defense's expert witness, a reading of her response by someone knowledgeable with DNS configuration suggests reasonably that he may have attempted to explain that there are specific methods that would be used to prevent zone transfers to unauthorized servers, that there were other methods that would be used to configure the server to provide zone information in response to external requests, and that by configuring their DNS server in such a way as to give the Zone information, the plaintiffs were authorizing the transfer of information and making the information publicly available. If their DNS server was configured to respond to external Zone Transfer requests, this information would in effect be public, as anyone at all, not just the defendant, who issued a perfectly normal host command would have received that information. If this was not their intent, the issue would be one of incompetence on the part of their technical staff, not one of 'hacking' on the part of the defendant.
Her suggestion that using a command switch for 'host' that is clearly documented to query information that was publicly available constitutes 'unauthorized use of a computer system' is unfounded, overly broad, and, to any technically knowledgeable individual, deplorable. She does not state that she reached her conclusion because of any injunction against the defendant. She states her finding is based upon the facility of the program itself, and her miraculous idea that somehow use of this normal function is somehow mystically, only intended for a specific subset of target users she has imagined. One that is, again, seriously flawed.
'Knowledge available to the average user' should NEVER be used as a yard stick for what constitutes the acceptable bounds of computer use. The 'average user' is ignorant of the actual function and capabilities of their systems to a point that is common to describe them, quite accurately, as largely 'computer illiterate'.
If no one knew more about any particular thing than an 'average' individual does, at any given point in time, we'd still be hunting and gathering. To suggest that this baseline should have anything to do with determination of what constitutes a potential criminal act, if applied to any other circumstance, would immediately render anyone of actual knowledge, rather than vague theories about a subject a criminal.
What do you know, for example, about repairing the engine of your car. Say you know quite a bit about it. Should you be considered a criminal if you make repairs on it, based upon knowledge you have, if you aren't a certified mechanic? How about if you repair your mother's car with that knowledge. Does that make you a criminal? By this Judge's logic, it would.
If you don't like that analogy, try this one. Let's say that the 'average person' knows that telephone bo
I believe you're rather missing the point that folks are trying to make.
This would be nothing more than a moderately interesting footnote if we were talking about specialty positions where real-time health monitoring in situ might make sense, based upon unusual job circumstances.
Unfortunately, that's not what's being discussed.
The article places this in the context of mainstream -- as in everyday -- jobs.
Think "generic hapless office worker spied on by Information Retrieval in Brazil", not "most inconveniently expired engineer from Runaway Train"...
In terms of everyday jobs, I seriously think it unlikely that anything good would come of this, while I can easily see much that is bad being fairly likely.
I've never understood why anyone would choose MAC filtering or a hidden SSID instead of (or as well as) WPA encryption.... Why use hidden SSID/MAC filtering at all?
In this discussion we're certainly not talking about anything in the realm of 'instead of'. I was addressing the questions that had been brought up about all of the different techniques that are commonly available on most routers, why they were implemented, and why they have more than zero value. I'm certainly not suggesting that any of those methods is individually a replacement for some combination of all of them.
Hidden SSID/MAC Filtering/halfway decent encryption all address different aspects of a broader picture. Keep in mind that there's a wide variety of folks out there, from completely clueless at one end of the spectrum, to extremely knowledgeable at the other, and that, pretty much, it's a continuum. It's not a symmetrical bell curve, as the clueless pretty heavily outnumber those at the knowledgeable end of the spectrum.
1) Hidden SSID is your bush/fig leaf. Casual passerby won't notice you to begin with. No, it doesn't address anything more significant than that. But, it does help. A little. It may keep the number of requests down a bit from folks who poke your router just on the off chance that if they can see it that they can get onto it. And save a bit in the way of cpu cycles on the router. (No, not lots, but every bit helps, even if a little.) It's a level one dweeb filter. It may not be much, but it's not quite totally useless. In terms of pure numbers, this honestly probably stops the majority of folks out there. (Most folks really are on the shallow end of the knowledge pool for wireless.) Would any of the folks who it removes from the equation likely be any threat? Doubtfully. But, there we are, nonetheless.
2) MAC Address filtering adds another layer to the security onion. (You shouldn't just expect one answer to be the fix for all issues.) MAC Filtering is more of a level 2 dweeb filter, which is effective against another (somewhat more knowledgeable) subset of folks wanting to hitch a ride on your router. No. It doesn't stop everyone, either. But, again, it does still stop some folks. There are tools that will show hidden networks that still don't really have teeth to do much more than that. This helps against the folks who've figured out that much, but not much more. Probably, it still stops more people than not.
Even if someone does have the tools to sniff traffic long enough to grab a MAC Address to spoof, they can't do it if your equipment isn't transmitting when you aren't home (say, you're using wireless for your laptop only, which you take with you, not any workstations you may have at home). When you're not home, there aren't any packets wandering around with a permitted wireless MAC, so there's nothing to sniff to identify and spoof. So, rather than being 'something that simply doesn't help', in order to beat it, folks may have to be at the right place, at the right time, with the right tools, to be able to circumvent it. Not perfect, but not nearly so useless as some folks suggest. (Of course, some folks use wireless for devices that never leave the house, and that are always on, so in that circumstance, you've always got packets to sniff, so like with all things, each network is different, and your mileage will vary.)
3) Data encryption is another (important) layer. But, don't think this is a simple, one stop solution, either. WEP (which you didn't bother to bring up, but I will), while easily compromised with the right tools will still stop folks without the right toolset. Sort of like a simple hook latch or door chain can. Yes. Other folks will stroll right through it. It's still a matter of numbers, and each additional measure will stop another portion of the remaining folks out there.
Once you start being serious about trying to keep things really secure, as you brought up, you are talking about WPA and W
A perfectly appropriate observation, yes. In this case, that's pretty much the case put forward for hiding the SSID. With all attendendant caveats aganst its effectiveness against anyone serious.
And, I agree the lock analogy is a bad one. That's why I suggested it's really more of a shrubbery. Or, if you prefer, perhaps a fig leaf.
Just like other uses of security through obscurity, it's not particularly effective when we're talking about anyone other than the casual pedestrian. In the case of the largely clueless passerby, though, it is, marginally at least, better than nothing at all...:)
WPA2, with rotating encryption, is much closer to the lock analogy, yes. And just like most physical locks, it mostly slows people down long enough for the nuisance factor to kick in. If it's easier to go next door, then most people will. It's really more about human nature than effective access prevention. If true security is important, then wireless probably doesn't really fit the bill.
There are a couple of principles you seem to be missing, starting with the idea of relative security. It is possible to make a wireless network 'more secure' than it is, as configured by default out of the box. It does help, in the same way that improving the security on the average home helps. Will it stop someone determined to get in? Very probably not. Can you make it easier for someone to go to the house next door, that has not implemented any of the steps to secure themselves? Yes. As a rule, people are usually lazier than they are determined to get into one specific network. If folks are serious about wanting a secure network, there are all sorts of things they can do. Most of them involve not having a wireless connection, or spending a *lot* more time, money, and effort on it than folks do on the average home network. Having noted that, let's look at your list.
Hidden SSID: One commonly expressed theory behind hiding a SSID is similar to why you lock your car. If your car is locked, it's a less attractive target than one which isn't. Hiding your SSID does make a network a less obvious target than one which is visible. It doesn't impede any serious search for networks by someone knowledgeable, but it will remain hidden to casual view. Is this vaguely inconvenient? Possibly, but then, really, so are locks. Really, I've never been so fond of that analogy.
If you like, I think a better analogy might actually be that hiding your SSID is like planting a bush in your front yard that obscures a direct view of your front door. It doesn't really make your door any more secure, in and of itself, but it might make it less obvious that there's a door there to begin with. Someone simply walking by might not notice it, but someone sitting in their car, watching folks come and go is sure to notice it. It just makes it more likely that a casual passerby might try one of the obvious doors nearby to see if they can get in, rather than trying yours.
MAC Filtering: Similarly, MAC filtering is better than not MAC filtering. The observer can't get on the network unless they spend enough time analyzing active traffic to sift for MAC info. Yes, with the right tools 'enough time' is relative, and not all that long. But, if you're not around using your wireless network when they're doing the analysis, it's difficult to obtain that info, since your MAC isn't being broadcast to begin with. Is it perfect security? Not by any means, but, again, it's a lot easier to get onto a network that's not using it than one which is. Not everyone is running Kismet with a wireless network card configured in promiscuous mode, and even with the number of folks who are, most are more likely to roll a half block down to the completely open network that's almost invariably there than spend time trying to get onto the more secure network, simply for the challenge of it.
Change the default password: If you seriously don't understand this, then you are completely clueless, regardless what tools you're using. Just because you can guess a few passwords using the short list that unimaginative folks commonly use doesn't mean that you can guess any password. (Of course, script kiddies commonly don't have any idea why what they use works, but that doesn't mean it doesn't.) If you were thinking at all about what you were writing, you'd see you make the point yourself as to exactly why it's important. You commonly 'just look up manufacturers default passwords'. If they set a proper password, it makes things more difficult, and you have to try to guess it. With a good password, you're not going to simply guess it.
Crashing the Router: As for your alternative, no decent router should ever come back up with the factory presets after a simple crash. It should always come up with the custom settings, or, failing that, remain hung until manually reset by hand. Even if they do come up with the factory defaults, for modern routers at least, that should be with the external management interface disabled.
For the longest time, Firefox had a bug where it put its cache in the "Application Data" directory instead of the "Local Settings" directory. For those who are unfamiliar with Windows, what this means it that Firefox was saying that the web cache was important data that should be migrated to follow the user, instead of disposable data that could be flushed with no penalty. As a result, for an extremely long time, Firefox was utterly, 100% useless for companies/organizations that use roaming profiles. It took ages for this bug to be fixed; IIRC it was reported around version 0.6 and finally fixed in version 2.0, but I can't find it on Bugzilla anymore so I can't be certain.
For those of you unfamiliar with programming, a 'bug' is an actual coding error. This was NOT a bug. This was a conscious choice made for where to place files. Simply because you think there was a better choice of location does not make it a bug. And, it had an easy solution. TURN OFF BROWSER CACHING. Alternatively, setting Firefox to delete the cache upon close in the Security preferences would decrease the problem significantly, if not eliminate it.
For those actually familiar with managing and administering roaming profiles, you'll also be aware that you have some degree of control over what is, or is not, permitted to sync when roaming. IDNR precisely, but i believe "Application Data" is one of the items that can be set not to propagate with the roaming profile, just like the users desktop image, and desktop folder, for example, which propagate by default, but are quite commonly excluded from roaming because some users insist on monstrously large desktop images, and keeping tons of files (and even applications) on their desktop, which commonly causes all sorts of bottlenecks when roaming until disabled.
Get to use all your skills? Full stop. Let's review.
This is the government, with everything that comes with it. Those of you with government experience know what this means. Bureaucracy. Red Tape. Paperwork. For those of you who haven't had the experience, think of the most amazingly, monumentally, mind-bogglingly inane busywork paperwork you've ever had to deal with, and then multiply that by the biggest number you can imagine. Keep imagining.
How well does bureaucracy adapt to change and embrace new technology, and all of it's associated skills? Here's a hint. The Bureau is still using Hoover's secretary's original filing system. Yes, it's still manual. Still paper. No changes. The same system. CSI is entertaining fiction.
Other than small numbers of your fellow squad-mates who are also on cyber detail, your fellow agents are likely neo-luddites, mildly intimidated by word-processing. They're very, very bright people, with a lot of skills. Those skills, however, largely don't involve computers. And for the most part, they don't have to. Most areas of the office are air gapped, anyway. (Really, for the most part, they probably don't trust computers -- which, if you think about it, suggests they are pretty bright after all -- but they're probably not entirely sure they trust someone who spends too much time with them either. Put in enough time on the range, working out, knocking on doors, pounding pavement, and using your head to show you have a clue and you won't get them killed, and then you'll be okay. But not before.)
As for your primary prey, it will not be spammers. It will not be botnet operators. It will not be industrial spies. You will not for the most part, young padawan, be matching your jedi skills against the very best the dark side has to offer.
You will be chasing kiddie porn peddlars, and child molesters. You will be pretending to be 12-year-old girls in chat rooms. When you're doing well, you will be knocking on doors at 5 am, having to spend countless hours reviewing video tape collections to see what has been taped somewhere in the middle of those 400 episodes of 'the golden girls', or all of those Richard Simmons videos. When you find it, you will have to catalog it. (You will learn to be grateful for the fast-forward button on your remote. And you will see things you wish you could unsee.)
If you're a badge-carrying Special Agent, yes, you're armed. "How cool, is that!", you say. You're armed whenever you're on duty, wherever you go. It's a Federal License. Those pesky little state limitations on firearms don't apply.
Add one little detail. You're on call 24x7x365. Which means you have to be able to report for duty at any time, with no advance warning. Which means you're armed -- all the time. No breaks. No holidays. No days off without a sidearm. (Ponder this: where do you put your piece if you want to go to the beach?)
Pay? For a rough rule of thumb calculation, take your current salary in your technical field. Divide by 2 to 2.5. The greater your technical skills the larger the number you'll divide by. You don't get paid based upon your skill set. You get paid based upon your grade. Which is dependent upon time in chair, once you're actually in. Unless you're former law enforcement, former military, or worked for a different governmental agency, in which case you'll start at a higher grade than someone without that background. (Though not necessarily at your previous grade, either.)
Hours? Standard base is a 50 hour week. Unless you're needed for anything else, in which case it may be more. For a lot of tech folks, 50 hours is no big deal, you think. But, here's the kicker. Your morning will usually start at 5 am, in order to get to the office by 7 am. Unless you're knocking on someone's door, in which case you're probably up by 3 am. Or you're on stake out, in which case you're working whatever you're working. (If you're early, you're o
Certainly, I do. I've also been keeping an eye on the last several similar discussions.
Clearly, though, you do have some confusion about it...
Apple's contract with AT&T as an exclusive carrier is not binding upon purchasers of the iPhone. They have the legal right to hack the iPhone to use alternative carries if they choose. That IS one of the reasons folks have been hacking the iPhone. So it is relevant. And, yes, that has been brought up.
I also addressed the apparently ambivalent response from folks on Slashdot about the current method being a browser exploit that's likely to be patched soon, and why within this story it has generally been viewed positively, rather than negatively.
If you're having problems keeping up, then perhaps you should be the one rereading this, and other related threads.
Since we're moving more towards specifics that haven't been well-trodden, I'll start with the standard disclaimer: IANAL. Nor am I, by any stretch, an expert on the inner workings of the FCC.
There are many smart phones, for instance, running the PalmOS or Windows CE that allow the user to load other applications without any hindrance at all. None of these appear to be in conflict with 47 CFR Part 2. So, this appears to me to fall under fear, uncertainty and doubt (FUD), rather than really being applicable. Whether specific control and access to the telephony components of the iPhone are via an OS X driver on the one hand, or via a PalmOS or Windows CE driver would appear to have no specific bearing. Likewise, it is not clear, by any means that the iPhone, or other smart phones fall under that rule.
I'm not trying to suggest that you're bringing up the possibility deliberately as fodder for FUD, just that it has some of the hallmarks: a general concern that sounds potentially problematic, whether it actually is or not, and not much in the way of detail other than that. I think it's legitimate to wonder whether or not 47 CFR Part 2 applies. But, I doubt that it really does. If it did, then I think there'd have been a significant brouhaha a long time since over one or another of the other smart phones that have already been out in the marketplace for a much longer time.
Note point two, from the Summary of the Memorandum and Order (my bold emphasis):
2. In the Cognitive Radio Report and Order, the Commission modified
the rules to require that radios in which the software is designed or
expected to be modified by a party other than the manufacturer be
certified as software defined radios. To minimize the filing burden on
manufacturers, this requirement was narrowly tailored to affect only
those radios where the software can be modified by a party other than
the manufacturer because such radios pose a higher risk of interference
to authorized radio services. The definition of software defined radio
(SDR) is intentionally broad, while the category of equipment that is
required to be certified as SDRs is intentionally narrow. The
Commission agrees with Cisco that a reading of the definition of SDR in
the rules by itself may give the incorrect impression that more devices
must be certified as SDRs than the rules intended to require. The
Commission finds that the appropriate solution to Cisco's concern is to
add an additional sentence following the definition of SDR to indicate
the class of radios that must be certified as SDRs. It therefore
clarifies the rules by adding the following statement to the definition
of SDR: ``In accordance with Sec. 2.944 of this part, only radios in
which the software is designed or expected to be modified by a party
other than the manufacturer and would affect the listed operating
parameters or circumstances under which the radio transmits must be
certified as software defined radios.'' This action clarifies the
intent of the rules adopted in the Cognitive Radio Report and Order.
Section 2.1 Terms and Definitions, subsection (c), defines 'software defined radio' as:
* * * * *
(c) * * *
Software defined radio. A radio that includes a transmitter in
which the operating parameters of frequency range, modulation type or
maximum output power (either radiated or conducted), or the
circumstances under which the transmitter operates in accordance with
Commission rules, can be altered by making a change in software without
making any changes to hardware components that affect the radio
frequency emissions. In accordance with Sec. 2.944 of this part, only
radios in which
If you cretins don't like the iPhone's contract terms, DON'T BUY ONE.
As has been pointed out, any contract term, EULA, et cetera that did specify the iPhone must not be hacked in order to allow it to be used with other carriers would not be valid nor enforcable, since it is the legal right of the owner of a phone to unlock it to use whatever carrier they choose. It is perfectly reasonable for folks to want to hack the iPhone, regardless of whatever your myopic view of it may be.
Completely aside from that, did you, with your uncreative little troll heart somehow wander onto Slashdot by accident? There are many thriving communities who spend their time hacking away on various pieces of technology to make them more interesting/useful/cool. And there is, unsurprisingly, a lot of overlap between those communities, and the folk here.
Sometimes half the fun of having a cool gizmo is to see what else you can do to make it even more cool and useful. Simply because you personally lack the interest, will, creativity, or skills to add your own improvements to your tools, doesn't mean the rest of us are in any way so lacking, nor are we restricted in our views, abilities, or actions merely because you happen to either have a bug up your butt.
We expect the article is correct, and that said vulnerability will indeed be ephemeral. In the meantime, yes, by all means, we consider it a useful exploit for this particular purpose, even while at the same time simultaneously recognizing that it is something that should be remedied from a more general browser security standpoint. That's the very reason, in fact, that we expect it to be fleeting. Some of us, apparently unlike trolls, are more than capable of simultaneously processing two different viewpoints about the exact same thing that may, superficially, seem to conflict.:)
Yes, they do. The Brits would know that one of their lords, Conrad Black, was caught on camera taking evidence against a court order. A lot of people will think twice about hidden cameras.
No. Just because you contradict the statement, doesn't make you right. That's the entire point of actually doing studies. To try to determine what's actually the case, not just blindly support what you want to believe. Whether you happen to like this particular study or not, it's only one of an ever growing number that support the same conclusion. Cameras do not have the effect you describe, but an entirely different one.
While having a clearly low opinion of people in general (I take it you're not a particularly nice person yourself, but are yourself intimidated by cameras?), you do seem to put a finger on the real problem with a surveillance society:
...it is strange that 10,000 cameras are said to make little difference. That's easily said, but was there much suspicious activity seen on video, or was the halo effect in effect?
"Much suspicious activity" translates to mean 'things that were legal, but that lead the watcher to wonder if a person might actually be doing something wrong'. Odds are, the person is not.
But, now, faceless authorities are 'suspicious' of that person. And today, technology being what it is, that individual may now be in a database of 'suspicious persons' somewhere, having really done nothing. Much like the secret 'no fly' lists, who target many innocent people (along with some not so nice ones), all in the name of claiming to do something, without really accomplishing anything at all. Once your on said list, even if completely by mistake, there's now no way off of it. Even when it's a known error. All because some bureaucrat has the ability to add someone, but no one seems to have the will or ability to remove someone from such lists.
As for your "halo effect", most folks likely don't think at all most of the time about the fact that they're being watched on camera. Most probably don't really even realize it, or think about it. If they really did they'd probably be disturbed by it. Thinking people are appropriately disturbed by the idea of 'Big Brother' constantly watching their every move.
Multitudes of cameras have this numbing effect. People might behave woodenly by habit when they're outside but take out the stress inside by commit[t]ing even more devious or out-of-control acts just to keep themselves from totally falling apart. The cameras would be accepted more easily if they were known to help catch very frightening criminals. But it all depends on the type of people being surveiled. Were they upstanding people before the cameras were in place?
Yes. Odds are that they are good, normal, upstanding people. I would not describe 'wooden behavior in public', nor the stress you describe from constant surveillance to be either desirable or healthy. Such a surveillance society does not make people safer. What it does do is create FUD -- Fear, Uncertainty, and Doubt.
The point is, for whatever reasons, your vaunted cameras do not catch 'very frightening criminals'. They do not prevent serious, bad things from happening. They only really target normal, law abiding people, and change their behavior.
Cameras do nothing to stop terrorists, for instance. They do not deter them. They do not prevent their acts. At best, they might help track them after such an act. But, that does nothing for the victims. And, if such 'very frightening people' are aware of the cameras, or even take into account that there might be cameras, they will take measures not to be recognized, in which case, the cameras also have no real deterrent effect. Even the
Read the GPL FAQ and it's discussion of linking. It's all about how you're linking.
For those folks who might not bother to follow a link:
Can I release a non-free program that's designed to load a GPL-covered plug-in?
It depends on how the program invokes its plug-ins. If the program uses fork and exec to invoke plug-ins, then the plug-ins are separate programs, so the license of the plug-in makes no requirements about the main program.
If the program dynamically links plug-ins, and they make function calls to each other and share data structures, we believe they form a single program, which must be treated as an extension of both the main program and the plug-ins. In order to use the GPL-covered plug-ins, the main program must be released under the GPL or a GPL-compatible free software license, and that the terms of the GPL must be followed when the main program is distributed for use with these plug-ins.
If the program dynamically links plug-ins, but the communication between them is limited to invoking the `main' function of the plug-in with some options and waiting for it to return, that is a borderline case.
So, sometimes you're right, and there's no requirement that the other code be GPL'd.
BUT, conversely, sometimes there's code co-mingling, and that does mean that the new code is required to also be GPL'd.
What it boils down to is what you're really doing, and how you're really doing it, which seems pretty reasonable, when it comes down to it.
Just saw your reply about distinguishing between your observation that that's the pointy-hair's views on it, and that you may be fully aware that's not consistent with actual copyright law.
Insofar as you're merely reporting their larcenous views on how they would like it to be, and how they themselves may act, I think we're in complete agreement.:D
While I would like to start with the polite and obligatory INAL, I think it's clear to me (even as a layman, albeit an educated one) that you're pretty much categorically wrong on all counts, except possibly that he should get a lawyer.
Regardless of of the opinion of your Time Warner overlords, the purpose of copyright is to protect and advance the public interest, encouraging creativity in the creation of more works, while finding a reasonable balance to protect the artist's rights (originally for a little more than a decade, but currently, now within their lifetime).
The personal opinions of a bunch of pointy-haired stuffed suits do not supersede copyright law.
In reference to your stated opine about works for hire:
See US Code, Title 17 (Copyrights), Chapter 1 (Subject Matter and Scope of Copyright), Section 101 (Definitions):
A "work made for hire" is--
a work prepared by an employee within the scope of his or her employment; or
a work specially ordered or commissioned for use as a contribution to a collective work, as a part of a motion picture or other audiovisual work, as a translation, as a supplementary work, as a compilation, as an instructional text, as a test, as answer material for a test, or as an atlas, if the parties expressly agree in a written instrument signed by them that the work shall be considered a work made for hire. For the purpose of the foregoing sentence, a "supplementary work" is a work prepared for publication as a secondary adjunct to a work by another author for the purpose of introducing, concluding, illustrating, explaining, revising, commenting upon, or assisting in the use of the other work, such as forewords, afterwords, pictorial illustrations, maps, charts, tables, editorial notes, musical arrangements, answer material for tests, bibliographies, appendixes, and indexes, and an "instructional text" is a literary, pictorial, or graphic work prepared for publication and with the purpose of use in systematic instructional activities.
In determining whether any work is eligible to be considered a work made for hire under paragraph (2), neither the amendment contained in section 1011(d) of the Intellectual Property and Communications Omnibus Reform Act of 1999, as enacted by section 1000(a)(9) of Public Law 106-113, nor the deletion of the words added by that amendment--
(A) shall be considered or otherwise given any legal significance, or
(B) shall be interpreted to indicate congressional approval or disapproval of, or acquiescence in, any judicial determination, by the courts or the Copyright Office. Paragraph (2) shall be interpreted as if both section 2(a)(1) of the Work Made For Hire and Copyright Corrections Act of 2000 and section 1011(d) of the Intellectual Property and Communications Omnibus Reform Act of 1999, as enacted by section 1000(a)(9) of Public Law 106-113, were never enacted, and without regard to any inaction or awareness by the Congress at any time of any judicial determinations.
In short, a work is not a 'work for hire', and the artist retains copyright of that work, specifically unless an artist is (1) an employee creating a work specifically as part of their employment, (2) creating a work specifically upon commission as part of a collective work (various examples given above), or (3) specifically signs a written instrument (contract) agreeing that their creation is a 'work for hire.
Simply because many artists may choose to do so does not in any way reduce the rights of artists who do not.
There is no legal provision under Title 17 that gives Viacom (or anyone else, for that matter) any rights whatsoever to 'step in and claim copyright' of someone else's work, regardless of whether or not the owner of that work may or may not be 'monetizing' that work. Copyright is retained by the copyright holder. Period. Even insofar as it may be 'fair use' to use a work in the
While mostly true, that's not entirely accurate. A few of the original pre-acquisition Netscape developers are still at AOL, though now in different capacities.
Since AOL purchased Netscape, development support has gone though various internal dev teams, and Netscape had has it's own dedicated development team again for over a year and a half.
The Netscape 8 Browser was indeed outsourced to Mercurial. Netscape 9 however, coming full circle as has already been noted, was developed internally based upon the firefox codebase.
And in the case of Gandhi, or Martin Luther King, I'm glad we have tech like this. If they had lived another day, I really don't care who's inconvenienced by their fucking cell phone not working. Not to belabour your point about Ghandi or King, who were indeed both great men, but this technology would not have saved either of them. (They were both killed by gunmen.)
As another savvy commenter has already pointed out, there are instances where this sort of jamming could set off roadside bombs, rather than prevent them from being set off (which would only change who was harmed, rather than prevent harm.) And, just as in any arms race, there are now instances where garage door openers are being used as trigger devices, which this type of jamming would have no effect upon.
This is not about whether Muffy gets her 3 pm phone call from her boyfriend Biff. This is about announcing a tactic specifically intended to promote Fear, Uncertainty, and Doubt. It's not about protecting the man. If they were really interested in protecting him, they wouldn't announce they were going to be jamming cell signals, they'd just do it, rather than give advance warning that a different trigger method might have more efficacy, and then, if you heard anything about it at all, it would be some story on the news about a temporary glitch in the phone networks or maybe even a cell tower virus that was identified and stopped.
It's straight out of Orwell, with 1984 being used as a 'how to' guide to heard the general population into doing what they're told, instead of stopping to think about how rapidly their rights are being stripped away.
Last time I checked, Australia wasn't exactly a boiling cauldron of amorphous, violent, insurgent activity attempting to repel a foreign invasion. Nor was it characterized as a hotbed of Al'Quaida activity, with enemies at every turn.
Again, this isn't about the technology. This is entirely about perception management.
Another believer in the 'lowest common denominator' theory of life, where the worst solution somehow is magically supposed to become the best solution, and where failing to address the underlying problem is somehow supposed to be better than finding a real solution.
This would just be expensive, and wouldn't solve anything. The disruptive people would just find a new and different way to be loud, thoughtless, obnoxious, and annoying. Meanwhile you actually present new problems.
If you want a "welcome to America" moment, how long do you figure it would be before some theater that installed this system would be sued because someone had a heart attack, and the people they were with couldn't call 911 because their phone was being jammed? Not even in the theater necessarily, but just walking past? They might have a reasonable case, too.
Being oncall 24x7 isn't a matter of hubris. It's often a dictate of a specific job.
And, yes, sometimes, those people are very hard to replace. Do you think there's a neuro-surgeon, or a member of a rapid response hostage rescue team on every corner, perhaps? Being on-call doesn't mean not having a life. It means finding a balance between life and specific job responsibilities.
The point is that the suggestion to jam phones is trying to solve the wrong problem. Cell phones and pagers are NOT the problem -- rude, thoughtless PEOPLE are the problem.
By trying to solve the wrong problem, you only make it harder for reasonable people to actually try to maintain that balance. The rude, thoughtless people, however, are still going to be disruptive, even if they don't have a working cell phone.
I hear this suggested periodically, and it's, simply put, a very poor idea, that's not been thought through at all.
There are a lot of us who DO really have to have cellphones and pagers active 24x7, who are also smart and polite enough to put them on vibrate only, and to leave the theater if we need to respond. And, no, I'm not just talking geeks. That includes members of the medical and law enforcement professions, as well, where receiving an unexpected page or call really may be critical, and yes (not trying to be melodramatic), might just save someone's life.
Stop thinking technology is the answer to what is a SOCIAL problem. Grow a spine, and hold people responsible for their actions and their effect upon others around them, rather than trying to hide behind a bad technological band aid.
The answer is NOT to restrict the use of technology for those who use it properly, but to throw the asshats who are disruptive out of the theater, regardless of whether or not they happen to have a phone, or a pager.
(God forbid that anyone should actually have any personal responsibility, or actually have to confront someone obnoxious.)
</rant>
We now return you to your regularly scheduled pithy remarks about the idiocy of using this technology to attempt to protect a man so (deservedly) loathed that they think something like this might actually be necessary. I, of course, refer to the continuing dissemination of FUD, not the jamming, per se.
If you're trying (unsuccessfully) to be sarcastic, perhaps you should start using <sarcasm> tags.
If you're not, how naive can you possibly be?
'Good ISPs' versus 'Bad ISPs'? Do you also think there are 'Good Telephone Companies' and 'Bad Telephone Companies', some of whom sell telephone service to criminals, and some of whom who don't, and that if you applied the same logic to regulating those telephone companies that the 'legitimate' telephone users will change companies to 'Good' providers if you prosecute the telephone companies directly if someone plans or commits a crime while using one of their phones? Do you think the same thing should be done for whatever company built the phone?
Do you think there are also 'Good Car Rental Companies and 'Bad Car Rental Companies', or 'Good Supermarkets', and 'Bad Supermarkets', and that the people who run them should be held responsible for what all of their customers do, too?
Even if attempting to mandate censorship and then make the service providers responsible for content posted by customers was a good idea -- it's not, it's instead a monumentally bad one -- do you even have a remote concept how impossible it would be to actually monitor and audit the content of every web page posted by every user of the internet? Obviously not, or you wouldn't be so monumentally confused as to think there's any merit whatseover to what's been proposed.
The only result of this madness would be that you'd put everyone out of business, and effectively destroy an entire medium of communication. The only providers that would be likely to remain in business for a while would be those who would censor anything even remotely controversial, claiming they had to in order to protect themselves, out of fear of being closed down completely.
You want an example of how this would work out? How about something like this already in action, based upon the private policies of a single uber-company? How about something that should be simple, like getting pictures printed at WallyWorld*?
I know professional photographers who've had their negatives returned unprinted (they just wanted some quick samples), having been told that printing them would "violate copyright", because "obviously they were too good, so they had to be copyrighted". Never mind that in this instance they actually would have been copyrighted, but that the copyright owner was who had asked for the prints. I also know people who've had their photos destroyed, and been threatened with "being reported to the police as pedophiles" because they happened to take pictures of their own children playing in the tub. We're talking 'cute one-year-old in a bubble bath playing with their rubber duck' type pictures.
That is the sort of witch hunt that legislation like this would encourage. That is what you're calling a 'good idea'...
Any nonsense like this is simply a proposal to return to the dark ages. State-mandated censorship is ALWAYS a bad thing. Period.
If you're concerned about hate-mongering, violence, or pedophilia, don't confuse the perpetrators and the media they may choose with the media themselves. There are already plenty of laws that address the real concerns directly.
There are no good reasons to single out one particular medium (in this instance, the internet) to have it's own special laws and restrictions, and a lot of very good reasons to oppose any such regulation. It's at best unnecessary, and at worst, actually creates a blunt instrument that's easy to corrupt and abuse to promote fascism and excessive governmental control over free expression. Even worse than that, really, it would cause an artificial 'chilling' effect on free expression by mandating that low paid, over-worked people in the private sector, having no accountability or oversight, and no training in real issues of free speech would be put in charge of censoring other people's ideas.
To me, that sounds like worst idea I've heard of in a very long time...
Slashdot Mirror
Either way, you're simply wrong. (You seem to like bold.) If you want to stick to facts, let's review a few.
The Illegal Warrantless Surveillance program, or "The Surveillance Program", TSP, as you so quaintly call it, was in full swing for several years before the "Protect America Act" (your own reference) was even introduced (in early August 2007). Said "Act" was a long belated attempt to retroactively clothe the illegal program the President attempted to pretend he had the authority to authorize, and he was called out on it. He does not have any such authority, and never has. The Foreign Intelligence Surveillance Act (FISA) is VERY explicit about what authority the president has, even in a time of war, and "TSP", is way over the line.
As much as you seem to want to believe, simply renaming a program doesn't make it go away.
Renaming things is a favorite tactic of this administration to keep doing the same things they're told again and again they aren't allowed to do. The long, sordid history of Total Information Awareness is a good example of what I mean, and given the Administration's track record on this, I wouldn't be at all surprised if it was directly related to "TSP", just one more head of the hydra they've created.
Two Words:
Screw. That.
Extended Executive Summary
The CORRECT response to all of this is to first review and relearn the function of copyright, then recognize that the ORIGINAL terms are most effective at balancing the interest of the creator with those of the public. The function of copyright is to benefit the public good, by providing REASONABLE protection for compensation for creators, while encouraging them to continue to create, rather than retain copyright forever.
The REAL solution is exactly the reverse of what's been proposed. The term for copyright should be REDUCED back to 14 years or so, after which the work reverts to the PUBLIC DOMAIN, and it should prohibited that it be extended.
This serves to provide a reasonable period to collect appropriate fees and royalties, after which the interest of the public should supersede that of the creator. And, the beneficiary of this should be the REAL creator, not some amorphous RICO entity of an *IAA, or some monster publishing house. For collaborative endeavors (movies are one example), it would be reasonable that there be a trust composed of the creative agents, so there is still a mechanism to compensate organizations and corporate entities engaged in such activities. Their interest should be of no greater duration than the human creators of record. (If anything, their rights should be more limited, since a corporate entity has no natural lifespan to limit the tenure of their control, and this harms the public interest as a result. This is exactly the reason, by the way, such entities keep pushing to extend the span of copyright, to the public's continuing detriment.) Time-limited trusts, by comparison, may be created with such a built in lifespan, after which they expire.
Summation
Screw Disney. Screw the *IAA. Screw the Studios. Screw the estates of dead artists. Mickey should have entered the public domain years ago, along with the vast majority of the music, television and movie catalogs currently out there.
To all of You. Get over it. Stop trying to steal from the public coffers, and the collective public legacy. Go create something new. For new things, you should be rewarded, at reasonable rates. But only for an appropriately transitory period.
The real danger is the underlying assumption that's posed here.
This entire bit of nonsense is predicated upon the concept that ANY unsurveilled activity promotes terrorism.
Which in turn strongly suggests that the current functional premise of the NSA is that ALL activities should be surveilled at all times. That is a hugely flawed, and enormously dangerous premise. This is the premise at the very core of all of Orwell's fears and predictions. This is a premise that must be prevented from coming to fruition.
A surveillance society is anathema to a free society. It is a society in which everyone becomes, by definition, a criminal who simply has yet to be caught, and will be treated accordingly.
Stripped of all privacy, the next step is to strip the populace of any means to protect themselves, under the premise that 'only criminals would ever have <insert means of defense>'. Rapidly, a government intended to serve it's people is instead becoming one which instead attempts to further control them 'for their own good'.
THAT is the real threat. NOT imaginary terrorists.
Unlike when talking about Microsoft's sales numbers for Vista, I think it's pretty unlikely that anyone is cooking the books here.
There is no real discrepancy. That number can be easily accounted for in terms of unlocked iPhones, for folks who don't want, or can't use AT&T. Twenty percent seems to be a perfectly reasonable number for that.
I think if you review numbers for sales of other phones (note the significant decrease in sales of other leading phones, such as the Razr) those will also support the high sales figures reported for the iPhone.
Apple announcing the SDK prior to activating my iPhone after Christmas is the only reason I bothered to sign up with AT&T (though I still have some reservations about it). My reasoning was that if I became too unhappy, I'd kick AT&T to the curb, eat the early contract cancellation, and go to another carrier. (And, in the meantime, I still get the enhanced voice-mail my voice-mail message count, and I can still hack away at it, even with AT&T as my carrier.)
I also know a lot of savvy folks who have taken the opportunity to negotiate discounts on their existing phones and services because the other wireless carriers are scared to death of the iPhone, and of folks leaving them to switch to it. Even if only four out of five of those folks are leaving for AT&T/Cingular, they still have plenty to worry about.
You might try reading the actual content of the ruling, not just the article.
http://www.spamsuite.com/node/351
If you had, you would probably at least know that the Judge was a 'she' not a 'he'. If you did actually read the article, this might be a good indicator of how much you actually paid attention to what you were reading...
Several of the 'conclusions of law', as stipulated, are indeed seriously problematic. She did not specify her rulings upon the basis of an injunction. She specified them based upon the actions themselves. THAT is why technically savvy individuals consider her ruling to be badly flawed.
Her conclusions on Zone Transfer Queries, for starters, are seriously flawed. There are plenty of legitimate reasons to make DNS Zone queries when you are not an employee or someone else acting with the explicit permission of the entity who put the server in place. Many ISPs cache entire zones to cut down on excess DNS traffic for requests from their customers, for example.
For another, while it is difficult to say with certainty not knowing the exact details of the testimony of the defense's expert witness, a reading of her response by someone knowledgeable with DNS configuration suggests reasonably that he may have attempted to explain that there are specific methods that would be used to prevent zone transfers to unauthorized servers, that there were other methods that would be used to configure the server to provide zone information in response to external requests, and that by configuring their DNS server in such a way as to give the Zone information, the plaintiffs were authorizing the transfer of information and making the information publicly available. If their DNS server was configured to respond to external Zone Transfer requests, this information would in effect be public, as anyone at all, not just the defendant, who issued a perfectly normal host command would have received that information. If this was not their intent, the issue would be one of incompetence on the part of their technical staff, not one of 'hacking' on the part of the defendant.
Her suggestion that using a command switch for 'host' that is clearly documented to query information that was publicly available constitutes 'unauthorized use of a computer system' is unfounded, overly broad, and, to any technically knowledgeable individual, deplorable. She does not state that she reached her conclusion because of any injunction against the defendant. She states her finding is based upon the facility of the program itself, and her miraculous idea that somehow use of this normal function is somehow mystically, only intended for a specific subset of target users she has imagined. One that is, again, seriously flawed.
'Knowledge available to the average user' should NEVER be used as a yard stick for what constitutes the acceptable bounds of computer use. The 'average user' is ignorant of the actual function and capabilities of their systems to a point that is common to describe them, quite accurately, as largely 'computer illiterate'.
If no one knew more about any particular thing than an 'average' individual does, at any given point in time, we'd still be hunting and gathering. To suggest that this baseline should have anything to do with determination of what constitutes a potential criminal act, if applied to any other circumstance, would immediately render anyone of actual knowledge, rather than vague theories about a subject a criminal.
What do you know, for example, about repairing the engine of your car. Say you know quite a bit about it. Should you be considered a criminal if you make repairs on it, based upon knowledge you have, if you aren't a certified mechanic? How about if you repair your mother's car with that knowledge. Does that make you a criminal? By this Judge's logic, it would.
If you don't like that analogy, try this one. Let's say that the 'average person' knows that telephone bo
I believe you're rather missing the point that folks are trying to make.
This would be nothing more than a moderately interesting footnote if we were talking about specialty positions where real-time health monitoring in situ might make sense, based upon unusual job circumstances.
Unfortunately, that's not what's being discussed.
The article places this in the context of mainstream -- as in everyday -- jobs.
Think "generic hapless office worker spied on by Information Retrieval in Brazil ", not "most inconveniently expired engineer from Runaway Train"...
In terms of everyday jobs, I seriously think it unlikely that anything good would come of this, while I can easily see much that is bad being fairly likely.
I've never understood why anyone would choose MAC filtering or a hidden SSID instead of (or as well as) WPA encryption. ... Why use hidden SSID/MAC filtering at all?
In this discussion we're certainly not talking about anything in the realm of 'instead of'. I was addressing the questions that had been brought up about all of the different techniques that are commonly available on most routers, why they were implemented, and why they have more than zero value. I'm certainly not suggesting that any of those methods is individually a replacement for some combination of all of them.
Hidden SSID/MAC Filtering/halfway decent encryption all address different aspects of a broader picture. Keep in mind that there's a wide variety of folks out there, from completely clueless at one end of the spectrum, to extremely knowledgeable at the other, and that, pretty much, it's a continuum. It's not a symmetrical bell curve, as the clueless pretty heavily outnumber those at the knowledgeable end of the spectrum.
1) Hidden SSID is your bush/fig leaf. Casual passerby won't notice you to begin with. No, it doesn't address anything more significant than that. But, it does help. A little. It may keep the number of requests down a bit from folks who poke your router just on the off chance that if they can see it that they can get onto it. And save a bit in the way of cpu cycles on the router. (No, not lots, but every bit helps, even if a little.) It's a level one dweeb filter. It may not be much, but it's not quite totally useless. In terms of pure numbers, this honestly probably stops the majority of folks out there. (Most folks really are on the shallow end of the knowledge pool for wireless.) Would any of the folks who it removes from the equation likely be any threat? Doubtfully. But, there we are, nonetheless.
2) MAC Address filtering adds another layer to the security onion. (You shouldn't just expect one answer to be the fix for all issues.) MAC Filtering is more of a level 2 dweeb filter, which is effective against another (somewhat more knowledgeable) subset of folks wanting to hitch a ride on your router. No. It doesn't stop everyone, either. But, again, it does still stop some folks. There are tools that will show hidden networks that still don't really have teeth to do much more than that. This helps against the folks who've figured out that much, but not much more. Probably, it still stops more people than not.
Even if someone does have the tools to sniff traffic long enough to grab a MAC Address to spoof, they can't do it if your equipment isn't transmitting when you aren't home (say, you're using wireless for your laptop only, which you take with you, not any workstations you may have at home). When you're not home, there aren't any packets wandering around with a permitted wireless MAC, so there's nothing to sniff to identify and spoof. So, rather than being 'something that simply doesn't help', in order to beat it, folks may have to be at the right place, at the right time, with the right tools, to be able to circumvent it. Not perfect, but not nearly so useless as some folks suggest. (Of course, some folks use wireless for devices that never leave the house, and that are always on, so in that circumstance, you've always got packets to sniff, so like with all things, each network is different, and your mileage will vary.)
3) Data encryption is another (important) layer. But, don't think this is a simple, one stop solution, either. WEP (which you didn't bother to bring up, but I will), while easily compromised with the right tools will still stop folks without the right toolset. Sort of like a simple hook latch or door chain can. Yes. Other folks will stroll right through it. It's still a matter of numbers, and each additional measure will stop another portion of the remaining folks out there.
Once you start being serious about trying to keep things really secure, as you brought up, you are talking about WPA and W
Security through obscurity, eh?
:)
A perfectly appropriate observation, yes. In this case, that's pretty much the case put forward for hiding the SSID. With all attendendant caveats aganst its effectiveness against anyone serious.
And, I agree the lock analogy is a bad one. That's why I suggested it's really more of a shrubbery. Or, if you prefer, perhaps a fig leaf.
Just like other uses of security through obscurity, it's not particularly effective when we're talking about anyone other than the casual pedestrian. In the case of the largely clueless passerby, though, it is, marginally at least, better than nothing at all...
WPA2, with rotating encryption, is much closer to the lock analogy, yes. And just like most physical locks, it mostly slows people down long enough for the nuisance factor to kick in. If it's easier to go next door, then most people will. It's really more about human nature than effective access prevention. If true security is important, then wireless probably doesn't really fit the bill.
There are a couple of principles you seem to be missing, starting with the idea of relative security. It is possible to make a wireless network 'more secure' than it is, as configured by default out of the box. It does help, in the same way that improving the security on the average home helps. Will it stop someone determined to get in? Very probably not. Can you make it easier for someone to go to the house next door, that has not implemented any of the steps to secure themselves? Yes. As a rule, people are usually lazier than they are determined to get into one specific network. If folks are serious about wanting a secure network, there are all sorts of things they can do. Most of them involve not having a wireless connection, or spending a *lot* more time, money, and effort on it than folks do on the average home network. Having noted that, let's look at your list.
Hidden SSID: One commonly expressed theory behind hiding a SSID is similar to why you lock your car. If your car is locked, it's a less attractive target than one which isn't. Hiding your SSID does make a network a less obvious target than one which is visible. It doesn't impede any serious search for networks by someone knowledgeable, but it will remain hidden to casual view. Is this vaguely inconvenient? Possibly, but then, really, so are locks. Really, I've never been so fond of that analogy.
If you like, I think a better analogy might actually be that hiding your SSID is like planting a bush in your front yard that obscures a direct view of your front door. It doesn't really make your door any more secure, in and of itself, but it might make it less obvious that there's a door there to begin with. Someone simply walking by might not notice it, but someone sitting in their car, watching folks come and go is sure to notice it. It just makes it more likely that a casual passerby might try one of the obvious doors nearby to see if they can get in, rather than trying yours.
MAC Filtering: Similarly, MAC filtering is better than not MAC filtering. The observer can't get on the network unless they spend enough time analyzing active traffic to sift for MAC info. Yes, with the right tools 'enough time' is relative, and not all that long. But, if you're not around using your wireless network when they're doing the analysis, it's difficult to obtain that info, since your MAC isn't being broadcast to begin with. Is it perfect security? Not by any means, but, again, it's a lot easier to get onto a network that's not using it than one which is. Not everyone is running Kismet with a wireless network card configured in promiscuous mode, and even with the number of folks who are, most are more likely to roll a half block down to the completely open network that's almost invariably there than spend time trying to get onto the more secure network, simply for the challenge of it.
Change the default password: If you seriously don't understand this, then you are completely clueless, regardless what tools you're using. Just because you can guess a few passwords using the short list that unimaginative folks commonly use doesn't mean that you can guess any password. (Of course, script kiddies commonly don't have any idea why what they use works, but that doesn't mean it doesn't.) If you were thinking at all about what you were writing, you'd see you make the point yourself as to exactly why it's important. You commonly 'just look up manufacturers default passwords'. If they set a proper password, it makes things more difficult, and you have to try to guess it. With a good password, you're not going to simply guess it.
Crashing the Router: As for your alternative, no decent router should ever come back up with the factory presets after a simple crash. It should always come up with the custom settings, or, failing that, remain hung until manually reset by hand. Even if they do come up with the factory defaults, for modern routers at least, that should be with the external management interface disabled.
Not
For the longest time, Firefox had a bug where it put its cache in the "Application Data" directory instead of the "Local Settings" directory. For those who are unfamiliar with Windows, what this means it that Firefox was saying that the web cache was important data that should be migrated to follow the user, instead of disposable data that could be flushed with no penalty. As a result, for an extremely long time, Firefox was utterly, 100% useless for companies/organizations that use roaming profiles. It took ages for this bug to be fixed; IIRC it was reported around version 0.6 and finally fixed in version 2.0, but I can't find it on Bugzilla anymore so I can't be certain.
For those of you unfamiliar with programming, a 'bug' is an actual coding error. This was NOT a bug. This was a conscious choice made for where to place files. Simply because you think there was a better choice of location does not make it a bug. And, it had an easy solution. TURN OFF BROWSER CACHING. Alternatively, setting Firefox to delete the cache upon close in the Security preferences would decrease the problem significantly, if not eliminate it.
For those actually familiar with managing and administering roaming profiles, you'll also be aware that you have some degree of control over what is, or is not, permitted to sync when roaming. IDNR precisely, but i believe "Application Data" is one of the items that can be set not to propagate with the roaming profile, just like the users desktop image, and desktop folder, for example, which propagate by default, but are quite commonly excluded from roaming because some users insist on monstrously large desktop images, and keeping tons of files (and even applications) on their desktop, which commonly causes all sorts of bottlenecks when roaming until disabled.
There are up sides and down sides.
Get to use all your skills? Full stop. Let's review.
This is the government, with everything that comes with it. Those of you with government experience know what this means. Bureaucracy. Red Tape. Paperwork. For those of you who haven't had the experience, think of the most amazingly, monumentally, mind-bogglingly inane busywork paperwork you've ever had to deal with, and then multiply that by the biggest number you can imagine. Keep imagining.
How well does bureaucracy adapt to change and embrace new technology, and all of it's associated skills? Here's a hint. The Bureau is still using Hoover's secretary's original filing system. Yes, it's still manual. Still paper. No changes. The same system. CSI is entertaining fiction.
Other than small numbers of your fellow squad-mates who are also on cyber detail, your fellow agents are likely neo-luddites, mildly intimidated by word-processing. They're very, very bright people, with a lot of skills. Those skills, however, largely don't involve computers. And for the most part, they don't have to. Most areas of the office are air gapped, anyway. (Really, for the most part, they probably don't trust computers -- which, if you think about it, suggests they are pretty bright after all -- but they're probably not entirely sure they trust someone who spends too much time with them either. Put in enough time on the range, working out, knocking on doors, pounding pavement, and using your head to show you have a clue and you won't get them killed, and then you'll be okay. But not before.)
As for your primary prey, it will not be spammers. It will not be botnet operators. It will not be industrial spies. You will not for the most part, young padawan, be matching your jedi skills against the very best the dark side has to offer.
You will be chasing kiddie porn peddlars, and child molesters. You will be pretending to be 12-year-old girls in chat rooms. When you're doing well, you will be knocking on doors at 5 am, having to spend countless hours reviewing video tape collections to see what has been taped somewhere in the middle of those 400 episodes of 'the golden girls', or all of those Richard Simmons videos. When you find it, you will have to catalog it. (You will learn to be grateful for the fast-forward button on your remote. And you will see things you wish you could unsee.)
If you're a badge-carrying Special Agent, yes, you're armed. "How cool, is that!", you say. You're armed whenever you're on duty, wherever you go. It's a Federal License. Those pesky little state limitations on firearms don't apply.
Add one little detail. You're on call 24x7x365. Which means you have to be able to report for duty at any time, with no advance warning. Which means you're armed -- all the time. No breaks. No holidays. No days off without a sidearm. (Ponder this: where do you put your piece if you want to go to the beach?)
Pay? For a rough rule of thumb calculation, take your current salary in your technical field. Divide by 2 to 2.5. The greater your technical skills the larger the number you'll divide by. You don't get paid based upon your skill set. You get paid based upon your grade. Which is dependent upon time in chair, once you're actually in. Unless you're former law enforcement, former military, or worked for a different governmental agency, in which case you'll start at a higher grade than someone without that background. (Though not necessarily at your previous grade, either.)
Hours? Standard base is a 50 hour week. Unless you're needed for anything else, in which case it may be more. For a lot of tech folks, 50 hours is no big deal, you think. But, here's the kicker. Your morning will usually start at 5 am, in order to get to the office by 7 am. Unless you're knocking on someone's door, in which case you're probably up by 3 am. Or you're on stake out, in which case you're working whatever you're working. (If you're early, you're o
Certainly, I do. I've also been keeping an eye on the last several similar discussions.
Clearly, though, you do have some confusion about it...
Apple's contract with AT&T as an exclusive carrier is not binding upon purchasers of the iPhone. They have the legal right to hack the iPhone to use alternative carries if they choose. That IS one of the reasons folks have been hacking the iPhone. So it is relevant. And, yes, that has been brought up.
I also addressed the apparently ambivalent response from folks on Slashdot about the current method being a browser exploit that's likely to be patched soon, and why within this story it has generally been viewed positively, rather than negatively.
If you're having problems keeping up, then perhaps you should be the one rereading this, and other related threads.
Since we're moving more towards specifics that haven't been well-trodden, I'll start with the standard disclaimer: IANAL. Nor am I, by any stretch, an expert on the inner workings of the FCC.
Having said that, however, I have read through the final rules of 47 CFR Part 2, Cognitive Radio Technologies and Software Defined Radios, and I see nothing that would lead me to believe that an iPhone is any more subject to it than would be any other smart phone.
There are many smart phones, for instance, running the PalmOS or Windows CE that allow the user to load other applications without any hindrance at all. None of these appear to be in conflict with 47 CFR Part 2. So, this appears to me to fall under fear, uncertainty and doubt (FUD), rather than really being applicable. Whether specific control and access to the telephony components of the iPhone are via an OS X driver on the one hand, or via a PalmOS or Windows CE driver would appear to have no specific bearing. Likewise, it is not clear, by any means that the iPhone, or other smart phones fall under that rule.
I'm not trying to suggest that you're bringing up the possibility deliberately as fodder for FUD, just that it has some of the hallmarks: a general concern that sounds potentially problematic, whether it actually is or not, and not much in the way of detail other than that. I think it's legitimate to wonder whether or not 47 CFR Part 2 applies. But, I doubt that it really does. If it did, then I think there'd have been a significant brouhaha a long time since over one or another of the other smart phones that have already been out in the marketplace for a much longer time.
Note point two, from the Summary of the Memorandum and Order (my bold emphasis):
2. In the Cognitive Radio Report and Order, the Commission modified the rules to require that radios in which the software is designed or expected to be modified by a party other than the manufacturer be certified as software defined radios. To minimize the filing burden on manufacturers, this requirement was narrowly tailored to affect only those radios where the software can be modified by a party other than the manufacturer because such radios pose a higher risk of interference to authorized radio services. The definition of software defined radio (SDR) is intentionally broad, while the category of equipment that is required to be certified as SDRs is intentionally narrow. The Commission agrees with Cisco that a reading of the definition of SDR in the rules by itself may give the incorrect impression that more devices must be certified as SDRs than the rules intended to require. The Commission finds that the appropriate solution to Cisco's concern is to add an additional sentence following the definition of SDR to indicate the class of radios that must be certified as SDRs. It therefore clarifies the rules by adding the following statement to the definition of SDR: ``In accordance with Sec. 2.944 of this part, only radios in which the software is designed or expected to be modified by a party other than the manufacturer and would affect the listed operating parameters or circumstances under which the radio transmits must be certified as software defined radios.'' This action clarifies the intent of the rules adopted in the Cognitive Radio Report and Order.
Section 2.1 Terms and Definitions, subsection (c), defines 'software defined radio' as:
* * * * * (c) * * * Software defined radio. A radio that includes a transmitter in which the operating parameters of frequency range, modulation type or maximum output power (either radiated or conducted), or the circumstances under which the transmitter operates in accordance with Commission rules, can be altered by making a change in software without making any changes to hardware components that affect the radio frequency emissions. In accordance with Sec. 2.944 of this part, only radios in which
As has been pointed out, any contract term, EULA, et cetera that did specify the iPhone must not be hacked in order to allow it to be used with other carriers would not be valid nor enforcable, since it is the legal right of the owner of a phone to unlock it to use whatever carrier they choose. It is perfectly reasonable for folks to want to hack the iPhone, regardless of whatever your myopic view of it may be.
Completely aside from that, did you, with your uncreative little troll heart somehow wander onto Slashdot by accident? There are many thriving communities who spend their time hacking away on various pieces of technology to make them more interesting/useful/cool. And there is, unsurprisingly, a lot of overlap between those communities, and the folk here.
Sometimes half the fun of having a cool gizmo is to see what else you can do to make it even more cool and useful. Simply because you personally lack the interest, will, creativity, or skills to add your own improvements to your tools, doesn't mean the rest of us are in any way so lacking, nor are we restricted in our views, abilities, or actions merely because you happen to either have a bug up your butt.
We expect the article is correct, and that said vulnerability will indeed be ephemeral. In the meantime, yes, by all means, we consider it a useful exploit for this particular purpose, even while at the same time simultaneously recognizing that it is something that should be remedied from a more general browser security standpoint. That's the very reason, in fact, that we expect it to be fleeting. Some of us, apparently unlike trolls, are more than capable of simultaneously processing two different viewpoints about the exact same thing that may, superficially, seem to conflict. :)
No. Just because you contradict the statement, doesn't make you right. That's the entire point of actually doing studies. To try to determine what's actually the case, not just blindly support what you want to believe. Whether you happen to like this particular study or not, it's only one of an ever growing number that support the same conclusion. Cameras do not have the effect you describe, but an entirely different one.
While having a clearly low opinion of people in general (I take it you're not a particularly nice person yourself, but are yourself intimidated by cameras?), you do seem to put a finger on the real problem with a surveillance society:
"Much suspicious activity" translates to mean 'things that were legal, but that lead the watcher to wonder if a person might actually be doing something wrong'. Odds are, the person is not.
But, now, faceless authorities are 'suspicious' of that person. And today, technology being what it is, that individual may now be in a database of 'suspicious persons' somewhere, having really done nothing. Much like the secret 'no fly' lists, who target many innocent people (along with some not so nice ones), all in the name of claiming to do something, without really accomplishing anything at all. Once your on said list, even if completely by mistake, there's now no way off of it. Even when it's a known error. All because some bureaucrat has the ability to add someone, but no one seems to have the will or ability to remove someone from such lists.
As for your "halo effect", most folks likely don't think at all most of the time about the fact that they're being watched on camera. Most probably don't really even realize it, or think about it. If they really did they'd probably be disturbed by it. Thinking people are appropriately disturbed by the idea of 'Big Brother' constantly watching their every move.
Yes. Odds are that they are good, normal, upstanding people. I would not describe 'wooden behavior in public', nor the stress you describe from constant surveillance to be either desirable or healthy. Such a surveillance society does not make people safer. What it does do is create FUD -- Fear, Uncertainty, and Doubt.
The point is, for whatever reasons, your vaunted cameras do not catch 'very frightening criminals'. They do not prevent serious, bad things from happening. They only really target normal, law abiding people, and change their behavior.
Cameras do nothing to stop terrorists, for instance. They do not deter them. They do not prevent their acts. At best, they might help track them after such an act. But, that does nothing for the victims. And, if such 'very frightening people' are aware of the cameras, or even take into account that there might be cameras, they will take measures not to be recognized, in which case, the cameras also have no real deterrent effect. Even the
Read for yourself... :)
Read the GPL FAQ and it's discussion of linking. It's all about how you're linking.
For those folks who might not bother to follow a link:
Can I release a non-free program that's designed to load a GPL-covered plug-in?
It depends on how the program invokes its plug-ins. If the program uses fork and exec to invoke plug-ins, then the plug-ins are separate programs, so the license of the plug-in makes no requirements about the main program.
If the program dynamically links plug-ins, and they make function calls to each other and share data structures, we believe they form a single program, which must be treated as an extension of both the main program and the plug-ins. In order to use the GPL-covered plug-ins, the main program must be released under the GPL or a GPL-compatible free software license, and that the terms of the GPL must be followed when the main program is distributed for use with these plug-ins.
If the program dynamically links plug-ins, but the communication between them is limited to invoking the `main' function of the plug-in with some options and waiting for it to return, that is a borderline case.
So, sometimes you're right, and there's no requirement that the other code be GPL'd.
BUT, conversely, sometimes there's code co-mingling, and that does mean that the new code is required to also be GPL'd.
What it boils down to is what you're really doing, and how you're really doing it, which seems pretty reasonable, when it comes down to it.
Just saw your reply about distinguishing between your observation that that's the pointy-hair's views on it, and that you may be fully aware that's not consistent with actual copyright law.
Insofar as you're merely reporting their larcenous views on how they would like it to be, and how they themselves may act, I think we're in complete agreement. :D
I do work for similar overlords myself... :/
Cheers,
_.- thimk! -._
While I would like to start with the polite and obligatory INAL, I think it's clear to me (even as a layman, albeit an educated one) that you're pretty much categorically wrong on all counts, except possibly that he should get a lawyer.
Regardless of of the opinion of your Time Warner overlords, the purpose of copyright is to protect and advance the public interest, encouraging creativity in the creation of more works, while finding a reasonable balance to protect the artist's rights (originally for a little more than a decade, but currently, now within their lifetime).
The personal opinions of a bunch of pointy-haired stuffed suits do not supersede copyright law.
In reference to your stated opine about works for hire:
See US Code, Title 17 (Copyrights), Chapter 1 (Subject Matter and Scope of Copyright), Section 101 (Definitions) :
A "work made for hire" is--
In short, a work is not a 'work for hire', and the artist retains copyright of that work, specifically unless an artist is (1) an employee creating a work specifically as part of their employment, (2) creating a work specifically upon commission as part of a collective work (various examples given above), or (3) specifically signs a written instrument (contract) agreeing that their creation is a 'work for hire.
Simply because many artists may choose to do so does not in any way reduce the rights of artists who do not.
There is no legal provision under Title 17 that gives Viacom (or anyone else, for that matter) any rights whatsoever to 'step in and claim copyright' of someone else's work, regardless of whether or not the owner of that work may or may not be 'monetizing' that work. Copyright is retained by the copyright holder. Period. Even insofar as it may be 'fair use' to use a work in the
While mostly true, that's not entirely accurate. A few of the original pre-acquisition Netscape developers are still at AOL, though now in different capacities.
Since AOL purchased Netscape, development support has gone though various internal dev teams, and Netscape had has it's own dedicated development team again for over a year and a half.
The Netscape 8 Browser was indeed outsourced to Mercurial. Netscape 9 however, coming full circle as has already been noted, was developed internally based upon the firefox codebase.
Heh.
:D
'Just visiting', indeed, it seems.
Somewhere along the way, I missed the <sarcasm> signpost when entering.
As another savvy commenter has already pointed out, there are instances where this sort of jamming could set off roadside bombs, rather than prevent them from being set off (which would only change who was harmed, rather than prevent harm.) And, just as in any arms race, there are now instances where garage door openers are being used as trigger devices, which this type of jamming would have no effect upon.
This is not about whether Muffy gets her 3 pm phone call from her boyfriend Biff. This is about announcing a tactic specifically intended to promote Fear, Uncertainty, and Doubt. It's not about protecting the man. If they were really interested in protecting him, they wouldn't announce they were going to be jamming cell signals, they'd just do it, rather than give advance warning that a different trigger method might have more efficacy, and then, if you heard anything about it at all, it would be some story on the news about a temporary glitch in the phone networks or maybe even a cell tower virus that was identified and stopped.
It's straight out of Orwell, with 1984 being used as a 'how to' guide to heard the general population into doing what they're told, instead of stopping to think about how rapidly their rights are being stripped away.
Last time I checked, Australia wasn't exactly a boiling cauldron of amorphous, violent, insurgent activity attempting to repel a foreign invasion. Nor was it characterized as a hotbed of Al'Quaida activity, with enemies at every turn.
Again, this isn't about the technology. This is entirely about perception management.
Ah.
Another believer in the 'lowest common denominator' theory of life, where the worst solution somehow is magically supposed to become the best solution, and where failing to address the underlying problem is somehow supposed to be better than finding a real solution.
This would just be expensive, and wouldn't solve anything. The disruptive people would just find a new and different way to be loud, thoughtless, obnoxious, and annoying. Meanwhile you actually present new problems.
If you want a "welcome to America" moment, how long do you figure it would be before some theater that installed this system would be sued because someone had a heart attack, and the people they were with couldn't call 911 because their phone was being jammed? Not even in the theater necessarily, but just walking past? They might have a reasonable case, too.
Being oncall 24x7 isn't a matter of hubris. It's often a dictate of a specific job.
And, yes, sometimes, those people are very hard to replace. Do you think there's a neuro-surgeon, or a member of a rapid response hostage rescue team on every corner, perhaps? Being on-call doesn't mean not having a life. It means finding a balance between life and specific job responsibilities.
The point is that the suggestion to jam phones is trying to solve the wrong problem. Cell phones and pagers are NOT the problem -- rude, thoughtless PEOPLE are the problem.
By trying to solve the wrong problem, you only make it harder for reasonable people to actually try to maintain that balance. The rude, thoughtless people, however, are still going to be disruptive, even if they don't have a working cell phone.
I hear this suggested periodically, and it's, simply put, a very poor idea, that's not been thought through at all.
There are a lot of us who DO really have to have cellphones and pagers active 24x7, who are also smart and polite enough to put them on vibrate only, and to leave the theater if we need to respond. And, no, I'm not just talking geeks. That includes members of the medical and law enforcement professions, as well, where receiving an unexpected page or call really may be critical, and yes (not trying to be melodramatic), might just save someone's life.
Stop thinking technology is the answer to what is a SOCIAL problem. Grow a spine, and hold people responsible for their actions and their effect upon others around them, rather than trying to hide behind a bad technological band aid.
The answer is NOT to restrict the use of technology for those who use it properly, but to throw the asshats who are disruptive out of the theater, regardless of whether or not they happen to have a phone, or a pager.
(God forbid that anyone should actually have any personal responsibility, or actually have to confront someone obnoxious.)
</rant>
We now return you to your regularly scheduled pithy remarks about the idiocy of using this technology to attempt to protect a man so (deservedly) loathed that they think something like this might actually be necessary. I, of course, refer to the continuing dissemination of FUD, not the jamming, per se.
Good grief.
If you're trying (unsuccessfully) to be sarcastic, perhaps you should start using <sarcasm> tags.
If you're not, how naive can you possibly be?
'Good ISPs' versus 'Bad ISPs'? Do you also think there are 'Good Telephone Companies' and 'Bad Telephone Companies', some of whom sell telephone service to criminals, and some of whom who don't, and that if you applied the same logic to regulating those telephone companies that the 'legitimate' telephone users will change companies to 'Good' providers if you prosecute the telephone companies directly if someone plans or commits a crime while using one of their phones? Do you think the same thing should be done for whatever company built the phone?
Do you think there are also 'Good Car Rental Companies and 'Bad Car Rental Companies', or 'Good Supermarkets', and 'Bad Supermarkets', and that the people who run them should be held responsible for what all of their customers do, too?
Even if attempting to mandate censorship and then make the service providers responsible for content posted by customers was a good idea -- it's not, it's instead a monumentally bad one -- do you even have a remote concept how impossible it would be to actually monitor and audit the content of every web page posted by every user of the internet? Obviously not, or you wouldn't be so monumentally confused as to think there's any merit whatseover to what's been proposed.
The only result of this madness would be that you'd put everyone out of business, and effectively destroy an entire medium of communication. The only providers that would be likely to remain in business for a while would be those who would censor anything even remotely controversial, claiming they had to in order to protect themselves, out of fear of being closed down completely.
You want an example of how this would work out? How about something like this already in action, based upon the private policies of a single uber-company? How about something that should be simple, like getting pictures printed at WallyWorld*?
I know professional photographers who've had their negatives returned unprinted (they just wanted some quick samples), having been told that printing them would "violate copyright", because "obviously they were too good, so they had to be copyrighted". Never mind that in this instance they actually would have been copyrighted, but that the copyright owner was who had asked for the prints. I also know people who've had their photos destroyed, and been threatened with "being reported to the police as pedophiles" because they happened to take pictures of their own children playing in the tub. We're talking 'cute one-year-old in a bubble bath playing with their rubber duck' type pictures.
That is the sort of witch hunt that legislation like this would encourage. That is what you're calling a 'good idea'...
Any nonsense like this is simply a proposal to return to the dark ages. State-mandated censorship is ALWAYS a bad thing. Period.
If you're concerned about hate-mongering, violence, or pedophilia, don't confuse the perpetrators and the media they may choose with the media themselves. There are already plenty of laws that address the real concerns directly.
There are no good reasons to single out one particular medium (in this instance, the internet) to have it's own special laws and restrictions, and a lot of very good reasons to oppose any such regulation. It's at best unnecessary, and at worst, actually creates a blunt instrument that's easy to corrupt and abuse to promote fascism and excessive governmental control over free expression. Even worse than that, really, it would cause an artificial 'chilling' effect on free expression by mandating that low paid, over-worked people in the private sector, having no accountability or oversight, and no training in real issues of free speech would be put in charge of censoring other people's ideas.
To me, that sounds like worst idea I've heard of in a very long time...