Re: Our leaders are morons.
But no one can route around a complete break. Just as water can't flow around a crevasse.
11544 posts • joined 10 Jun 2009
But no one can route around a complete break. Just as water can't flow around a crevasse.
Lube tends to be oily, and oil tends to be flammable.
The point, though, is that if you're at THAT point, you can pretty much assume WW3 is imminent (and likely the end of the world as we know it, as WW3 implies MAD). In which case, you'll have other concerns.
But not necessarily at the top levels, unless you can prove otherwise.
Except the second 3DES step was a DEcryption precisely BECAUSE just encrypting three times introduced common-mode failures. And the reason for using 3DES was that technology of the time (90's) had DES built in but was not strong enough to do any better, so this was a stopgap that didn't require new hardware.
Difficult to say, but based on what we know of chaining hashing algorithms, you may end up with a counterintuitive result of making it easier to crack your ciphertext rather than harder since most encryption works on similar fundamental principles that can result in common modes of exploitation. Even the one-time pad has its weaknesses. They could intercept your pad or determine where the ciphertext is being transmitted and mess with it to de-synchronize you.
Most of the legal monopolies actually are a result of NATURAL monpolies, due to extreme infrastructure costs on account of geography. In many cases, it's a monopoly or nothing at all.
Check the ethnic distributions and median incomes of the worst of the lot. Two of the driving forces behind high crime are culture clashes and poverty-fed desperation.
"My bike doesn't have any seat belts either. They're not needed if you use your brains when you're driving."
Not even when (not if) you get blindsided by a reckless, speeding drunk driver?
You have to consider that safety features not only protect you from yourself but also from Stupid, who has a tendency to kill others in his/her wake.
"I'm personally a big fan of a Capitalist society with much less Federal regulation. I'll vote with my wallet thank you. With several ISPs to choose from, the one that provides the content I desire at the speeds I desire gets my $$s, and I don't give a flying fickle finger if they have a prettier blinken boxen than the other ISP."
And for those communities (and there are A LOT) where there's only ONE provider, meaning the ONLY alternative is to go without (and there's usually a good reason there's only one provider: namely, they got a sweetheart deal that was the ONLY way to get them to wire up the place at all)?
"¹½ I remain extremely disappointed that nobody has called out <CTRL><Z> as being the background current process key-press rather than the Windozified "undo" with which everyone now associates it."
Don't blame Microsoft for that one. Command-Z on the Mac predated Windows.
"The point is that, like telephone services and train services before them, the Internet infrastructure is an essential utility upon which a great deal of trade is predicated upon and without which the economy would suffer greatly."
Some would argue that the Internet isn't THAT essential yet. Essential means lack of service means you run a serious risk of DYING as a result. And for the telephone, that came when police and fire services were hooked to them, meaning you can call them in emergencies. Roads are essential because that's what the emergency services use to get to you. The Interstate Highway System was originally created to facilitate military transport during the Cold War. AFAIK, no Internet service operates in true life-or-death emergency capacity yet.
You forget. People WILL pay for porn.
"If you don't like the service from your ISP get a different one, and if there isn't a different one you already had a potential abuse of monopoly issue which net neutrality legislation didn't much fix anyway."
Problem is, it tends to be hard to police monopolies when they're natural, and ISPs are utilities: an industry notorious for natural monopolies.
Just ask for a Victoria's Secret or Fredrick's catalog.
"A free home-delivered catalog of women in their underwear. God Bless America!" - Jeff Foxworthy
"They invoiced their family afterwards."
Did they eat the cost if the condemned had no more family or if the rest of the family was on the block. too?
The problem behind the problem is geography. The US is very large with large areas of sparse population. They're considered money sinks, which means you either get ONE provider tempted by a sweetheart deal or NO provider because no one will otherwise touch that kind of setup.
It's rather that Ford built the tollway and will let Ford vehicles through free whole charging exorbitant fees for any other make.
Think that's far fetched? Remember the Gilded Age when railroads owned mines and timber plots. Recall that Comcast owns NBC and Universal, that Sony owns Columbia and Tri-Star, that Disney is about to buy Fox.
Because some kids CAN'T learn, yet the parents (their only child and they can't try again) sue.
"They are way ahead of you on that front. In some totalitarian regimes they apparently made people pay for their own execution bullet."
And if the condemned was penniless...AND a handful to boot so they can't wait?
"By all means then, uninstall your seat belt, air bags, roll cage, etc. and get back to us."
And while you're at it, take out your horn and install a sharp spike in its place and let Date in sort 'em out. And if you happen to get rammer head on by a drunk ghost driver, we'll them's the breaks.
Aren't you forgetting the next step will be for ISPs to throttle all encrypted connections, regardless of the source (so no loopholes) unless you pay bookoo bucks?
"Considering that in most countries where ISPs block DNSSEC or external DNS queries, they also likely break HTTPS, I don't think it's much of an advantage."
More and more sites are going HTTPS-ONLY, meaning you'd be shutting your people out of popular services like Facebook. Like I said, that's going to start raising complaints.
But those DOH servers can ALSO be legitimate (not to mention POPULAR) web destinations such as Google and Facebook. Any ISP that tries to block Google and Facebook are likely to start getting complaints.
"But in this case encryption of HTTP is now so prevalent that an ISP who tried blocking that would be out of business PDQ."
Not necessarily, if they're (a) working under a government mandate, meaning they're dead if they DON'T do it, or (b) ALL the ISPs are working in a cartel to ensure data harvesting.
Except with an implementation like this, router makers can take control back from the ISPs by using the implementation and instead defaulting to the likes of OpenDNS confident the ISP can't hijack it back. That kind of approach would even protect the Stupid User.
"That's why the mantra is: Don't ever try and invent or write your own implementation as you're almost guaranteed to get it wrong."
But hasn't another mantra emerged, too? "Don't rely on other people's work because you can't be sure they got it right (or worse, were subverted without your knowledge)."
So basically, if you want something done right, you MUST do it yourself, only you practically CAN'T do it yourself because Encryption is HARD and most people can't handle it right. Does that mean we're basically screwed either way?
You meant it TRIES to route around it. But, like with a crevasse, you eventually reach an impasse (and that impasse can come with ISPs blocking encryption wholesale at most levels).
The article itself notes that DNSSEC doesn't help if the ISP is willing to block DNSSEC at its level by port-checking (this is also how ISPs can enforce their own DNS even above self-chosen resolvers: by hijacking the port wholesale). The ONLY solution against such a determined adversary is to "piggyback" it on something the ISP can't block without complaints. Since the connection is encrypted, the ISP can't tell what the connection is calling (unless it's an enterprise-level secure proxy, in which case you were screwed before you started).
Including Seagate? I've had more problems with Seagate drives myself (clicks of death and the like) while most of my WDs have kept chugging for the better part of five years plus. Just the same, I do keep mirrors.
"In the end, the weakest communications link is right here, typing on a keyboard."
So how does the DoD deal with it, given it's a real and proven problem (see Ed Snowden)?
""infecting USB drives or laptops of third-party contractors who connect directly to the network for maintenance purposes." What a strange definition of 'airgapped'."
Well, how else can you update a system with mission-critical (or even legally-mandated) updates with code that's too complicated to hand-type (not to mention that method's error-prone). Frankly, if it has an input method, ANY input method, it can be pwned. Yet, without an update method, it can be pwned, too, due to stale code. Damned if you do, damned if you don't.
"The free market is a good thing provided monopolies are forbidden, healthy competition is fostered, excessive greed is punished and companies in general are reminded—forcibly when necessary—that with their rights come social responsibilities."
But sometimes monopolies are unavoidable. Thus we have the term natural monopolies, where the market won't tolerate more than one provider due to things like NIMBY concerns. Utilities happens to be one industry where monopolies tend to be natural because no one wants a second set of eyesore infrastructure in their neighborhood. Rural services is another one because of geography; there's simply no other way to reach out to a population that sparse without lots of expensive infrastructure, threatening the RoI picture.
Which means rural Internet access (a utility) suffers a double whammy, especially in a country as large as the United States. AFAIK, the only larger country with (arguably) better service is Canada (and again I emphasize, that's arguable given the complaints from Canadians about the likes of Rogers), and they have the edges of a heavily-skewed population distribution and a contiguous geography.
But if this keeps up, there may soon be a move to restrain ALL encrypted communications except under (expensive, meaning limited to businesses) sanctioned circumstances.
Title II in terms of telephone, but NOT in terms of Internet, unless you can prove otherwise.
So you prefer nothing at all to half-measures? In other words, all or nothing in a world where the nothing is more more likely?
And yet standards and protocols DO change over time, like HTTP winning out over Gopher and FTP fading into relative obscurity, and why Telnet in the clear isn't used anymore.
All that needs to happen is for this natural evolution to get co-opted in some usually subtle way. Another way is to simply shove the whole business aside through bullying and captive market tactics.
In the US, a single First-Class stamp lets you mail up to one ounce from anywhere in the US to anywhere else. That includes Alaska, Hawaii, and territories like Guam. The package equivalent is Priority Mail, and if you use one of their flat-rate boxes, weight is no longer considered as long as it fits in the box without bulging. I believe it's been this way since the Post Office was first established soon after the US assumed independence, on the grounds, that communication is of such paramount importance as to not be subject to distance rating.
"I agree with you in principal, but I think you'd find that in the US there would be overwhelming resistance to the idea of a federally controlled Internet."
Then ask them which they'd prefer: a federally-controlled Internet or a privately-run Postal Service where executive whims affect the going letter rate?
"How many of you remember when first post arrived by breakfast, and second delivery was done by 2pm?"
Here's the big question, though. Who's willing to PAY for that level of service? That's the problem in the US, too, given it's vast and sparse land area. Wiring up between New York and Los Angeles is hard enough given thousands of miles over two mountain ranges, but at least you have some 15 million people between them to spread the costs. Try doing the same math in someplace hodunk like the middle of Wyoming. Most of these types of places are money sinks, which is why ISPs who hook up these towns insist on sweetheart deals or they'll walk. They're otherwise not worth wiring up.
Not to mention irksome to the taxpayer already under heavy burdens that can't be lightened without killing someone.
Doesn't that run afoul of the Sherman Anti-Trust Act, though, meaning it can create a law-versus-law situation?
That was more a case of picking your battles. Big content has enough control that they could make people abandon open Internet protocols, meaning they could make people abandon the World Wide Web by simply denying much-demanded content to the Web. Sir Berners-Lee can't force people to do anything, and as you have noticed with the likes of Facebook, Stupid has the power to outvote.
"Lets get real neutrality instead of the fake partially installed knock off neutrality we got by executive action."
Except you have to realize that the Congress in session now is stacked AGAINST neutrality on the grounds they prefer walled gardens. Trying to ask Congress to intervene in a case that currently runs in their interests is like the farmer asking the viper not to bite.
But that also means you now default to DTA Mode, meaning nothing gets done. So what now?
And based on experience, the problem is intractable. Any system that's available can be subverted, any form of integrity and trust can be betrayed, and it WILL happen according to the human condition (because people WILL cheat). Not to mention it's getting easier all the time. IOW, all three legs of the CIA triad are matchsticks.
IOW, is it time to wonder if the Internet is overrated?
""The assumption inherent in his article is that all users will have access to a password manager all of the time." You don't have a smartphone? You can run passwordsafe on that. Or you can use Google's smartlock in Chrome, https://get.google.com/smartlock/ . These methods have some drawbacks, but it's all better than the crappy horse stable thing."
Unless, of course, it's blacklisted by the corporate network as time-wasting (or not on the whitelist of places employees are allowed to go to conduct business on company time).
Of course, no local apps not approved by the IT department, so no password safes due to SPoF issues.
""Ultimately, Passwords should die. As a longer term strategy, we are moving to kill the use of passwords as the single authentication mechanism, and enforcing multi-factor authentication as the default everywhere.""
Until people start LOSING their second factors and so on. The first problem with passwords is that we have bad memories. The second problem with passwords is that they're also the best option we have. IOW, the best option is unacceptable, meaning we're basically screwed unless we take a few steps back and go back to human-on-human contact where everyone simply knew everyone else on sight.
PS. The first consideration of any security measure is taking the Stupid User into consideration.
"Biometrics mean that a known individual is accessing the system (assuming no-one's used the old cutting-off-the-finger trick, or the old R.Austin Freeman 'Red Thumb' method for faking fingerprints, written in 1907)"
What about the Gummi Finger? Proven to work by the MythBusters, even.
But the trouble is, what if your memory is REALLY bad, such that "correcthorsebatterystaple" easily becomes "donkeyenginepaperclipwrong", AND you can't trust any computer for a password safe because they're all communal?
Trouble is, even cappy accounts can be leveraged in things like social engineering to wedge their way into more valuable accounts. Kinda like ignoring the "impenetrable" forest.
Biting the hand that feeds IT © 1998–2017