1) users hate PGP/GPG. They don't understand it, can't get it to work, and it's not worth anything to them. (google for "why johnny can't encrypt" for two good discussions of the subject.)
2) Spammers aren't even using their own machines to send email at this point, why should they care about an extra second or two to sign or encrypt a message? It's someone else's CPU cycles, not theirs.
3) Mailing lists, support addresses, public accounts, sales folks, etc, would all fail in your system, since they all need to be able to take in (and often send) messages to people they've never talked to before and won't have a key for.
Encryption/signing of email is not the answer. There's a reason why email encryption has languished for 10 years...it sucks.
Reasonably considered private? Your, or anyone else's, opinion on what is 'reasonable' is irrelevant.
Untrue. "Reasonable expectation of privacy" has a very clear legal meaning, and the "communities" opinion of "reasonable" does matter in court.
see here:
http://faculty.ncwc.edu/toconnor/325/325lect04.htm
The "reasonable expectation" test is a two-prong test based on:
(1) the first prong -- subjective privacy -- is whether the person exhibited a personal expectation to be left alone from government intrusion
(2) the second prong -- objective privacy -- is whether the personal expectation is one that society is prepared to recognize as reasonable and several areas have already been determined to be beyond what society is willing to recognize ("exceptions" to what constitutes a search or requires a warrant to seize)
The problem is, a few of the recently-released ones had lag times measured in *years*. Oracle can whine all they like about unrealistic deadlines from researchers, but a few years is far too long to sit on something.
I'm always surprised that more people don't just lie on their card forms. Sure, you miss out on the mailed coupons, but the amusement factor of having a clerk try to address you by name when it says "Bozo T. Clown" on their screen is worth it.
hmmm...I was seeing this with 80's vintage Ampex stuff as well, so I don't think it's limited to Maxwell, but point taken...it does vary greatly with the materials used in the tape.
One thing to consider: old tape is fragile. I worked with audio tape for years, and tape older than 10 years had to be literally baked (heated & cooled again) before playing. If you didn't bake an old tape the filings from the tape would slough off onto the reading heads...you might (if you were lucky) get one play out of an unbaked tape, but the audio on the tape would definitely be destroyed.
Given the age of these tapes, getting the data off without destroying it is not as simple as just slapping it onto the machine & hitting "play."
The problem come when the "industry standard" can't be implemented by OSS folks due to patent restrictions. The IETF draft for the combined SPF/Sender-ID system fell apart last year because MS's lawyers would not release their patents on the system in a way that allowed Open Source folks to implement it.
Market-based standardization is fine when no one's trying to patent the standard. Otherwise, it's a mess.
This is a Google answers thread on the subject. In general, mortality is very strongly tied to the speed of the fin rotation. Given that these folks are talking about rotation speeds above 100 rpm, the speed becomes a big factor (birds can't see it & avoid it, if the fins are spinning so fast it blurs).
In general, though, yes, windows, and (interestingly) TV/radio towers kill far more birds than wind turbines.
Actually, I rather doubt any terrorists are using encryption. Fact is, they don't need to. Finding their communications in the mass flood that is everyone else talking is almost impossible. And, if the Feds have identified them to the point of wiretapping them specifically, the terrorist is already done for, so encryption won't help.
The very loose arrangement of the organizations helps here. There isn't a rigid control structure, so it doesn't really matter much if someone from one cell's captured...they don't know much.
Aside from the high-profile ones that are in the news (OBL), I really doubt the front-line attackers are doing all the cloak-and-dagger stuff...it isn't worth the trouble.
Honestly, I don't see how the ESRB could have known this stuff was there, without hacking every part of every game file. To get this stuff you have to manually change a couple game files. If it's something you have to consciously hack, and can't even get to in the course of (even wacky) gameplay, then it's not really part of the game.
Yes, the designers shouldn't have shipped the game with that stuff anyway, but that's not ESRB's fault, that's the coder's. Using this to scapegoat the ESRB is stupid.
It's attempting to be a Debian that "just works". Take the elegance of apt, and add very good hardware detection, and fairly good (see other gripes from folks) integration between apps, and you have a lovely desktop distro.
Personally, I'm moving away from Gentoo towards Ubuntu, (running Gentoo on a ppc since 2002) 'cause I'm really tired of some of Gentoo's quirks, and really haven't had problems with Ubuntu at all.
I'm not as concerned with the home users as much as I am with the PHB's. They think NAT's magic security dust, and convincing not to use it, v4 or v6, is (I think) bound to fail.
The biggest problem I see with this attitude (not that I entirely disagree with it) is that it assumes NAT will go away in v6. I sincerely doubt that it will. I know it's unnecessary in v6...but people have gotten used to it, and it's been sold to them as a "security feature". Therefore, they're going to want to use it in v6, whether or not it really does anything for their security.
I'm on speakeasy, and I'm fine. The only trick is that I'm running my own DNS for my domain, and am publishing my own SPF records. Is speakeasy running DNS for your domain, or is that somewhere else?
(Speakeasy will put reverse DNS on your IPs, if you have statics, which also helps immensely.)
Unless suffusions.net is willing to publish SPF records that allow email from their domain to originate from adelphia, yes, there will be problems.
If your ISP will forward @glitterandtwang.org to your domain, you could publish SPF records for glitterandtwang.org allowing its mail to originate from adelphia, but that's a couple steps away from where you are now.
Or, you could do the POP-before-SMTP that suffusions is requiring.
See, here's where they lose me: you have to have downloaded the self-extracting file...the ad folks can't insert this file into an existing download of some other content since that chunk will fail the checksum tests. So, basically, this story boils down to adware sites putting up fake exe's and offering torrents to those exes, yes? I don't see this as a big deal...which torrents you choose to download has always been the tricky part of BT.
As far as actually hurting the other machine, no, there's nothing obvious. The self-defense rules for online conduct are non-existent at this point, so the only way to be *sure* you're safe is to not attack back. You can still mess with the attackers with things like tarpits, though.
(For those that haven't been following the jargon, tarpitting is intentionally slowing your responses to the maximimum time before timeout, and sending the minimum amount data in each response. The idea is to take up as much time as possible with your machine, hopefully slowing their attack rate.)
Slashdot Mirror
Do not taunt the spotted dick. Really. Trust me.
A few news flashes for you:
1) users hate PGP/GPG. They don't understand it, can't get it to work, and it's not worth anything to them. (google for "why johnny can't encrypt" for two good discussions of the subject.)
2) Spammers aren't even using their own machines to send email at this point, why should they care about an extra second or two to sign or encrypt a message? It's someone else's CPU cycles, not theirs.
3) Mailing lists, support addresses, public accounts, sales folks, etc, would all fail in your system, since they all need to be able to take in (and often send) messages to people they've never talked to before and won't have a key for.
Encryption/signing of email is not the answer. There's a reason why email encryption has languished for 10 years...it sucks.
Bah. His answers were better in this interview.
Your toilets have comics printed on them? Damn, the cool stuff never makes it to America.
Allows privacy, and also that privacy is assumed in the rights against search and seizure (#3 & 4) and against self-incrimination (#5).
But, it's not specifically mentioned anywhere (which you clearly knew, but it was fun doing the google search anyway).
DefCon: unamplified 802.11b; 11Mbps link; judges present & claim verified.
These guys: closed, proprietary protocol; 2.3Mbps link; no one around to verify facts.
As far as I'm concerned, the DefCon claim holds.
Untrue. "Reasonable expectation of privacy" has a very clear legal meaning, and the "communities" opinion of "reasonable" does matter in court. see here: http://faculty.ncwc.edu/toconnor/325/325lect04.htm
The problem is, a few of the recently-released ones had lag times measured in *years*. Oracle can whine all they like about unrealistic deadlines from researchers, but a few years is far too long to sit on something.
l ished_alerts.html
My reference for the years comment:
http://www.red-database-security.com/advisory/pub
They waited over 600 days for Oracle to patch some vulns. There's no excuse for that.
I'm always surprised that more people don't just lie on their card forms. Sure, you miss out on the mailed coupons, but the amusement factor of having a clerk try to address you by name when it says "Bozo T. Clown" on their screen is worth it.
hmmm...I was seeing this with 80's vintage Ampex stuff as well, so I don't think it's limited to Maxwell, but point taken...it does vary greatly with the materials used in the tape.
One thing to consider: old tape is fragile. I worked with audio tape for years, and tape older than 10 years had to be literally baked (heated & cooled again) before playing. If you didn't bake an old tape the filings from the tape would slough off onto the reading heads...you might (if you were lucky) get one play out of an unbaked tape, but the audio on the tape would definitely be destroyed.
Given the age of these tapes, getting the data off without destroying it is not as simple as just slapping it onto the machine & hitting "play."
Since when was Windows female? (though that would explain a lot, now that I think about it....)
The problem come when the "industry standard" can't be implemented by OSS folks due to patent restrictions. The IETF draft for the combined SPF/Sender-ID system fell apart last year because MS's lawyers would not release their patents on the system in a way that allowed Open Source folks to implement it.
Market-based standardization is fine when no one's trying to patent the standard. Otherwise, it's a mess.
In general, though, yes, windows, and (interestingly) TV/radio towers kill far more birds than wind turbines.
Actually, I rather doubt any terrorists are using encryption. Fact is, they don't need to. Finding their communications in the mass flood that is everyone else talking is almost impossible. And, if the Feds have identified them to the point of wiretapping them specifically, the terrorist is already done for, so encryption won't help.
The very loose arrangement of the organizations helps here. There isn't a rigid control structure, so it doesn't really matter much if someone from one cell's captured...they don't know much.
Aside from the high-profile ones that are in the news (OBL), I really doubt the front-line attackers are doing all the cloak-and-dagger stuff...it isn't worth the trouble.
Honestly, I don't see how the ESRB could have known this stuff was there, without hacking every part of every game file. To get this stuff you have to manually change a couple game files. If it's something you have to consciously hack, and can't even get to in the course of (even wacky) gameplay, then it's not really part of the game.
Yes, the designers shouldn't have shipped the game with that stuff anyway, but that's not ESRB's fault, that's the coder's. Using this to scapegoat the ESRB is stupid.
It's attempting to be a Debian that "just works". Take the elegance of apt, and add very good hardware detection, and fairly good (see other gripes from folks) integration between apps, and you have a lovely desktop distro.
Personally, I'm moving away from Gentoo towards Ubuntu, (running Gentoo on a ppc since 2002) 'cause I'm really tired of some of Gentoo's quirks, and really haven't had problems with Ubuntu at all.
I'm not as concerned with the home users as much as I am with the PHB's. They think NAT's magic security dust, and convincing not to use it, v4 or v6, is (I think) bound to fail.
The biggest problem I see with this attitude (not that I entirely disagree with it) is that it assumes NAT will go away in v6. I sincerely doubt that it will. I know it's unnecessary in v6...but people have gotten used to it, and it's been sold to them as a "security feature". Therefore, they're going to want to use it in v6, whether or not it really does anything for their security.
This
I'd be more inclined to agree with you if I could name a time (off the top of my head) where that's happened to a large-scale product. But, I can't.
I'm on speakeasy, and I'm fine. The only trick is that I'm running my own DNS for my domain, and am publishing my own SPF records. Is speakeasy running DNS for your domain, or is that somewhere else?
(Speakeasy will put reverse DNS on your IPs, if you have statics, which also helps immensely.)
Unless suffusions.net is willing to publish SPF records that allow email from their domain to originate from adelphia, yes, there will be problems.
If your ISP will forward @glitterandtwang.org to your domain, you could publish SPF records for glitterandtwang.org allowing its mail to originate from adelphia, but that's a couple steps away from where you are now.
Or, you could do the POP-before-SMTP that suffusions is requiring.
See, here's where they lose me: you have to have downloaded the self-extracting file...the ad folks can't insert this file into an existing download of some other content since that chunk will fail the checksum tests. So, basically, this story boils down to adware sites putting up fake exe's and offering torrents to those exes, yes? I don't see this as a big deal...which torrents you choose to download has always been the tricky part of BT.
As far as actually hurting the other machine, no, there's nothing obvious. The self-defense rules for online conduct are non-existent at this point, so the only way to be *sure* you're safe is to not attack back. You can still mess with the attackers with things like tarpits, though.
(For those that haven't been following the jargon, tarpitting is intentionally slowing your responses to the maximimum time before timeout, and sending the minimum amount data in each response. The idea is to take up as much time as possible with your machine, hopefully slowing their attack rate.)