But since when is it censorship to try to change their mind?!
Did I accuse you of censorship? Did I say censorship? Anywhere?
Hey, I did not appeal to the force of the law!
*Goes back, reads own post* Nope, nothing about force of law either.
Of course, what Dr.Bob DC is doing is legal. But morally, I don't think he should be doing it.
And you reach that conclusion on the back of a 'if it saves even one life it's worth it' argument. Which is a crock of shit. Which is what I actually said. Lives are not of infinite value. There are many things that are not worth it even if it saves one life, a dozen lives, or a thousand lives.
Even if one paranoid parent withholds vaccine from his child because of your crap, wouldn't it outweight the shits and giggles we got from it?
To answer your rhetorical question in terms you can understand: No. It wouldn't.
What would that have to do with the internet? The fairness doctrine was about preventing monopoly broadcasters from controlling public discourse. Since there is no such thing as a monopoly on internet broadcasting (unless ISPs start blocking your forum posts based on content), how is it even relevant? There is no scarcity of broadcast time on the internet, so the fairness doctrine doesn't even make sense.
If the university notices that students who graduate with these degrees do not find work compared to other majors then it makes sense to encourage these students to major in more profitable areas.
I know, I know, you didn't RTFA, but that's the exact opposite of what's been noticed.
They sometimes (often) deviate from that into declaring new laws, but that is NOT their job, and we are better off when they dont.
You really should learn something about how the legal system works before opening your mouth. Case law is, and has been for roughly 1000 years (essentially since the Norman Conquest of England), a fundamental feature of our judicial system. In the absence of applicable statutes and case law judges extend existing statutes and case law to create new case law. Case law can be overridden by statute, and has some weird jurisdiction issues, but is otherwise binding law in any common law system (the US and the UK being the prime examples). Judges are SUPPOSED to write new case law when necessary. Of course, they do sometimes fuck up (creating case law when they shouldn't, or creating blatantly irrational/nonsense case law *cough*soylent green is corporations*cough*, but that doesn't change the fact that it IS their job. You arbitrarily stating otherwise on the internet does not change 1000 years of consistent practice.
Yes, because attaching yourself to the money train like some cambrian leech is the mark of genius.
I'd rather actually achieve something meaningful with my life. I never said Microsoft was unprofitable, just that it's products and achievements are lackluster and uninspiring. Brilliant people (usually) want to do brilliant, visionary, and new things. That hasn't been happening at Microsoft in...well, ever really. There's a few projects you could argue aimed for that, but I can't think of any that achieved it. Unless you count Machiavellian business deals, but we were talking about the tech people, not the MBAs.
Many of the most brilliant minds in the industry work at Microsoft
If they're still wasting their time working for the bozos that run that company they can't be that brilliant. They might be technologically competent, but they must lack ambition and drive if they're willing to waste their time chasing Ballmer's drool drippings.
False. Truecrypt also (primarily?) does file container encryption. It's like an encrypted disk image. Granted, if the pc is nabbed while it's mounted your point is still valid, but I never leave my truecrypt container file (which primarily contains tax/financial data) mounted unless I am using it at that moment. I've never even used it for full disk encryption (which I leave to dmcrypt+luks).
Only works if they know who their target is. My parent discussed German authorities trying to find a user of an anonymity program. You're right that the point is moot if the investigators already know where to find the target.
I'm looking at it, and I like it. I just wish it integrated into my browser. There's also the portability, syncing issue, I can setup LastPass on any computer I happen to be using in a matter of minutes, no dice if I don't have my keepass database on a filesystem readable by the computer system I'm using atm (all my external hdds are ext4 with full disk encyption).
The reality is that LastPass is an order of magnitude more convenient, and, having looked deeper into their implementation due to today's issue, I don't buy that it's that big an issue. They don't store decryption passwords at all. For recovery they store (based on the admittedly vague description on their account recovery site) a keyfile on your local computer (not cloud) to decypt a separately encrypted backup copy. They don't keep the keyfile for you. If you don't have the master password or that recovery keyfile there is no recovering your account because they cannot decrypt it. Assuming they're being honest about all of this, I fail to see how that isn't secure enough for anyone other than a Chinese dissident (I could say or Al Qaeda terrorist, but I don't want to Godwin the point. There are legitimate reasons to be THAT paranoid, but they don't apply to me, or 99% of everyone else).
How is LastPass any different from storing your keepass database in your DropBox container? I honestly don't see a difference in actual security (again, assuming LastPass is being honest about their implementation), and LastPass is HUGELY more convenient.
Why? It doesn't do what I need: perl/python out of the box and full git functionality (I'd add a simple cli cron job system but I've recently been told there's a windows 'at' command that does this). If it doesn't serve my needs why would I use it?
I see no need to get into an OS flame war--it doesn't meet my needs. So why would I use it?
It isn't legal in the USA. At least in my view and hopefully that of every judge all the way up to the supreme court. I wouldn't for one second think that the US authorities wouldn't try it though and get away with it.
I'd be shocked if the US authorities could make a software vendor (or FOSS maintainer) modify code under court order. It screams first amendment (code is copyrighted speech after all). They could (potentially) bar a vendor or maintainer from announcing modifications to a code base (gag orders, etc.), but forcing them to make the modifications would be utterly unprecedented (to my knowledge).
From their password recovery page (I checked since I was curious after you raised the point):
LastPass has added support for an optional way to store a disabled One Time Password (OTP) locally on your computer in case you forget your Master Password. This feature allows account recovery for those who want it without revealing your password to LastPass.
You can choose not to save this disabled One Time Password by launching Preferences from the LastPass icon menu, and selecting the Advanced tab. If you decide to disable the local OTP, your only recourse if your password hint doesn't help is to delete your account and start over. If you disable the preference after creating one, it causes the One Time Password to be deleted off LastPass' servers.
This makes it sound like they save the One Time Password on their server, and it decrypts a file stored only on your local PC that either contains your master password, or possibly as hash of it (I'm guessing at the implementation here). Or possibly it saves a keyfile to your PC that decrypts a separate (and separately encrypted) copy of your data.
What does seem clear is that you are correct in so far as they CANNOT decrypt your stored passwords themselves. If you don't have that One Time Password file on your PC, there is no recovering your account.
Slashdot Mirror
No geek card for you sir.
But since when is it censorship to try to change their mind?!
Did I accuse you of censorship? Did I say censorship? Anywhere?
Hey, I did not appeal to the force of the law!
*Goes back, reads own post* Nope, nothing about force of law either.
Of course, what Dr.Bob DC is doing is legal. But morally, I don't think he should be doing it.
And you reach that conclusion on the back of a 'if it saves even one life it's worth it' argument. Which is a crock of shit. Which is what I actually said. Lives are not of infinite value. There are many things that are not worth it even if it saves one life, a dozen lives, or a thousand lives.
Even if one paranoid parent withholds vaccine from his child because of your crap, wouldn't it outweight the shits and giggles we got from it?
To answer your rhetorical question in terms you can understand: No. It wouldn't.
What would that have to do with the internet? The fairness doctrine was about preventing monopoly broadcasters from controlling public discourse. Since there is no such thing as a monopoly on internet broadcasting (unless ISPs start blocking your forum posts based on content), how is it even relevant? There is no scarcity of broadcast time on the internet, so the fairness doctrine doesn't even make sense.
Even if one politician with a hard on for tyranny justifies his excesses because of your
paranoid parent withholds vaccine from his child because of your crap
crap, wouldn't it outweigh the shits and giggles we got from it?
Or, more legibly, the 'even if it only saves one life it's worth it' argument is the biggest crock of shit in modern rhetoric.
If the university notices that students who graduate with these degrees do not find work compared to other majors then it makes sense to encourage these students to major in more profitable areas.
I know, I know, you didn't RTFA, but that's the exact opposite of what's been noticed.
That, or how you normally make it worse.
I'm 90% certain I still can. Unless all of /. is actually sitting outside my window, and I'm actually shouting this instead of typing it.
They sometimes (often) deviate from that into declaring new laws, but that is NOT their job, and we are better off when they dont.
You really should learn something about how the legal system works before opening your mouth. Case law is, and has been for roughly 1000 years (essentially since the Norman Conquest of England), a fundamental feature of our judicial system. In the absence of applicable statutes and case law judges extend existing statutes and case law to create new case law. Case law can be overridden by statute, and has some weird jurisdiction issues, but is otherwise binding law in any common law system (the US and the UK being the prime examples). Judges are SUPPOSED to write new case law when necessary. Of course, they do sometimes fuck up (creating case law when they shouldn't, or creating blatantly irrational/nonsense case law *cough*soylent green is corporations*cough*, but that doesn't change the fact that it IS their job. You arbitrarily stating otherwise on the internet does not change 1000 years of consistent practice.
Solar doesn't require batteries
Maybe you've heard of power storage
What do you think batteries are? Masturbatory aids?
Sure, there are a number of grid storage technologies, but batteries are definitely one of them.
Yes, because attaching yourself to the money train like some cambrian leech is the mark of genius.
I'd rather actually achieve something meaningful with my life. I never said Microsoft was unprofitable, just that it's products and achievements are lackluster and uninspiring. Brilliant people (usually) want to do brilliant, visionary, and new things. That hasn't been happening at Microsoft in...well, ever really. There's a few projects you could argue aimed for that, but I can't think of any that achieved it. Unless you count Machiavellian business deals, but we were talking about the tech people, not the MBAs.
This is what happens when parallel universes collide.
You must be confused. No one said it was a good outcome. It's just an improvement over the present.
Many of the most brilliant minds in the industry work at Microsoft
If they're still wasting their time working for the bozos that run that company they can't be that brilliant. They might be technologically competent, but they must lack ambition and drive if they're willing to waste their time chasing Ballmer's drool drippings.
*poke*
Is he a troll? I can't tell. He's so life-like.
The other side of the basement is neither, and, let's face it, you aren't going to climb the stairs over this.
To be fair, I didn't want to talk to my Grandma anyway. I don't need any more conversations about carbuncles and hemorrhoids.
TFIFY!
What?
As is, basic drive encryption with dm-crypt and luks and a matching 128bit+ passphrase is good enough for my needs.
Eh, I use an encrypted 128bit keyfile, but whatever floats your particular boat.
False. Truecrypt also (primarily?) does file container encryption. It's like an encrypted disk image. Granted, if the pc is nabbed while it's mounted your point is still valid, but I never leave my truecrypt container file (which primarily contains tax/financial data) mounted unless I am using it at that moment. I've never even used it for full disk encryption (which I leave to dmcrypt+luks).
Restraining order.
Only works if they know who their target is. My parent discussed German authorities trying to find a user of an anonymity program. You're right that the point is moot if the investigators already know where to find the target.
I'm looking at it, and I like it. I just wish it integrated into my browser. There's also the portability, syncing issue, I can setup LastPass on any computer I happen to be using in a matter of minutes, no dice if I don't have my keepass database on a filesystem readable by the computer system I'm using atm (all my external hdds are ext4 with full disk encyption).
The reality is that LastPass is an order of magnitude more convenient, and, having looked deeper into their implementation due to today's issue, I don't buy that it's that big an issue. They don't store decryption passwords at all. For recovery they store (based on the admittedly vague description on their account recovery site) a keyfile on your local computer (not cloud) to decypt a separately encrypted backup copy. They don't keep the keyfile for you. If you don't have the master password or that recovery keyfile there is no recovering your account because they cannot decrypt it. Assuming they're being honest about all of this, I fail to see how that isn't secure enough for anyone other than a Chinese dissident (I could say or Al Qaeda terrorist, but I don't want to Godwin the point. There are legitimate reasons to be THAT paranoid, but they don't apply to me, or 99% of everyone else).
How is LastPass any different from storing your keepass database in your DropBox container? I honestly don't see a difference in actual security (again, assuming LastPass is being honest about their implementation), and LastPass is HUGELY more convenient.
Why? It doesn't do what I need: perl/python out of the box and full git functionality (I'd add a simple cli cron job system but I've recently been told there's a windows 'at' command that does this). If it doesn't serve my needs why would I use it?
I see no need to get into an OS flame war--it doesn't meet my needs. So why would I use it?
It isn't legal in the USA. At least in my view and hopefully that of every judge all the way up to the supreme court. I wouldn't for one second think that the US authorities wouldn't try it though and get away with it.
I'd be shocked if the US authorities could make a software vendor (or FOSS maintainer) modify code under court order. It screams first amendment (code is copyrighted speech after all). They could (potentially) bar a vendor or maintainer from announcing modifications to a code base (gag orders, etc.), but forcing them to make the modifications would be utterly unprecedented (to my knowledge).
From their password recovery page (I checked since I was curious after you raised the point):
LastPass has added support for an optional way to store a disabled One Time Password (OTP) locally on your computer in case you forget your Master Password. This feature allows account recovery for those who want it without revealing your password to LastPass.
You can choose not to save this disabled One Time Password by launching Preferences from the LastPass icon menu, and selecting the Advanced tab. If you decide to disable the local OTP, your only recourse if your password hint doesn't help is to delete your account and start over. If you disable the preference after creating one, it causes the One Time Password to be deleted off LastPass' servers.
This makes it sound like they save the One Time Password on their server, and it decrypts a file stored only on your local PC that either contains your master password, or possibly as hash of it (I'm guessing at the implementation here). Or possibly it saves a keyfile to your PC that decrypts a separate (and separately encrypted) copy of your data.
What does seem clear is that you are correct in so far as they CANNOT decrypt your stored passwords themselves. If you don't have that One Time Password file on your PC, there is no recovering your account.
Some of us don't use windows.