For a commuter jet there is no failsafe mode. You can't just have the jet "shut down" when something wrong is detected. To deal with emergencies you need all systems functioning until you can get the jet to land. In a nuclear power plant there is failsafe: drop the control rods. Sure, the plant won't produce electricity, but it will be safe. Compare to an unscheduled emergency landing of a jet.
The major difference here is a subtle but important one. With the banking system, if someone manages to get money or goods they are not entitled to, someone will be missing that money or goods and that someone will know about it once they take inventory or reconcile the numbers. These systems are routinely attacked and banks do lose money to fraud, and they invest in security enough so that the cost of fraud is less than the cost of the security measures.
With voting, the party that loses due to fraud is the public, and especially if there is no paper trail, there is no way to prove that any fraud did actually take place. It's very easy to make machines that count votes, it's basically impossible to make those machines such that no one involved could manipulate the results from the election officials, executives, programmers, and voters. With a paper election, the fraud-proofness is guaranteed though the fact that votes are opened with representatives of the various parties in place, and tallies are signed and published so that any fraud could be easily detected by the interested parties.
Actually, I have found a backdoor in a router that lets you issue arbitrary commands to the busybox shell without any password though a simple HTTP GET request. That router could be easily exploited with an IMG tag in a browser.
My solution BTW was not to assign an IP address for the router (used only as a modem) and to firewall non PPPoE traffic.
Every time I read a report on online phishing I wonder why banks (and other secure sites) don't apply a very simple almost 100% proof solution that will eliminate phishing, AND make life easier for the end user.
The solution is simple: Issue each client a tamper-proof USB dongle with a private key, similar to the smart cards you have in your cable boxes. When visiting the bank's website, the Browser/OS/USB dongle itself will ask the user for a PIN. Like ATMs, the dongle can lock out if the PIN is keyed in incorrectly too many times.
When the dongle confirms the PIN, it will conduct a Zero-Knowledge proof protocol that will prove the client's identity to the bank and simultanously generate a common session key, all without devulging any information. A man-in-the-middle attacker will be missing the session key or will not have any information required to prove its identity to the real bank site.
No password of any kind is transferred on the wire, encrypted or otherwise.
The only way around this kind of system is to have a trojan on the client's machine. In thsese cases, some OS features may be used to prevent the trojan from interacting with the dongle and PIN.
Client education is also easier: There is a physical object that serves as a key to your account, compound with a PIN. Exactly as with ATM cards. You know if your dongle is stolen (and it may not be duplicated), and in any case it's not usable without a PIN.
Networkmanager itself runs as root. The gui applet communicates with this system application via dbus. However, root privs are required by the kernel to modify wireless settings and to view wireless passwords.
Read this academic paper titled: Voter Participation and Strategic Uncertainty. In short, the answer it's sometimes better not to vote (or to throw a die in order to decide whether or not to vote).
We're not a company. We're a nonprofit with a very slim budget. For a giveaway would have to make a lot more CDs, and we didn't have the budget for that.
This reminds me of what happened to me once, when I was manning a booth at a conference trying to convince people to use Linux. We tried to get people to buy a Knoppix LiveCD from us to try it out. So, two people came and were mostly intersted in the fact that if they use the LiveCD to browse the web, none of their data is saved anywhere.
Regarding this "Browsar", does it delete all caches/cookies, or not save them at all? Because just deleting can be not secure enough unless you do it very carefully. Also, what about the swap? Is it deleted or avioded?
as done on Amazon, but then traders of specialty items, such as rare books, do not sell there because the dealers tends to win over the experts. Read the paper for details.
- You plug it in. AP starts locked dowwn and redirects all HTTP traffic to a configuration page. The page asks the user to physically push a button on the AP. - After the button is pushed, for a limited amount of time, all HTTP traffic is redirected to the configuration page. - User is required to answer if they would like a secure or open network (default secure) and to pick an ESSID. - Easy secure setup: Random WEP key is generated and sent as a script to configure client. Bookmark is added to allow for futher configuration. - To authorize a new client, either log in from the already configured client, or push the button on the AP to redirect all clients to the configuration page. - AP is only compromised for very short time windows.
Have a simple form for the deaf-blind. Add a field asking to explain your condition in your own words. The form gets read by real people who may send a follow-up e-mail asking for a reply. You can easily detect if you're talking to a computer. You can make the form only visible to text-based browsers. As this will not work for spamming, few will fill in the form.
There is a very simple solution to the entire phishing problem. A solution implemented in all major browsers. A solution that no bank that I know about actually implements.
There is no reason to base authentication on transfer of any shared secret (password, SSN, etc.) between client and bank. All that has to be done is: 1) Have the bank authenticate the customer. 2) Have them both use a key that would be unknown to a third party.
This can be easily done with Zero Knowledge Proof and a DH key exchange. The basic idea is that the bank knows it's clients' public keys and you know the bank's public key. Using both public keys and your secret key, both you and the bank can generate a unique key unknown to a third party, under which you can encrypt the session key.
The end-user only has to authenticate to its local key store, be it implemented in software, or better in hardware. If a phisher steals the password for the local password store, they still cannot login to the bank, because they need access to the media (dongle or hard disk). If a phisher impersonates the bank, they will get authentication data, but get the session key, and in any case, will not be able to authenticate for the bank. The only thing a phisher might do is present you with false information and get you to issue commands to a fake bank, but not get any access to your account.
On the perspective of the end-user, this system is simple as attaching a USB key to the machine and typing a PIN in a dedicated prompt.
If deciphering the human genome allows each of us to know the precise odds of contracting a dread disease, life and health insurance will be very tricky. - Identifying which genes lead to diseases is the first step to preventing/eradicating them at the genome level for everyone.
Let's assume we can't eradicate genes at the genome level without extreme measures, but we can diagnose who is likely to have some illness. In that kind of world, only people who were diagnoed as likely to be ill will be inclined to buy insurance. However, as only high-risk patients will buy insurance, insurance will be much more expensive. Instead of evening out the playing field with everybody paying a small sum to be compenstated in case of a catastrophe, we are all in the revealed state, and thus insurance cannot be sold.
In essence insurance is all about mitigating risk. When there is more information, and thus the risk is closer to certainty, insurance cannot be sold and thus there are those who benefit slightly (by not having to purchase insurance) and those who lose a lot. In an egalitarian approach, this is a bad state of affairs as the solcial gap has been widened, and there is a larger population requring welfare.
Slashdot Mirror
I mean breeding Labradors is not really big news. Even in Florida.
For a commuter jet there is no failsafe mode. You can't just have the jet "shut down" when something wrong is detected. To deal with emergencies you need all systems functioning until you can get the jet to land.
In a nuclear power plant there is failsafe: drop the control rods. Sure, the plant won't produce electricity, but it will be safe. Compare to an unscheduled emergency landing of a jet.
The major difference here is a subtle but important one. With the banking system, if someone manages to get money or goods they are not entitled to, someone will be missing that money or goods and that someone will know about it once they take inventory or reconcile the numbers. These systems are routinely attacked and banks do lose money to fraud, and they invest in security enough so that the cost of fraud is less than the cost of the security measures.
With voting, the party that loses due to fraud is the public, and especially if there is no paper trail, there is no way to prove that any fraud did actually take place. It's very easy to make machines that count votes, it's basically impossible to make those machines such that no one involved could manipulate the results from the election officials, executives, programmers, and voters. With a paper election, the fraud-proofness is guaranteed though the fact that votes are opened with representatives of the various parties in place, and tallies are signed and published so that any fraud could be easily detected by the interested parties.
Actually, I have found a backdoor in a router that lets you issue arbitrary commands to the busybox shell without any password though a simple HTTP GET request. That router could be easily exploited with an IMG tag in a browser.
My solution BTW was not to assign an IP address for the router (used only as a modem) and to firewall non PPPoE traffic.
Every time I read a report on online phishing I wonder why banks (and other secure sites) don't apply a very simple almost 100% proof solution that will eliminate phishing, AND make life easier for the end user.
The solution is simple: Issue each client a tamper-proof USB dongle with a private key, similar to the smart cards you have in your cable boxes. When visiting the bank's website, the Browser/OS/USB dongle itself will ask the user for a PIN. Like ATMs, the dongle can lock out if the PIN is keyed in incorrectly too many times.
When the dongle confirms the PIN, it will conduct a Zero-Knowledge proof protocol that will prove the client's identity to the bank and simultanously generate a common session key, all without devulging any information. A man-in-the-middle attacker will be missing the session key or will not have any information required to prove its identity to the real bank site.
No password of any kind is transferred on the wire, encrypted or otherwise.
The only way around this kind of system is to have a trojan on the client's machine. In thsese cases, some OS features may be used to prevent the trojan from interacting with the dongle and PIN.
Client education is also easier: There is a physical object that serves as a key to your account, compound with a PIN. Exactly as with ATM cards. You know if your dongle is stolen (and it may not be duplicated), and in any case it's not usable without a PIN.
You won't return it for a deposit refund, you'll get the new news on your existing paper, so it would be in your best interest to take care of it.
Networkmanager itself runs as root. The gui applet communicates with this system application via dbus. However, root privs are required by the kernel to modify wireless settings and to view wireless passwords.
The Spider of Doom at The Daily WTF.
What the blurb doesn't say, how much of the 58% google gets right overlaps with the 20% doctors get wrong, if at all.
Read this academic paper titled: Voter Participation and Strategic Uncertainty. In short, the answer it's sometimes better not to vote (or to throw a die in order to decide whether or not to vote).
In Koera, only old people repeat jokes!
We're not a company. We're a nonprofit with a very slim budget. For a giveaway would have to make a lot more CDs, and we didn't have the budget for that.
Yes, we did sell it for about $2 to cover the cost of the media, as a conveinece. We of course told people they can download it if they prefer.
This reminds me of what happened to me once, when I was manning a booth at a conference trying to convince people to use Linux. We tried to get people to buy a Knoppix LiveCD from us to try it out. So, two people came and were mostly intersted in the fact that if they use the LiveCD to browse the web, none of their data is saved anywhere.
Regarding this "Browsar", does it delete all caches/cookies, or not save them at all? Because just deleting can be not secure enough unless you do it very carefully. Also, what about the swap? Is it deleted or avioded?
I blame these guys.
as done on Amazon, but then traders of specialty items, such as rare books, do not sell there because the dealers tends to win over the experts. Read the paper for details.
The acutal paper is from 2000. This has been tought for the past 3 years in an undergraduate eCommerce course.
The paper has an interesting comparison between eBay and Amazon, for two distinct cases: common value and private value.
- You plug it in. AP starts locked dowwn and redirects all HTTP traffic to a configuration page. The page asks the user to physically push a button on the AP.
- After the button is pushed, for a limited amount of time, all HTTP traffic is redirected to the configuration page.
- User is required to answer if they would like a secure or open network (default secure) and to pick an ESSID.
- Easy secure setup: Random WEP key is generated and sent as a script to configure client. Bookmark is added to allow for futher configuration.
- To authorize a new client, either log in from the already configured client, or push the button on the AP to redirect all clients to the configuration page.
- AP is only compromised for very short time windows.
Have a simple form for the deaf-blind. Add a field asking to explain your condition in your own words. The form gets read by real people who may send a follow-up e-mail asking for a reply. You can easily detect if you're talking to a computer. You can make the form only visible to text-based browsers. As this will not work for spamming, few will fill in the form.
Can't he kill them off camera?
The sun has risen this morning, and the Earth is rotating around its axis.
Nothing to see here - move along.
Oh, it's about physical pirates, and sonic rather than sony. Nevermind.
Mod this post -1 not funny!
There is a very simple solution to the entire phishing problem. A solution implemented in all major browsers. A solution that no bank that I know about actually implements.
There is no reason to base authentication on transfer of any shared secret (password, SSN, etc.) between client and bank. All that has to be done is:
1) Have the bank authenticate the customer.
2) Have them both use a key that would be unknown to a third party.
This can be easily done with Zero Knowledge Proof and a DH key exchange. The basic idea is that the bank knows it's clients' public keys and you know the bank's public key. Using both public keys and your secret key, both you and the bank can generate a unique key unknown to a third party, under which you can encrypt the session key.
The end-user only has to authenticate to its local key store, be it implemented in software, or better in hardware. If a phisher steals the password for the local password store, they still cannot login to the bank, because they need access to the media (dongle or hard disk). If a phisher impersonates the bank, they will get authentication data, but get the session key, and in any case, will not be able to authenticate for the bank. The only thing a phisher might do is present you with false information and get you to issue commands to a fake bank, but not get any access to your account.
On the perspective of the end-user, this system is simple as attaching a USB key to the machine and typing a PIN in a dedicated prompt.
You forgot the $200 for the Windows license, and the loss of your freedom.
If deciphering the human genome allows each of us to know the precise odds of contracting a dread disease, life and health insurance will be very tricky.
- Identifying which genes lead to diseases is the first step to preventing/eradicating them at the genome level for everyone.
Let's assume we can't eradicate genes at the genome level without extreme measures, but we can diagnose who is likely to have some illness. In that kind of world, only people who were diagnoed as likely to be ill will be inclined to buy insurance. However, as only high-risk patients will buy insurance, insurance will be much more expensive. Instead of evening out the playing field with everybody paying a small sum to be compenstated in case of a catastrophe, we are all in the revealed state, and thus insurance cannot be sold.
In essence insurance is all about mitigating risk. When there is more information, and thus the risk is closer to certainty, insurance cannot be sold and thus there are those who benefit slightly (by not having to purchase insurance) and those who lose a lot. In an egalitarian approach, this is a bad state of affairs as the solcial gap has been widened, and there is a larger population requring welfare.