Ironically, the United States now has the largest prison population in the entire world, and there are more ways to become a criminal now than at any other point in our nation's history. Things may look freer now, but that is only if you fit the mold; if the police wanted to, they could arrest you, just by watching you until you committed the inevitable crime.
Democrats are just as owned by big business as the Republicans, but at least they're not trying to actively roll back civil rights in this country
Oh yeah?
Clinton administration -- fought tooth and nail to keep crypto out of the hands of civilians, used prime-time TV shows as propaganda vehicles, signed laws that forbade more classes of speech, increased our prison population to a higher level than any previous administration.
Obama administration -- has a Justice Department that is making a renewed push for key escrow, that just the other day confiscated a server that runs an anonymous remailer, has failed to deliver on promises to end the war on drugs, recently argued that watching Al Qaeda videos is a crime if you agree with those videos, broadcasts propaganda within US borders, and has increased our prison population to a higher level than any previous administration.
These are the people you trust to protect your civil rights?
That depends on the quality of your CS department. Football is not a profit center because of ticket sales, it is a profit center because rich alumni come back to remember the good ol' days of getting drunk and cheering for their fellow students receiving concussions, and then give large donations. If computer science departments inspire that sort of money-giving, they could become profitable also (and they might; if a rich alumnus owes his wealth to the education he received, he is likely to make a donation).
There is also the matter of research. Universities get a nice chunk of the money that researchers pull in from grants, and even more if those researchers hire graduate students (whose tuition is typically covered by the grant). A computer science department that has decent enoguh research could bring in lots of money for a university, as well as free advertising.
You know what does not help a university? Stories like this one -- stories about how they castrate their CS department to save a few pennies. I am curious about the rest University of Florida's budget -- how much do they spend on administrative salaries, resodding grass, and so forth. Chance are they could have saved the money elsewhere, if keeping the computer science department had been a priority.
Can we study the same things in other departments without having a dedicated Computer Science niche to go with Computer Engineering, Software Engineering, etc.?
Not in sufficient depth, at least in my opinion. Complexity theory? Database theory (yes, theory, not just "here's how to write a simple SQL statement)? Compilers? These could all be in other departments, but an undergrad pursuing a degree in another field will not have enough time to study computer science in any respectable depth. Double major is not the answer if CS is spread over more than two other departments. Spreading CS across math and engineering departments deprives students of the chance to become computer scientists.
Yeah, they staged the burning tapwater, and all those people who said it started happening after the fracking operations began were in on the hoax. One big conspiracy to attack safe, clean fracking technology.
when you post a message to usenet, it's like posting an email to any random web server: it provides a way to anyone to register your connection and therefore leave a paper trail, which is then propagated to every usenet server.
Probably not; more like one URL and a decryption key that would be pasted in somewhere. Really though, an extension like FireGPG that provides this capability would be a lot better -- I do not want to trust some server to send me my decryption program every time I want to access a file. This may even be worse than Hushmail, since any of the people who are accessing the file could be targeted; the server could merely flag the data it wants to decrypt, and wait for the first person with that URL to come along and open it.
...we already have lots of ways to do this. We can encrypt and post to Usenet. We can use extensions like FireGPG to encrypt on post to websites. So why use a system where we place all our trust in the service provider, which is both theoretically risky and has failed in the past:
Note that this is a study about greenhouse gas emissions, not landfills. Recycling paper requires energy, as does printing a newspaper. For a single issue of any newspaper, the tablet is more expensive in terms of gas emission; but over a long enough period of time, it is reasonable to think that the electricity consumed by a tablet receiving a newspaper is lower than the energy used to print a newspaper.
Speak for yourself. I have seen plenty of people download and use the New York Times app on their tablets, and they synchronize the tablet in the morning before heading to work.
Producing semiconductors is a fairly energy-intensive process, tablets are full of semiconductors -- chips, the screen, etc. I can believe, though, that if a tablet is used instead of a printed newspaper every day for 2 or so years, there is a net energy savings.
I actually would not be surprised if the number of "legitimate" (i.e. attempts at being law-abiding) users numbered in the millions. Megaupload provides a bunch of bandwidth and storage, so if you need to distribute gigabytes of data to multiple people it is a reasonable system to use. I have seen scientists using Megaupload and similar services to share data sets. The US Department of Justice used it, and there were members of the recording industry who used it. I have seen open source projects distributed on services like Megaupload, with links posted on forums to help provide more reliable downloads than the project's own servers (an ad-hoc sort of mirroring).
Which was also used by the United States government, the recording industry, and an enormous number of other law abiding people.
On top of that, he was running it as a for-profit warez distribution website
So why are ISP operators not behind bars as well? What, do you really think that broadband service is not targeted at people who upload and download copyrighted material without permission? Let's not get caught up in external marketing here.
This whole situation is just...
...a demonstration that due process of law, common sense, and technological progress are all killed the moment the copyright lobbyists start whining.
While the legality of the move raises questions, I have to admit, there seems something poetic about someone who earned a fortune on ill-gotten, pirated material complaining about having his business trashed and jobs lost.
Yet who was it that claimed that Megaupload's principle use was copyright infringement? Megaupload had large numbers of law-abiding users, including people within the Justice department and even more ironically, within the entertainment industry. You might as well claim that ISPs are built on "ill-gotten, pirated material" -- after all, practically all downloading activity takes place on the Internet.
An indictment is not a conviction, it is a preliminary accusation backed up with some amount of evidence. If indictments were conclusive, we would never need trials.
...which is why I said deployment is stagnant. Really though, if the NSA is logging all the emails I get from Amazon or my bank, it is not such a big deal -- that information is not really private to begin with. What people should be concerned about is that their personal or business correspondence will be stored by the NSA, and that is something that can be encrypted without setting up a large infrastructure.
As for driving adoption, the problem is that most people simply do not understand why their email should be encrypted, and so they never take the time to set up a key pair. One way that this could be addressed is by adding support for symmetric crypto, so that I could just generate a key, encrypt an email, and tell my contact to send me his public key so that he can receive the symmetric key that I used. It is not perfect, obviously -- very easy to run an MITM attack -- but it is better than nothing. Right now, GNUPG and other personal encryption systems do not really support storing symmetric keys in your key ring, but it might help, and it helps in the way that IBE would help without having to use key escrow.
My experience, however, is that people are just annoyed by crypto, even after they get past the initial hurdle of setting up a keypair. I have seen people simply kill their keyring and demand that I stop sending them encrypted email -- the annoyance of having to copy keys to other systems eventually overrides whatever reasons they had for using PGP in the first place. There is not really a general desire to have privacy from Google or the NSA, with most people adopting the "I am not interesting enough anyway" attitude about these things.
Don't forget, a smartphone is a luxury, not a necessity.
This may change over the next few years, if efforts to turn smart phones into payment devices gain enough traction. You might find yourself in a store that is not equipped to handle transactions by any means other than smart phones (or paper money, but for something items paper money is a bit impractical -- do you really want to hand someone a wad of $20 bills when you buy a new matress?).
But no guarantee that at the NSA level encryption makes any significant difference
No, but there are pretty good reasons to think that it does. It is possible that the NSA has some proof that P=NP, and that they can reduce NP complete problems to some problem in P in cubic time (any higher and I suspect that it would be impractical to do on a mass scale, even with the NSA's resources). Yet all the work on these problems suggests otherwise, the NP is a strict superset of P and that NP complete problems are disjoint from P. There are enough reasons to think this is the case that people usually just assume it (like the fact that the polynomial hierarchy collapses if P=NP).
In terms of cryptography, there is a bit more to the story. Crypto requires more than just P != NP, it also requires the existence of trapdoor one-way functions (e.g. the RSA problem) and other stronger assumptions. Many commonly used cryptography systems base their security on problems that are not even known to be NP-hard, like the RSA problem. However, these problems have been studied for a long time, and there are good reasons to think they are hard, just like the P vs. NP problem (a proof would be nice though).
If PGP/GPG keys are based upon the product of two very large primes, then I'd expect the NSA to generate a list of these products. Yes, there would be umpteen bazillion to compute. Once compiled, however, the list remains static and can be accessed to crack any cryptographic session (even 128-bit) effectively in real time.
Two problems here:
RSA is not the only cryptosystem in use. PGP also supports ElGamal, which is based on the discrete logarithm problem and does not involve multiplying two primes. Other cryptosystems based on problems involving lattices also exist, although they are not yet part of commonly used standards.
RSA keys do not have a fixed size, so even if you did assemble a large list of RSA numbers and their factors, it would become obsolete once people moved to larger key sizes. To illustrate this, consider this list: (3,5,15), (3,7,21), (5,7,35). This list will not help you, since RSA keys are much larger than the numbers in that list; for any size, though, I could pick a larger key. The point here is about the growth rate of algorithms that attack the RSA problem; that growth rate is believed to be super-polynomial, which is considered to be computationally infeasible.
This requires a future, of course, where society is advanced enough to grant new rights
Which is not where we are going. We are busy killing existing rights, rendering them useless, as well as deploying increasingly many computer systems whose owners need the permission of someone else just to run a program. The next generation will indeed be shocked by today's computer climate:
You mean you could use a computer without having to pay for a monthly service plan?
You did not need to present photo ID to get a computer? You did not have to use your legal name online?
You actually owned your computer? You did not just own a terminal for connecting to computers owned by the computation companies?
You were allowed to copy files without first getting permission from the copyright control and enforcement agency?
You were allowed to run your own email server, without getting a license?
People were outraged when books were removed from their computers without their permission?
You were allowed to write and run your own software without having to pay a year programming fee?
Hackers won round #1 with the PC, and round #2 with the Internet. Hackers are losing round #3, as governments and corporations focus increasing effort and money on taking back control of computers and computer networks. There is just too much profit to be had from it.
Sorry, but if Linux had enough market share, they'd be targeted too.
"Linux" is not one operating system. There are very secure distributions, and then there are distributions that are not so secure, and then there are distributions that can be secure if you stick to best practices.
There are twenty or so remailers that are active at any time. Typically people chain the remailers, so that no single system knows both the sender and receiver of a message. One remailer going down is not an uncommon event; a different remailer will be used to send the messages, and nobody will bat an eye.
Maybe the FBI wants that to happen, so they can take down the entire network, one node at a time, with legal justification.
It is in America, since it is vital to free speech. Unpopular minorities may be unable to exercise their right to free speech if they are forced to attach their real name to that speech. This country was founded by men who published documents anonymously.
The OP said that the fact that UMaple makes money without first getting the permission of MapleStory is inherently bad. The law is not the definition of "good" or "bad," so I am simply asking for justification for that position. Why should someone who runs a server, who is providing a service to willing customers, first have to get the permission of the people who wrote a client that can connect to that server?
The fact that the law says they are supposed to do such a thing is not relevant; the law is nothing but lobbyist-created garbage, it has no ethical basis.
Slashdot Mirror
Things are MUCH FREER now
Ironically, the United States now has the largest prison population in the entire world, and there are more ways to become a criminal now than at any other point in our nation's history. Things may look freer now, but that is only if you fit the mold; if the police wanted to, they could arrest you, just by watching you until you committed the inevitable crime.
Democrats are just as owned by big business as the Republicans, but at least they're not trying to actively roll back civil rights in this country
Oh yeah?
These are the people you trust to protect your civil rights?
That depends on the quality of your CS department. Football is not a profit center because of ticket sales, it is a profit center because rich alumni come back to remember the good ol' days of getting drunk and cheering for their fellow students receiving concussions, and then give large donations. If computer science departments inspire that sort of money-giving, they could become profitable also (and they might; if a rich alumnus owes his wealth to the education he received, he is likely to make a donation).
There is also the matter of research. Universities get a nice chunk of the money that researchers pull in from grants, and even more if those researchers hire graduate students (whose tuition is typically covered by the grant). A computer science department that has decent enoguh research could bring in lots of money for a university, as well as free advertising.
You know what does not help a university? Stories like this one -- stories about how they castrate their CS department to save a few pennies. I am curious about the rest University of Florida's budget -- how much do they spend on administrative salaries, resodding grass, and so forth. Chance are they could have saved the money elsewhere, if keeping the computer science department had been a priority.
Can we study the same things in other departments without having a dedicated Computer Science niche to go with Computer Engineering, Software Engineering, etc.?
Not in sufficient depth, at least in my opinion. Complexity theory? Database theory (yes, theory, not just "here's how to write a simple SQL statement)? Compilers? These could all be in other departments, but an undergrad pursuing a degree in another field will not have enough time to study computer science in any respectable depth. Double major is not the answer if CS is spread over more than two other departments. Spreading CS across math and engineering departments deprives students of the chance to become computer scientists.
Yeah, they staged the burning tapwater, and all those people who said it started happening after the fracking operations began were in on the hoax. One big conspiracy to attack safe, clean fracking technology.
when you post a message to usenet, it's like posting an email to any random web server: it provides a way to anyone to register your connection and therefore leave a paper trail, which is then propagated to every usenet server.
Which is why people use these:
https://en.wikipedia.org/wiki/Anonymous_remailer
Probably not; more like one URL and a decryption key that would be pasted in somewhere. Really though, an extension like FireGPG that provides this capability would be a lot better -- I do not want to trust some server to send me my decryption program every time I want to access a file. This may even be worse than Hushmail, since any of the people who are accessing the file could be targeted; the server could merely flag the data it wants to decrypt, and wait for the first person with that URL to come along and open it.
...we already have lots of ways to do this. We can encrypt and post to Usenet. We can use extensions like FireGPG to encrypt on post to websites. So why use a system where we place all our trust in the service provider, which is both theoretically risky and has failed in the past:
http://www.wired.com/threatlevel/2007/11/encrypted-e-mai/
Note that this is a study about greenhouse gas emissions, not landfills. Recycling paper requires energy, as does printing a newspaper. For a single issue of any newspaper, the tablet is more expensive in terms of gas emission; but over a long enough period of time, it is reasonable to think that the electricity consumed by a tablet receiving a newspaper is lower than the energy used to print a newspaper.
Speak for yourself. I have seen plenty of people download and use the New York Times app on their tablets, and they synchronize the tablet in the morning before heading to work.
Producing semiconductors is a fairly energy-intensive process, tablets are full of semiconductors -- chips, the screen, etc. I can believe, though, that if a tablet is used instead of a printed newspaper every day for 2 or so years, there is a net energy savings.
I actually would not be surprised if the number of "legitimate" (i.e. attempts at being law-abiding) users numbered in the millions. Megaupload provides a bunch of bandwidth and storage, so if you need to distribute gigabytes of data to multiple people it is a reasonable system to use. I have seen scientists using Megaupload and similar services to share data sets. The US Department of Justice used it, and there were members of the recording industry who used it. I have seen open source projects distributed on services like Megaupload, with links posted on forums to help provide more reliable downloads than the project's own servers (an ad-hoc sort of mirroring).
Millions seems like a reasonable estimate to me.
He was knowingly running a warez hub
Which was also used by the United States government, the recording industry, and an enormous number of other law abiding people.
On top of that, he was running it as a for-profit warez distribution website
So why are ISP operators not behind bars as well? What, do you really think that broadband service is not targeted at people who upload and download copyrighted material without permission? Let's not get caught up in external marketing here.
This whole situation is just...
While the legality of the move raises questions, I have to admit, there seems something poetic about someone who earned a fortune on ill-gotten, pirated material complaining about having his business trashed and jobs lost.
Yet who was it that claimed that Megaupload's principle use was copyright infringement? Megaupload had large numbers of law-abiding users, including people within the Justice department and even more ironically, within the entertainment industry. You might as well claim that ISPs are built on "ill-gotten, pirated material" -- after all, practically all downloading activity takes place on the Internet.
An indictment is not a conviction, it is a preliminary accusation backed up with some amount of evidence. If indictments were conclusive, we would never need trials.
...which is why I said deployment is stagnant. Really though, if the NSA is logging all the emails I get from Amazon or my bank, it is not such a big deal -- that information is not really private to begin with. What people should be concerned about is that their personal or business correspondence will be stored by the NSA, and that is something that can be encrypted without setting up a large infrastructure.
As for driving adoption, the problem is that most people simply do not understand why their email should be encrypted, and so they never take the time to set up a key pair. One way that this could be addressed is by adding support for symmetric crypto, so that I could just generate a key, encrypt an email, and tell my contact to send me his public key so that he can receive the symmetric key that I used. It is not perfect, obviously -- very easy to run an MITM attack -- but it is better than nothing. Right now, GNUPG and other personal encryption systems do not really support storing symmetric keys in your key ring, but it might help, and it helps in the way that IBE would help without having to use key escrow.
My experience, however, is that people are just annoyed by crypto, even after they get past the initial hurdle of setting up a keypair. I have seen people simply kill their keyring and demand that I stop sending them encrypted email -- the annoyance of having to copy keys to other systems eventually overrides whatever reasons they had for using PGP in the first place. There is not really a general desire to have privacy from Google or the NSA, with most people adopting the "I am not interesting enough anyway" attitude about these things.
Don't forget, a smartphone is a luxury, not a necessity.
This may change over the next few years, if efforts to turn smart phones into payment devices gain enough traction. You might find yourself in a store that is not equipped to handle transactions by any means other than smart phones (or paper money, but for something items paper money is a bit impractical -- do you really want to hand someone a wad of $20 bills when you buy a new matress?).
But no guarantee that at the NSA level encryption makes any significant difference
No, but there are pretty good reasons to think that it does. It is possible that the NSA has some proof that P=NP, and that they can reduce NP complete problems to some problem in P in cubic time (any higher and I suspect that it would be impractical to do on a mass scale, even with the NSA's resources). Yet all the work on these problems suggests otherwise, the NP is a strict superset of P and that NP complete problems are disjoint from P. There are enough reasons to think this is the case that people usually just assume it (like the fact that the polynomial hierarchy collapses if P=NP).
In terms of cryptography, there is a bit more to the story. Crypto requires more than just P != NP, it also requires the existence of trapdoor one-way functions (e.g. the RSA problem) and other stronger assumptions. Many commonly used cryptography systems base their security on problems that are not even known to be NP-hard, like the RSA problem. However, these problems have been studied for a long time, and there are good reasons to think they are hard, just like the P vs. NP problem (a proof would be nice though).
If PGP/GPG keys are based upon the product of two very large primes, then I'd expect the NSA to generate a list of these products. Yes, there would be umpteen bazillion to compute. Once compiled, however, the list remains static and can be accessed to crack any cryptographic session (even 128-bit) effectively in real time.
Two problems here:
This is a problem whose solution has been known and available for over two decades, yet deployment is stagnant.
This requires a future, of course, where society is advanced enough to grant new rights
Which is not where we are going. We are busy killing existing rights, rendering them useless, as well as deploying increasingly many computer systems whose owners need the permission of someone else just to run a program. The next generation will indeed be shocked by today's computer climate:
Hackers won round #1 with the PC, and round #2 with the Internet. Hackers are losing round #3, as governments and corporations focus increasing effort and money on taking back control of computers and computer networks. There is just too much profit to be had from it.
Sorry, but if Linux had enough market share, they'd be targeted too.
"Linux" is not one operating system. There are very secure distributions, and then there are distributions that are not so secure, and then there are distributions that can be secure if you stick to best practices.
There are twenty or so remailers that are active at any time. Typically people chain the remailers, so that no single system knows both the sender and receiver of a message. One remailer going down is not an uncommon event; a different remailer will be used to send the messages, and nobody will bat an eye.
Maybe the FBI wants that to happen, so they can take down the entire network, one node at a time, with legal justification.
Is anonymous communication really a right?
It is in America, since it is vital to free speech. Unpopular minorities may be unable to exercise their right to free speech if they are forced to attach their real name to that speech. This country was founded by men who published documents anonymously.
Some monitors will reduce the brightness of the blacklight when the screen displays a very dark image.
Your point being what? What ethical or moral problem does that present?
The OP said that the fact that UMaple makes money without first getting the permission of MapleStory is inherently bad. The law is not the definition of "good" or "bad," so I am simply asking for justification for that position. Why should someone who runs a server, who is providing a service to willing customers, first have to get the permission of the people who wrote a client that can connect to that server?
The fact that the law says they are supposed to do such a thing is not relevant; the law is nothing but lobbyist-created garbage, it has no ethical basis.