Forgot your password?

Comment: Re: Nah, this is just stage 1 (Score 1) 302

by DarkOx (#48204821) Attached to: Hungary To Tax Internet Traffic

The real conceptual problem with it comes down to SS was designed before we had a fiat currency.

When we were on the gold standard government "savings" took real money out of the economy. Because the taxes are levied and the government does not put it back into "nice things" subsidies for education, roads, other services. People must continue to pay for these on their own so they have to stay in the work force, the dollars pulled out make the dollar slightly stronger.

The smaller generation following a boom would usually create deflation, few workers => lower productivity less money moving. Having retirees drawing down the SSTF would have smoothed that money would flow back in and they would have spent it.

Instead we went fiat. So rather than SSTF contributions being that deflationary drag, the government just borrowed creating new inflation. Now that money as its disbursed is just more fuel on the inflationary fires. So it does not go as far, we have to make COLA adjustments and pay it out faster creating a ever widening disconnect between what people pay in and what they typically get out (assuming they live their projected life spans).

So the entire thing is completely unhinged; it would be even worse but for the fact the rest of the economy also plays by one rule now; "the influential make it up as they go along"

Comment: Re:Recognition (Score 1) 148

by DarkOx (#48196831) Attached to: 'Microsoft Lumia' Will Replace the Nokia Brand

Yea but the hatred of Microsoft is more resentment and jealousy than anything else. Sure geeks hate them but nobody else really does. Microsoft like IBM before it represents safety in a confusing market place. Nobody every got fired for buying Microsoft, just like nobody ever got fired for buying IBM before that.

Microsoft has lost the consumer phone space, they have not yet decided they won't try but they know trying to get Teens and college kids to think their phones are 'cool' and or convince homemakers they are easy and safe would mean dislodging incumbents who have invested lots in that messaging already and have largely succeeded and are now seeing those ideas intrenched. Nokia still has come cache there; if they were going down that road they'd pick Nokia.

Microsoft is instead going with their old top down we're gonna force it on you strategy. The business mobile space has tons of companies that still don't have device deployment beyond the sales force, they have large orgs that are fleeing the Blackberry sinking ship. They can land those deals, right now all the policy management and such absolutely sucks for IOS and android; its all half backed and has more holes in it than a Swiss cheese. Microsoft is a brand you sell IT managers on. Its familiar and rule 0 of marketing is familiarity is more important than likability. People will knowingly select a brand they have had negative past experience with over the unknown.

IT manager thinking works like this: durr herp derp Samsung they make TVs; now Microsoft they make IT solutions! derp.

The truth is Windows phone probably can/will score better on their myopic score card spreadsheet too, Microsoft knows how to win the weighted decision matrix game. Which we all should know is a tool managers everywhere use to give a veneer of objectivity to their most subjective a prejudiced decisions. I look forward to the TCO whitepapers streaming from servers in 5 . 4 . 3 . 2 . 1 what relevance do the categories and metrics chosen have to do with anything; well the will have been 'scientifically' chose to make Microsoft look good.

Comment: Re:Government Dictionary (Score 1) 227

by DarkOx (#48195415) Attached to: Facebook To DEA: Stop Using Phony Profiles To Nab Criminals

The trouble is the law isn't the law. Law enforcement is not supposed to break the law. Facebook has a terms of use agreement, your right to access their systems and post anything there exists entirely from your agreement to abide by the terms there. Facebook does not allow pseudonyms and other characterizations of ones identity.

Doing so constitutes violation of the CFAA, the court even held that in US v Drew ( a case about pseudonyms on myspace), although the verdict was vacated because the District court judge believed that while violating the terms of service on a web site could constitute unauthorized access, placing site operators in control of criminality would likely result in the law being over turned for being vague ( does not define the act, other than to say violation of a certain type of contract is a criminal offense ) rather than letting that be tested the government chose not appeal so they could keep their law on the books. Presumably so they can continue to threaten and harass anyone who does anything on line they don't like with it ( remember is really vague ).

Facebook does not belong to them, but they use it anyway in violation of the terms and their own law. If you or I setup dozens of fake Facebook acounts and use it to harass someone you can bet at the very least they would waive the CFAA in our faces to try and get us to plea to something else. Rules don't apply to them though!

If they set up their own site they would be perfectly within their rights to do this kind of pretexting; but then who is going to sign up and start posting on NARKBook?

Comment: Re:No the constitution is fine.. (Score 1) 279

by DarkOx (#48140135) Attached to: Who's In Charge During the Ebola Crisis?

That clause is in the preamble. It and everything else in the preamble should not be read as operative, it merely provides context in which to read the rest of the document. In that sense the idea it functions as a restrictive clause is more reasonable it limits possible interpretations of the other powers.

Its like the description before the ingredients list on a recipe. If you just had the title and then it launched strait into the contents and cooking instructions you'd have no idea what to do when you encounter something vague like bake 10-14min @ 350.

Should it be 10 or 14 how do I know? Well it helps to know the objective was: A delicious light by dry cake to be served with coffee.

That helps now you know to err on the side of more done, but not burred, as opposed to worrying the cake is loosing to much moisture.

Comment: Re: symbols, caps, numbers (Score 1) 546

by DarkOx (#48139859) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

Okay so there should be some limit. Buffers need to be allocated etc. There is not good reason that limit needs to be so small it impacts humans. 10KB would be a preposterously long password but would no more expose a webserver and or database engine to a DOS than all of the other operations they necessarily allow already do.

Comment: I'll Bite (Score 1) 546

by DarkOx (#48134343) Attached to: Password Security: Why the Horse Battery Staple Is Not Correct

1) Choosing a password should be something you do very infrequently.

No. Passwords need to be rotated for all kinds of reasons. It results in the account being effectively disabled when account policies fail (forgotten service accounts etc). It ensures that if the password store has leaked and its not discovered strong passwords remain safe (can't be cracked in the rotation time) and that access to accounts with weak passwords is at least detected at some point. Passwords should be used uniquely person/organization for the most part, finer grains in some cases; most people form relationships with organizations frequently. So password selection actually occurs very often and should.

2) Our focus should be on protecting passwords against informed statistical attacks and not brute-force attacks.

Most "brute force" attacks are informed and statistical the offline ones anyway; you try to get the low hanging fruit first (birthdays, names, dictionary words and usual substitutions) before you do the exhaustive search of the key space. In online attacks where the attacker is throttled this has greater impact but a password that is strong against offline attack is also strong against online attack so I don't see any reason to place emphasis here, other than to simple say the best passwords have the most entropy.

3) When you do have to choose a password, one of the most important selection criteria should be how many other people have also chosen that same password.

Ok I can agree with this one, but really implementation is hard, beyond the usual is it in a dictionary of common passwords (good systems already implement this), you should not be able to know if lots of other people are using that password because you are only storing salted hashes right and everyone gets their own salt right?

4) One of the most impactful things that we can do as a security community is to change password strength meters and disallow the use of common passwords."

No the most important thing we can do is try to move away from password only security and move toward two factor, which is more and feasible now that most people are carrying a cell phone that can at least get SMS messages.

Comment: Its not all victim blaming (Score 1) 622

by DarkOx (#48133017) Attached to: The Correct Response To Photo Hack Victim-Blamers

There is a difference between blaming victims and admitting they did not take a reasonable person could have take to prevent themselves from becoming a victim. A little discussion of the choices a victim made leading up to the crime is not victim blaming. I am do tired of this PC BS. Do we want to be politically correct or do we want to actually empower people to protect themselves.

No matter how you slice it the people who obtained those photos without permission are the criminals. The probably by brute forcing weak passwords or using malware to log password fraudulently represented themselves to a service provider 'Apple' using stolen credentials, and they almost certainly violated the photographer's copyrights, and various other crimes. No matter what else we say that remains true, they not the victim did something wrong, but that does not mean victims could not have done more right. Yet as soon as you add that last clause 1000's of PC morons will pile one. I see the same mentality being applied to the 'campus sexual conduct' debate and it makes me sad because it means there will be more victims.

We live in a free society. We can't round up bad actors until they do something, criminal. How much effort put into finding them, and obtaining justice is another discussion, but they are out there and always will be so long as society is open. So if you want to actually protect people from being victims we really ought to look at J-Law and ask what else might she have done.

Now, there are limits obviously everyone has RIGHT and reasonable NEED to walk down the street in broad daylight and expect to do so and be reasonably assured they can without being harassed etc. There is no analogue there though to sending a private document over a network you know nothing about to a third party for storage and distribution who you know little about that will replicate it to a bunch of other devices some encrypted some likely not and just assuming everything will be all cool.

It would be better for people with a little knowledge to be able to use this as a teachable moment for others. The phyiscal world analog for what these nude-selfie takers are doing is essentially: Taking a nude Polaroid of yourself; and storing it the sheet metal desk draw at the office, with the cheapo four tumbler lock, high probability the maintenance guy has another key, and leaving it there why you go on month long holiday. -- Now if that seems reasonable to you than you are good to put your nudes on iCloud and similar services. If not well you should not do it.

No its not right for someone to break into your account and copy your stuff, but being aware will let others at the very least make a go / no go choice, maybe you can start to find better options or improve your situation like replacing the cheap lock in my analogy with good quality padlock via using a STRONG password. Advising prudence and offering education ISNT "victim blaming." Its how you avoid having a nation of victims.

Same thing with "campus sex crisis". Telling young people its not smart get near blackout drunk around lots people you don't know; especially in what may be a new and unfamiliar location to you; isn't victim blaming. Its COMMON FREAKING SENSE, for men and women alike. If I were a pick pocket you bet I'd go after the drunk stumbling down the street before the together looking other guy. Women might be more at risk for a certain class of crime than other groups. Recognizing that fact and communicating it isnt victim blaming. Its empowering members of the group to make choices, about the risks they take. That is better than ignoring reality because it violates or sense of fairness.

I am not blaming the victim when I say if you are target and you know you are a target well its dumb to put nudes of your self in the cloud! Dumb you hear the the rest of your celebs? Delete them now, no I won't blame you when yours leak but you should understand it was preventable. You could have stopped it; that does not make it right but remains true.

Comment: Re:Research (Score 1) 165

by DarkOx (#48123311) Attached to: How Spurious Wikipedia Edits Can Attach a Name To a Scandal, 35 Years On

I am having difficulty understanding how giving opposing views on an issue or news item in any way hinders free speech.

Expressing even the idea that alternatives are possible fundamentally spreads those ideas and may even legitimize them in the minds of some. This is my issue with most of our civil rights laws as well, they should be unconstitutional. In order for Freedom of Speech or Freedom of Association to have any real meaning you also need Freedom from Speech and Freedom from association.

Liberals agree with this principle when its something they support like anti-nationalism, lefties will be happy to show up and defend your right NOT to say the "Pledge of Allegiance", or to stand up for atheistic principles like your right not have to swear on the Bible lest you be associated with some faith. These same people will turn on folks in the blink of eye if they don't want to say be associated with a minority of some kind, and not hire them or whatever.

Same principle here, nobody anywhere for any reason ought to be forced by government to state an opinion they think is wrong. The right NOT to speak something should be taken every bit as seriously as the right to speak. The other thing about the fairness doctrine was there was always an underlying assumption that some options were so radical and out of norm they did not have to be given air time. Who got to decide that though? The news agencies firstly and second the FCC which thought not very transparent processes did or did not take action.

So the fairness doctrine was in fact only really fair to people who had views that represented at least a large minority. Fringe ideas could still easily be hidden away. Which is probably a good thing, otherwise anytime someone bring up WW2 we'd have to endure listing to "Of course Adolf may have been right about Semitic peoples, and the final solution may have substantively improved western society" You don't want to require news to report mindless disgusting ideas like that.

No I think in the end the only really workable plan is let people/institutions report what they thing, let individuals decide if they have been presented with facts that support those ideas or not.

Comment: Backdoors are a threat to national security (Score 2) 575

by DarkOx (#48041199) Attached to: Obama Administration Argues For Backdoors In Personal Electronics

Backdoors are a threat to national security; because there is ALWAYS a risk they will be discovered by other parties or that the mechanism for their operation will prove to be exploitable.

That could leave us in a situation where an enemy, very likely even an enemy without state resources could find themselves in a position where they can disrupt/eavesdrop/other wise access just about all non-military equipment. Its terrible idea when we face threats like ISIS to deliberately weaken our information security posture. It could be economically crippling.

I am leaving out all arguments about civil liberties basic freedoms etc because the Intelligence committee types, and the FUCKING FREEDOM HATING ASSHOLES like Holder don't care about those arguments.

It comes down to this while backdoor the whole world might prevent a tiny number of crimes against children it puts the entire American way of life at risk. We had this conversation before in the 90's with Skipjack and our society made the right choice back then, for whatever reasons wrong or right. It was only 20 some years ago, the world has not changed that much; this is not the time to re-evaluate this.

Holder is bad rubbish and its good a thing he will soon be gone.

Comment: Re:I have an idea (Score 1) 174

by DarkOx (#48028365) Attached to: Apple Fixes Shellshock In OS X

I think you are correct on this point, I was a little too quick. Still I suspect there would be issues; which people who make heavy use of the shell would 'feel'

Consider ssh->bash->screen->bash. The first bash will be a login shell that sources the profile, the second will be a subshell, and would no longer have the functions defined. Sure there are plenty of ways to 'solve' that problem but will certainly require some alterations to common work flows.

Comment: Re:Fine. Legislate for externalities. (Score 1) 488

by DarkOx (#48027449) Attached to: Energy Utilities Trying To Stifle Growth of Solar Power

Whoa I did not advise anything other than caution.

There is plenty of evidence a transition of some kind will take place. Simple physics tells us its going to be most efficient to use energy as near to where its produces as possible. We know real soon now (because its already the case; electric/hybrid cars) we are going to have reasonable capacity storage devices all over the place.

So something is going to happen.

because the rich simply don't spend much money on energy

They spend lots on energy, certainly lots more than the poor do, as a percentage of their income no its not as much but its more in absolute terms. I have a relative who's house is approx 13,000sqft + a carriage house that is about another 2500sqft of finished space or so. I can tell this person spends more on A/C in the summer than I have paid for my last two NEW cars.

This is my point; that is the sort of individual who is going to look at the costs and go, oh if I put in a battery room and a large solar array I can save all kinds of money, but that is also the person who can invest 30K all at once in doing that. That isn't an option for the paycheck to paycheck masses.

They will get stuck being slowly squeezed for more each month because they won't be able to get the capital together to buy their way out; until one day they won't be able to afford gird prices anymore and it will bye bye to 24-7 electricity for them.

It's time to boot, do your boot ROMs know where your disk controllers are?