The RSA passkeys are just a more secure version of ye olde-school passwords... they never let anyone sign onto their internal network before, and now it comes with encryption so it's doubleplusgood.
But they can never require the entire internet to sign and encrypt all traffic like that, there is currently no known mechanism to do that *and* still allow thse forementioned VPNs (I think)... But in the hypothetical case that all traffic origin is known and the content encrypted and they authenticate people like that they won't need VPNs anymore...
But there is one problem with that: It will only work if the entire internet starts using this *at once* and have you seen the adoptation rate of IPv6? And that doesn't even really break backwards compatibility.
The point of the post was that there are simple alternatives to identifying a person with a high degree of trust without having to lock-down the internet like that... It is more an alternative than an implementation to their plan. Like I started out: "Identity management and anonymity are not opposites". But you can indeed say "Mandatory police state identity management and anonymity *are* opposites", this is a fact that everyone should know... it's too bad too many of them are blinded by unfounded fear and so eager to give up some/all liberty for some preceived security...
Fair enough... but i'm talking about personal identity. Not the number of the wall-socket.
Beside, if they really wanted to track all connections to people they would also have to require all people to show their ID in every place with public internet: schools, libraries, internet-cafés, coffeeshops, everywhere... And that is also a step a little too far to be accepted by everyone everywhere. Since there probably will be ways to defeat this (they can't secure it all) i'd say they would be back to where they are now: they can trace you by default when they know your home IP... but with a little trouble you are anonymous again.
If a website provides a really anonymous service, why even bother requiring this card?
And when the signing process is perfected the government will *never* know your private key, only the public key... But then again, when they are the ones issuing the cards you will never know for sure if they cheated on that one.;-)
In the end it comes down to citizen responsibilty... if they start denying people their ID it's not a problem any technology can solve... i'd say that it's just about the right time to revolt.
Consider the following details:
- A card with a chip that will be destroyed when cracked open
- Your personal information stored on the card in some open format
- Your personal public/private key(s) (one could do it, but multiple for the different levels of trust could help)
- Certificates signed by the government that verifies your information and public key (note: only the public key!)
- This card is renewed every (few) year(s), so is the master government key that signs these things
When you send your name you can encrypt this information (along with some one time token against replay attacks) with your private key and also send your public key and the govenment certificate along proving it's your key.
This can all be validated 'offline', meaning no calling home to the government! The govenment public keys are well known to all sites doing the validating. Since no-one can get your private key no-one can imitate you, so no hacker or ISPs can mess it up. Brute-forcing it will very hard (not impossible) but you can remedy that with stronger keys and shorter card-life.
The only argument you make that still stands agains this is the maid, kid or other person with physical access to your card... But physical security (a.k.a. keep your ID on you at all times) will help against that. And if you really want to solve it add a PIN code (or passphrase) needed to 'decrypt' the private key inside the cards chip... I don't know how secure that will be unless you add real self-destruct capability to the chip when you fail too often.
Hmmm... thinking about it, adding the latter will make it pretty secure. I dare you to find a problem with this encryption method. There probably is, but can you find it as fast as I thought this up?;-)
Like I said, when Slashdot stops allowing anonymous cowards to post you have a point. Until then anonymous will remain anonymous, since there are also enough ways to encrypt traffic and mask IPs.
When a government signed your ID to prove that you are Nadaka, how will that help them limit your freedom?
You can only use it to add the 'this is Nadaka for sure' to your account.
It will only become a problem when Slashdot requires you to prove who you are with this method and then maintains a list of people not allowed to post by the govenment... but the whole point is that you can have levels of anonimity.
These are problems that exist for every form of identification... currently creditcards online (but also your ID offline). The fact that you can abuse stolen creditcards to get cash doesn't help to combat the extensive abuse... so you need a system that is *only* for identifying yourself.
You basically say: I am this person, and here is the signed certificate that proves it. And if i'm not this person you can be sure that the person you're dealing with has my ID card (and it's probably stolen).
Identity management and anonymity are not opposites.
If I were to completely design this system I would use ID cards digitally signed by the government with a proper public-private encryption scheme, but with multiple levels of information. The legislation around these cards should account for the information categories and what companies can legally do with it. The levels should have clear names and colors, and when you sign in to a website you will *never* need a login anymore, only an ID, and the website can request certain information, but you have to enter it by swiping your ID in front of the reader.
The levels of information should be:
- Anonymous, but verified age
- Anonymous, but verified location (country, city)
- Name verified, but nothing else
- Name, SSN, other details
This is not about FOSS, it's about not getting locked in and being stuck with legacy proprietary data.
I'd say Google is on the right track with this site: http://www.dataliberation.org/
"How to become a billionaire by 2013"?
Or maybe you try to become rich-for-cheap and downloaded the spanish cam version: "Cómo hacerse rico en el 2013"?
Most people are OK with Ad's on some level... just not OK with obnoxious popup-type invasive ads that even crash your browser sometimes.
The solution is an ad-blocker with level-based blocklist like this:
- Allow only text ads (this is where google wins)
- Allow simple image ads (not larger than...)
- Allow animated image ads
- Allow movie and interactive ads (flash ads)
- Allow all terrible ads (never use this ad)
I'm from the Netherlands, and here we are still thankful for the US (and rest of the allies) for saving our asses in WO2, we celebrate our freedom every year and thank the veterans who fought for it.
But the fact that we are (and should be) thankful does not mean the US has carte blanch, and despite the argument you present that Iran is a crappy country to live in (which is obviously true), does in no mean justify the way the US acts in about every aspect of world politics...
If you feel insulted by the way people look at the US (and Americans) look 'inside' instead of pointing 'outside' and basically making an argument that boils down to 'we perform incredible acts of evil, but the enemy is even more evil!'.
P.S. Since you bring up 'democracy': the US is hardy worth calling a democracy...
In the Netherlands we have 10+ political parties (including some very right-wing nuts) but your vote always is a choice that actually has influence on the politics and no single party is large enough that it can decide the entire political policy. The US has two parties with a 50-50 split. It's basically a coin toss which party's turn it is to undo a lot of work of the previous administration, although some even doubt that even chance has any real influence...
Corporate armies like the controversial Blackwater (see: http://en.wikipedia.org/wiki/Blackwater_Worldwide)? To my knowledge the US is the only country (of any significance) where mercenaries are in fact legal and hired by the government.
Guess what these people will do once the war is over... 'private corporate security', whatever you call it It's still a fucking army!
Poe's law states: "Without a winking smiley or other blatant display of humor, it is impossible to create a parody of Fundamentalism that SOMEONE won't mistake for the real thing."
See: http://rationalwiki.com/wiki/Poe's_Law
Thank you for this intriguing and informative post. Sadly my first thought is that you are most likely not an American... More and more of the people who live in the 'real' world are starting to see the Americans as the most brain-washed fundamentalists in the world. It's so ironic that everything America accuses 'the enemy' of doing is something they do best themselves.
What goes for people on a personal level also counts for a country as a whole. Change starts by looking at yourself and trying to better yourself, not by yelling at others that they are wrong and need to change. Especially when you accuse the others of things you do best yourself it makes you look like a puppet and hypocrite. I wish more Americans would put as much effort into changing their own as they are wasting in trying to change the rest of the world... it would be a better world for it.
People who try to think for themselves can fight in this 'war' of disinformation by doing exactly what the parent poster does: counter the disinformation with factual information. To the parent poster, and anyone else who is about 'the truth and nothing else but the truth': Thank you for doing this (at the risk of being labeled with 'teh terrorists' by the aforementioned puppets) and trying to make people think for themselves.
Who really sends dead tree letters nowadays... for all personal purposes e-mail is the new letter medium, but it does not have the same protection as postal mail has.
Apparently because e-mails are digital they are legally different and get different legal protection (although people still expect privacy for they peronal e-mail, the law seemingly does not).
Since the law apparently knows the distinction between real-world and digital versions of basically the same thing, why are people still sued to bankruptcy because they 'steal' digital content... why is the difference there non-obvious to the law?
Random generated is soooo 90's... in this century they use fractals (which is just a simple formula with some more random added in it).;-)
But seriously read more about fractal landscapes here: http://en.wikipedia.org/wiki/Fractal_landscape
Since last week there is some more concrete evidence that scientist willingly manipulated data and discredited scientists who stood up against the forced consensus.
But the feeling that there has been widespread manipulation of this global warming topic by enviromental agency's, lobbyists and governments has been around for years.
No instead use a proper formula to calculate the time by utilizing the gravitational pull of a planet in the field of reference. In this case you could pull the answer out of Uranus.
No exactly, this is not suitable for comfortable e-readers... but the article confuses two technology's: Ch-LCD and OLED. They also mention smartphone use for the OLED.
This low power, flexible, soft (but hopefully fairly tough) will be very much beneficial for other portable next generation solutions.
I would love a wrist-wearable phone that folds open straight to hold and talk and you roll around your wrist to take along...
Good idea to dumb it down... most of my family or collegues will stop understanding and thus really listening when they hear words like malware. When you want to educate people be prepared to explain it in a simple way they understand, it will save you work later.
And when you start to lose them just tell them "the evil hackers will plunder their bank account", this will give you about 3 minutes extra attention span.;)
Slashdot Mirror
The RSA passkeys are just a more secure version of ye olde-school passwords... they never let anyone sign onto their internal network before, and now it comes with encryption so it's doubleplusgood.
But they can never require the entire internet to sign and encrypt all traffic like that, there is currently no known mechanism to do that *and* still allow thse forementioned VPNs (I think)... But in the hypothetical case that all traffic origin is known and the content encrypted and they authenticate people like that they won't need VPNs anymore...
But there is one problem with that: It will only work if the entire internet starts using this *at once* and have you seen the adoptation rate of IPv6? And that doesn't even really break backwards compatibility.
hehe... maybe I should RTFA before posting. ;)
The point of the post was that there are simple alternatives to identifying a person with a high degree of trust without having to lock-down the internet like that... It is more an alternative than an implementation to their plan. Like I started out: "Identity management and anonymity are not opposites".
But you can indeed say "Mandatory police state identity management and anonymity *are* opposites", this is a fact that everyone should know... it's too bad too many of them are blinded by unfounded fear and so eager to give up some/all liberty for some preceived security...
Fair enough... but i'm talking about personal identity. Not the number of the wall-socket.
Beside, if they really wanted to track all connections to people they would also have to require all people to show their ID in every place with public internet: schools, libraries, internet-cafés, coffeeshops, everywhere... And that is also a step a little too far to be accepted by everyone everywhere. Since there probably will be ways to defeat this (they can't secure it all) i'd say they would be back to where they are now: they can trace you by default when they know your home IP... but with a little trouble you are anonymous again.
If a website provides a really anonymous service, why even bother requiring this card?
;-)
And when the signing process is perfected the government will *never* know your private key, only the public key... But then again, when they are the ones issuing the cards you will never know for sure if they cheated on that one.
In the end it comes down to citizen responsibilty... if they start denying people their ID it's not a problem any technology can solve... i'd say that it's just about the right time to revolt.
Consider the following details:
;-)
- A card with a chip that will be destroyed when cracked open
- Your personal information stored on the card in some open format
- Your personal public/private key(s) (one could do it, but multiple for the different levels of trust could help)
- Certificates signed by the government that verifies your information and public key (note: only the public key!)
- This card is renewed every (few) year(s), so is the master government key that signs these things
When you send your name you can encrypt this information (along with some one time token against replay attacks) with your private key and also send your public key and the govenment certificate along proving it's your key.
This can all be validated 'offline', meaning no calling home to the government! The govenment public keys are well known to all sites doing the validating. Since no-one can get your private key no-one can imitate you, so no hacker or ISPs can mess it up. Brute-forcing it will very hard (not impossible) but you can remedy that with stronger keys and shorter card-life.
The only argument you make that still stands agains this is the maid, kid or other person with physical access to your card... But physical security (a.k.a. keep your ID on you at all times) will help against that. And if you really want to solve it add a PIN code (or passphrase) needed to 'decrypt' the private key inside the cards chip... I don't know how secure that will be unless you add real self-destruct capability to the chip when you fail too often.
Hmmm... thinking about it, adding the latter will make it pretty secure. I dare you to find a problem with this encryption method. There probably is, but can you find it as fast as I thought this up?
Like I said, when Slashdot stops allowing anonymous cowards to post you have a point. Until then anonymous will remain anonymous, since there are also enough ways to encrypt traffic and mask IPs.
When a government signed your ID to prove that you are Nadaka, how will that help them limit your freedom?
You can only use it to add the 'this is Nadaka for sure' to your account.
It will only become a problem when Slashdot requires you to prove who you are with this method and then maintains a list of people not allowed to post by the govenment... but the whole point is that you can have levels of anonimity.
These are problems that exist for every form of identification... currently creditcards online (but also your ID offline). The fact that you can abuse stolen creditcards to get cash doesn't help to combat the extensive abuse... so you need a system that is *only* for identifying yourself.
You basically say: I am this person, and here is the signed certificate that proves it. And if i'm not this person you can be sure that the person you're dealing with has my ID card (and it's probably stolen).
Identity management and anonymity are not opposites.
If I were to completely design this system I would use ID cards digitally signed by the government with a proper public-private encryption scheme, but with multiple levels of information. The legislation around these cards should account for the information categories and what companies can legally do with it. The levels should have clear names and colors, and when you sign in to a website you will *never* need a login anymore, only an ID, and the website can request certain information, but you have to enter it by swiping your ID in front of the reader.
The levels of information should be:
- Anonymous, but verified age
- Anonymous, but verified location (country, city)
- Name verified, but nothing else
- Name, SSN, other details
This is not about FOSS, it's about not getting locked in and being stuck with legacy proprietary data. I'd say Google is on the right track with this site: http://www.dataliberation.org/
"How to become a billionaire by 2013"?
Or maybe you try to become rich-for-cheap and downloaded the spanish cam version: "Cómo hacerse rico en el 2013"?
Most people are OK with Ad's on some level... just not OK with obnoxious popup-type invasive ads that even crash your browser sometimes. ...)
The solution is an ad-blocker with level-based blocklist like this:
- Allow only text ads (this is where google wins)
- Allow simple image ads (not larger than
- Allow animated image ads
- Allow movie and interactive ads (flash ads)
- Allow all terrible ads (never use this ad)
Just wait until one of those MACHO type Halo's blows... It won't be called dark matter anymore.
Not saying Microsoft doesn't screw up, but lets get all the facts [...]
The facts? Here: http://www.getthefacts.com/ :)
Or maybe the facts are also 'down'
I'm from the Netherlands, and here we are still thankful for the US (and rest of the allies) for saving our asses in WO2, we celebrate our freedom every year and thank the veterans who fought for it. But the fact that we are (and should be) thankful does not mean the US has carte blanch, and despite the argument you present that Iran is a crappy country to live in (which is obviously true), does in no mean justify the way the US acts in about every aspect of world politics...
If you feel insulted by the way people look at the US (and Americans) look 'inside' instead of pointing 'outside' and basically making an argument that boils down to 'we perform incredible acts of evil, but the enemy is even more evil!'.
P.S. Since you bring up 'democracy': the US is hardy worth calling a democracy...
In the Netherlands we have 10+ political parties (including some very right-wing nuts) but your vote always is a choice that actually has influence on the politics and no single party is large enough that it can decide the entire political policy.
The US has two parties with a 50-50 split. It's basically a coin toss which party's turn it is to undo a lot of work of the previous administration, although some even doubt that even chance has any real influence...
Corporate armies like the controversial Blackwater (see: http://en.wikipedia.org/wiki/Blackwater_Worldwide)? To my knowledge the US is the only country (of any significance) where mercenaries are in fact legal and hired by the government.
Guess what these people will do once the war is over... 'private corporate security', whatever you call it It's still a fucking army!
Poe's law states: "Without a winking smiley or other blatant display of humor, it is impossible to create a parody of Fundamentalism that SOMEONE won't mistake for the real thing."
See: http://rationalwiki.com/wiki/Poe's_Law
Thank you for this intriguing and informative post. Sadly my first thought is that you are most likely not an American... More and more of the people who live in the 'real' world are starting to see the Americans as the most brain-washed fundamentalists in the world. It's so ironic that everything America accuses 'the enemy' of doing is something they do best themselves.
What goes for people on a personal level also counts for a country as a whole. Change starts by looking at yourself and trying to better yourself, not by yelling at others that they are wrong and need to change. Especially when you accuse the others of things you do best yourself it makes you look like a puppet and hypocrite. I wish more Americans would put as much effort into changing their own as they are wasting in trying to change the rest of the world... it would be a better world for it.
People who try to think for themselves can fight in this 'war' of disinformation by doing exactly what the parent poster does: counter the disinformation with factual information. To the parent poster, and anyone else who is about 'the truth and nothing else but the truth': Thank you for doing this (at the risk of being labeled with 'teh terrorists' by the aforementioned puppets) and trying to make people think for themselves.
Who really sends dead tree letters nowadays... for all personal purposes e-mail is the new letter medium, but it does not have the same protection as postal mail has. Apparently because e-mails are digital they are legally different and get different legal protection (although people still expect privacy for they peronal e-mail, the law seemingly does not).
Since the law apparently knows the distinction between real-world and digital versions of basically the same thing, why are people still sued to bankruptcy because they 'steal' digital content... why is the difference there non-obvious to the law?
Random generated is soooo 90's... in this century they use fractals (which is just a simple formula with some more random added in it). ;-)
But seriously read more about fractal landscapes here: http://en.wikipedia.org/wiki/Fractal_landscape
Yeah, but don't even try to ask for any help, you'll most likely get an RTFM response. XKCD said it best: http://xkcd.com/293/
:)
I think it's safe to say the documentation isn't really lacking, but the support is...
Since last week there is some more concrete evidence that scientist willingly manipulated data and discredited scientists who stood up against the forced consensus. But the feeling that there has been widespread manipulation of this global warming topic by enviromental agency's, lobbyists and governments has been around for years.
For me the book State of Fear by Michael Crighton got me thinking: http://www.amazon.com/State-Fear-Michael-Crichton/dp/0061782661/ref=sr_1_1?ie=UTF8&s=books&qid=1259584573&sr=8-1
Disclamer: the story of the book is pretty sucky for Crighton standards, but the message 'Think for your fucking self and look at the actual data without parroting every guy with a labcoat' is a message that is true for any subject!
No instead use a proper formula to calculate the time by utilizing the gravitational pull of a planet in the field of reference. In this case you could pull the answer out of Uranus.
No exactly, this is not suitable for comfortable e-readers... but the article confuses two technology's: Ch-LCD and OLED. They also mention smartphone use for the OLED.
This low power, flexible, soft (but hopefully fairly tough) will be very much beneficial for other portable next generation solutions.
I would love a wrist-wearable phone that folds open straight to hold and talk and you roll around your wrist to take along...
Good idea to dumb it down... most of my family or collegues will stop understanding and thus really listening when they hear words like malware. When you want to educate people be prepared to explain it in a simple way they understand, it will save you work later. ;)
And when you start to lose them just tell them "the evil hackers will plunder their bank account", this will give you about 3 minutes extra attention span.