What a great way to surreptitiously collect fingerprints en masse: take this device, attach a camera, and use a website like Facebook to connect an image of a person's face to the recorded fingerprint.
Any lawyers want to comment on the legality of such an operation in the United States?
First of all, let me state that the system I am about to describe is not the Bitcoin system. Unlike Bitcoin, the system I am going to describe relies on the existence of a central bank or authority that issues digital currency. Furthermore, this system will not allow "re-transfers" -- money can only be transferred once, and if you wish to respend your money you must go to the bank and get new currency issued (there are better systems out there, but this is the system described by the cryptography textbook that was closest to my desk; the system was given by Brands).
The system involves three participants: a bank, a spender, and a merchant (naturally there can be many spenders and merchants, and a person could be both a merchant and a spender). The bank issues a public key that can be used to verify the authenticity of the currency, to prevent counterfeiting. The spender opens an "account" with the bank, which involves sending the bank an encrypted copy of the spender's identity. The bank uses its secret key to send the spender a number (call it "z") that will be used by the spender to get currency from the bank; this is unique for each spender and is related to the identity the spender sent to the bank, but will not be useful in determining the spender's identity from currency that has been transferred to merchants unless the spender tries to cheat.
When the spender obtains currency from the bank, what he gets is a signature from the bank on a special hash of the coin, which hides the coin's serial number from the bank, but which can only be computed using a special number generated by the bank for that coin. Since the bank only received a hash, it cannot actually track the coin once it is spent unless the coin is spent twice (in which case it will reveal the identity of the spender.
Finally, to spend a coin, the spender gives the coin to the merchant; the merchant then demands that the spender prove that he actually owns the coin by sending a challenge, based on the coin itself, that can only be answered using the sender's secret key. If the spender can answer the challenge, the merchant accepts the payment, and then goes to the bank with the coin and the answer to the challenge to get his money (or perhaps more digital currency).
The key is this: to verify the answer to the challenge, only the coin is needed, not the spender's identity. If the spender tries to spend the coin twice, two separate challenges will be answered for the same coin; this will allow the bank to compute the spender's ID, and the spender can then be prosecuted in some way. Additionally, this system prevents someone from spending coins that they did not receive from the bank i.e. coins they copied from another person's computer (since they lack the ability to answer challenges).
The anonymity comes from two things:
Spenders do not need to tell merchants their identities as part of the payment process.
The bank only sees a hashed copy of the coin, and only receives the coin from the merchant (assuming there is more than one coin in use, this means the bank cannot just use coins deposited by merchants to determine the identity of the spender).
But the schools shouldn't ban cell phones. They should install micro-cells that allow them to control what numbers are allowed to call in and out and when. For instance, anyone should be able to call 911, but do you really want people to be able to call the students other than the parents and fellow students?
Yes, obviously the right thing to do is condition our teenagers to believe that authority figures have absolute control over their ability to communicate.
The NSA doesn't recruit people by telling them that they will be spying on Americans. I have met an NSA recruiter, and this is the story they tell you: As a cryptologist at the NSA, you will be working on interesting mathematics, mathematics you won't find in academia or in industry, and your work will help protect American lives. So say you are a 28 year old, you just finished a PhD in math or CS; wouldn't such a job be tempting?
The people who run the show at the NSA are not idiots. They know how to work with geniuses who might have a moral objection to spying on Americans. They know how to convince people that their work will only be used against foreigners, and how to get those people to put as much effort into their work as possible. If I had to venture a guess, I would say that most NSA mathematicians and computer scientists are aware of how their work is actually being used, except in rare cases where it is reported in the mass media (like the wiretapping scandal).
who in their right mind would thing for more then 1 second it would NOT be used to spy on the US
Who works for the NSA without trusting that the US government aims to protect the rights of its citizens? It takes a certain mentality to actually agree to government work, particularly as a cryptographer -- you are barred from working on cryptography as a civilian after being exposed to cryptographic secrets. To accept that means you believe that you are doing the right thing.
Now, I agree, any outside observer could have told you that the government would turn that technology against its own citizens and that writing it was the wrong thing to do, but the man in question was not an outside observer. He was probably told that he was working on a project that would help track dangerous people and that his work would save American lives.
Perhaps because the Japanese government is pressuring Sony to do more to protect user data, whereas the US government is pushing for companies to make it easier to access that data.
The service is not legal if the Japanese government does not allow Sony to operate it. You know, kind of like how buying and selling marijuana is illegal in the United States?
What constitutes a "legal service" is entirely dependent on the law of the land. If you are in a country where the law requires you to seek government approval before operating a service, then your service is only "legal" if the government allows it.
Now, whether or not it is morally acceptable to have such a legal system is another question entirely.
Unfortunately, workable countermeasures require people who are informed enough to use them...and more people would rather stay uninformed than take the time to learn. That is why the fascists get away with so much: most people do not bother to question it, let alone fight back against it.
How is the remedy I suggested opposed to the goal of anonymity? I said the money is de-anonymized when it is spent twice; otherwise, the money remains safely anonymous. If you need something to help you understand how such a thing is possible, look at the PS3 signing key hack -- Sony used the same random number in two signatures, which allowed their secret key to be computed. This solution is analogous -- using the same coin twice would allow your identity to be computed.
You mess with BitCoin, no guys with guns, only a technological challenge.
Theoretically, digital currency counterfeiting (really, double spending) could be handled by the police, if the government is willing to lend a hand. Alternatively, counterfeiters could be cut off of the system, with a revocation certificate sent out that prevents them from spending money (assuming that the system was designed to support such a thing).
I still really don't see how a coin could not be transferred twice.
I am not sure about Bitcoin, but one approach taken by other digital cash systems is to de-anonymize currency that has been spent twice. Basically, when a coin that has been spent twice is encountered, you can use the two copies to compute the identity of the person who spent the coin twice. Presumably, you could then call the police, or failing that you could send out some sort of revocation that would stop that person from spending any more cash.
The key thing to remember is that the transfer is a protocol; you do not simply make a copy of some data.
I'm just not getting what need this is intended to fill... and I'm not sure I understand how it's simultaneously untraceable and secure.
The basic argument for digital cash is that it solves the problem with credit theft -- you can spend digital currency without worrying that someone will get more of your money than you intended. Bitcoin takes a novel approach in that it attempts to create a decentralized system, whereas most digital cash designs call for a "bank" to issue digital currency in exchange for some other currency (or perhaps some other valuable item, like a bar of gold).
The fact that digital cash is untraceable is a result of it being intended to mimic real currency, but with cryptography being used to make it difficult to counterfeit. Really, we should have deployed digital cash about 20 years ago, and saved ourselves all the trouble we have now with credit cards.
This brings up a point that I have yet to find a satisfactory answer to: what is bitcoin actually backed by? Even the US dollar is backed by something, in a very indirect way, but bitcoins appear to be backed by nothing at all.
I am a big fan of digital cash and I wish it had been deployed on a wider scale decades ago, but it needs to have some actual value connected to it.
it's no major feat to allow users to disable some of the non-spam related algorithms.
It would be a major feat, however, to get users to actually exercise that option. Most of Google's users are clueless about these things, and so demanding that they opt-out is the wrong approach; rather, they should opt-in if they want their results filtered in that manner (not that someone who is educated enough to know about such options is likely to be someone who wants to close themselves off to other points of view).
I'd be curious as to whether someone has a better model in mind on how this should be done.
The Kindle should be able to display and process books from retailers other than Amazon, so that Amazon does not have so much control over what books people are able to obtain. It is absurd to think that people should need multiple book readers just to have options to buy books from other sources.
If you live in the US, clearly the Kindle's primary market, then you know that there are a large number of people here who would spontaneously combust if the they found their tweenager reading this stuff as a âoeLend Meâ book on their Kindle.
Then those parents should speak to their children about why such things are not allowed in the house. If their children are willing to break the rules even with their parents explaining why the rules exist, then they will find a way to obtain the books without Amazon's help. The real question here is, why should Amazon be playing the role of parent, and why is it that one particular parenting style is the one that Amazon is worrying about? What about all those people who want to teach their children that censorship and oppression are wrong and unacceptable?
Would such ratings be more valuable than they would be a tool for greater censorship?
No, they would have no value at all.
Is this is project we should Open/Crowd-Source?
Considering that censorship flies in the face of everything that the Free Software Foundation and Open Source movement stand for, no, it is not.
Would an rating system that we implemented make them available to more or fewer total humans?
They threw the guy in prison for what he did. What the hell is the point of demanding millions of dollars from him?
I'm nostalgic for FIDO and USENET.
Both of which are still in use.
I love how our definition of "habitable" is "kind of like Earth."
impossible to replace once compromised.
Can you name biometrics that can be replaced?
What a great way to surreptitiously collect fingerprints en masse: take this device, attach a camera, and use a website like Facebook to connect an image of a person's face to the recorded fingerprint.
Any lawyers want to comment on the legality of such an operation in the United States?
The system involves three participants: a bank, a spender, and a merchant (naturally there can be many spenders and merchants, and a person could be both a merchant and a spender). The bank issues a public key that can be used to verify the authenticity of the currency, to prevent counterfeiting. The spender opens an "account" with the bank, which involves sending the bank an encrypted copy of the spender's identity. The bank uses its secret key to send the spender a number (call it "z") that will be used by the spender to get currency from the bank; this is unique for each spender and is related to the identity the spender sent to the bank, but will not be useful in determining the spender's identity from currency that has been transferred to merchants unless the spender tries to cheat. When the spender obtains currency from the bank, what he gets is a signature from the bank on a special hash of the coin, which hides the coin's serial number from the bank, but which can only be computed using a special number generated by the bank for that coin. Since the bank only received a hash, it cannot actually track the coin once it is spent unless the coin is spent twice (in which case it will reveal the identity of the spender.
Finally, to spend a coin, the spender gives the coin to the merchant; the merchant then demands that the spender prove that he actually owns the coin by sending a challenge, based on the coin itself, that can only be answered using the sender's secret key. If the spender can answer the challenge, the merchant accepts the payment, and then goes to the bank with the coin and the answer to the challenge to get his money (or perhaps more digital currency).
The key is this: to verify the answer to the challenge, only the coin is needed, not the spender's identity. If the spender tries to spend the coin twice, two separate challenges will be answered for the same coin; this will allow the bank to compute the spender's ID, and the spender can then be prosecuted in some way. Additionally, this system prevents someone from spending coins that they did not receive from the bank i.e. coins they copied from another person's computer (since they lack the ability to answer challenges).
The anonymity comes from two things:
But the schools shouldn't ban cell phones. They should install micro-cells that allow them to control what numbers are allowed to call in and out and when. For instance, anyone should be able to call 911, but do you really want people to be able to call the students other than the parents and fellow students?
Yes, obviously the right thing to do is condition our teenagers to believe that authority figures have absolute control over their ability to communicate.
All I've got to say to this is "Well duh.. what the hell did you think they would do with it, Bill?"
Catch terrorists. What do you think he was told when he was working on the project, that they were planning to spy on Americans?
The NSA doesn't recruit people by telling them that they will be spying on Americans. I have met an NSA recruiter, and this is the story they tell you: As a cryptologist at the NSA, you will be working on interesting mathematics, mathematics you won't find in academia or in industry, and your work will help protect American lives. So say you are a 28 year old, you just finished a PhD in math or CS; wouldn't such a job be tempting?
The people who run the show at the NSA are not idiots. They know how to work with geniuses who might have a moral objection to spying on Americans. They know how to convince people that their work will only be used against foreigners, and how to get those people to put as much effort into their work as possible. If I had to venture a guess, I would say that most NSA mathematicians and computer scientists are aware of how their work is actually being used, except in rare cases where it is reported in the mass media (like the wiretapping scandal).
who in their right mind would thing for more then 1 second it would NOT be used to spy on the US
Who works for the NSA without trusting that the US government aims to protect the rights of its citizens? It takes a certain mentality to actually agree to government work, particularly as a cryptographer -- you are barred from working on cryptography as a civilian after being exposed to cryptographic secrets. To accept that means you believe that you are doing the right thing.
Now, I agree, any outside observer could have told you that the government would turn that technology against its own citizens and that writing it was the wrong thing to do, but the man in question was not an outside observer. He was probably told that he was working on a project that would help track dangerous people and that his work would save American lives.
I would think Hyper-V is behind VMWare, KVM, Xen, z/VM, and a few other hypervisers. Has Microsoft really been able to gain that much market share?
Whose ability to speak is being suppressed?
Perhaps because the Japanese government is pressuring Sony to do more to protect user data, whereas the US government is pushing for companies to make it easier to access that data.
The service is not legal if the Japanese government does not allow Sony to operate it. You know, kind of like how buying and selling marijuana is illegal in the United States?
What constitutes a "legal service" is entirely dependent on the law of the land. If you are in a country where the law requires you to seek government approval before operating a service, then your service is only "legal" if the government allows it.
Now, whether or not it is morally acceptable to have such a legal system is another question entirely.
Unfortunately, workable countermeasures require people who are informed enough to use them...and more people would rather stay uninformed than take the time to learn. That is why the fascists get away with so much: most people do not bother to question it, let alone fight back against it.
I would be surprised if none of the above were included in the plan.
How is the remedy I suggested opposed to the goal of anonymity? I said the money is de-anonymized when it is spent twice; otherwise, the money remains safely anonymous. If you need something to help you understand how such a thing is possible, look at the PS3 signing key hack -- Sony used the same random number in two signatures, which allowed their secret key to be computed. This solution is analogous -- using the same coin twice would allow your identity to be computed.
You mess with BitCoin, no guys with guns, only a technological challenge.
Theoretically, digital currency counterfeiting (really, double spending) could be handled by the police, if the government is willing to lend a hand. Alternatively, counterfeiters could be cut off of the system, with a revocation certificate sent out that prevents them from spending money (assuming that the system was designed to support such a thing).
I still really don't see how a coin could not be transferred twice.
I am not sure about Bitcoin, but one approach taken by other digital cash systems is to de-anonymize currency that has been spent twice. Basically, when a coin that has been spent twice is encountered, you can use the two copies to compute the identity of the person who spent the coin twice. Presumably, you could then call the police, or failing that you could send out some sort of revocation that would stop that person from spending any more cash.
The key thing to remember is that the transfer is a protocol; you do not simply make a copy of some data.
I'm just not getting what need this is intended to fill ... and I'm not sure I understand how it's simultaneously untraceable and secure.
The basic argument for digital cash is that it solves the problem with credit theft -- you can spend digital currency without worrying that someone will get more of your money than you intended. Bitcoin takes a novel approach in that it attempts to create a decentralized system, whereas most digital cash designs call for a "bank" to issue digital currency in exchange for some other currency (or perhaps some other valuable item, like a bar of gold).
The fact that digital cash is untraceable is a result of it being intended to mimic real currency, but with cryptography being used to make it difficult to counterfeit. Really, we should have deployed digital cash about 20 years ago, and saved ourselves all the trouble we have now with credit cards.
This brings up a point that I have yet to find a satisfactory answer to: what is bitcoin actually backed by? Even the US dollar is backed by something, in a very indirect way, but bitcoins appear to be backed by nothing at all.
I am a big fan of digital cash and I wish it had been deployed on a wider scale decades ago, but it needs to have some actual value connected to it.
We have similar political leanings
Really? My family is a counter-example to that.
it's no major feat to allow users to disable some of the non-spam related algorithms.
It would be a major feat, however, to get users to actually exercise that option. Most of Google's users are clueless about these things, and so demanding that they opt-out is the wrong approach; rather, they should opt-in if they want their results filtered in that manner (not that someone who is educated enough to know about such options is likely to be someone who wants to close themselves off to other points of view).
I misread it myself. Definitely need to finish a cup of coffee before trying to read the news.
I'd be curious as to whether someone has a better model in mind on how this should be done.
The Kindle should be able to display and process books from retailers other than Amazon, so that Amazon does not have so much control over what books people are able to obtain. It is absurd to think that people should need multiple book readers just to have options to buy books from other sources.
If you live in the US, clearly the Kindle's primary market, then you know that there are a large number of people here who would spontaneously combust if the they found their tweenager reading this stuff as a âoeLend Meâ book on their Kindle.
Then those parents should speak to their children about why such things are not allowed in the house. If their children are willing to break the rules even with their parents explaining why the rules exist, then they will find a way to obtain the books without Amazon's help. The real question here is, why should Amazon be playing the role of parent, and why is it that one particular parenting style is the one that Amazon is worrying about? What about all those people who want to teach their children that censorship and oppression are wrong and unacceptable?
Would such ratings be more valuable than they would be a tool for greater censorship?
No, they would have no value at all.
Is this is project we should Open/Crowd-Source?
Considering that censorship flies in the face of everything that the Free Software Foundation and Open Source movement stand for, no, it is not.
Would an rating system that we implemented make them available to more or fewer total humans?
Fewer.