You can start a reboot which will kill open applications which don't quite when asked nicely.
In my case, I install updates remotely using a bit of Perl which only starts the install when someone isn't logged on and restarts the machine afterward. It only takes a couple passes to get everyone and most users never even notice.
Developer support was a big problem with OS/2, but IBM did have DIVE and DART to provide direct access to video and audio hardware. They never did anything significant with them but there *was* an API.
AT&T is griping about spam? This is the same company which has a ticket-closing bot answering abuse@attglobal.net (and prserv.net), which is suspected of having a number of spam-friendly contracts.
Cleaning up the AT&T house would get rid of more than 20% of of the spam *I* receive.
Ever see how many college students are using MP3s exclusively? More to the point, when was the last time you saw a college student who didn't use MP3s? Most of the people I know (not just the geeks) have their CDs as MP3s just so they don't have to cart CDs between work and home.
It's just too convenient - every Mac shipped comes with iTunes, which takes 1 click or less to MP3 a CD. Apple's sold a lot of iMacs and iBooks to Joe Public. Most of the consumer-oriented PCs ship with similar software installed, too. This is decidely not limited to geeks...
While I agree that they certainly would do that and it would be effective at stamping out things like PGP / GPG, it'd fall prey to simple codes ("The dog quacks at midnight") and steganography, which includes other things beside images - do they have the storage to capture all traffic to analyze possible channels hidden in ICMP packets or, say, the timing / ordering of IMG requests in a web page. For that matter, would their scanner catch something hidden in what looks like a Sircam outbreak?
I've been amazed by the people who think the whole Y2k scare was a hoax. Yes, there were a lot of scam artists fleecing the ignorant - just as many large consulting companies extract a ton of money in exchange for sharing their ignorance. There were also a ton of broken programs that failed in various ways when given dates in 2000.
Some were just shoddy coding, others had simply been kept around 10-20 years longer than anyone originally expected. Most companies wouldn't have gone to the expense of testing and fixing broken code without a lot of hype to justify it. I heard quite a few stories from people who'd been saying something will break messily in 5-15 years and only got the budget to fix it when upper management started reading about it in the newspaper. Without the hype to make it a priority, a lot of that work would have been buried among all of the other maintenance.
HELL, the first world wide satellite television broadcast included the Beatles singing "All you need is Love". Now we
bounce signals around the globe without even considering the magic involved.
I think this is the single biggest flaw among the many in that article. We may have the same classes of things, but they're so far advanced that they end up being used differently. In most cases, the fact that something exists doesn't make too much of a change; the real impact waits until something becomes pervasive.
Many people living today grew up when a 50-100 mile car trip was something you packed lunch for and spent a day on, not an hour's jaunt costing only a few dollars in fuel. Some of this is due to the fact that we have much better cars these days; a lot of it is that the automobile became pervasive and heavily affected the way society functions.
Telegraphs and telephones are nice, but the form they were in in the 1950s is completely unlike the way modern communications allowed me to leave on a week's notice to spend a month literally on the other side of the planet and not just be in touch with everyone (friends, family, coworkers, random forum participants) so seamlessly that they never had to realize that I wasn't at home. Within 3 hours of getting off the plane, I was sitting in Taipei listening to a radio station at home, answering email and chatting with my roommates, just as we normally did when I was working late and, thanks to IBM.net's generous roaming policy, this cost me a grand total of $0.00.
Similarly - a random individual from the 1950s would be familar with the word "nuclear" but I think perspective has dulled that authors view of how strange that was to all but a few physicists. There's a difference between making a [primitive] bomb and the sort of applications which have become available - nuclear medicine anyone?
And then you get to medicine. Again, while there may be some similar terms, the effect is completely different. Consider the commonplace things - restoring vision, cosmetic/reconstructive surgery, reattaching limbs or organ transplants - all of which are completely unremarkable. There's a major shift in society between the time something becomes possible and heralded as an amazing event and the time much better versions are available everywhere and at a fraction of the cost.
(Note that I'm excluding genetic engineering from that list, as I don't consider it to have reached anywhere near full potential yet. 10 years from now, one the other hand. ..)
Lastly, consider the shift in computers. Yes, the word existed but it's only been in the last decade that they've become pervasive. It's not a case of being used in a few high-end fields like engineering; increasingly it's a fact of life for anything beyond menial labor. There's also a considerable difference between a large company using an early mainframe to store billing records and my being able to carry around many orders of magnitude more power and capacity in my shirt pocket, where it's used to store notes and pull things off of the web. Initially, computers just replaced manual filing systems - there was no equivalent of what can be done today - searching a global network, controlling just about any device, video/audio editing even at the level of even 405 the movie ($10K to do what simply wasn't possible 20 years ago?), all of the different data visualization / manipulation aids, etc. The word "computer" is involved but it doesn't mean what it did then.
That's exactly what happened here. >1MB/s in / 500KB/s out in the first year (I signed up within the first 2 months), dropping to 200KB/s in / 12KB/s out for 2 years so far.
Curious - your upload cap must have been grandfathered in. They won't sell a 40KB/s service at any price; the best they offer is 24KB/s on a business place which is absurdly over-priced (~$500/mo IIRC).
(You can barely browse acceptably with more than a few computers at such low speeds and one of the selling points to the business plans is that you can run servers!)
I'm just amazed nobody has realized that arbitrary restrictions annoy people. My mail or web server probably use several orders of magnitude less traffic than a single person playing something like Quake online.
Rather than whining about people running MP3/porn/warez servers and annoying all of the people who weren't abusing things, they could just set a daily or monthly transfer limit beyond which you'd need to switch to a different service plan. That's the really amazing thing - there's no way to remove the cap or get it set higher short of switching to another ISP. You'd think they would be interested in a way to get people to pay more for service they can easily deliver.
The single biggest restriction: transfer rate caps. 1.5-2 years ago, my transfer rates peaked at 10Mb in / 5Mb out; these days it's usually 1-2Mb in /.012Mb out. The worst part is that that 12KB cap is a hard limit; while the only server I ever ran (back when they allowed you to I had my personal web and email servers) probably transfered 5MB per day, I used to really like the ability to transfer large (10-100MB) files between home and work.
They've thrown away the huge lead over the DSL providers they used to have in San Diego; on the bad days the service feels worse than ISDN. I'd switch if anyone else offered service in my area.
Amazingly, they even enforce that 12KB/s cap on outbound transfers for business accounts. Pay them $300/month for a connection and you can get *twice* the performance of your old modem.
A good IT manager does not view the users as the enemy. If an employee is running an unapproved operating system (or any unapproved software), but does not cause a disruption for anyone else, a good IT manager will let that employee (and perhaps his or her manager) know that he can't expect any support out of IT, but that as long as he doesn't cause problems he can keep running it.
Exactly. I setup a "You break it, you bought it" policy here. We support a standard desktop configuration which is somewhat locked down. If someone wants more control, they have to agree that our support is changing to be like a colocation agreement in that we don't support anything past their ethernet cable.
This works nicely as the people who can't run their own system usually stop asking when they realize how much work is involved and those that can don't have a problem with it, since they were planning on doing so anyway.
I've been greatly amused by the way my local paper has been publishing a mid-day edition with the latest results. They end up scooping the TV coverage by a good margin.
This tells you the sort of high-powered executives they have over at NBC - they managed to make television less immediate than the newspaper...
I have thought about it. Most keyword bait.sig files consist of a long list of words devoid of any semblance of grammatical structure, and probably 90% of them are copies of someone else's.sig. The vast majority of them could be mechanically discarded by anyone with a basic background in natural language parsing -- and I rather suspect the NSA has plenty of those.
Yes. Nobody is seriously proposing just putting the plaintext message in a sig, as that would be too easy to catch. However, consider if I built a list of a few hundred bait terms and had a perl script generate the word list to embed a few bits of a message in each word choice; if they weren't even analyzing anything which appeared random, they'd never even look further. Of course, if you were using some sort of encryption first it'd probably be impossible to prove that it was a covert channel unless someone screwed up while implementing it. With a sufficiently large quote file you could have a random, innocent sig used as a codeword, which would be inconvenient for most people but certainly workable for a well-organized but geographically-dispersed group.
Still, if you ignore it, people will use their.sigs to pass data. If you analyze them, you'll have a huge amount of chaff to search and only be able to hope that the people you're looking for screwed up on implementation. Bit of a lose-lose situation, really.
Evidently so. After all, it's not like someone could send whatever data they liked.
There are two solutions, the easiest being to avoid storing plaintext passwords since you have absolutely no need to do so. This has been recognized as a good idea for something like 30 years...
A more complex but significantly more secure approach would be the use of a smart card card which would perform some sort of operation on a challenge sent by the bank and send back the result. Unfortunately, smart-cards aren't invulvnerable to attacks but a reasonably hardened system would be much more secure than the current approaches. Since companies like Visa manage to be quite profitable even with comparatively high theft rates, something like this should be quite acceptable.
Remember - if they ignore anything, you can communicate with it. If they started ignoring sigs, someone will work out a scheme to send data using random-looking words. They can't afford to ignore even things like email headers - someone could send data using the hostnames in the Received: header, where the hostnames are valid but the choice conveys some meaning.
Don't forget the value of steganography. It'd be exceedingly difficult to tell that one person's random-looking grep bait is generated according to the data they want to transmit while the other 99.9% of the people sending messages with X-Echelon-Bait headers are generated from/dev/random. Since a good encryption system's output will be close to random, even a very simple system using a custom dictionary could sent 6-10 bits of encrypted information with each word choice. More complex systems would be much harder to track.
Maybe you should think about this one a little harder; the NSA is smart enough to know that ignoring any part of the data they capture would make it the ideal covert channel.
--
the clueless American pigdogs with their sig parser will never see this message. Attack at dawn.
This one-level of analog that the sound passes through is NOT the kind of lossy problem that people try to make it into. It's just a piece of wire that the signal passes through, not a cassette tape or anything that adds appreciable distortion.
I'd go so far as to say that unless you used the cruddiest cables you could find, most people would never know the difference. Besides, MP3 conversion will be far more noticeable and it's still acceptable to most of general populace.
Nothing. However, it'd be dramatically less useful. If everyone buys a watermarked track online, they can identify the individual who released it. If you rip the CD and use that, all they know is that one of the 500,000 people who bought the CD did.
(Note that this assumes buying things online actually works this way. It's extremely likely that someone will figure out a way to compromise that scheme and there is always the "Give a wino some booze after he buys it for you" approch, involving either those kiosks they've been talking about or an Internet cafe.)
The big reason I've been telling people I work with to read this book is that Schneier makes the point over and over that security isn't some sort of checkbox on a product sheet. Good designs can be compromised by bad implementations. If your employees don't understand security, no amount of software will help. The prosecution in Mitchnik case painted him as some sort of dark lord of technology but most of his successes came from social engineering simply because it was so much easier than a complex technical attack.
This is old news and most people with an active interest in security are yawning by that point. Secrets & Lies isn't aimed at security professionals - it's aimed at everyone else using the Internet. Most people don't know that terms like "128-bit encryption", "SSL" or "firewall" mean absolutely nothing on their own. This book does a wonderful job of debunking a number of security myths.
I'm strongly opposed to the idea of requiring any sort license to use the internet. I still found myself thinking that one redeeming value of a licensed Internet would that people could be required to read this book. Most people are entirely too cavalier about security, largely because they don't know any better.
Opera is particularly good for this, since it gives you the ability to enlarge entire pages (including graphics) and you can easily toggle between the page's formatting instructions and your own. For someone with bad vision and/or color blindness, a 200% zoom combined with your own stylesheet using strict black/white coloring can make a bad site usable again.
It is easy to use Napster as a sort of strawman to attack, but it's another issue entirely when you look at intellectual property in the light of the AIDS epedemic where millions have died and continue to die because pharmecuticals own the right to the knowledge. "Give us a half billion for the rights to create our vaccine. OH, you don't have that kind of cash? Oh, your entire country's GDP isn't even half that? Sorry." How about irrigation technologies?
Why do so many people have trouble accepting the fact that life is not fair? Even if you really, really, really want something, you still have no right to property belonging to someone else.
This sort of "logic" comes up so often in public health debates and all it really reflects is that the person voicing it lacks critical thinking skills. Taking the creation of someone else is a good way to ensure that they either prevent you from doing that ever again or stop making things.
Consider - it would be infinitely more productive if everyone who complains about those evil pharmaceutical companies would instead conduct or fund research into public-domain equivalents. Why don't they do that instead? Well, it's expensive and hard to do; the people who can do the hard work and their backers might decide that after all that effort they'd like to have something show for it.
The only way communism (which this is a form of) works is if everyone involved is willing to put the welfare of the group ahead of their own and has a sufficiently broad definition of "group". Consider also that most high-tech activities require an extremely large support base - as an example, it's been estimated that, alone, the entire United States might be able to support a single microchip fab. High-end medical research might be less research intensive, but not that much. While I'd like to live in a world where millions of people would do such things out of the goodness of their hearts, it's just not possible.
Note to/. flameaholics: OSS works because people can afford to give away their work and the cost of entry is very low. The areas where OSS lags furthest behind the commercial software are those areas which are difficult, limited in scope and expensive to develop. Most importantly, however, is that OSS is voluntary. Linus didn't waste time whining that (Microsoft|Sun|IBM|DEC|etc) didn't give away their source code and trying to get someone to force them to do so; he made something of his own and gave it away. Does anyone think things would have been the same if someone had stolen the source?
If you actually care about the plight of the poor and aren't just trying for some emotionalism, we can ignore the fact that that miracle AIDS vacine doesn't even exist and realize that it would would be by no means the only, best or cheapest answer:
Decent food and sanitation would help at least one order of magnitude more people than an AIDS treatment.
Widespread use of condoms would not only take care of AIDS but also reduce the birth rate enough that children aren't doomed to poverty and disease because there's too little money providing for too many people.
There's a perfect cure for AIDS which is completely free: don't have sex with anyone you don't trust with your life. Oops, that would be the smart thing to do and requires personal responsibility, too. Never mind.
The most important change, however, would be political. There have been countless stories about grain shipments rotting on the docks while the political leaders decide whose tribe gets the most. Money which could have been spent improving an entire country is instead lining the coffers of the resident dictator and his friends. Supplies are often sold on the black market, again to benefit a well-connected few.
Stealing intellectual property won't change any of the real problems...
It's not absurd when you consider that the 50% tax I pay means I live comfortably but am annoyed at the government's spending policies. 50% tax for someone on minimum wage is the difference between living indoors or on the street.
The answer is for a certain minimum level to be tax exempt to provide for basic accomodations and food. It would make sense to have something like a $20K base and x% of any income above that.
2) Why should the fee go away? Roads and toll bridges require constant, expensive maintenance (to use your example), and people still use VCR's and audio tapes to copy content illegally even after decades - so the "harm" that justifies the fee never really goes away.
The ongoing maintenance costs of something like a road or bridge are much lower than the cost of constructing it. Almost every time this sort of thing gets attention, it turns out that the real reason the toll hasn't been lowered or eliminated is that it's been used to keep various politicians' pork-barrel projects afloat.
It's much easier to reallocate money from something else than justify a new tax to pay for it. (Witness the way most of the cigarette money, allegedly to be spent on treatment and prevention, is paying for completely unrelated things)
Slashdot Mirror
You can start a reboot which will kill open applications which don't quite when asked nicely.
In my case, I install updates remotely using a bit of Perl which only starts the install when someone isn't logged on and restarts the machine afterward. It only takes a couple passes to get everyone and most users never even notice.
Developer support was a big problem with OS/2, but IBM did have DIVE and DART to provide direct access to video and audio hardware. They never did anything significant with them but there *was* an API.
Cleaning up the AT&T house would get rid of more than 20% of of the spam *I* receive.
It's just too convenient - every Mac shipped comes with iTunes, which takes 1 click or less to MP3 a CD. Apple's sold a lot of iMacs and iBooks to Joe Public. Most of the consumer-oriented PCs ship with similar software installed, too. This is decidely not limited to geeks...
While I agree that they certainly would do that and it would be effective at stamping out things like PGP / GPG, it'd fall prey to simple codes ("The dog quacks at midnight") and steganography, which includes other things beside images - do they have the storage to capture all traffic to analyze possible channels hidden in ICMP packets or, say, the timing / ordering of IMG requests in a web page. For that matter, would their scanner catch something hidden in what looks like a Sircam outbreak?
Some were just shoddy coding, others had simply been kept around 10-20 years longer than anyone originally expected. Most companies wouldn't have gone to the expense of testing and fixing broken code without a lot of hype to justify it. I heard quite a few stories from people who'd been saying something will break messily in 5-15 years and only got the budget to fix it when upper management started reading about it in the newspaper. Without the hype to make it a priority, a lot of that work would have been buried among all of the other maintenance.
Many people living today grew up when a 50-100 mile car trip was something you packed lunch for and spent a day on, not an hour's jaunt costing only a few dollars in fuel. Some of this is due to the fact that we have much better cars these days; a lot of it is that the automobile became pervasive and heavily affected the way society functions.
Telegraphs and telephones are nice, but the form they were in in the 1950s is completely unlike the way modern communications allowed me to leave on a week's notice to spend a month literally on the other side of the planet and not just be in touch with everyone (friends, family, coworkers, random forum participants) so seamlessly that they never had to realize that I wasn't at home. Within 3 hours of getting off the plane, I was sitting in Taipei listening to a radio station at home, answering email and chatting with my roommates, just as we normally did when I was working late and, thanks to IBM.net's generous roaming policy, this cost me a grand total of $0.00.
Similarly - a random individual from the 1950s would be familar with the word "nuclear" but I think perspective has dulled that authors view of how strange that was to all but a few physicists. There's a difference between making a [primitive] bomb and the sort of applications which have become available - nuclear medicine anyone?
And then you get to medicine. Again, while there may be some similar terms, the effect is completely different. Consider the commonplace things - restoring vision, cosmetic/reconstructive surgery, reattaching limbs or organ transplants - all of which are completely unremarkable. There's a major shift in society between the time something becomes possible and heralded as an amazing event and the time much better versions are available everywhere and at a fraction of the cost.
(Note that I'm excluding genetic engineering from that list, as I don't consider it to have reached anywhere near full potential yet. 10 years from now, one the other hand. . .)
Lastly, consider the shift in computers. Yes, the word existed but it's only been in the last decade that they've become pervasive. It's not a case of being used in a few high-end fields like engineering; increasingly it's a fact of life for anything beyond menial labor. There's also a considerable difference between a large company using an early mainframe to store billing records and my being able to carry around many orders of magnitude more power and capacity in my shirt pocket, where it's used to store notes and pull things off of the web. Initially, computers just replaced manual filing systems - there was no equivalent of what can be done today - searching a global network, controlling just about any device, video/audio editing even at the level of even 405 the movie ($10K to do what simply wasn't possible 20 years ago?), all of the different data visualization / manipulation aids, etc. The word "computer" is involved but it doesn't mean what it did then.
That's exactly what happened here. >1MB/s in / 500KB/s out in the first year (I signed up within the first 2 months), dropping to 200KB/s in / 12KB/s out for 2 years so far.
Curious - your upload cap must have been grandfathered in. They won't sell a 40KB/s service at any price; the best they offer is 24KB/s on a business place which is absurdly over-priced (~$500/mo IIRC).
(You can barely browse acceptably with more than a few computers at such low speeds and one of the selling points to the business plans is that you can run servers!)
I'm just amazed nobody has realized that arbitrary restrictions annoy people. My mail or web server probably use several orders of magnitude less traffic than a single person playing something like Quake online.
Rather than whining about people running MP3/porn/warez servers and annoying all of the people who weren't abusing things, they could just set a daily or monthly transfer limit beyond which you'd need to switch to a different service plan. That's the really amazing thing - there's no way to remove the cap or get it set higher short of switching to another ISP. You'd think they would be interested in a way to get people to pay more for service they can easily deliver.
The single biggest restriction: transfer rate caps. 1.5-2 years ago, my transfer rates peaked at 10Mb in / 5Mb out; these days it's usually 1-2Mb in / .012Mb out. The worst part is that that 12KB cap is a hard limit; while the only server I ever ran (back when they allowed you to I had my personal web and email servers) probably transfered 5MB per day, I used to really like the ability to transfer large (10-100MB) files between home and work.
They've thrown away the huge lead over the DSL providers they used to have in San Diego; on the bad days the service feels worse than ISDN. I'd switch if anyone else offered service in my area.
Amazingly, they even enforce that 12KB/s cap on outbound transfers for business accounts. Pay them $300/month for a connection and you can get *twice* the performance of your old modem.
This works nicely as the people who can't run their own system usually stop asking when they realize how much work is involved and those that can don't have a problem with it, since they were planning on doing so anyway.
This tells you the sort of high-powered executives they have over at NBC - they managed to make television less immediate than the newspaper...
Still, if you ignore it, people will use their .sigs to pass data. If you analyze them, you'll have a huge amount of chaff to search and only be able to hope that the people you're looking for screwed up on implementation. Bit of a lose-lose situation, really.
Evidently so. After all, it's not like someone could send whatever data they liked.
There are two solutions, the easiest being to avoid storing plaintext passwords since you have absolutely no need to do so. This has been recognized as a good idea for something like 30 years...
A more complex but significantly more secure approach would be the use of a smart card card which would perform some sort of operation on a challenge sent by the bank and send back the result. Unfortunately, smart-cards aren't invulvnerable to attacks but a reasonably hardened system would be much more secure than the current approaches. Since companies like Visa manage to be quite profitable even with comparatively high theft rates, something like this should be quite acceptable.
Remember - if they ignore anything, you can communicate with it. If they started ignoring sigs, someone will work out a scheme to send data using random-looking words. They can't afford to ignore even things like email headers - someone could send data using the hostnames in the Received: header, where the hostnames are valid but the choice conveys some meaning.
Don't forget the value of steganography. It'd be exceedingly difficult to tell that one person's random-looking grep bait is generated according to the data they want to transmit while the other 99.9% of the people sending messages with X-Echelon-Bait headers are generated from /dev/random. Since a good encryption system's output will be close to random, even a very simple system using a custom dictionary could sent 6-10 bits of encrypted information with each word choice. More complex systems would be much harder to track.
Maybe you should think about this one a little harder; the NSA is smart enough to know that ignoring any part of the data they capture would make it the ideal covert channel. -- the clueless American pigdogs with their sig parser will never see this message. Attack at dawn.
(Note that this assumes buying things online actually works this way. It's extremely likely that someone will figure out a way to compromise that scheme and there is always the "Give a wino some booze after he buys it for you" approch, involving either those kiosks they've been talking about or an Internet cafe.)
This is old news and most people with an active interest in security are yawning by that point. Secrets & Lies isn't aimed at security professionals - it's aimed at everyone else using the Internet. Most people don't know that terms like "128-bit encryption", "SSL" or "firewall" mean absolutely nothing on their own. This book does a wonderful job of debunking a number of security myths.
I'm strongly opposed to the idea of requiring any sort license to use the internet. I still found myself thinking that one redeeming value of a licensed Internet would that people could be required to read this book. Most people are entirely too cavalier about security, largely because they don't know any better.
Opera is particularly good for this, since it gives you the ability to enlarge entire pages (including graphics) and you can easily toggle between the page's formatting instructions and your own. For someone with bad vision and/or color blindness, a 200% zoom combined with your own stylesheet using strict black/white coloring can make a bad site usable again.
This sort of "logic" comes up so often in public health debates and all it really reflects is that the person voicing it lacks critical thinking skills. Taking the creation of someone else is a good way to ensure that they either prevent you from doing that ever again or stop making things.
Consider - it would be infinitely more productive if everyone who complains about those evil pharmaceutical companies would instead conduct or fund research into public-domain equivalents. Why don't they do that instead? Well, it's expensive and hard to do; the people who can do the hard work and their backers might decide that after all that effort they'd like to have something show for it.
The only way communism (which this is a form of) works is if everyone involved is willing to put the welfare of the group ahead of their own and has a sufficiently broad definition of "group". Consider also that most high-tech activities require an extremely large support base - as an example, it's been estimated that, alone, the entire United States might be able to support a single microchip fab. High-end medical research might be less research intensive, but not that much. While I'd like to live in a world where millions of people would do such things out of the goodness of their hearts, it's just not possible.
Note to /. flameaholics: OSS works because people can afford to give away their work and the cost of entry is very low. The areas where OSS lags furthest behind the commercial software are those areas which are difficult, limited in scope and expensive to develop. Most importantly, however, is that OSS is voluntary. Linus didn't waste time whining that (Microsoft|Sun|IBM|DEC|etc) didn't give away their source code and trying to get someone to force them to do so; he made something of his own and gave it away. Does anyone think things would have been the same if someone had stolen the source?
If you actually care about the plight of the poor and aren't just trying for some emotionalism, we can ignore the fact that that miracle AIDS vacine doesn't even exist and realize that it would would be by no means the only, best or cheapest answer:
-
Decent food and sanitation would help at least one order of magnitude more people than an AIDS treatment.
-
Widespread use of condoms would not only take care of AIDS but also reduce the birth rate enough that children aren't doomed to poverty and disease because there's too little money providing for too many people.
-
There's a perfect cure for AIDS which is completely free: don't have sex with anyone you don't trust with your life. Oops, that would be the smart thing to do and requires personal responsibility, too. Never mind.
-
The most important change, however, would be political. There have been countless stories about grain shipments rotting on the docks while the political leaders decide whose tribe gets the most. Money which could have been spent improving an entire country is instead lining the coffers of the resident dictator and his friends. Supplies are often sold on the black market, again to benefit a well-connected few.
Stealing intellectual property won't change any of the real problems...The answer is for a certain minimum level to be tax exempt to provide for basic accomodations and food. It would make sense to have something like a $20K base and x% of any income above that.
It's much easier to reallocate money from something else than justify a new tax to pay for it. (Witness the way most of the cigarette money, allegedly to be spent on treatment and prevention, is paying for completely unrelated things)