Comment You're all going to jail! (Score 2) 330
Yours sincerely,
The government of North Korea^W^Wthe USA.
Yours sincerely,
The government of North Korea^W^Wthe USA.
The interesting question is whether you can have serious, in-depth, journalism without print - there's a reason Snowden went to the papers and not to a TV station - but you're not going to answer it with engineers.
I'm comparing the service offered by BT in the few years after privatisation with that offered by the GPO before. That's actually a feasible comparison to make. It's you that's making the argument that 30 years on, a hypothetical nationalised telco would be better than the private providers - and you're not providing a shread of evidence for that hypothesis.
And digital wasn't "still in the labs" at the point of BT privatisation - the first System X exchange was installed before privatisation was complete and dogged BT for years after with increased potential costs because of the decision (likely taken in the Treasury) to develop a British digital exchange and support British exchange manufacturers rather than just buy a solution off the shelf in the end left BT with a single supplier of equipment and spares as STC, Plessey and GEC either pulled out of the project or merged. That's not a decision a commercial company is likely to have made.
The Internet was later coopted by groups of academics who didn't really have to worry if their communications were intercepted because they were pretty much public anyway and had nothing really to gain from abuses such as faking BGP route updates. Trust wasn't required.
The public, commercial, Internet may have had an illusion of trust, based solely on the fact that nobody historically worried about it. That doesn't mean it was based on trust, if means any trust it enjoyed was based on ignorance.
Trust in the Internet is in any case a wider issue than who is listening in. It's also knowing what really happens to the data about you provided voluntarily that gets hoovered up by all those online services chatting to each other behind the scenes.
Nor is it merely about the Internet - it's about your phone, your car, your smart watch, your contactless payment card and all the other things that can be enabled by technology to spy against you.
There isn't a technical fix to all of that, some of it has to be a political fix.
Syria is a majority Sunni country with a Shia dictatorship. Saudia Arabia (which is arguably a dictatorship of an extremely conservative Sunni-derived sect, Wahhabi) and Qatar (also a Wahhabi state) are providing the Syrian rebels with money and arms; Iran and Iraq (Shia countries) are supporting the Syrian government.
Russia has a naval base in Syria and has been protective of Iran. The US & UK have major military and economic assets in Saudi Arabia and Qatar.
This has all the ingredients of a "Sarajevo" incident (and I mean 1914 and not 1992).
In the UK, and I would guess in most of the rest of the world, women were "allowed" into IT early on because it wasn't seen as being a career. As soon as money could be made from it, the women were squeezed out. Grace Hopper likely would not have been hired in the 1960s, never mind now.
Britain did have significant numbers of women programmers - ICL used to have an army of "pregnant programmers" who did a lot of its software support while on maternity leave (back in the days of 300 baud modems) and Steve Shirley's company "Freelance Programmers" employed women based at home. And there, I think you have it: until the IT industry is prepared to employ people who want to go home occasionally and have a life outside work, it's going to be more hostile on average to women than men.
Some issues:
It's a hardware keystore under the control of the vendor: they have access to your keys, you don't have access to their keys.
If you've bought only-certified-for-use-outside-the-US hardware you may find yourself only able to run the OS-with-NSA-backdoor "export" version of your chosen operating system.
If your software vendor decides (or has decided for them) that your web browser (for example) should not permit you to access certain websites, it can be enforced in hardware outside of your control.
The remote "attestation" feature as originally designed could effectively identify individuals (or at least individual pieces of hardware) on the Internet, effectively abolishing any vestige of privacy. It is siad that Direct Anonymous Attestation introduced in the latest round of TPM specs permits the integrity of the TPM (for Digital Rights Management) to be tested without revealing the identity of the device.
In other words, if you have control of the TPM, it's exactly "just" a hardware keystore. However, if you don't have control, or if control must be ceded to another party in order to run some particular piece of software, you are entirely under the control of that party - and whoever controls them. And if you suspect your security is being compromised, you can't necessarily fire up a debugger or trace system calls, because unless that debugger has been signed by the OS vendor it's not going to run and you have no means of knowing whether it behaves as documented. It's a potential rootkit mechanism: you have to trust the OS vendor implicitly. And that's the point - it's not about allowing you to "trust" the vendor, it's about the vendor's "trust" in their control of you.
"Ada is the work of an architect, not a computer scientist." - Jean Icbiah, inventor of Ada, weenie