Re: Nope Nope Nope Nope Nope Nope
And what happens WHEN (not IF) they make it mandatory or you can't drive? And where you live you MUST drive?
7489 posts • joined 10 Jun 2009
And what happens WHEN (not IF) they make it mandatory or you can't drive? And where you live you MUST drive?
Did you then read about the customers SUING Progressive as they should for malfeasance and false advertising in the matter? This appears to be a matter of a faulty device, not a greater matter of having your car Big Brothered or else.
"Do not connect the device to the net. either internet or Intranet. Connect this crappy thing to a front end processor which carries out the authorisation and checking before passing commands to the back end crap device."
Don't you get it? They'll just hack the front end. Remote admin is pretty much require these days yet at the same time is inherently vulnerable to hacking. You lose either way.
So in other words, the only way to get a third party into power in the United States is to get a third party into power in the United States.
George was right. Parties are corrupting. Unfortunately, parties are also tribes, and tribes are standard human behavior.
That's still a bit hit or miss since the article doesn't bother to isolate US-only and in particular California-only numbers, which is important in terms of political influence. Is Apple bigger than Hollywood in California?
He might if they also try to tack on an attack on the FCC in the same bill. Plus he DOES have a history of vetoing poisoned bills.
Only one problem. There's also the matter of Hollywood...ALSO in California AND a significant lobby in its own right. So ask yourself, which part of the state brings in more money to it: Hollywood or Silicon Valley?
Um, what makes you think they don't already have one hidden away in that data center in Utah?
Um...nope. We just don't have the clout. They could close off their walled gardens, nuke the rest of out, fight it out amongst themsevles and they'd be happy.
Right party. Remember that the parties SWITCHED around the time of Nixon. Before then, Democrats were the conservatives.
"Is there a country without this BS? Without restrictions on what Internet sites can be visited, without nasty taxes, without stupidity and the power-mad running it? One with reasonable and intelligent lawmakers? I'm looking to move."
You won't find it. What you're witnessing is the basic human condition at work. ANY form of government ultimately degenerates into some corrupt cesspit given enough time.
There are 435 Representatives in Washington, each representing a certain chunk of the country. Each one gets directly elected by those constituents, and it's an election year, meaning ALL of them need to stump for their votes. Meanwhile, each district has their varying concerns on which their elections will pivot, so these Representatives ask their more influential friends to help. The basic formula went, "I'll help you get this done if you vote for the greater bill that enables everything."
The House tried to establish rules limiting this practice since other voters noted it to be an element of corruption, but they found it to be a necessary evil. Those lesser representatives had no motivation to vote for controversial bills otherwise, putting important bills in jeopardy and lowering Congress's approval rating as a whole due to a climate of nothing happening because of the lack of corruption (of course, this never influences the local elections much--there it's always Somebody Else's Problem).
You see, that's the thing about governing by committee like this. Each member has its own motivations and rarely do they honestly come together when the motion to be passed is a "necessary evil" one (structurally necessary but very unpopular--tax reforms, for example). About the only time they come together is when some kind of crisis (like 9/11) hits. 200+ years of experience seems to indicate this is just basic human condition at work. It's not something that can be easily solved which is why corruption tends to show up in ANY form of human government imaginable.
"Source; My Acer spare battery was confiscated whilst leaving Bristol. :-("
Since when were battery packs verboten in carry-on baggage? Because I packed a whole bunch on them on a flight to Asia without incident either way.
I don't know about that. With its own light I don't have to turn on the overhead light and disturb my neighbors (I can dim it, too, something the seat light can't). I can fit more books than you can given the tightening carry-on limits (I can even carry an extra battery and still pack light), plus I can also listen to the audiobook version, which doesn't need a light or my eyes open, all in the same device and without getting airsick.
That wouldn't be too bad. Some airlines (I know some Japan Airlines flights do this) offer this on their in-flight systems, too. It's forward for takeoffs and landings, down while aloft. Put this together with a live map and you can get a better sense of progress especially on transoceanic flights.
802.11n can do 600Mbit on the outside, and 802.11ac goes into the gigabit range. Mix the two together (as ac is 5GHz and n is 2.4GHz), and you have some potential there, especially if the passengers stick to the in-flight stuff kept in the server cage (now they only need one maybe two instead of 20 or so). Now, if we have to start talking backhaul on an airliner at 37,000 feet, probably out over a big ocean somewhere (think those lengthy transoceanic flights, especially those ones from Sydney to Santiago the flat-earthers claim are all fake), then physics dictates we have a problem...
The usual ways: smurfing, money laundering, and mules.
"And without that there's no way on the network of reliably telling who's who, and without that we're doomed to have a network pretty much like the Internet currently is."
In other words, the Internet is going to become a doom zone no matter what because it can either be stateless (and eventually a zone of anarchy) or stateful (and eventually a police state). It's Pick Your Poison with no third option available because "they know you" and "they don't know you" is a strictly binary state.
They can glean information off your "throwaway" accounts to learn more about you to pull off social engineering attacks so as to perhaps execute a password reset attack on a higher-profile site.
Think of it like a social version of privilege escalation.
And what if people don't routinely carry a second factor with them (say they hate cell phones)?
WHY do people need to change their passwords periodically if people follow the best practice of using a different password for each and every site? If the password's been breached, it won't work anywhere else, and odds are the password gets breached before ANYONE knows about it, making the while "change the password" exercise moot as odds are the criminal will change the password THEMSELVES once they have it--to block backhacking.
IOW, with password managers and different passwords for every site, it's either too early to worry about or too late to do anything to fix it, with no middle ground.
But it seems the "least bad" solution there is for someone with a bad memory. Unless you're saying the least bad solution still isn't good enough...
"Passwords are not a good way to enforce security. Like democracy, they are the least bad way we have now."
Only thing is, we're realizing all these "least bad" solutions are not acceptable. So we need an alternative that is better than the least bad solution out there, and we need it soon before the whole house of cards collapses in on itself.
"Your common-or-garden cybercriminal, much like your common-or-garden house burglar, will go for the easiest targets. They're after quick money not some convoluted identity theft."
But you could always have motivated enemies out to target you specifically or one who just feels like putting forth extra effort, like you say, so as to steal an identity and milk it for all its worth (one big haul versus many little ones) much like sociopathic stalkers who groom their victims over time.
"Why are credit agencies etc using the licence number if they are a target for identity thrives?"
Probably because they need a permanent ID number to be able to report to the government for whatever reason. It's one reason US Social Security numbers are still used sometimes even though the government discourages its use: because some aspect of their business requires it (say an employer or a medical provider).
"I do think the zero alcohol limit for new drivers is a good idea though"
You can't set the bar lower than .02 BAC because that's about the NATURAL level for your average human (are there really people like Vimes who have a naturally low BAC that makes them a bit knurd by nature). And a low bar would really suck for a person with a high natural BAC or who regularly uses mouthwash...
"I'd also like to see as much effort going into fixing the web advertising as has gone into these seldom-used features. Not killing it, fixing it, as that publishers get paid, users are not tortured, , privacy is respected, advertising ceases to be a malware vector, sites are not slowed to a crawl, and we no longer need an ad-blocker just to have a usable browser. I'd like to see a serious effort to impose a code of conduct and technical guidelines on advertisers, and war waged on those that don't fall into line. Something along the lines off this - audio/video ads only allowed to be delivered with audio/video content, otherwise static header and sidebar ad only, all ads to be surrounded by an advertisement border or watermark, etc. We've got to reach an end to the advertiser arms race, and, ans sites that break those and use abusive practices rules should start finding themselves in the malware blacklists."
You can't fix it. The ad arms race has been going on for OVER A CENTURY now. Heck, the scourge of ads has been in literature since at least World War II (read First Lensman, for example: written during World War II). Advertisers are like roaches; they'll survive nukes. And net-goers are too conditioned to freebies to go back to the old CompuServe walled garden business. Bad guys will ALWAYS be able to infect ad networks simply because they now have the resources to perfectly mimic legitimate businesses, operate out of countries that won't extradite but disguise their origins, and can change identities like a chameleon changes colors. With this kind of "anything goes" environment, how can you expect to keep things clean? Especially when ad agencies are getting big enough to essentially hold small sites hostage? I'm sorry, but all this sounds to me like wishing for unicorns...
No, I expect them to be led by the hand into a trap. As a comedian once said, "You can't fix Stupid," yet Stupid happens to comprise a significant portion of your customer base. So you're surrounded by hopeless idiots in search of unicorns, and you're pretty much stuck in a "The Customer is Always Right" situation as your job depends on it.
I just had a thought. What if someone coded a browser Dilbert-style, ignoring the stupid who demand this and that bloat and instead of telling them honesty what is happening simply lying to them every time they try to do something stupid. Say they want to go to a site that wants Flash to start an exploit, the browser can say, "I'm sorry, but the site you're trying to reach doesn't speak Internet correctly and cannot be reached. Recommend looking somewhere else. And yes, there IS another place to find it; this is the Internet, after all." IOW, you can't fix Stupid, so the best thing you can do is deflect it like you would with a PHB.
Well, you have to decide what's worth your money? Wade through ads or pay through the nose since it seems so critical to your client's business. Since they seem to have you, as they say, by the wossnames.
"Allow the "Blocker" to simply Remove (or never download in the first place) the code that the User objects to."
How are you going to know what the code is you need to dump unless you download the code to inspect it in the first place? And due to perverse motivation, you can't expect the server to do this for you.
"I kinda wish Mozilla had stuck to this philosophy, which is what I think they started out with."
Stupid struck. As in stupid users who demand their content yet aren't smart enough to find the needed extensions, leaving them with a dilemma: accommodate them and bloat your code or see your customer base defect to the competition. When the customers demand bloat, damn the consequences, what do you do?
"And stream code libraries on demand to enable rare feature sets when they are encountered?"
Code may be platform-dependent and could be hijacked by a Man in the Middle.
"Leaving aside considerations about the cloud being a good or bad thing, if you need a network aware app that also provides rich interactivity, that leaves you with a few options. Locally-installed software, apps a la iOS/Android. Or a browser-based app with JS and SVG/Canvas support."
Who not just make a protocol specifically for the purpose? Or why not use something specifically built for interactivity like VNC? Then again, these require persistent connection and the current Internet spec only allows for ~65,000 ports in use at a time, a fair chunk of which are already reserved.
The thing is, as others have noted, HTTP was intended to be a non-interactive protocol to start with. Why did it get usurped into a two-way protocol?
That "odd thing with the hole in it" is a punch: specifically a leather punch IIRC. The eye in it (and the groove) I believe is so it can double as a needle for mending or darning.
Don't think it'll work. Ad slingers and lawyers are like cockroaches. Odds are they'd survive a nuke...
Until the LACK of a module loaded opens a security hole (which is a problem in and of itself). Or they find another exploit that enables them to ENABLE the module they want willy-nilly. The only way to block THAT is for the module to not exist AT ALL. And even then, they'll probably just drop them using whatever secure channels they've been able to usurp. For some adversaries, money and technology are no objects.
And yes, flabby and lazy is the way to go, because you learn the "one thing" you're expected to do...is EVERYTHING.
As for Linux, NO until they can get their gaming act together better. Tried it. Ended up with headaches.
Well, what alternatives are there for people with really bad memories, which are a significant segment of the population?
"But 'something you know' is likely to remain the strongest element of any 2FA system. I for one am not ready to give up my password."
But what about all those people with bad memories for whom "something they KNOW" is likely not an option? That's the big bug-a-boo about passwords: it relies on something that for many people is very finicky and at plenty of times may not be reliable enough.
Turn it OFF before you go to the bathroom and it engages the lockscreen. Bet you have to prove yourself again before it'll unlock, and that can be done quickly enough. And yes, they can use the camera.
But for people with bad memories, passwords are not an option. At least, normally, you can't lose your fingers...
"Passwords however cannot be forcibly extracted from your brain by any means short of torture. They are easily changed if you suspect a breach."
Unless you're TRICKED, and the trickster changes the password ahead of you to block you regaining control...
Apple's no better in the privacy department, BB10's being dropped, and Sailfish is Not Ready For Prime Time.
"Rinse, lather, repeat."
Shouldn't that be "Lather, rinse, repeat"? The former sounds to me like using the toilet paper before you do your business.
"Most PHB's don't have the technical understanding to realize that, and most IT staff aren't good at explaining complex problems to people who don't have a technical background."
No, it's more that PHB's aren't willing to listen. All they care about is, "We need X, Y, and Z--of which at least one is a Unicorn--done, yesterday--and yes, he DOES mean yesterday." The instant you say "here's why" your speech is auto-DEtranslated into something like Xhosa, meaning they never hear or understand the why of it, and it's like that everywhere so jumping ship may just mean jumping into a worse situation.
HFT users will also be looking for prime real estate since in a game of nanoseconds physical distance matters (given light can only travel--in vacuum--about a foot in a nanosecond).
Tunnels trap vehicle emissions. That's why car tunnels have ventilation and at one time trains closed the windows before entering long tunnels.
Yeah, the same problem wind turbines generate: once you suck out the power from that current, there's less down the line. I don't think the UK would be too thrilled if Florida's experiment with the Gulf Stream sucks most of the energy out of it, leaving little to warm the English waters...
"It seems to me that somebody somewhere should be reviewing these on a project by project basis. Especially when it becomes such a common technique that everyone is doing it."
OK, now who PAYS for it? The customers won't because they're penny-pinching as it is, and the companies won't do it because they have investors to please, plus if anything does hit the fan they can cut and run before they're caught.
Don't get too cocky. There may be someone out there who knows about Gabriel, Madeleine, and Professor Yaffle, too.
PS. Dang. Talk about old memories. About 30 years by my recollection...
You forget social engineering and identity theft. They can use data from the less-valuable sites to make inroads into the more-valuable stuff. So since just about ANY site can be a stepping stone, you may have to assume your least valuable site is as important as your most valuable one (since breaking the former can lead to breaking the latter).