The problem with Egypt, Syria, Libya and Tunisia is they've suffered over a thousand years of Islam. That has left their population with a fatalistic outlook, their leaders corrupt and their drive and innovation sapped. The Internet is not going to free the billion humans who live enslaved to Islam. Unfortunately, only the people themselves can do that by throwing off the stultifying oppression of Islam, and that's not happening any time soon.
Actually, writing down your password is a good idea as long as you keep it in your wallet. People understand how to protect their wallets. Posting it in a public place is probably not such a good idea.
There are some sites where it truly doesn't matter.
I don't believe that. You may think it doesn't matter, but when it comes to identity theft, any little crumb of information may be useful to an attacker. And if you use the same weak password across a whole slew of supposedly "unimportant" sites, an attacker may be able to piece together a lot of information about you... enough to surprise you with cell phone bills you didn't sign up for, credit cards in your name, etc.
But I sure as fuck am not going to put ALL of them into ANY app or single program - there are backdoors built into routers these days, you expect some start-up (or even established) "password keeper" doesn't have that possibility? I am concerned for your common sense.
Woah, woah, woah, chill out!
I have the complete source code for my password manager. And guess what... I've even read the source code!
It uses "openssl bf" to encrypt (that's the Blowfish cipher). In spite of all the warnings about OpenSSL holes, I don't believe anyone's yet found a problem with its Blowfish implementation, and though Blowfish is old and there may be weak keys, I don't believe it has serious vulnerabilities especially when only used to encrypt small files.
If you don't have Internet access, then remembering your password for a web site is moot.
If you have only insecure Internet access, then you don't do anything important unless you can use HTTPS and make sure you validate the certificates.
That means they are both weak to being cracked/tampered with, and should your device be stolen, you are without all your passwords.
To defend against the first attack, you choose a strong master passphrase and you make sure your password manager uses a properly-implemented and secure encryption algorithm such as AES. To defend against the second attack, you regularly back up your password database. It's not rocket science.
I use something called TkPasman, which runs on my Linux desktop. I don't use a mobile device much to surf the web, and never to log into any sites I care about because it's just too painful.
I could access it in a pinch by tunneling X over SSH back to my main computer, and I have done so in the past. Another thing I do is sync the password database to the handful of Linux desktops I use on a regular basis.
The password manager keepassx is available for Mac OS, Windows and Linux and you can sync the databases. I'm not aware of one that also works on Android or IOS, though.:(
The linked paper did mention password managers in passing, but dismissed them as being vulnerable to client-side malware which could compromise all your passwords. That assumption is true if you're running your password manager on a Windows system, I suppose, which is likely the only thing the "Redmond researchers" are even aware of. But if you keep your password manager on a separate device or run it under a secure sandbox in a secure OS, you're much better off than the paper implies.
Following up on myself: That research paper is awesome! Never before have I seen the use of partial differential equations to justify unequivocal bullshit. Amazing! They must've really worked hard on that.
That is just so stupid. Use a password-keeper and use strong passwords everywhere. Then you only need (1) physical access to your password keeper and (2) to remember one strong passphrase.
The "Right to Forget" could be a good ruling if the EU added two conditions:
A fee (lets say between $25-$50) for each takedown request. That is a small enough fee that it won't deter someone who really wants to get rid of an embarrassing search result, but it's big enough to deter organizations like the Scientologists from making thousands of requests.
A determination by a judge, tribunal, etc. that taking down the search result is in the public's interest.
If I'm a victim of slander, I'll go after the slanderer and the site publishing the slander, not Google for indexing it. Existing laws are quite sufficient to handle this case.
TL;DR: We hereby decide that those who believe in supernatural creators, talking snakes and magical rib-women are more qualified than medical professionals to decide who gets what medical treatment.
Thank you,
The Christian Republic of United States (Supreme Court Fatwa #1)
It was not your over a regulated banking system that prevented the problem It was good business sense.
I disagree. I don't think Canadian bankers have any more business sense the US bankers. If they could have gone on the wild subprime mortgage ride, they probably would have. But strict government regulations limited what they could do. So our banks had "dismal" profits in 2007 compared to US banks, but at least they were all still standing in 2009. See this analysis for example.
One study in the U.S. concluded that smokers save society 32 cents for every cigarette they smoke
OK. Here's something I don't expect Americans to grasp, but I'll say it anyway:
Sometimes there are more important values at stake than financial consideration.
The laws as expressed by government should be a reflection of the values of the population. If all the population cares about is money and nothing else, then that's not a society I'd care to live in.
We here in Canada have government-provided health care, and we don't have restrictive or silly laws that I'm aware of regarding the consumption of unhealthy foods, etc.
I find the attitude of Americans to government perplexing: They seem to hate government and are viciously opposed to any and all taxation. Well, sorry... you simply cannot run a modern society without some government services and government participation in the economy. IMO, any rich industrialized country that does not provide subsidized health care for its citizens is abdicating its responsibility.
You also can't run a modern economy properly without some government regulation. The under-regulated US financial system melted down in 2008, costing Americans trillions. The "over-regulated" Canadian banking system sailed through without a hiccup; our banking system is far more robust than that in the US.
Sometimes it takes government regulation to control the worst instincts of corporations. Corporations are interested only in what benefits them, not in what benefits society.
Just tax large sugary drinks at a higher tax rate. That would probably stand up to a legal challenge; "sin taxes" have been used for years in many jurisdictions.
Ah, well. The only one of my SuperMicro boxes that had a public-facing IPMI address can't be reached; the IPMI software is borked and won't let me assign an IP address. It will take a 200km drive followed by a hard power cycle to get the IPMI up and running again.
What peer reviewed evidence do you have to support the non-existence of a god?
As others have said, the null hypothesis is the default in science. If you claim the existence of a god, the burden of proof is on you. Otherwise one can say:
What peer-reviewed evidence do you have to support the non-existence of a committee of seventeen gods?
What peer-reviewed evidence do you have to support the non-existence of an invisible pink atom-sized unicorn in your freezer?
What peer-reviewed evidence do you have to support the non-existence of a flock of seven thousand porcelain flamingos orbiting Mercury?
Does Canada have a real way to stop the government from breaking its own laws?
Well, yes. We have a constitution, so we can challenge laws that are passed by the government. And we have something called "democracy" and "the rule of law" which tend to curb the worst excesses.
Slashdot Mirror
"How one school district threw millions of dollars down the drain"
Ooh, shiny.... must be useful for educational purposes....
The problem with Egypt, Syria, Libya and Tunisia is they've suffered over a thousand years of Islam. That has left their population with a fatalistic outlook, their leaders corrupt and their drive and innovation sapped. The Internet is not going to free the billion humans who live enslaved to Islam. Unfortunately, only the people themselves can do that by throwing off the stultifying oppression of Islam, and that's not happening any time soon.
Actually, writing down your password is a good idea as long as you keep it in your wallet. People understand how to protect their wallets. Posting it in a public place is probably not such a good idea.
There are some sites where it truly doesn't matter.
I don't believe that. You may think it doesn't matter, but when it comes to identity theft, any little crumb of information may be useful to an attacker. And if you use the same weak password across a whole slew of supposedly "unimportant" sites, an attacker may be able to piece together a lot of information about you... enough to surprise you with cell phone bills you didn't sign up for, credit cards in your name, etc.
But I sure as fuck am not going to put ALL of them into ANY app or single program - there are backdoors built into routers these days, you expect some start-up (or even established) "password keeper" doesn't have that possibility? I am concerned for your common sense.
Woah, woah, woah, chill out!
I have the complete source code for my password manager. And guess what... I've even read the source code!
It uses "openssl bf" to encrypt (that's the Blowfish cipher). In spite of all the warnings about OpenSSL holes, I don't believe anyone's yet found a problem with its Blowfish implementation, and though Blowfish is old and there may be weak keys, I don't believe it has serious vulnerabilities especially when only used to encrypt small files.
If you don't have Internet access, then remembering your password for a web site is moot.
If you have only insecure Internet access, then you don't do anything important unless you can use HTTPS and make sure you validate the certificates.
That means they are both weak to being cracked/tampered with, and should your device be stolen, you are without all your passwords.
To defend against the first attack, you choose a strong master passphrase and you make sure your password manager uses a properly-implemented and secure encryption algorithm such as AES. To defend against the second attack, you regularly back up your password database. It's not rocket science.
I have two off-site backups: One to an encfs partition in my office and one to an encfs partition in a colocated server 200km away. Next question?
I use something called TkPasman, which runs on my Linux desktop. I don't use a mobile device much to surf the web, and never to log into any sites I care about because it's just too painful.
I could access it in a pinch by tunneling X over SSH back to my main computer, and I have done so in the past. Another thing I do is sync the password database to the handful of Linux desktops I use on a regular basis.
The password manager keepassx is available for Mac OS, Windows and Linux and you can sync the databases. I'm not aware of one that also works on Android or IOS, though. :(
The linked paper did mention password managers in passing, but dismissed them as being vulnerable to client-side malware which could compromise all your passwords. That assumption is true if you're running your password manager on a Windows system, I suppose, which is likely the only thing the "Redmond researchers" are even aware of. But if you keep your password manager on a separate device or run it under a secure sandbox in a secure OS, you're much better off than the paper implies.
Following up on myself: That research paper is awesome! Never before have I seen the use of partial differential equations to justify unequivocal bullshit. Amazing! They must've really worked hard on that.
That is just so stupid. Use a password-keeper and use strong passwords everywhere. Then you only need (1) physical access to your password keeper and (2) to remember one strong passphrase.
The "Right to Forget" could be a good ruling if the EU added two conditions:
If I'm a victim of slander, I'll go after the slanderer and the site publishing the slander, not Google for indexing it. Existing laws are quite sufficient to handle this case.
I hope this makes people think twice before filing a forget-me request. It ensures they'll be remembered.
Is this really news? Are we going to have an exposé entitled "Meet the model railroad enthusiasts the FBI and NSA have been spying on" ?
TL;DR: We hereby decide that those who believe in supernatural creators, talking snakes and magical rib-women are more qualified than medical professionals to decide who gets what medical treatment.
Thank you,
The Christian Republic of United States (Supreme Court Fatwa #1)
It was not your over a regulated banking system that prevented the problem It was good business sense.
I disagree. I don't think Canadian bankers have any more business sense the US bankers. If they could have gone on the wild subprime mortgage ride, they probably would have. But strict government regulations limited what they could do. So our banks had "dismal" profits in 2007 compared to US banks, but at least they were all still standing in 2009. See this analysis for example.
One study in the U.S. concluded that smokers save society 32 cents for every cigarette they smoke
OK. Here's something I don't expect Americans to grasp, but I'll say it anyway:
Sometimes there are more important values at stake than financial consideration.
The laws as expressed by government should be a reflection of the values of the population. If all the population cares about is money and nothing else, then that's not a society I'd care to live in.
We here in Canada have government-provided health care, and we don't have restrictive or silly laws that I'm aware of regarding the consumption of unhealthy foods, etc.
I find the attitude of Americans to government perplexing: They seem to hate government and are viciously opposed to any and all taxation. Well, sorry... you simply cannot run a modern society without some government services and government participation in the economy. IMO, any rich industrialized country that does not provide subsidized health care for its citizens is abdicating its responsibility.
You also can't run a modern economy properly without some government regulation. The under-regulated US financial system melted down in 2008, costing Americans trillions. The "over-regulated" Canadian banking system sailed through without a hiccup; our banking system is far more robust than that in the US.
Sometimes it takes government regulation to control the worst instincts of corporations. Corporations are interested only in what benefits them, not in what benefits society.
Just tax large sugary drinks at a higher tax rate. That would probably stand up to a legal challenge; "sin taxes" have been used for years in many jurisdictions.
Ah, well. The only one of my SuperMicro boxes that had a public-facing IPMI address can't be reached; the IPMI software is borked and won't let me assign an IP address. It will take a 200km drive followed by a hard power cycle to get the IPMI up and running again.
Well, OK. My bad. :)
What peer reviewed evidence do you have to support the non-existence of a god?
As others have said, the null hypothesis is the default in science. If you claim the existence of a god, the burden of proof is on you. Otherwise one can say:
What peer-reviewed evidence do you have to support the non-existence of a committee of seventeen gods?
What peer-reviewed evidence do you have to support the non-existence of an invisible pink atom-sized unicorn in your freezer?
What peer-reviewed evidence do you have to support the non-existence of a flock of seven thousand porcelain flamingos orbiting Mercury?
The full link above does not work, but this one works for me
Does Canada have a real way to stop the government from breaking its own laws?
Well, yes. We have a constitution, so we can challenge laws that are passed by the government. And we have something called "democracy" and "the rule of law" which tend to curb the worst excesses.