Just FYI, all maintainability issues aside, TrueCrypt doesn't have FIPS 140.2 compliance, which immediately disqualifies it as a mandatory NASA soltuion. See: http://www.truecrypt.org/docs/?s=compliance-with-standards
My sneaking suspicion is that cryptome was/is run with the full co-operation of your military-cia-fbi-industrial overlords to provide an outlet for paranoid and the tin-foil brigade, without actually doing anything that might hold them to public account.
While this isn't entirely unreasonable a response, my irony meter pegged for a moment at hearing you come up with a conspiracy theory that cryptome is just run to placate people clinging to conspiracy theories.
Link to Original Source
This has happened at a minimum in England, New Zealand, and the United States. There are still easily findable references to a U.S. pornstar named Melissa Bertsch having to testify in court several times (once in England involving a military officer) about how old she was in a set of pictures.
(The English military officer in question was found not guilty, IIRC, though I can't find the outcome online. In another case in the U.S. the prosecutor wanted to keep prosecuting even after it was disclosed that the images were of a 20-year-old woman because the defendant thought it was child porn.)
In New Zealand, there was a recent (within the last few years) case of someone convicted for having had a collection of pictures of a model who was over 18, but looked younger. I can't find the reference. It was of interest because it was clearly presented that the model was over 18, and the court decided that it didn't matter. I don't remember the sentence, I'm afraid, though the Wikipedia page on the general laws implies that it may have just been a fine in that situation -- but note the relatively large number of countries on the list.
I worked on an electronic voting system a few years back. What I did got accepted for use in a local academic department, and I even gave a WIP on it at a LISA conference once, and then I ran into the constraints of the real world when I tried to build it into something useful for a wider audience. They include the following:
1) You must not provide to a voter any form of receipt that can be used to determine how that voter voted. This is to prevent voter intimidation that has apparently turned into a major issue in places that did not abide by this constraint. If a hash can be used to verify that a vote was correct, it can be used to verify that a vote was what was required. I attempted to get around this by pre-seeding the vote results with a good number of copies of every possible result (which would cancel each other out), so you could take with you a vote receipt matching what you were required to do, but I couldn't come up with a way to make this idea scale, especially when any form of ranked voting was used.
Microsoft could get around this by giving only the hash, and not the vote record, with the receipt, but then you have no way to prove that your vote was recorded the way you input it -- the system could just as well record something else, and give you the hash matching that something else.
2) Even if you don't care about voter intimidation, and you give out receipts, not enough voters care enough to check that their votes were counted or registered correctly for crowdsourced verification to be all that useful. I remember an election irregularity report on one of the very few properly-done electronic voting systems -- backed by a printout under glass that could go either to the permanent record or the wastebin, and the UI directed the voter to carefully compare what was on the screen with the printout before accepting the vote. There was a malfunction at a station where the printer was completely nonfunctional. It wasn't even reported until an absurd amount of time after the poll opened (I can't remember the details, but many hours, and who knows how many voters). The Microsoft technique of using a running hash to prevent insertions, deletions, or alterations to a vote that is known will never be verified is nifty, but the odds are good that none of the votes in the last few hours of the day will ever be verified just because the verification count is so low, so you simply pick a spot and alter thereafter.
3) Even if a voter triggered an irregularity report by noting that the hash didn't match, there is no political will to invalidate an election. Almost no elections go by without irregularities. Some elections go through with absurd irregularities, things that obviously had the potential to change the result, or even things that definitely would have changed the result, and the result is let stand.
Discovery of the above three points made me give up on electronic voting as a solvable problem. The counted ballot has to be on a media not easily tamperable, and it must be independently verifiable by the interested parties, which, taken from a purely historical standpoint, do not appear to include the voters. Microsoft's bright idea (and I will give credit, it's not a bad thought when your only context is "how do I let a small sample detect tampering"), actually exacerbates problem #3 very badly by leading into #4:
4) Elections are expensive. You cannot build a system that lends itself to repeated invalidation. If you could ignore #1 through #3, a straight hash would still be of value, because you would only invalidate if enough people brought back signed hashes that did not match the published counted values, and a few forged receipts would not throw out all of the real resuls. Unfortunately, using a running hash over the course of the entire voting period means that the ability to tamper with a vote early in the day means you can invalidate *every vote that follows*, even if your technique was something that would only normally work on a single vote. This means that an early tamper of a single record serves as a denial of service on that voting location. I doubt that any voting machine manufacturers would ever be willing to risk a headline of "VotingCompany machine tampered with! 820,000 votes shown to be suspect!", and even if they did, local election officials will say "well, it might have been just one vote, so we can't prove the result would have changed" and you've just etched Problem #3 in stone.
Electronic tally of physical ballots is a solvable problem, especially with standardized ballots such that anyone can design and build their own tally machines to double-check. Electronic recording of votes is not, at least not of secret votes -- and we're not yet ready as a civilization to ignore a voter suppression risk.
I do research in organic chemistry for living and a fellow organic chemist one time accidentally dropped a drop of Dimethyl mercury on her hand. It went through the gloves that she was wearing and onto her skin. Within several hours she was dead from what the doctors described in layman terms as "her brain melted".
*sigh* If that's what you know about it, she wasn't a "fellow" organic chemist except that she once worked in the same field. Her name was Karen Wetterhahn, and she worked at Dartmouth College. She died almost a full year after the accident, and she didn't even recognize the symptoms for months. If she had reported the spill and gotten treatment earlier, she might not have died. It wasn't as if mercury poisoning was something nobody knew about.
Her case was important because before her accident, latex gloves were considered sufficient protective gear (which is why she didn't think to report it and get tested). After she died, safety standards were changed to recommend much heavier-duty protective gear when possible, and she started showing up in cautionary lectures about safety (apparently with the facts being watered down into legend by the time they got to you).
I don't know where you got the bit about "her brain melted", which it wouldn't have, though there was certainly a lot of neurological damage, and history notes that her coma was a particularly ugly one.
Link to Original Source
Link to Original Source
Link to Original Source
Boycotting Paypal would be nice, but for a lot of people, it's impossible. Would you tell people to boycott the banks by closing their accounts and keeping all their money in cash under their mattress? That's basically what you're saying when you advise people to boycott Paypal, because like it or not, it's basically a monopoly in many online-payment venues.
Uhm, really? A trivial Google search implies otherwise:
Also fascinating, from an in-person-sales perspective:
The source you are using stopped taking accurate measures because the real measures are so depressing and wouldn't paint the U.S. in a very good light. What you're looking at is what you get when you define 'literate' as the ability to scrawl out the word 'cat' when pointed at a picture of a cat in a pre-schooler book and maybe also sign your name in something more than an X. That's all you need to count as 'literate' by those measures.
When you start testing for functional literacy, the numbers get quite different. Sadly, there's no standard for that cross-country, so it gets very difficult to compare. I remember that a few years ago the U.S. was in 27th place world-wide by some study, but I can't find that source now, so I'm not sure how fair it was. What I did find was the NAAL numbers:
This shows 12-22% illiteracy (below basic literacy) in the U.S. in 2003, depending on content type, with an estimated 11 million people with insufficient literacy skill to even take the test.
More disturbing, perhaps, is that only around 13% of the population of the U.S. is fully proficient in English (about what skill you'd need to compare viewpoints in two essays or editorials, or interpret and compare multi-column charts or data tables that actually required you to do basic arithmetic for a comparison), a number that actually declined from 1992.
27th in the world might not be a horribly bad placing (assuming I haven't misremembered even the number), but don't make the mistake of thinking that literacy is a solved problem. That 99% number is utterly worthless.
And the counterexamples:
In its most recent report on the scope and spread of phishing sites, The Anti-Phishing Working Group compiled stats that show that seven percent of all phishing domains were hosted on
Link to Original Source