Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
Along with your 2 way authentication proposal, establish an authentication protocol with acceptance level similar to SSL that allows the authentication to be done securely between key manager on the client side (away from any trojans or keyloggers) and a user/key database on the server side (away from any hackers). This way way we can keep the most sensitive information (the keys), in a simple isolated device or server, that does one thing, manage keys, thus drastically reducing risk of being compromised. Also, a well established authentication protocol standard, is needed if we want to rid ourselves of using passwords (not just for browsers, but also applications).
I think what you are trying to say is that a society without laws and strong government (a perfect libertarian society?) allows for extreme groups to rise and take over. So maybe you should have said "What happens in a perfect libertarian society. Rand Paul eat your heart out!". However that would be very misleading, because Rand Paul is a strong believer in the constitution and does not beleive in a lawless society.
The idea of testing the implosion device was brought up in discussions at Los Alamos in January 1944, and attracted enough support for Oppenheimer to approach Groves.
You could go as far as proxying the entire secure connection through the security device, but I would still securily tunnel the authentication protocol inside the encrypted TLS/SSL connection rather than combine them in a pure TLS/SSL solution for various reasons.
The username and password are vulnerable because:
1) They are typically exposed on the same system that handles the connection, which makes them vulernalble to trojans, key loggers, hackers, etc.
2) They must be managed by humans or vulnerable password managers.
3) They don't authenticate the server, making the user completely reliable on SSL certificate mechanism for authenticating the server, which as we are aware has a number of weaknesses including most browsers allow a user to ignore a bad certificate and bad certifcates can be trusted through accident or malicious intent.
Having a well designed protocol underneath SSL to authenticate between the client and the server that:
1) is key based
2) has bidirectional authentciation
3) allows authentication to be done on an isolated computer or dedicated security device
Would go a long ways towards improving security.
Maybe there is an existing protocol that provides some of this, but I don't believe OAuth on its own does.
The one-sided fight was on. The President's budget, submitted to Congress, contained no funding for the IFR. There is no funding source to tide over a National Laboratory when funding is cut offthe program is dead and that is that. Democrat majorities in the House of Representatives were nothing new, and in themselves they were not especially alarming to the IFR people. During the previous ten years the votes on IFR funding in the House had always been close, and although a majority of the Democrats always opposed, enough of them were in support that IFR development squeaked through each year. The Senate votes on the IFR, sometimes with Republican majorities, sometimes without, as a rule went easier. But this was a very different year: the Administration had gone from weak support of the IFR program to active opposition.
The first generation that received social security was paid by the working generation (2nd generation). The 2nd generation is paid for by the 3rd generation and so on. It only works as long as the next generation (new investors) grows fast enough to pay for the current generation. This is classic Ponzi scheme, the first investers get paid off right away (and well), and the second investers pay for them and they get paid less well, and then the 3rd generation get paid even less, and so on, and you can only sustain it if you get more investors or you actually generate income. Unless I am mistaken, the only income social security gets is from the current investors.
Social security now takes more than it gives: http://business.time.com/2012/...
in spite of the fact that the right wing party promotes ideas that are often in direct conflict with the religious- ideas and attitudes about caring about the poor, sick, etc.
And Democrats are quick to paint distorted pictures of Republicans, because it serves their political gain.
I doubt there is a big difference between the compassion of Republicans versus Democrats. The evidence that Republicans have compassion is easy to find, look at their donations to charity. Painting a picture that Republicans promote ideas that are in direct conflict with religious ideas of caring is a misunderstanding on your part. On a whole Republicans believe government should be limited, and should not promote social causes good or bad as a matter or principle, and this has little to do with their level of compassion. I submit that you fall in the same bit of crowd driven thinking we all do, you listen to those who align with the views you want to believe (a little like those religious people you call nutty) ignoring the actual evidence to the contrary because it does not fit with your belief.