Nope, I know how sheep-like people can be. My point is that there are choices available, and it's becoming more obvious to everyone. Sure, there will always be the stampede to the spoon-fed pap, but those who are interested can make different, educated choices (and technical decisions).
Simply stop buying their crap, there are alternatives. I think the choices will start to become more apparent to the masses over time, and the losers will be those depending on unsupportable business models.
Consider: You can buy DRM-free music, today, where they make no attempt to lock it to specific devices. Emusic is one, and Magnatune is another. In the latter case, you are even encouraged to share your purchase in limited amounts, and there's also free streaming if you are OK with the per-song nag message. Non-lossy formats are supported too, and they go for quality content instead of large amounts of crap. (Yeah, preaching here, but I just bought a lifetime membership.)
In TV/movie terms, Netflix has just released a season of a series, "House of Cards", that *they* produced. Screw Sony and their ilk, this is produced and distributed without their help. I'm hoping this gives big media companies a shocking wheeze, where it's apparent even to them that they're becoming irrelevant.
I'm using Mark Lauren's, "You Are Your Own Gym." No excuses any more, it's about 1/2 hour per day, 4-5 days per week. It's mostly based on using yourself, with what you have around you, so also works when doing the road warrior thing in hotel rooms.
I can tell. The lens and F stop have nothing to do with speed, the shutter does. Of course with fast shutter speed you need fast film (is there still any around?) and a larger aperture (F-stop).
The lens has nothing to do with a camera's speed.
The lens has everything to do with capturing enough light to make a useful image within that short shutter time. I keep my f1.4 prime 50mm on my Pentax, because it does such a nice job without a flash much of the time.
The government doesn't like it when others infringe on its territory. I'd be much more impressed if the US gov took as much interest in its own illegal snooping.
Fine, get one of those little sponges from Staples. Or, if you feel like making a statement, provide whatever DNA sample moistens the stamp in a way which matches your preferred sentiment. Your typical recipient won't know, but you've told the Powers That Be just how weird you really are. It doesn't have to be yours either, if you have alternative means to acquire said sample.
Authentication of the parties at each end is one issue, but only one of them. What I mean is that most protocols should be encrypted by default, rather than by exception. Let us take the web for example.
When you make a request, your browser first telegraphs its intentions by doing a DNS lookup of the desired host.
Once an IP address is determined, your browser makes a request, usually in plaintext.
The typical, non-SSL connection trusts the domain registrars and DNS hosts that the identified address matches the actual site.
The user provides plaintext (usually) credentials, on the iffy chance that the site even requires any.
The response is also unencrypted, so the entire process is totally in the clear as a general case.
Like the AC said, it's the Stasi's wet dream. You have gone and told your ISP, the web host, and every snoopy-assed dog in between exactly what your on-line identity is, who you're talking to, what was said by each, and probably the credentials you used to log in.
Without getting into the hassles of key management for crypto, let us compare this to a simple (-ish) SSL session:
You have still leaked your DNS request. In the typical case, your ISP knows what hostname you're looking for in your browser request.
Your browser makes at least some attempt at verifying the identity of the web site. Yes, SSL has issues with knowing who to trust, but the alternative sucks donkey balls in comparison. Your common-use, current browsers will squawk for most dodgy attempts, and getting around this requires more subterfuge than the average bear.
Your communications with the end host are encrypted. What ever you asked for, and receive, as well as any login credentials, are hidden from prying third parties. Your ISP knows little but the hostname, unless you have installed browser certs which let them perform a MITM attack.
Not perfect, but better, yes? Now multiply this across other common protocols. Email (both ways), chat, file transfers. It's a great start.
While not surprising that it happens, it is vital that it be exposed for the power grab that it is. The problem is that the new forms of communication lack even the weak forms of protection afforded to old modes. For instance, telephone wiretaps require warrants, and postal mail is illegal to intercept by default as well. Compare that with the internet, where there are no legal prohibitions against snarfing the whole works, and great compulsion to do so.
There are multiple answers, of course, to make this process as difficult as possible. Social cohesion helps, as shown by the misery that the #TellVicEverything Twitter meme caused for Vic Toews' (Wullerton spit here) staffers. Encrypt everything, whether it needs it or not, and let the bastards sort out themselves what's important to them. Improved peer to peer protocols and the like could help blend traffic together, and make it harder to tell where the useful metadata is too, which email and other headers keep plaintext now. If you can't even tell who is communicating with whom, the challenge of where to serve the lawsuits makes it much more difficult to proceed. Finally, those who care the most about privacy, including the criminals themselves, will find off-line ways to communicate. The real bogey-men aren't dumb enough to throw everything out on the net to be archived, they'll go back to old, tried and true spycraft techniques.
One of the two flying Lancasters left came to Winnipeg a while back. I wasn't quite in the right spot for a close-up flyover, but was still close enough for the initial approach and a couple of pics coming in over the local Air Command. The sound is indeed awesome, and you can totally see the Spitfire profile in the engine pods. The local air museum had a very busy display for a little while there, and my son and I got to go through the plane. Awesome!
The merchant's external ASV and internal vulnerability assessments should have had red flags all over them, so ignorance is certainly no excuse. The QSAs may never know the difference as you say, and it's up to the merchant to specify scope for the external scans. These things should make a large difference if followed in good faith.
One solution I've used for ages is Privoxy. You have a local (if you like) proxy which filters out a ton of this crap, regardless of which browser or plugins you use. There is simple integration with any specific rules you would like to add. More interesting is how much of the tracking crap is out there. Just turn on some basic logging, and see all the cruft that is not getting requested on your behalf.
Don't get me wrong, I like the browser tools too, and use them, but like the visibility and control I get from this option. Now, if there was a drop-in package for my pfSense firewall, I'd be set. Hm...
That said, I did read once that police were puzzled at one point when some people arrested were carrying large numbers of assorted gift cards for various retailers. It turns out that not only are they useful for laundering money, but many were over-written with stolen CC data.
Most room keys do not offer a mag-stripe that is capable of holding all 3 tracks of CC data properly...
They don't need to create new, valid-looking cards on-site. Besides, all the fun stuff is replicated in tracks 1 and 2.
The room-key card system could provide a means of swiping (hah!) customer credit cards that doesn't require the same level of auditing that the actual payment systems should have. That could give them an easy way to grab the data for later.
CGI can (and does) work just fine. What people need to understand in general is that anything you do dynamically, has to be done efficiently. An old company I worked for had a heavily-used site for the day, on modest hardware. CGIs in C, using file access to parse template files and stuff with content. The CGIs forked, so did Apache, but it was unnecessary database use which we learned to avoid.
The system which replaced it was supposed to permit new content to be added with minimal dev help, and used Java and Oracle. Not to blame either, but the purchased solution using all the then-latest enterprisey goodness *ahem* was a festering pile of dung, even with dramatically more infrastructure than the old system. The team got it stable-ish, sorta, eventually. If you ever have to work with Open Market's Content Server, I hope to hell it wasn't the code base it was then. I would have killed for the simplicity and durability of the old CGI system.
I love my ML-2251N as well. Works great with Linux and Windows, and being networked, isn't reliant on any of the desktop systems in my office. Fast, great print even on "economy" mode too.
What this says to me is that anyone running a service, anonymous or not, needs to be thoughtful about their own data retention policies.
For instance, I might want to keep finer-grained detail for a short while, to assist in troubleshooting or incident handling.
Otherwise, it's probably just fine to keep more terse logs for a longer period of time. My understanding is that you can't be forced to divulge information you simply don't keep, if regular log rotation is part of your usual business process. The point is, it should probably be part of your usual business process, as it's too late to delete once the lawyers are involved.
Yup, even here. Of course, when you think we're cold, we are thinking the same thing about farther North in our own country.
Churchill is in my own province, and they have *polar bears*, so no, Winnipeg's not cold. Of course, I say this because I haven't been there yet, and the weather report usually says it's only a few degrees colder most of the time.
Slashdot Mirror
Nope, I know how sheep-like people can be. My point is that there are choices available, and it's becoming more obvious to everyone. Sure, there will always be the stampede to the spoon-fed pap, but those who are interested can make different, educated choices (and technical decisions).
Simply stop buying their crap, there are alternatives. I think the choices will start to become more apparent to the masses over time, and the losers will be those depending on unsupportable business models.
Consider: You can buy DRM-free music, today, where they make no attempt to lock it to specific devices. Emusic is one, and Magnatune is another. In the latter case, you are even encouraged to share your purchase in limited amounts, and there's also free streaming if you are OK with the per-song nag message. Non-lossy formats are supported too, and they go for quality content instead of large amounts of crap. (Yeah, preaching here, but I just bought a lifetime membership.)
In TV/movie terms, Netflix has just released a season of a series, "House of Cards", that *they* produced. Screw Sony and their ilk, this is produced and distributed without their help. I'm hoping this gives big media companies a shocking wheeze, where it's apparent even to them that they're becoming irrelevant.
I'm using Mark Lauren's, "You Are Your Own Gym." No excuses any more, it's about 1/2 hour per day, 4-5 days per week. It's mostly based on using yourself, with what you have around you, so also works when doing the road warrior thing in hotel rooms.
I can tell. The lens and F stop have nothing to do with speed, the shutter does. Of course with fast shutter speed you need fast film (is there still any around?) and a larger aperture (F-stop).
The lens has nothing to do with a camera's speed.
The lens has everything to do with capturing enough light to make a useful image within that short shutter time. I keep my f1.4 prime 50mm on my Pentax, because it does such a nice job without a flash much of the time.
Much of that lower half would also disagree about which half they're in. Similarly, we are *all* above average drivers, right?
Rome is burning.
The government doesn't like it when others infringe on its territory. I'd be much more impressed if the US gov took as much interest in its own illegal snooping.
Fine, get one of those little sponges from Staples. Or, if you feel like making a statement, provide whatever DNA sample moistens the stamp in a way which matches your preferred sentiment. Your typical recipient won't know, but you've told the Powers That Be just how weird you really are. It doesn't have to be yours either, if you have alternative means to acquire said sample.
Authentication of the parties at each end is one issue, but only one of them. What I mean is that most protocols should be encrypted by default, rather than by exception. Let us take the web for example.
Like the AC said, it's the Stasi's wet dream. You have gone and told your ISP, the web host, and every snoopy-assed dog in between exactly what your on-line identity is, who you're talking to, what was said by each, and probably the credentials you used to log in.
Without getting into the hassles of key management for crypto, let us compare this to a simple (-ish) SSL session:
Not perfect, but better, yes? Now multiply this across other common protocols. Email (both ways), chat, file transfers. It's a great start.
While not surprising that it happens, it is vital that it be exposed for the power grab that it is. The problem is that the new forms of communication lack even the weak forms of protection afforded to old modes. For instance, telephone wiretaps require warrants, and postal mail is illegal to intercept by default as well. Compare that with the internet, where there are no legal prohibitions against snarfing the whole works, and great compulsion to do so.
There are multiple answers, of course, to make this process as difficult as possible. Social cohesion helps, as shown by the misery that the #TellVicEverything Twitter meme caused for Vic Toews' (Wullerton spit here) staffers. Encrypt everything, whether it needs it or not, and let the bastards sort out themselves what's important to them. Improved peer to peer protocols and the like could help blend traffic together, and make it harder to tell where the useful metadata is too, which email and other headers keep plaintext now. If you can't even tell who is communicating with whom, the challenge of where to serve the lawsuits makes it much more difficult to proceed. Finally, those who care the most about privacy, including the criminals themselves, will find off-line ways to communicate. The real bogey-men aren't dumb enough to throw everything out on the net to be archived, they'll go back to old, tried and true spycraft techniques.
One of the two flying Lancasters left came to Winnipeg a while back. I wasn't quite in the right spot for a close-up flyover, but was still close enough for the initial approach and a couple of pics coming in over the local Air Command. The sound is indeed awesome, and you can totally see the Spitfire profile in the engine pods. The local air museum had a very busy display for a little while there, and my son and I got to go through the plane. Awesome!
At that point, why bother with the scanner?
I refuse to believe, until I see some pics to back up the anecdotal evidence.
The merchant's external ASV and internal vulnerability assessments should have had red flags all over them, so ignorance is certainly no excuse. The QSAs may never know the difference as you say, and it's up to the merchant to specify scope for the external scans. These things should make a large difference if followed in good faith.
Oh dear. Yeah, I'm not sure dignity can be found after that video on the front page.
One solution I've used for ages is Privoxy. You have a local (if you like) proxy which filters out a ton of this crap, regardless of which browser or plugins you use. There is simple integration with any specific rules you would like to add. More interesting is how much of the tracking crap is out there. Just turn on some basic logging, and see all the cruft that is not getting requested on your behalf.
Don't get me wrong, I like the browser tools too, and use them, but like the visibility and control I get from this option. Now, if there was a drop-in package for my pfSense firewall, I'd be set. Hm...
That said, I did read once that police were puzzled at one point when some people arrested were carrying large numbers of assorted gift cards for various retailers. It turns out that not only are they useful for laundering money, but many were over-written with stolen CC data.
Most room keys do not offer a mag-stripe that is capable of holding all 3 tracks of CC data properly...
They don't need to create new, valid-looking cards on-site. Besides, all the fun stuff is replicated in tracks 1 and 2.
The room-key card system could provide a means of swiping (hah!) customer credit cards that doesn't require the same level of auditing that the actual payment systems should have. That could give them an easy way to grab the data for later.
CGI can (and does) work just fine. What people need to understand in general is that anything you do dynamically, has to be done efficiently. An old company I worked for had a heavily-used site for the day, on modest hardware. CGIs in C, using file access to parse template files and stuff with content. The CGIs forked, so did Apache, but it was unnecessary database use which we learned to avoid.
The system which replaced it was supposed to permit new content to be added with minimal dev help, and used Java and Oracle. Not to blame either, but the purchased solution using all the then-latest enterprisey goodness *ahem* was a festering pile of dung, even with dramatically more infrastructure than the old system. The team got it stable-ish, sorta, eventually. If you ever have to work with Open Market's Content Server, I hope to hell it wasn't the code base it was then. I would have killed for the simplicity and durability of the old CGI system.
I love my ML-2251N as well. Works great with Linux and Windows, and being networked, isn't reliant on any of the desktop systems in my office. Fast, great print even on "economy" mode too.
What this says to me is that anyone running a service, anonymous or not, needs to be thoughtful about their own data retention policies.
For instance, I might want to keep finer-grained detail for a short while, to assist in troubleshooting or incident handling.
Otherwise, it's probably just fine to keep more terse logs for a longer period of time. My understanding is that you can't be forced to divulge information you simply don't keep, if regular log rotation is part of your usual business process. The point is, it should probably be part of your usual business process, as it's too late to delete once the lawyers are involved.
Since much of what people download is smut, I encourage my fellow Canucks to work on lots of HoserPorn.
Toques, boots and perky nipples, oh my!
Yup, even here. Of course, when you think we're cold, we are thinking the same thing about farther North in our own country.
Churchill is in my own province, and they have *polar bears*, so no, Winnipeg's not cold. Of course, I say this because I haven't been there yet, and the weather report usually says it's only a few degrees colder most of the time.
Yeesh. Everyone's racing in the same direction, silly wabbit. Besides, it's summer here now, so there's lots of sunlight to be had.
A local (Winnipeg) community college is participating too, here's their race blog: http://raycer.wordpress.com/
Fawlty Towers... the old non-Python BBC series with John Cleese.