Forgot your password?
typodupeerror

Comment: Re:So SSL is nothing more than an honor system? (Score 1) 107

by chihowa (#47426317) Attached to: India's National Informatics Centre Forged Google SSL Certificates

That's a cop-out, though. Yes, there is always an element of trust in whatever you do. That's unavoidable, though it's smart to minimize the amount of trust you must put in others. Taken to the extreme it's ludicrous, as you've pointed out. But, that doesn't mean that there's no merit in limiting the amount of trust you put in third parties. Just because you can't completely trust your OS or compiler, doesn't mean that you should throw the entire concept of limiting trust out the window. It's dishonest to suggest that the risk is the same between trusting (your compiler), (your compiler + your OS), and (your compiler + your OS + the CA system).

The CA system is truly an honor system by design. It requires you to put your complete trust in a large, and growing, list of opaque and unfamiliar third parties and the decision to trust them is made by others though an opaque and unaccountable process. It's putatively a "security system", but is insecure by design. It depends entirely on unaccountable, secretive, and self-selected "authorities" to determine who should trust who.

Look at your OS's list of trusted CAs sometime. Any of these organizations, or anyone delegated by any single one of them, are implicitly trusted by your system. Completely trusting Microsoft, Apple, or various Linux devs is naive, but completely trusting everyone in the root CA list is absolutely insane!

Comment: Re:UK is not a free country (Score 3, Insightful) 145

by chihowa (#47424589) Attached to: UK Gov't Plans To Push "Emergency" Surveillance Laws

OK, to clarify... disappearances and purges are bad news, but it's not as if these historical dictatorships were all fine and dandy up until the point where people started disappearing. Holding off judgement until something is allowed to fully develop into its inevitable final product is dangerous and naive.

Comment: Re:UK is not a free country (Score 1) 145

by chihowa (#47424511) Attached to: UK Gov't Plans To Push "Emergency" Surveillance Laws

So people disappearing is the line at which you think a government is atrocious? There was more wrong with the dictatorships of the past than just purges. Would a dystopia where everyone is kept locked up in cages, but nobody is missing, not compare to a real fascist dictatorship? This argument people like you keep parroting is like the No True Scotsman argument of bad government.

Comment: Fund the research by building in targeted ads! (Score 1) 83

by StefanJ (#47417701) Attached to: A Brain Implant For Synthetic Memory

Google* and others should be willing to pour big bucks into the research. We may as well bow to the inevitable and let them build DRM, mandatory personality profile tracking, and advertising insertion right into artificial memory creation standards.

* New motto: "We'll figure out what 'evil' is and then not do it."

Comment: Re:Magical Pixie Horse (Score 1) 349

by chihowa (#47409589) Attached to: Here Comes the Panopticon: Insurance Companies

But everyone wants to pay the rates of the healthiest, safest, best maintained because if you have to pay more than that you must be getting ripped off.

Because you are getting ripped off (at both ends of the risk pool). Insurance is about pooling risk so that the cost of unlikely events are spread among more people. If statistical analysis allows insurance companies to segregate and condense those pools by risk, then eventually all of the individuals (high and low risk) end up paying what they'd normally pay if they didn't have insurance plus the profit that the insurance company is collecting. Insurance companies are profitable because the risks of the insured are increasingly well known, but withheld from the insured.

You're getting ripped off by being moved between the risk pools without any regard to what you've already payed into the system. When you're young and healthy, your premiums are pure profit as you never collect on them. When you're old and sick, your premiums rise to cover your costs (plus profit). If increased data mining allows even finer grained risk assessment (and adjusted premiums), where is the benefit in having insurance?

Comment: Re:LEAP Motion (Score 1) 65

Fixating on 'gestures' and reducing the entire scope of the input device to them is where the Leap went wrong. And from the summary: "...respond to a set of pre-programmed gestures...", it's where this one will go wrong, too. Gestures are fine for making limited input devices more powerful (as is the case with trackpads) but there's nothing intuitive or compelling about a 'set of pre-programmed gestures' in itself.

There's a bunch cool stuff you could do with these sort of input devices, but everyone seems so compelled to turn them into clumsy trackpad replacements.

Comment: Re:Gee Catholic judges (Score 1) 1316

by chihowa (#47356627) Attached to: U.S. Supreme Court Upholds Religious Objections To Contraception

The mandate expanded the state of things from "Oh, you're poor, so you get the failure-prone pill because it's cheap"...

You got that backward, though. An IUD is considerably cheaper than the pill. The pill is popular in the US for the same reason that brand name drugs and freshly patented drugs are more popular than generics: pharmaceutical marketing and kickbacks to prescribing doctors.

The reasoning for the poor getting the pill is a gift to the pharma companies. Relative effectiveness was never even considered when making the decision.

Comment: Re:You talk, it's your fault (Score 1) 560

by chihowa (#47327833) Attached to: Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data

...understanding the constitution requires more than just reading it and deciding what you think it means.

It really doesn't, though. The validity of our entire government hinges on the support of the governed and the idea that understanding the basis of government (which is a short document in plain English) is beyond the capability of ordinary citizens abuses that validity.

If a simple and straightforward statement like, "No person... shall be compelled in any criminal case to be a witness against himself..." can be twisted to mean that a person can be compelled to do so, then the changes that history has made to the document are much greater than "nuance".

Comment: Re:in what way is this not self-incrimination (Score 1) 560

by chihowa (#47327573) Attached to: Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data

To further clarify my point: the key, as a physical object, can be seized if it can be found. The safe can also be seized and its lock forced, but none of that requires the cooperation of the defendant.

...you have to provide LOTS of other information during disclosure...

You actually don't have to provide anything other than to identify yourself. As a defendant, you don't have to cooperate in the investigation against you. It may help you to cooperate (if you're innocent and can prove it), but you aren't required to do so.

Comment: Re:in what way is this not self-incrimination (Score 1) 560

by chihowa (#47327509) Attached to: Mass. Supreme Court Says Defendant Can Be Compelled To Decrypt Data

A key is a physical object and as such can be compelled.

In what circumstances are you compelled to produce physical objects? If this was the case, wouldn't murder trials always start by compelling the defendant to produce the murder weapon and the body?

news: gotcha

Working...