... at least, outside of the US, it seems. Many countries have a policy that basically boils down to "if you can grab it, then it's yours, and it's impolite for another company to point fingers and claim you stole it."

I guess you didn't read the parts of the Snowden releases where NSA/GCHQ were caught engaging in industrial espionage, right?

If you think the USA is somehow on a moral high ground here, I really wonder why. The USA has less that it can steal from other countries, but it certainly hasn't shown any signs of hesitation.

(posting to undo a moderation misclick on the above post, sorry)

Since it's decentralized, they'll have to go after the actual users.....

... or the developers. I'm not sure OpenBazaar is going to win this one. The way to gain immunity is to build tools that genuinely have large amounts of legitimate usage, large enough that attempts to blanket ban the whole thing are seen as unacceptable.

The amount of trading on these black markets is huge. Meanwhile, demand for a pure p2p trading marketplace is probably rather low. It would be very easy for OpenBazaar to be overwhelmed by bad usage and not have enough good usage to defend itself.

Additionally, I think a lot of people have forgotten that even Silk Road 1 and 2 were actually somewhat policed. When SR1 was brand new, in the very earliest days, it had no rules at all and a few ads appeared for things like nuclear material and slaves. The ads were extremely convincing and quite, quite chilling. DPR shut them down immediately and instituted the "no things that do harm to others" policy, though of course that policy was hardly internally consistent - he was quite happy to sell guns.

But if OpenBazaar has no way to control listings at all, things like that might well start appearing again. And that would put them in a whole world of hurt. Governments care about the drug war yes - but they care about nuclear proliferation a hell of a lot more.

Please show me the abundance of dangerous terrorists/serial killers that are simultaneously practicing lawyers or journalists.

Facebook does mark advertisements as such and always has, as far as I know.

Is there a loss in profit for original work? No doubt, but I would argue .....

The failure occurs at this point. You can argue all you want, and if you can convince content creators you are right they might go along with your suggestions to (presumably) give away all their work for free. After all, open source software developers often do.

However, what the Pirate Bay does is simply ignore the wishes of the people who created things, and profit off it. That's not winning arguments, hearts or minds. That's not even ethical. It's selfish exploitation of what could otherwise be a pretty reasonable and flexible framework.

That's not the case at all.

DKIM allows mail providers to detect that a message was tampered with in transmit, and DMARC tells mail providers to trash tampered messages.

Therefore, a mailing list has several options.

Option one is: don't tamper with the signed data in transit. This is very easy. It means not doing things like editing the subject line or adding signatures to the end of mails, but any good email client can auto label or filter mailing list messages anyway, so this is not a big deal.

Option two is: tamper with it, but resign under your own sending identity. This means the From header will be "wrong", but not really, because the message isn't really "from" the sender at this point. It would be more accurate to say the message resembles one sent by the original sender, but really, from a security POV, the mailing list could have done anything.

I prefer option one, myself, but either works.

All mailing lists that I am subscribed to have taken the more expedient option of banning Yahoo users from subscribing to their lists. This has the nice side-effect that it makes users switch to a more modern e-mail provider in the process. After everything was said and done, most users were actually quite thankful for this...

Guess what! It's people like yourself that make upgrading email virtually impossible. Congratulations on holding back the security of the email system for everyone, I hope you're pleased with yourself.

Mailing lists that rewrite people's email whilst refusing to resign it as themselves are doing a man in the middle attack on people's email. MITM attacks are bad, right? That's why browsers reject them. They make phishing easier, spam classification harder and generally make the email ecosystem worse. By doing the same thing as modern web browsers Yahoo is not being old and fusty as you imply, in fact, they are on the cutting edge. Believe me, if it weren't for the preponderance of awful decades-old mailing list managers other mail providers would already be doing the same thing.

The amazing features we get for these MITM attacks are ..... tags in the subject line, and, er, email list signatures. Both of which contain information redundant with the email headers, and both of which can be easily replicated by email client software.

Not worth it, not even close. Please fix your mailing list instead.

That does not equate to "DKIM is useless". Most email on the internet is DKIM signed at this point. If your clients don't use it, they're in the minority.

Nobody cares about DMARK? Seriously? If you're going to try and claim to be some kind of authority on anti spam, at least try and spell the names of the standards correctly! It's DMARC!

The asker of slashdot, and you, are both deeply confused about what these technologies are for.

The purpose of DKIM is not to be some kind of "anti evil bit". DKIM signing your mail does not imply it is or is not spam. The only thing DKIM does is make it easier for spam filters to identify the source of mail, so that mail stream can be more reliably classified. As it happens, many spammers don't want their email stream to be easily classified because they know their mail is not spam, so they don't sign with DKIM, but there's no inherent reason they can't and some spammers do. That's especially a problem for crappy marketing firms who genuinely believe people love their mails, but actually people don't. DKIM helps correctly classify mail in that case.

I'll repeat again. No good spam filter I'm aware of (sorry, plain old SpamAssassin doesn't count) treats the mere presence or absence of DKIM as a signal.

With one exception. That exception is when trying to fight phishing mail. If a mail claims to come from admin@yahoo.com then a good mail system will look up the yahoo.com DMARC records and see that yahoo.com claims all email from it should be signed using DKIM. If the mail isn't signed, then it can be rejected according to that DMARC policy. This means phishers can no longer forge mail that claims to be from a Yahoo address that it's not actually from. Also - mailing lists that do MITM attacks on people's mail, same thing.

If you ignore the ability to restrict personal data to particular people, news feed with intelligent ranking that tries to guess who your real friends are so you don't have to upset people who post a lot by defriending them, the ability to tag people in photos, the lack of any need for meaningless URLs and a seamless way of organising events ...... then sure. Facebook is just like the web.

GSM (2G) encryption did not authenticate the cell tower, whereas UMTS (3G) and above do. Cell tower authentication should break devices like the Stingray and other forms of fake base station, unless/until governments start forcing cell carriers to hand over the signing keys for tower identities. But as devices like Stingray exist more or less exclusively to get around the warrant requirement and no carrier would assist in that way without a court order, that places the police in the awkward position of asking a judge to write an order than can only be for avoiding the same judges authority....

So Clojure is not an interesting Lisp-like language? BTW there is a smalltalk for the JVM: http://www.redline.st/discover...

The problem is that some factions in the non-systemd camp are pursuing systemd "emulation" by using shims and forks. That way you just get a second rate systemd, and it will remove any motivation from upstream projects to support anything else than system. Using Ubuntu's "logind" is a short term gain, but a strategic failure for the non-systemd camp. They need their own implementation of needed infrastructure, not just copying or emulating systemd.

It sounds a lot like the non-systemd camp have no idea what they are actually for, they only know what they are against. So this kind of thing is not surprising to hear.

The "UNIX philosophy" is an empty slogan that switches people's brains off. It sounds great, until you try and build a real system with the features modern users demand, and then it turns in to an exploding nightmare of combinatorial complexity as every program tries to abstract itself from every other program in the name of political correctness. As already noted elsewhere, the programs people use serverside Linux to actually run barely resemble the UNIX command line tools and that's for good reasons ...