Would that work seeing as I'm a British citizen?;) Get Arnie in there, he'll set them straight. He doesn't just know about present tech, he knows about the future too!
Actually there is a chance that if someone breaks into your machine and you log their activities that they can hit you with the wiretapping act
Heh. That is so stupid that it's actually believable that it could stand up in court these days:) Like criminals suing the owners of the house they're breaking into when they trip up on something.. that may just be an urban legend though. I fail to see how logging your own computers activities could be an issue. Doesn't the fact that they are breaking the law to get into your system take precedent? How is you monitoring activities taking place on your own property illegal? Wouldn't that make all CCTV and alarm systems illegal?
Depends if it's in the contract, or if it's legal. I actually don't mind whether they're legally allowed to or not. It doesn't make much sense that they wouldn't be allowed to, seeing as it's their own hardware being used. If it's illegal for them to do so, that's nice, but I don't particularly see why it should be. It should be illegal for them to do anything malicious with the information, but why shouldn't they monitor what is going on in their own network?
On the other hand, I wouldn't particularly want the postman reading my mail, but that's probably because the postman is a more human concept than the very generic 'ISP'. Besides, when I get stuff like my credit card and PIN through the mail they aren't encrypted, while things like online financial transactions are.
Just spin a coloured transparent disk - half-red, half-blue - in front of your eye reaaaaally fast while looking at the pictures, and your brain will probably get the idea after a few minutes*.
*this may be a load of bollocks, I just made it up.
I don't get why people are comparing Tor to paid-for services and networks like ISPs and Telcos at all, it's like comparing a professional sports match with a professional referee to a game out in a public place that has no referee. You can't apply the same laws to it when it is just a bunch of people getting together without any contractual obligements or governing authority.
Presumably if they are monitoring you then it will say in your contract. The whole net neutrality thing is an ongoing debate at the moment anyway, I don't know what the law says about whether your ISP is allowed to monitor your traffic (though I don't see why not, I still thing the data-moving-through-my-network thing applies). Some ISPs seem to be good at not just handing out information about their clients, some aren't so good. If you don't like how your ISP operates, you move to a different one (or buy your own line - or, better yet, how about just starting your own country out in the middle of the ocean and make up your own perfect little utopia).
The thing is that you pay your phone company and have a contract with them, and at least in those states you will know that you have the chance of being monitored as it will be part of the contract. You also know that they won't just give out those recordings to just anyone (though the government or police will probably want it at some point).
With TOR you have no contract or promise that no undesirables are listening in. There is no way of stopping someone snooping on exit nodes, so if these guys are punished for this (and in the paper they show that they haven't even recorded anything beyond the application headers, so their data is completely anonymised and contains nothing beyond what apps are being used) it won't help justice at all - it will punish those who were just interested in the protocol and researching it, while letting those who are actively recording things like usernames/passwords off scot-free.
As I mentioned in another reply, would you rather have to get beat up as well as have your bank account broken into? If this kind of device became standard procedure for banks, then you're at great risk for have people mugging you for it.
Of course, most script kiddy keylogger types probably are skinny little geeks and wouldn't want to risk mugging someone any more than we want to be mugged:p But as technology becomes more pervasive, the percentage of muggers who are into more high tech crime will increase..
Why is this just about banks then? Plenty of other websites have access to credit and debit card details (and debit cards don't have the same level of protection as debit cards), and generally have weaker login requirements than most banks, though you'd probably suggest that they should have stricter security as well. If my bank didn't have the moronic irrelevant security questions then I'd probably still be using the system today, but instead I've just decided not to bother with it as it has caused me a fair bit of hassle to set it up, and in the end I received very little benefit from it when I tried to log into it a few months later and had forgotten the answers to the irrelevant (to me) security questions. If I have to write down the answers to the questions then that weakens the security significantly.
What forms of 2 factor authentication would you propose for a public computer btw? Some kind of USB dongle or something? What if the cafe didn't allow those? The risk might be reduced with a 2 factor system, but I still think it's better to avoid banking on a public terminal. Not to mention that I'd rather have a car that has a simple key/lock system that can be picked or copied, than one that requires my fingerprint (people have had their hands cut off just so that thieves can steal their car), or in this case perhaps the woman could have got mugged after leaving the cafe so that the thieves could get the USB dongle or whatever.
Even if a system is "completely automated" it will still have administrators or maintenance engineers, who could siphon off money from your account. Sure, you can get it back, but I'm trying to point out that it's no more secure than a physical bank. When I was talking about taking an extra $50 out, I meant $50 of your dollars. You are quite a careful person it seems, but some people might just not even check the receipt they get, or perhaps the teller has been clever enough to mess with the system and falsify receipts too. You just can't be sure.
As for systems being designed improperly, I wasn't talking about the system incorrectly displaying your balance - I was talking about people intercepting your communications and hacking into your account. Encryption protocols have been broken in the past, so it's possible someone could find a weakness in SSL communication and get your username/password that way. Then they could steal money from your account. Again, you're usually protected by some kind of guarantee from the bank, but it's pretty silly to have complete faith in online banking simply because it doesn't involve going outside.
If the info is passing through their own network interface - by actual design of the Tor system, and not because they have done something devious - how is this analogous to wiretapping?
Illegal wiretapping surely involves breaking into private communications that you are not intended to be part of, through either physical means, or perhaps via software - but by its nature, Tor allows anyone to connect into the network, and people know that what they are sending/receiving is going to travel through other poeple's computers (but can be fairly confident that nobody can trace anything back to them easily).
I don't see how researching into the protocol and viewing the packets that pass through your own node are illegal, unless you accept some kind of contract not to snoop when you install Tor.
Only then, someone steals your identity online, changes all your passwords, opts you out of written and in-person banking and you're screwed:p That doesn't seem a very likely scenario though, there should be ways of proving your identity in really bad cases.
I actually think my online bank security measures were over the top - especially the fact that my account got permanently locked out when I forgot the answer to the mandatory security question thing. The questions were non user specifiable, and most of them were totally irrelevant to me, yet I had to fill out at least 5 of them. If the questions are the same for every account then it's going to be easier for someone to get the answers from you in conversation or via Facebook or whatever other social networking type sites you are a member of. Compared to the security for other systems (which could just as easily be used to steal my money, for example my paypal or amazon accounts), the security measures seem way OTT. I'm pretty happy with username and password security, with security questions only being used to retrieve your password. Why should my online bank account lock itself permanently just because I don't have a 'favourite place', 'favourite food' or a 'favourite TV show'? Perhaps my preferences are different depending on what mood I'm in, or perhaps I don't even watch much TV (at the time I registered for an online bank account I basically spent all day on the computer..).
I can't be bothered to go through the hassling of re-registering as I don't really need it anyway:/
As for avoiding untrustworthy humans who do you think runs the online banking systems? If you "don't trust humans" again you're screwed - may as well hide all your money in a box somewhere.
Your viewpoint isn't so much as a generation thing as a naivety thing.
Who cares if the transaction between yourself and your bank is "100% secure" and the encryption can't be broken without 1 million years of brute force attacking - if someone has installed a keylogger on your computer and now has your username, password and whatever other stuff the bank requires you to have to log in?
Then there's the fact that these systems likely aren't 100% secure - the algorithms may work perfectly, but if the design of the system (which was created by one or more flawed humans) is faulty, then you have problems. You shouldn't be so worried about your teller making a mistake counting out your money so much as you should be worried that the teller has just slipped out $150 when you asked for $100, and pocketed the $50.
You mean like motherboard chipsets? These days the chipset is gradually being moved into the CPU die anyway, and even graphics are being integrated with the CPU die, so I don't think heat dissipation is the main problem there. As everything is made smaller, chips can be run on lower voltages and generate less heat anyway. For mobile devices you are pretty limited in how far you can spread things out as well. I did refer to desktop CPUs in the GP post, but that was me being a moron as I just found it easier to visualise a desktop layout than a laptop one, seeing as I haven't fully taken apart many laptops.
In that case, if I compare your informative dialect style to that of Hitlers, does that mean you can't reply to me? In a conversation between 2 people Godwin's law would work, but in a place like/. filled with know it alls and trolls who are free to interrupt any thread, you might be ruining a perfectly good discussion just because some idiot has come along and made comparisons with the Nazis..
First of all - expecting/.ers to stay on one topic? Even if it's not the topic of the summary/article? You must be new here;)
Comparing the chances of something coming up in an infinite discussion (and note that no/. discussion is infinite, they are locked after a week or 2) to the odds of throwing a 6 in one throw is spurious. Out of 6 fair throws it is reasonably probable you will get at least one 6. Out of 12 fair throws it is even more probable you will get at least one 6. Out of an infinite number of fair throws, the chances are very close to one that you will get at least one 6.
Likewise, out of an infinite discussion (which is kind of beyond our comprehension, becuase even the whole of human discussion in the past, present and future is not infinite, and most people would get bored of a slashdot discussion or feel they've proven their point and move onto another discussion), the chances of any topic cropping up do indeed approach one. The chances of a topic being mentioned at any single moment kind of depend on what is being discussed, but taken over time, the chances of a completely random topic being mentioned do approach one due to the very nature of infinity, and the capacity for humans to ramble on and on. Much like I'm doing now.
I know you're referring to rational and irrational as numerical concepts, but do you seriously expect to be able to describe any slashdot discussion thread (never mind an infinitely long one) as completely 'rational'?;)
Godwin's law is likely to be invoked pretty quickly in any debate where both sides dislike each other, a lot quicker than my law at least: "as any discussion continues to infinity, the probability of a man on horseback lighting jelly babies on fire, tossing them up into the air and catching them in his eyes being mentioned approaches 1".
I think you mean 'meme'. Unless there's a whole other level of slashdot interaction that I am not aware of, where people mime each meme.
In any case, I propose a Meta-Meme-Mime Meme: I feel a great disturbance in the air, as if every slashdotter in the world suddenly mimed the meme 'whoosh'.
How do you cool using a V8? You'd still need a fan attached to it do move any heat away. An electric fan will produce hardly any heat compared to the heat being generated by your average desktop CPU, which can easily get up to over 100 degrees C if it isn't being cooled.
If this thing is cooling the CPU to below room temperature, then it has to be expelling more heat than a standard fan. The motor for a fan, and the bearings in the fan, will produce a bit of heat, but it will be nothing compared to the heat of the CPU, so I don't think you have to take that too much into consideration, and even if it is more efficient in the way it converts electricity to kinetic energy (fan rotation) than the refridgeration system, it can never cool below the ambient room temperature, so unless it produces a lot of heat in its own operation (which it doesn't) as you say, it will still be expelling less heat than the refridgeration system would.
Hopefully I explained that okay, I'm not a cooling engineer:p
Did you not read the poster's reply to me saying he meant meme? Even IRL it's not a mime, because it involves sound.
That and run for congress.
Would that work seeing as I'm a British citizen? ;) Get Arnie in there, he'll set them straight. He doesn't just know about present tech, he knows about the future too!
Actually there is a chance that if someone breaks into your machine and you log their activities that they can hit you with the wiretapping act
Heh. That is so stupid that it's actually believable that it could stand up in court these days :) Like criminals suing the owners of the house they're breaking into when they trip up on something.. that may just be an urban legend though. I fail to see how logging your own computers activities could be an issue. Doesn't the fact that they are breaking the law to get into your system take precedent? How is you monitoring activities taking place on your own property illegal? Wouldn't that make all CCTV and alarm systems illegal?
Depends if it's in the contract, or if it's legal. I actually don't mind whether they're legally allowed to or not. It doesn't make much sense that they wouldn't be allowed to, seeing as it's their own hardware being used. If it's illegal for them to do so, that's nice, but I don't particularly see why it should be. It should be illegal for them to do anything malicious with the information, but why shouldn't they monitor what is going on in their own network?
On the other hand, I wouldn't particularly want the postman reading my mail, but that's probably because the postman is a more human concept than the very generic 'ISP'. Besides, when I get stuff like my credit card and PIN through the mail they aren't encrypted, while things like online financial transactions are.
Just spin a coloured transparent disk - half-red, half-blue - in front of your eye reaaaaally fast while looking at the pictures, and your brain will probably get the idea after a few minutes*.
*this may be a load of bollocks, I just made it up.
I don't get why people are comparing Tor to paid-for services and networks like ISPs and Telcos at all, it's like comparing a professional sports match with a professional referee to a game out in a public place that has no referee. You can't apply the same laws to it when it is just a bunch of people getting together without any contractual obligements or governing authority.
Presumably if they are monitoring you then it will say in your contract. The whole net neutrality thing is an ongoing debate at the moment anyway, I don't know what the law says about whether your ISP is allowed to monitor your traffic (though I don't see why not, I still thing the data-moving-through-my-network thing applies). Some ISPs seem to be good at not just handing out information about their clients, some aren't so good. If you don't like how your ISP operates, you move to a different one (or buy your own line - or, better yet, how about just starting your own country out in the middle of the ocean and make up your own perfect little utopia).
The thing is that you pay your phone company and have a contract with them, and at least in those states you will know that you have the chance of being monitored as it will be part of the contract. You also know that they won't just give out those recordings to just anyone (though the government or police will probably want it at some point).
With TOR you have no contract or promise that no undesirables are listening in. There is no way of stopping someone snooping on exit nodes, so if these guys are punished for this (and in the paper they show that they haven't even recorded anything beyond the application headers, so their data is completely anonymised and contains nothing beyond what apps are being used) it won't help justice at all - it will punish those who were just interested in the protocol and researching it, while letting those who are actively recording things like usernames/passwords off scot-free.
As I mentioned in another reply, would you rather have to get beat up as well as have your bank account broken into? If this kind of device became standard procedure for banks, then you're at great risk for have people mugging you for it.
Of course, most script kiddy keylogger types probably are skinny little geeks and wouldn't want to risk mugging someone any more than we want to be mugged :p But as technology becomes more pervasive, the percentage of muggers who are into more high tech crime will increase..
sorry, the second last sentence in the first paragraph fell victim to my numerous edits :s
Why is this just about banks then? Plenty of other websites have access to credit and debit card details (and debit cards don't have the same level of protection as debit cards), and generally have weaker login requirements than most banks, though you'd probably suggest that they should have stricter security as well. If my bank didn't have the moronic irrelevant security questions then I'd probably still be using the system today, but instead I've just decided not to bother with it as it has caused me a fair bit of hassle to set it up, and in the end I received very little benefit from it when I tried to log into it a few months later and had forgotten the answers to the irrelevant (to me) security questions. If I have to write down the answers to the questions then that weakens the security significantly.
What forms of 2 factor authentication would you propose for a public computer btw? Some kind of USB dongle or something? What if the cafe didn't allow those? The risk might be reduced with a 2 factor system, but I still think it's better to avoid banking on a public terminal. Not to mention that I'd rather have a car that has a simple key/lock system that can be picked or copied, than one that requires my fingerprint (people have had their hands cut off just so that thieves can steal their car), or in this case perhaps the woman could have got mugged after leaving the cafe so that the thieves could get the USB dongle or whatever.
Even if a system is "completely automated" it will still have administrators or maintenance engineers, who could siphon off money from your account. Sure, you can get it back, but I'm trying to point out that it's no more secure than a physical bank. When I was talking about taking an extra $50 out, I meant $50 of your dollars. You are quite a careful person it seems, but some people might just not even check the receipt they get, or perhaps the teller has been clever enough to mess with the system and falsify receipts too. You just can't be sure.
As for systems being designed improperly, I wasn't talking about the system incorrectly displaying your balance - I was talking about people intercepting your communications and hacking into your account. Encryption protocols have been broken in the past, so it's possible someone could find a weakness in SSL communication and get your username/password that way. Then they could steal money from your account. Again, you're usually protected by some kind of guarantee from the bank, but it's pretty silly to have complete faith in online banking simply because it doesn't involve going outside.
If the info is passing through their own network interface - by actual design of the Tor system, and not because they have done something devious - how is this analogous to wiretapping?
Illegal wiretapping surely involves breaking into private communications that you are not intended to be part of, through either physical means, or perhaps via software - but by its nature, Tor allows anyone to connect into the network, and people know that what they are sending/receiving is going to travel through other poeple's computers (but can be fairly confident that nobody can trace anything back to them easily).
I don't see how researching into the protocol and viewing the packets that pass through your own node are illegal, unless you accept some kind of contract not to snoop when you install Tor.
Freudian slip then. Much more forgivable than a typo ;)
Only then, someone steals your identity online, changes all your passwords, opts you out of written and in-person banking and you're screwed :p That doesn't seem a very likely scenario though, there should be ways of proving your identity in really bad cases.
I actually think my online bank security measures were over the top - especially the fact that my account got permanently locked out when I forgot the answer to the mandatory security question thing. The questions were non user specifiable, and most of them were totally irrelevant to me, yet I had to fill out at least 5 of them. If the questions are the same for every account then it's going to be easier for someone to get the answers from you in conversation or via Facebook or whatever other social networking type sites you are a member of. Compared to the security for other systems (which could just as easily be used to steal my money, for example my paypal or amazon accounts), the security measures seem way OTT. I'm pretty happy with username and password security, with security questions only being used to retrieve your password. Why should my online bank account lock itself permanently just because I don't have a 'favourite place', 'favourite food' or a 'favourite TV show'? Perhaps my preferences are different depending on what mood I'm in, or perhaps I don't even watch much TV (at the time I registered for an online bank account I basically spent all day on the computer..).
I can't be bothered to go through the hassling of re-registering as I don't really need it anyway :/
As for avoiding untrustworthy humans who do you think runs the online banking systems? If you "don't trust humans" again you're screwed - may as well hide all your money in a box somewhere.
Your viewpoint isn't so much as a generation thing as a naivety thing.
Who cares if the transaction between yourself and your bank is "100% secure" and the encryption can't be broken without 1 million years of brute force attacking - if someone has installed a keylogger on your computer and now has your username, password and whatever other stuff the bank requires you to have to log in?
Then there's the fact that these systems likely aren't 100% secure - the algorithms may work perfectly, but if the design of the system (which was created by one or more flawed humans) is faulty, then you have problems. You shouldn't be so worried about your teller making a mistake counting out your money so much as you should be worried that the teller has just slipped out $150 when you asked for $100, and pocketed the $50.
Probably just as happy as you are to craft extremely poor analogies..
In that case I don't see how it was the bank's fault in any way.. using an internet café for banking (in Nigeria of all places, famous for 419 scams..) doesn't strike me as the best idea in the world. Even if the keyboards are glued in so that people can't attach keyloggers and whatnot, someone could have setup a mini camera, or perhaps the owner of the café has installed monitoring software that allows him to record everything.. she'd be better off with a WiFi enabled PDA or something at least?
You mean like motherboard chipsets? These days the chipset is gradually being moved into the CPU die anyway, and even graphics are being integrated with the CPU die, so I don't think heat dissipation is the main problem there. As everything is made smaller, chips can be run on lower voltages and generate less heat anyway. For mobile devices you are pretty limited in how far you can spread things out as well. I did refer to desktop CPUs in the GP post, but that was me being a moron as I just found it easier to visualise a desktop layout than a laptop one, seeing as I haven't fully taken apart many laptops.
Likewise. Also funny how the gp thinks that a word has to be missing rather than noticing there is an extra word o_0
you must be proud of yourself, having took the time to study and explain a concept that you yourself acknowledge is fundamentally useless
Hey, if it's acceptable to give geeks sex education using taxpayer's money, why isn't it acceptable to explain other useless concepts to us?
In that case, if I compare your informative dialect style to that of Hitlers, does that mean you can't reply to me? In a conversation between 2 people Godwin's law would work, but in a place like /. filled with know it alls and trolls who are free to interrupt any thread, you might be ruining a perfectly good discussion just because some idiot has come along and made comparisons with the Nazis..
First of all - expecting /.ers to stay on one topic? Even if it's not the topic of the summary/article? You must be new here ;)
Comparing the chances of something coming up in an infinite discussion (and note that no /. discussion is infinite, they are locked after a week or 2) to the odds of throwing a 6 in one throw is spurious. Out of 6 fair throws it is reasonably probable you will get at least one 6. Out of 12 fair throws it is even more probable you will get at least one 6. Out of an infinite number of fair throws, the chances are very close to one that you will get at least one 6.
Likewise, out of an infinite discussion (which is kind of beyond our comprehension, becuase even the whole of human discussion in the past, present and future is not infinite, and most people would get bored of a slashdot discussion or feel they've proven their point and move onto another discussion), the chances of any topic cropping up do indeed approach one. The chances of a topic being mentioned at any single moment kind of depend on what is being discussed, but taken over time, the chances of a completely random topic being mentioned do approach one due to the very nature of infinity, and the capacity for humans to ramble on and on. Much like I'm doing now.
I know you're referring to rational and irrational as numerical concepts, but do you seriously expect to be able to describe any slashdot discussion thread (never mind an infinitely long one) as completely 'rational'? ;)
Godwin's law is likely to be invoked pretty quickly in any debate where both sides dislike each other, a lot quicker than my law at least: "as any discussion continues to infinity, the probability of a man on horseback lighting jelly babies on fire, tossing them up into the air and catching them in his eyes being mentioned approaches 1".
I think you mean 'meme'. Unless there's a whole other level of slashdot interaction that I am not aware of, where people mime each meme.
In any case, I propose a Meta-Meme-Mime Meme: I feel a great disturbance in the air, as if every slashdotter in the world suddenly mimed the meme 'whoosh'.
How do you cool using a V8? You'd still need a fan attached to it do move any heat away. An electric fan will produce hardly any heat compared to the heat being generated by your average desktop CPU, which can easily get up to over 100 degrees C if it isn't being cooled.
If this thing is cooling the CPU to below room temperature, then it has to be expelling more heat than a standard fan. The motor for a fan, and the bearings in the fan, will produce a bit of heat, but it will be nothing compared to the heat of the CPU, so I don't think you have to take that too much into consideration, and even if it is more efficient in the way it converts electricity to kinetic energy (fan rotation) than the refridgeration system, it can never cool below the ambient room temperature, so unless it produces a lot of heat in its own operation (which it doesn't) as you say, it will still be expelling less heat than the refridgeration system would.
Hopefully I explained that okay, I'm not a cooling engineer :p