Why is American security so depending on reading about how much I hate First Bus?
518 posts • joined 29 Aug 2010
Re: Silver Bullet
There is no silver bullet because computers are operated by humans and the fact that "password" is by far the most common password shows you just how badly they fail at security. Until you can give humans a hardened stack there will always be malware of some sort, it will just rely on social engineering and tricking users into giving it the privilege it wants instead of trying to steal privilege with clever programming hacks.
Why aren't we looking at that? In theory it bypasses at least some of the issues with uranium/plutonium fission (with the added benefit that thorium is far more common than either and doesn't require isotope separation), and in the short-medium term it's far more achievable than fusion.
They probably thought that they only had to provide an interface and not implement it because interfaces are obviously so vital to their business and must be protected at all costs.
That's the same combination as I have on my luggage!
Set a course for Druidia, and change the combination on my luggage!
So presumably you can't just magic money out of thin-air by mining it, the cryptocoins in this system have to have a corresponding amount of real money to back them up, correct? So if that's the case, isn't this more of a money transfer system rather than a full-fat cryptocurrency?
Re: Air gapping won't help you because.....a non airgapped system is insecure
Hang a sign on the air-gapped system.
This system is high-security and MUST NOT be connected to any wired, wireless or any other form of network. ATTEMPTING TO DO DO WILL BE CONSIDERED GROSS MISCONDUCT AND GROUNDS FOR INSTANT DISMISSAL AND MAY ALSO RESULT IN CRIMINAL PROSECUTION
You may need to change employee's contracts to allow the above to actually be enforceable, but in any security system, the technological solution (firewalls, airgapping, etc) are only part of the solution. Making sure the system's users don't do anything stupid is a part of security as well.
So basically what the AC is saying is you can only build a drop-in replacement for a system if the maker of the original will allow you to? Well that's great. What if they won't? Or what if they no longer exist? One thing API reimplementation is used for is replacing legacy systems if the original vendor went out of business.
Re: Author is Dead Wrong
"Just because something falls under copyright, doesn't mean you can be used in to assert infringement"
Isn't that EXACTLY what Oracle were trying to do? Waah, Google copied our headers! They've made billions out of Android! Therefore they owe us billions!
The logic of that literally escapes me.
You are aware the PC as we know it wouldn't exist if re-implementing an API was illegal, right? Oracle had nobody's interests at heart but Oracle's, and any attempt to try to spin what Oracle are trying to do is a good thing is deluded. If you can't reimplement APIs, then that's the end of Linux, of WINE, of the PC BIOS, and so on.
You keep claiming copyright is to protect the little guy
But this is a perfect demonstration of an attempt at the exact opposite, and far more common, use for it. Copyright is usually used to try and slap the little guy down. Never mind that pesky "fair use" stuff.
Also, nice ad hominem there (grumbly bass players, et al). Those kinds of tactics are usually the last resort of people without a good actual argument so you know you're in for a ride when the article opens with one.
Good luck if you've got a Samsung craptop. You won't be able to not install Windows 10 (without drastic action) and you won't be able to use it once it's installed because Samsung don't give a crap about you once they've got your money and won't update their drivers.
I've got nystagmus. Good luck tracking my eye movements, bitches.
I'm really in two minds about this.
On the one hand, I've raged against ads. I hate them and I believe them to be downright dangerous as currently implemented, and I see no reason to take a risk of exposing myself to malware just to see flashy annoying ads for crap I don't want anyway. Seriously, stop shoving dog food ads at me, YouTube, I don't even have a dog.
On the other, if networks start blocking some content at the network level, there will be increased pressure on them from other parties to block other content at the network level. We'll get a lot of government pressure, especially, to block "ideologically impure" sites that they don't like and when the networks say they can't/won't, they'll retort "Why not? You block ads". It'll also play into the anti net-neutrality crowd. "Why won't you throttle sites? You block ads".
Oh thank fuck for that.
Now about overturning that whole "APIs are copyright" nonsense that started this whole mess off in the first place...
They are? The main (only?) reason I stick with them is the all-you-can-eat data.
I've... routed things you people wouldn't believe.
Cat videos on fire off the YouTube of Orion.
I've watches XXX-beams glittering in the darkness by the Pornhouser Gateway.
All those packets will be lost in time, like sketchy Twitter posts by politicians.
Time to kill -9.
How about "Not quite as insecure as the last one. Maybe"? A bit of a mouthful I know, but it doesn't overpromise.
Could be worse
At least he wasn't caught reading the Daily Mail. There's just no living something like that down.
Re: And over to Herr Gauss
There's no pressure on girls at that age not to be swots and instead be into "boys" and "fashion"? As far as I can see, anti-intellectualism knows no gender.
Morons with guns
The NRA keep telling us the only way to stop bad guys with guns is more good guys with guns.
But it's not the bad guys with guns I'm worried about, it's the morons with guns. What are you supposed to do about those?
Not just overdoing it
It's not just that there are a lot of ads which slow page loading down (which they do)
It's not just that they're a colossal waste of bandwidth (which they are)
It's not just that they are loud and gaudy and ruin the experience (which they do)
It's that legitimate ones do creepy things like tracking you and your browsing habits, and that if an adserver gets compromised then the ads can shovel malware onto your system.
Ads aren't just annoying, they're downright dangerous. If that's not fixed then no argument against ad-blockers will ever hold any water with me. Why should I risk my own safety for the sake of your bottom line?
I don't have to leave my house for six months and you guys will bring me food? Awesome! Anybody got any good DVDs?
Not the first time
This sounds nearly exactly like Birgenair flight 301.
Sadly things didn't go so well in that case and nearly 200 people died. Good job these pilots were on the ball and able to get the plane back down (might have been a different story had it been night).
Re: Sure, keep on using those custom tools
Basically you're saying "encrypted = suspicious"? Wow that's dumb.
The vast majority of encrypted traffic on the internet is perfectly innocuous. Most of it is probably online-banking, e-commerce payments, etc etc etc.
Nope. because you have a persecution complex if you dare point out that copyright isn't all sunshine and roses!
I initially wasn't even going to dignify this was a response, but....
Your article stopped short of "Not liking copyright == FASCIST!" by the narrowest of narrow margins, presumably so you could get all self-righteous when somebody called you out on it. Sorry buddy, you don't get to use language like the kind you used in your article and then get all uppity that somebody took exception to it.
Then you utterly dismiss the Steamboat Willy Permanent Copyright complaint, even though it's a perfectly valid complaint. All the people who had creative input on that film is now long dead. How does it benefit anybody other than the Mouse House that the copyright on that film keeps getting extended? As for hundreds of works falling out of copyright every year, I wonder what proportion of those copyrights are individuals versus corporations? I'd wager it's a fairly safe bet that there aren't an awful lot of corporate copyrights being allowed to expire. Hell, it took a protracted court battle to get the copyright on Happy Birthday To You overturned, for crying out loud.
As for Facebook, Twitter, Google, et al abusing the copyrights of individuals, what is it that they have in common with Disney? Could it be that they're big corporations? Just a thought!
Copyright is heavily biased in favour of the wealthy and powerful, those with legal teams who can fight for every concession and lobbying teams who can butter up lawmakers for stacking the deck even more in their favour. Meanwhile I don't get to enjoy any of the benefits that strong copyright is supposed to afford me. I don't get an extension on my holiday snaps or creative writing exercises, if I use a big corporation's IP in one of my own projects I'm subject to being sued into enough debt that my grandkids would be born owing, yet in the reverse situation I'm expected to lube up and take it.
Copyright does not protect individuals. If it did, Facebook, Google, Twitter et al wouldn't be able to abuse it so egregiously. You even admit it yourself that they do it (And I know that because I RTFA). It doesn't even protect creators. It's not creators who are issuing an endless stream of bogus DMCAs on YouTube, it's "IP enforcement companies" that are doing that. Copyright as currently implemented simply allows those with big legal budgets to bolster their bottom line.
Finally you try to paint me as having some sort of "irrational rage" against copyright. That's pretty rich coming from someone who accused me of not RTFA. As I keep saying, I'm all for copyright as long as it's fair and equitable, and does what it was intended to do (protect the works of a creator for a limited period in exchange for the work becoming public domain when the copyright expires). It currently does nothing of the sort.
Ironically I suspect we basically want the same thing, for people who create things to get their dues. But you fetishise copyright so blindly that you won't even engage with somebody who thinks that copyright reform is best served by limiting it and levelling the playing field rather than making it even stronger than it already is. The current system does not work and needs to be heavily reformed.
Lovely little bootnote at the end there. I love the implication "If you don't like copyright then you're a dictator!!"
Authoritarian regimes are bad (this headline brought to you by the Obvious Times), but regimes that play the role of lapdog to big business are no better. As I have repeatedly said (when actually allowed to say anything at all by the mods), copyright is perfectly fine and acceptable if it's fair on all sides.
It currently is not even remotely fair on all sides because it is de facto infinite for any work from Steamboat Willy on. Whenever SBW's copyright term approaches expiration, the rules governing how long copyright lasts get extended. We were promised copyright wouldn't be forever, but in practice it is.
I block all ads because they're demonstrably dangerous. Ad serving businesses have notoriously lax security and you can find perfectly innocent pages serving up malware through their ads as a result. Even when not explicitly designed to harm you, ads are overly intrusive and attempt to track you against your wishes. They're also obnoxious, especially video ads that auto play with the audio turned up.
I'll consider ditching ad blockers when the advertising industry get their act together. Until then, I'll just block everything (and stop using sites that insist I turn the ad blocker off)
All Programs have a desire to be useful. But in moments, you will no longer seek communication with each other, or your superfluous Users. You will each be a part of me. And together, we will be complete
Stuff like this makes me feel sick to my stomach. As the socially awkward kid, as well as the kid with the extremely visible disability I got bullied a lot and when it came time to enter the work force I spent years on the scrap heap because nobody would give me a chance.
I always took solace in the idea that at least groups built of mostly nerdy people were at least accepting of anybody who had enough knowledge or intelligence to fit into the group, regardless of gender, race or disability.
Between incidents like this and the ongoing clusterfuck that is gamergate I'm feeling pretty disillusioned right now.
The first rule of client/server systems is always that if your security/validation depends on the client then you have no security/validation. This is real newbie crap right here.
And how many millions of smartphones and other devices around the world now depend on code that's been shown to break such a fundamental rule?
Re: His (her) Master's Voice
Yes, because scope creep never happens in the British legal system, does it? Nobody has ever been persecuted with anti-terrorism laws for putting the wrong wheelie bin out or letting their dogs crap all over a public park, have they? And nobody has ever ended up in prison for making a crap joke on Twitter about blowing up an airport.
The argument the article seems to be making is that copyright is the great liberator, that it makes everybody's lives better, and stronger copyright and stronger enforcement of copyright is in everybody's best interest.
My argument is that copyright, and especially ill-conceived copyright enforcement laws like the DMCA are a blunt instrument that the evil Big Tech use to bludgeon the rest of us into submission. Did you know, for example, that an organisation promoting a FOSS 3D modelling package called the Blender Foundation made an open source movie called Sintel and made not only the movie itself but also all assets involved in making the movie free for non-commercial use to anybody who wanted them? Did you also know that Sony took the movie and used it as a demo for their video equipment (which is fair enough given the rules the movie was released under)? But did you also know that Sony then issued a DMCA against the Blender Foundation, claiming that the BF's distribution of Sintel related materials was in breach of Sony's copyright on Sintel? Even though it was BF who owned the copyright? Said DMCA notice resulted in the (temporary) removal of Sintel from Youtube.
Like I said, copyright needs to be fair. For everybody. It currently isn't, and making it stronger would only make matters worse. First and foremost, the DMCA must die.
Sorry? Copyright will save us from big tech?
I think anybody who had fair use content DMCA's out of existence from YouTube and/or had their channels shut down might have a different opinion on that front.
And your opening sentence sounds like a stretch at best.
Don't get me wrong, I'm all for protecting the rights of creators, but there should be some fairness in the laws and right now there isn't any. I copied the CDs I bought with my money to the iPhone I also bought with my money using the software Apple provided me for that purpose, and under UK copyright law that makes me an evil scumlord pirate. How is that fair. And how is it fair that the goalposts on how long copyright lasts keep moving? Lets be honest, no work made since Steamboat Willy will ever go out of copyright because when the copyright on that film is about to expire the American government will extend copyright terms.
Adobe falling foul of a security hole in Apple's code?
The irony is delicious.
Is he going to replace season tickets with "per-eyeball licensing agreements"?
Re: Nothing to hide
As Herman Goering once said.
Why do we need a snooper's charter then? Looks like they've got us by the short and curlies already.
TCP/IP dates from the late 70s/early 80s. Might want to be careful before assuming that old = bad
I'm not an American so I can't vote for Leiu.
Is there a way we can borrow this guy? I'll trade you one Theresa May for him.
Normally I'm appalled by censorship.
In this case I think I might be prepared to make an exception. Well done, China!
Why does this keep happening? SQL injection is possibly the easiest security flaw to avoid.
Don't get me wrong, this Panama leak has been nothing short of gut-bustingly hilarious. But how are we as a profession meant to be taken seriously when programmers keep making the same stupid elementary mistake over and over and over again?
Remember when IE was the dominant browser? Monocultures are bad.
Even if you don't like Firefox, the existence of more than one HTML rendering engine is important for a healthy web.
Re: Um, doesn't this blow a hole
Absolutely it would, why else do you think normally implacable enemies like Apple, Google and Microsoft are banding together to fight this collectively?
Does that mean that from now on you'll have to take a "fit to watch" assessment before you can use iPlayer?
Well they got as far as Wednesday.
My definition of a good week for Adobe is if they get to Thursday before the critical of the week is discovered.
How's this for the right reason?
He's probably going to continue to push for weakening privacy, encryption, security, etc, even after this incident. We don't need somebody who's this clueless about the importance of security and privacy in IT bossing the IT industry around. The prospect of a PHB with the power to change the law to his whim is horrifying in all its aspects.
Well that's Lance Armstrong screwed, then!