Actually, you get the same effect if you use "Plain Old Text" or "Extrans" formatting (between which I can't tell the difference), but without the monospace font. See, look?
I didn't need any HTML to separate this paragraph. The only style where you have to manually insert P or BR tags is "HTML Formatted".
Think of logging into a computer for the first time via SSH or a self-signed SSL cert. You're asked if you want to trust this key.
That's only because the key is uncertified. If you buy an SSL certificate for your key from Verisign or some other trusted root, you will not get this message.
This is where the government voter registration agency comes in. They are the "trusted root". They only have one signature (one public key), and everyone knows it. So, they sign a certificate which says "We have verified that this key belongs to a unique person.".
SSL is not vulnerable to man-in-the-middle attacks when you have a properly certified key.
The current check off of registered voters doesn't work if separated in place and time from the vote.
Since it's perfectly possible for someone to find their way to two different polling stations in the same day, this system is already broken. If you manage to be registered in two locations (which, it would seem, is not that hard, though illegal), you can vote twice. The Afghan idea of marking everyone's thumbs with ink would be more secure, really.
If this were a paper ballot, you'd never consider such a thing. "I'm candidate John Smith, and I claim that I have gotten 250M voted in the last election. Prove it? Sure, just look at this list of keys (signatures)."
You can forge a signature on paper. You can't forge a cryptographic signature. Not in your lifetime, anyway.
No, my solution is not complete, but it was meant to be a starting point for building something more complete. I think simple modifications could be applied to solve each of the problems you have, but I'm not going to go into it all here. The fundamental point that I think is important is that the final vote count is verifiable by any third party, with the candidates being in charge of counting their own votes (in an independently verifiable way).
OK, you obviously don't understand what I was talking about.
First of all, I explicitly said that the government would only grant voting rights to one identity per person. The same procedures in use today could be used to make sure no one registers twice. That was the whole point of having the government certify identities in the first place.
Second, regarding the collecting and counting software being buggy: The whole point is, you can use any software you want, because the results can be independently verified. Each political party would probably write their own software for counting, and any bugs in that software would only hurt themselves. And on the user's end, the process would really be pretty trivial and may not even require special voting software. All you do is sign a thing saying "I vote for such and such candidate" then send it to that candidate's web site.
As for ID's being traceable back to the individual casting the vote... No, they aren't. Once the government issued a certificate for a particular identity, it would not need to keep any record of that identity in its database. The only record it would need to keep is that you, the person, have already registered, and can't register again. I think that's at least as anonymous as the current ad hoc systems.
I agree; you should also be able to use the device for signing contracts and verifying identity. Also, I think the device should support multiple identities for the same person. If you use the same public key for everything, companies will be able to use it to track you, profile you, etc. By creating multiple identities, you can prove to one company that you are the same person when you come back later while not allowing that company to collect information about you from others.
One silly example I think of is web forums. Like, maybe you'd like to use PKI to log in to your Slashdot account, rather than a password. But you don't want Slashdot to know who you are. So, you create your own key pair just for Slashdot. Now you can log in to Slashdot from anywhere as long as you bring your super-smart card with you, and you don't need a password.:)
Of course, you'd be free to open separate bank accounts under each identity, etc.
When registering to vote you'd probably have to choose a specific identity to which you want the government to grant voting rights, and it would only grant such rights to one identity per person. Oohh, but you know what's really cool about voting with electronic signature? You can sign your vote and then send it -- along with a voter registration certificate given by the government, certifying your public key as a valid voter -- directly to the candidate for whom you voted. Then, candidates would be responsible for counting their own votes, but could provide cryptographic proof of those counts, free for download on their web sites, such that anyone can personally verify the results. Say goodbye to problems with partisan election officials and rigged voting machines! (And, remember, your vote would still be anonymous, as long as you created a unique identity that you used just for voting. The government-supplied certificate would not identify you by name.)
I've always thought that what we really need is devices like this with an LCD display that tells you what, exactly, you are signing.
For example, imagine paying for some goods with one of these devices vs. credit card or smart card...
Smart card: You must trust that the card reader will not choose to use your card to sign things you didn't agree to. The reader could, for example, overcharge you, and you would have no way to know that it did until you checked your monthly statement. (And, hey, by that time, do you even remember if that item was $59 or $69?) For that matter, the reader could very easily make the charge under a different name, making it difficult to determine who committed the fraud.
Credit card: In addition to the smart card caveats, you must trust that the entity reading your card will not distribute your credit card number to any entity whom you don't trust at any time in the future. For that matter, if you use the same credit card with multiple entities, you have no way of knowing which one leaked your number. How can you fight back? Who do you charge with fraud or neglegence? In most cases you just let them go and your credit card company covers the illegal charges, while the FBI spends massive amounts of resources in mostly fruitless efforts to track them down. Why do we use these things?
The device I described: The LCD screen displays the question "Authorize payment of $59 to Acme Co.? Yes/No". No charge can go through without your device approving it. You only need to trust that your device will ask you to confirm any charge. And you can trust it because the manufacturer knows that if it screws up, they'll get their pants sued off.
The only thing that could make it more secure would be to implant the device into your body so that people can't steal it. Though, it's probably better to just deal with having to revoke a cert once in awhile rather than have people cutting you open to get to your bank account.:)
Gabe personally thanked Slashdot in his post to PA's front page last Friday. Apparently the whole idea here is that Slashdot is "mirroring" these because PA's bandwidth has gone to shit recently and there's a lot of overlap in readership, or something. Personally I think the idea is pretty silly, but, yes, Gabe and Tycho approve.
No, it most likely was not Nobuo Uematsu himself doing the arrangement. Looking at the credits for the various orchestral and piano arrangement CD's, they are always arranged by someone else.
Computer usage makes kids dumber / perform poorly.
Kids who perform poorly for other reasons like to spend their time on the computer when good kids are doing homework.
Bad parents like to put their kids infront of a computer to occupy them rather than make them do their homework.
The type of families that have multiple computers (wealthy ones?) tend to be dysfunctional in ways that lead the kids to perform poorly.
Of the countries surveyed, computer usage happens to be more prevalent in the countries who have more conservative governments, where the economy tends to be stronger but education is underfunded, thus causing the kids to perform more poorly.
I could keep coming up with reasons all day. The article seems to assume #1 is the explanation, but the study provides no evidence to suggest that #1 is any more plausible than the others.
Man, this one has gone through the cliche lifecycle way too fast.
t+0: Original "In Korea" article posted. t+1 hour: "In Korea" jokes get modded +5, Funny in every article, starting immediately after the original. t+2 hours: People already think the joke is dumb. t+1 day: "In Korea" jokes get modded -1, Overrated. t+2 days: Junior Slashdot editor makes reference to joke, thinks he's funny. Posters correct his usage, think they're funny.
I mean, come on... IN SOVIET RUSSIA lasted at least a week or two, and people are still pulling an "All Your Base" every now and then. This has to be some sort of record.
Unless someone puts together an "In Korea" flash video featuring elderly people sending e-mails to a techno beat before the end of the day, I think this one is dead.
(1) Windows has full multi-user support with the ability to do most of your work as a non-admin, just like Linux. Most users don't bother, since multi-user features are essentially useless on a desktop system that is only used by one person (see point 2), but it is perfectly possible.
(2) Why would a virus need or even want to be root? To log your keystrokes? It can already do that as a user (and, BTW, it can log your keystrokes when you run sudo and capture your root password). To launch a DDoS? No, that can also be done as a user. How about to spread itself? Nope! It can easily set up a web server on a high-number port and send out all the e-mails it wants linking to it.
(3) A dual payload wouldn't be a big deal if most of the virus was implemented in Java. The only OS-specific portion would be editing the necessary startup scripts to make sure the virus is run, which isn't much of a task.
Disclaimer: I am a fan of neither Windows nor Unix.
French-speakers are far more likely to live in the France than the average person. Therefore, if you don't want to live in France you should make sure not to learn French.
The best way to save your pictures is to keep several digital copies of them and periodically check for errors. If one copy is corrupted, restore it using the other copies. When analog media deteriorates, restoring it is not nearly so easy.
This story and the writeup are so clueless they're not even funny. From the article:
Unlike, say, faded but readable ink on paper, the instant a digital file becomes corrupted, or starts to degrade, it is indecipherable.
Gee, if only we had some sort of mechanisms for detecting and correcting errors in digital data.
(pause)
OK, now that all the programmers in the audience have had a good laugh, let me make it clear: Just about every storage medium and every communications protocol in existence is loaded with error correction mechanisms. This is why you can scratch up a CD-ROM (to some extent) and still read it just fine. And if that's not good enough for you, you can always make backups. Every backup you make drastically reduces the chance of data loss. And if you check your backups regularly, replacing the corrupt ones, the chance of data loss becomes zero for all practical purposes.
The only real problem discussed in the story is the one of mediums becoming obsolete. If you loaded all your important data on 3.5" floppies ten years ago you might have some trouble accessing them today. For normal people like us, this isn't too big a problem: Just copy your data over to new media every few years. For the library of congress, though, such a technique isn't quite so feasible.
You're right, and actually I knew about that, but it seems to me as a bit of a kludge. Alan Cox actually recommended the longjmp() technique. I dunno... one is inefficient, the other is ugly.
The OSX kernel is a merge between Mach and FreeBSD. This is why Darwin 7.x has all the cool features that the FreeBSD 5.x kernel has but most other unixes lack, like kqueue. The OSX kernel includes lots and lots of FreeBSD kernel code. The shared code is not just limited to userland.
Tangent-Rant: I am sad that Linux produces a new event waiting interface with every minor version but none of them come anywhere near being as complete as kqueue. In Linux, if you want to wait on file descriptors and signals at the same time without a race condition, your only option involves longjmp()ing out of signal handlers.::shudder::
Somewhat off-topic, but most polls, including those on Slashdot and real ones -- like tomorrow's election -- are decided in the first few hundred votes. After than the proportions change very little, unless there is some reason why the makeup of the voters would be different later on. So it is not surprising in the least that those percentages have been constant all day.
The fact that Linux is one of the most powerful and practical server OS's available does not necessarily mean that Linux is well-designed or that a well-designed kernel couldn't match it. As such, choosing to use Linux to run your server is not necessarily an endorsement of monolithic kernel design. It only means that the alternatives had bigger problems. Also, I suspect his hosting company chose the OS.
some people (such as yourself) try to place an arbitrary point in the childs development as "when it becomes a person."
So do you. You say conception. I say sentience. I see no logical reason to prefer concepetion over sentience, personally.
The infant also requires work (much more than before it was born) to keep alive. Is it not a person too?
That work can be provided by someone other than the mother (i.e. adoption). Until birth, though, the only way the fetus can survive is through a great deal of burden on its mother. I believe the mother should have the right to decline that burden, but that the decision should be made as early in the pregnancy as possible.
the moment I slip unconscious you could have me killed!
False analogy. An unconscious person was conscious in the past. There's an important reason why we provide greater protection to such people: Because any one of us could be that person in the future. Unless you believe in reincarnation, I don't think you have reason to fear that you might suddenly become an embryo and be aborted.
I'm sure that sounds pretty "cold" to you, too. Utilitarianism is funny like that. It provides a perfectly logical basis for pretty much all the ethics we take for granted, but the arguments often sound cold and self-serving. Frankly, I don't think that's a problem. In fact, I firmly believe that our internal sense of morality is based on utilitarianism, but that most people just don't realize it or don't like to admit it.
Do a Google search, for Christ's sake. The first hit for "fetus sentient" (no quotes) is a pro-life web site and even they say that a fetus is not sentient until the second trimester. It's not like this is something that hasn't been studied.
Slashdot Mirror
Actually, you get the same effect if you use "Plain Old Text" or "Extrans" formatting (between which I can't tell the difference), but without the monospace font. See, look?
I didn't need any HTML to separate this paragraph. The only style where you have to manually insert P or BR tags is "HTML Formatted".
Think of logging into a computer for the first time via SSH or a self-signed SSL cert. You're asked if you want to trust this key.
That's only because the key is uncertified. If you buy an SSL certificate for your key from Verisign or some other trusted root, you will not get this message.
This is where the government voter registration agency comes in. They are the "trusted root". They only have one signature (one public key), and everyone knows it. So, they sign a certificate which says "We have verified that this key belongs to a unique person.".
SSL is not vulnerable to man-in-the-middle attacks when you have a properly certified key.
The current check off of registered voters doesn't work if separated in place and time from the vote.
Since it's perfectly possible for someone to find their way to two different polling stations in the same day, this system is already broken. If you manage to be registered in two locations (which, it would seem, is not that hard, though illegal), you can vote twice. The Afghan idea of marking everyone's thumbs with ink would be more secure, really.
Also, NASA gives my wang a 99% impact probability. Ladies, I'm talking to you.
This is Randy Pinkwood, signing off.
If this were a paper ballot, you'd never consider such a thing. "I'm candidate John Smith, and I claim that I have gotten 250M voted in the last election. Prove it? Sure, just look at this list of keys (signatures)."
You can forge a signature on paper. You can't forge a cryptographic signature. Not in your lifetime, anyway.
No, my solution is not complete, but it was meant to be a starting point for building something more complete. I think simple modifications could be applied to solve each of the problems you have, but I'm not going to go into it all here. The fundamental point that I think is important is that the final vote count is verifiable by any third party, with the candidates being in charge of counting their own votes (in an independently verifiable way).
OK, you obviously don't understand what I was talking about.
First of all, I explicitly said that the government would only grant voting rights to one identity per person. The same procedures in use today could be used to make sure no one registers twice. That was the whole point of having the government certify identities in the first place.
Second, regarding the collecting and counting software being buggy: The whole point is, you can use any software you want, because the results can be independently verified. Each political party would probably write their own software for counting, and any bugs in that software would only hurt themselves. And on the user's end, the process would really be pretty trivial and may not even require special voting software. All you do is sign a thing saying "I vote for such and such candidate" then send it to that candidate's web site.
As for ID's being traceable back to the individual casting the vote... No, they aren't. Once the government issued a certificate for a particular identity, it would not need to keep any record of that identity in its database. The only record it would need to keep is that you, the person, have already registered, and can't register again. I think that's at least as anonymous as the current ad hoc systems.
I agree; you should also be able to use the device for signing contracts and verifying identity. Also, I think the device should support multiple identities for the same person. If you use the same public key for everything, companies will be able to use it to track you, profile you, etc. By creating multiple identities, you can prove to one company that you are the same person when you come back later while not allowing that company to collect information about you from others.
:)
One silly example I think of is web forums. Like, maybe you'd like to use PKI to log in to your Slashdot account, rather than a password. But you don't want Slashdot to know who you are. So, you create your own key pair just for Slashdot. Now you can log in to Slashdot from anywhere as long as you bring your super-smart card with you, and you don't need a password.
Of course, you'd be free to open separate bank accounts under each identity, etc.
When registering to vote you'd probably have to choose a specific identity to which you want the government to grant voting rights, and it would only grant such rights to one identity per person. Oohh, but you know what's really cool about voting with electronic signature? You can sign your vote and then send it -- along with a voter registration certificate given by the government, certifying your public key as a valid voter -- directly to the candidate for whom you voted. Then, candidates would be responsible for counting their own votes, but could provide cryptographic proof of those counts, free for download on their web sites, such that anyone can personally verify the results. Say goodbye to problems with partisan election officials and rigged voting machines! (And, remember, your vote would still be anonymous, as long as you created a unique identity that you used just for voting. The government-supplied certificate would not identify you by name.)
I have too many ideas...
I've always thought that what we really need is devices like this with an LCD display that tells you what, exactly, you are signing.
:)
For example, imagine paying for some goods with one of these devices vs. credit card or smart card...
Smart card: You must trust that the card reader will not choose to use your card to sign things you didn't agree to. The reader could, for example, overcharge you, and you would have no way to know that it did until you checked your monthly statement. (And, hey, by that time, do you even remember if that item was $59 or $69?) For that matter, the reader could very easily make the charge under a different name, making it difficult to determine who committed the fraud.
Credit card: In addition to the smart card caveats, you must trust that the entity reading your card will not distribute your credit card number to any entity whom you don't trust at any time in the future. For that matter, if you use the same credit card with multiple entities, you have no way of knowing which one leaked your number. How can you fight back? Who do you charge with fraud or neglegence? In most cases you just let them go and your credit card company covers the illegal charges, while the FBI spends massive amounts of resources in mostly fruitless efforts to track them down. Why do we use these things?
The device I described: The LCD screen displays the question "Authorize payment of $59 to Acme Co.? Yes/No". No charge can go through without your device approving it. You only need to trust that your device will ask you to confirm any charge. And you can trust it because the manufacturer knows that if it screws up, they'll get their pants sued off.
The only thing that could make it more secure would be to implant the device into your body so that people can't steal it. Though, it's probably better to just deal with having to revoke a cert once in awhile rather than have people cutting you open to get to your bank account.
Apple releases iPod. Wow, that's an embarassing quote.
Gabe personally thanked Slashdot in his post to PA's front page last Friday. Apparently the whole idea here is that Slashdot is "mirroring" these because PA's bandwidth has gone to shit recently and there's a lot of overlap in readership, or something. Personally I think the idea is pretty silly, but, yes, Gabe and Tycho approve.
No, it most likely was not Nobuo Uematsu himself doing the arrangement. Looking at the credits for the various orchestral and piano arrangement CD's, they are always arranged by someone else.
Some possible causalities here:
I could keep coming up with reasons all day. The article seems to assume #1 is the explanation, but the study provides no evidence to suggest that #1 is any more plausible than the others.
Calm down. I was joking. The error just seemed humorously ironic to me.
I think we have a winner.
Man, this one has gone through the cliche lifecycle way too fast.
t+0: Original "In Korea" article posted.
t+1 hour: "In Korea" jokes get modded +5, Funny in every article, starting immediately after the original.
t+2 hours: People already think the joke is dumb.
t+1 day: "In Korea" jokes get modded -1, Overrated.
t+2 days: Junior Slashdot editor makes reference to joke, thinks he's funny. Posters correct his usage, think they're funny.
I mean, come on... IN SOVIET RUSSIA lasted at least a week or two, and people are still pulling an "All Your Base" every now and then. This has to be some sort of record.
Unless someone puts together an "In Korea" flash video featuring elderly people sending e-mails to a techno beat before the end of the day, I think this one is dead.
Three things:
(1) Windows has full multi-user support with the ability to do most of your work as a non-admin, just like Linux. Most users don't bother, since multi-user features are essentially useless on a desktop system that is only used by one person (see point 2), but it is perfectly possible.
(2) Why would a virus need or even want to be root? To log your keystrokes? It can already do that as a user (and, BTW, it can log your keystrokes when you run sudo and capture your root password). To launch a DDoS? No, that can also be done as a user. How about to spread itself? Nope! It can easily set up a web server on a high-number port and send out all the e-mails it wants linking to it.
(3) A dual payload wouldn't be a big deal if most of the virus was implemented in Java. The only OS-specific portion would be editing the necessary startup scripts to make sure the virus is run, which isn't much of a task.
Disclaimer: I am a fan of neither Windows nor Unix.
French-speakers are far more likely to live in the France than the average person. Therefore, if you don't want to live in France you should make sure not to learn French.
*sigh*
The best way to save your pictures is to keep several digital copies of them and periodically check for errors. If one copy is corrupted, restore it using the other copies. When analog media deteriorates, restoring it is not nearly so easy.
This story and the writeup are so clueless they're not even funny. From the article:
Unlike, say, faded but readable ink on paper, the instant a digital file becomes corrupted, or starts to degrade, it is indecipherable.
Gee, if only we had some sort of mechanisms for detecting and correcting errors in digital data.
(pause)
OK, now that all the programmers in the audience have had a good laugh, let me make it clear: Just about every storage medium and every communications protocol in existence is loaded with error correction mechanisms. This is why you can scratch up a CD-ROM (to some extent) and still read it just fine. And if that's not good enough for you, you can always make backups. Every backup you make drastically reduces the chance of data loss. And if you check your backups regularly, replacing the corrupt ones, the chance of data loss becomes zero for all practical purposes.
The only real problem discussed in the story is the one of mediums becoming obsolete. If you loaded all your important data on 3.5" floppies ten years ago you might have some trouble accessing them today. For normal people like us, this isn't too big a problem: Just copy your data over to new media every few years. For the library of congress, though, such a technique isn't quite so feasible.
Sorry. Shouldn't have said "all". Should have said "many".
You're right, and actually I knew about that, but it seems to me as a bit of a kludge. Alan Cox actually recommended the longjmp() technique. I dunno... one is inefficient, the other is ugly.
The OSX kernel is a merge between Mach and FreeBSD. This is why Darwin 7.x has all the cool features that the FreeBSD 5.x kernel has but most other unixes lack, like kqueue. The OSX kernel includes lots and lots of FreeBSD kernel code. The shared code is not just limited to userland.
::shudder::
Tangent-Rant: I am sad that Linux produces a new event waiting interface with every minor version but none of them come anywhere near being as complete as kqueue. In Linux, if you want to wait on file descriptors and signals at the same time without a race condition, your only option involves longjmp()ing out of signal handlers.
Somewhat off-topic, but most polls, including those on Slashdot and real ones -- like tomorrow's election -- are decided in the first few hundred votes. After than the proportions change very little, unless there is some reason why the makeup of the voters would be different later on. So it is not surprising in the least that those percentages have been constant all day.
president: Bill O'Reilly
vice-president: Tammy Bruce
Well hell! If you can endorse them, I counter with:
president: Jon Stewart
vice-president: Al Franken
alternative vice-president: Lewis Black
The fact that Linux is one of the most powerful and practical server OS's available does not necessarily mean that Linux is well-designed or that a well-designed kernel couldn't match it. As such, choosing to use Linux to run your server is not necessarily an endorsement of monolithic kernel design. It only means that the alternatives had bigger problems. Also, I suspect his hosting company chose the OS.
some people (such as yourself) try to place an arbitrary point in the childs development as "when it becomes a person."
So do you. You say conception. I say sentience. I see no logical reason to prefer concepetion over sentience, personally.
The infant also requires work (much more than before it was born) to keep alive. Is it not a person too?
That work can be provided by someone other than the mother (i.e. adoption). Until birth, though, the only way the fetus can survive is through a great deal of burden on its mother. I believe the mother should have the right to decline that burden, but that the decision should be made as early in the pregnancy as possible.
the moment I slip unconscious you could have me killed!
False analogy. An unconscious person was conscious in the past. There's an important reason why we provide greater protection to such people: Because any one of us could be that person in the future. Unless you believe in reincarnation, I don't think you have reason to fear that you might suddenly become an embryo and be aborted.
I'm sure that sounds pretty "cold" to you, too. Utilitarianism is funny like that. It provides a perfectly logical basis for pretty much all the ethics we take for granted, but the arguments often sound cold and self-serving. Frankly, I don't think that's a problem. In fact, I firmly believe that our internal sense of morality is based on utilitarianism, but that most people just don't realize it or don't like to admit it.
Do a Google search, for Christ's sake. The first hit for "fetus sentient" (no quotes) is a pro-life web site and even they say that a fetus is not sentient until the second trimester. It's not like this is something that hasn't been studied.