What I need is a nice, cheap, rugged and handy document reader.

Seriously, the number one reason I print documents is because I want to review them while I go to the loo, or because I want to grab something to eat and I'll read it while I wait or because I want to take the doc home and maybe read it while I ride the bus.

Basically it boils down to something:

1. Cheap (if it breaks, I don't want to care too much about it)
2. Rugged (I'm taking it with me on a possibly crowded bus)
3. Standards compliant(I want to read a fucking PDF, that's all)
4. No bells and whistles (no wireless, colour, whatever except for a standards compliant interface)
5. Not a general purpose computer (read PDF, nothing more)
6. Good battery life (I want it to last at least a week on two AAA NiMH cells, and no custom cells, see point 3)
7. Did I mention cheap? (I mean it, USD 10 would be all right, might sacrifice cheap for rugged, but not for cpu power)

Basically, stick some memory, an ARM processor, a PDF decoder and a screen. In fact, forget about most of the memory, just some RAM and a SD connector as an interface, user pays for the memory card.

Actually, having part of the hierarchy solely for kids would be a great idea, but not for the obvious reasons.

You should allocate kids.us (if you yanks are so worried about it, that's where it belongs, the rest of the world doesn't give a damn about it) for such content.

Then you could create penalties for posting "indecent" material into this subtree of DNS. Since we're talking about DNS, the penalties should go to the owner of the DNS domain. The meaning of "indecent" is irrelevant and can be anything (you'll see as I present my reasoning).

Now, when someone comes trying to do censorship "for the children", you can just point that there's a perfectly child-safe domain protected by laws, with very harsh penalties for not respecting its intended purpose. All of that would be true.

However, if you've had read the literature you'd know that making such guarantee is impossible. Therefore no sane person would get a subdomain of "kids.us". However any busybodies can be easily told they should stop complaining and use the tools given to them (after all, the subdomain would indeed be protected by laws, and they should really be enforced). If they balk at the prospect of having such punishments applied to them, telling them that they are obviously not that interested in the children and are clearly hypocrites (maybe they would be tempted to put something "indecent"? or maybe they just talk but aren't trully willing to take the responsibility to make a clean web for the future generations, blah, blah).

In the end, only extremists will be willing to get .kids.us domains, no sane people would be even interacting with that thing, parents would get to choose if they let their kids out of the walled garden (and if they fail to do so, when they wanted, then they're irresponsable parents), and everybody else gets to browse porn without being distracted by the think-of-the-children crowd.

I even have a slogan for the domain: "kids.us, the clean place for kids that sucks".

The most that can happen is that a few extremists get punished (or whatever) when the sites are inevitably hacked.

Problem solved.

I don't think you got the idea....

My proposal's main objective is not technical, it is mostly to give the ISPs the excuse for not intercepting traffic.

I'm counting on the ISPs not wanting to do the interception in the first place, and using TLS as an excuse for not intercepting. While some people might see eavesdropping as not that bad, tampering with a connection is a different ball game. Besides, they are likely to be discovered unless they coordinate perfectly (how would you explain that the certificate for your site changes when you switch ISPs?).

Obviously anyone can do a MITM against not only self signed certificates, but also to properly signed ones. If the government decides to interfere, they might as well get a MITM box with a properly signed certificate that will work both for self signed and regular certificates. Then again, if the situation gets like that, you have a police state.

ISPs are not even remotely interested in scanning for copyright violations. It is a heavy burden that provides no benefit for them and is a technical and logistical nightmare.

I think part of the solution is to increase the use of cryptography. By that I mean putting TLS (or whatever) on everything.

If everybody encrypts everything, even just using self signed certificates, ISPs can no longer monitor the traffic. Even more important it gives them the chance of saying "We're very sorry, but due to the generalized ciphering we are unable to prove any copyright infringement. This month we have not banned anyone.". They could also claim inability to do a man-in-the-middle for fear of discovery when (when, not if) the **AA asks them to do it (after all, you can never be sure if you've exchanged fingerprints before using that self signed certificate).

Apart from all the distribution problems that everybody has been talking about, I'd like to know how you will surmount the problem of creating the pads in the first place.

To fill your 2TB disks you'd need to toss a coin 16000000000000 times (which I don't think you're willing to do) or have some beefy true RNG (hotbits generates 100 bytes/second, you'd have to have it going for 2500 years).

Pseudo random is not good enough, and RC4 would give you a similar result if you used a cryptographically secure PRNG (and much better if your PRNG is not good).

I meant what was going on with the apostrophe business.
What sort of logic would get the default feed.

(I was honestly expecting a database error....)

Try KD9372.

Also go to the registration page and you'll see a few models. Dunno about the model codes, though.

I was checking some of the links and noticed a few interesting parameters

http://www.framechannel.com/feeds/pair/index.php/r=1/frameModelCode=KD9372/frameModelId=1/frameId=PAPAPA/reset=0/language=en/7072.jpg

See that parameter named reset? I activated an account and verified it as activating. Then I triggered that reset parameter to 1 and it went back to the pre-activation state!

Even more interesting, using an id of "'" (an apstrophe) gets you some sort of default channel with some rather nice pictures. They even change them after some time.

http://rss.framechannel.com//productId=KD9371/frameId='

I wonder what's happening behind curtains.

Question: If our borders were "thoroughly opened" do you think there would be anybody living south of Texas anymore? A few in Brazil, perhaps?

Spoken like the stereotypical stupid gringo....

I know I wouldn't live in the US if they threw their borders open, and lost of friends of mine think the same way. You are completely deluded in matters related to your country, thinking it is the greatest country in the world while it goes down the drain.

Instead of posting comments like that, you might try to figure why tourists try to avoid the US, scientific conferences and business meetings occur in Europe if possible and cruise ships sail from Panama, instead. You might find the answer enlightening.

(then again, you should have gotten the gist of it reading this same forum)

Green ham won't be any guarantee...better choose another colour.

Get in touch with the security community as some other poster said.

Then concentrate in releasing a paper about your software. If your techniques are good, they might be an interesting read. Even more important is that if your software does not escalate privileges (as I understand), cleaning your software should be a straightforward job from the superuser account. Those cleaning techniques will probably be even more interesting.

I'd use a rather obvious payload that reveals itself when interrogated (instead of BOINC) in order to be useful for evaluating system security.

I don't think your malware is as nasty as you think, as you said you relied on executing downloaded software on a world with signed repositories and with MD5 hashes/pgp signatures as a normal custom. I also think you're underestimating the difference between administrator-all-the-time windows way and the only-escalate-when-needed model of the unix world. It would be interesting to see what happens, though.

Remember that Machiavelli recommended not hiring mercenaries because their lack of loyalty and their tendency to turn against you when you need them most.

While it's true that they won't be rampaging and plundering US cities (because of the rather large conventional army, as stated by another poster), it wouldn't be surprising if they did that in some other places like a few african countries or war-torn Iraq. Prolonging a conflict wouldn't be a surprise, too, if it were economically beneficial to them.

I remember reading somewhere that one of the major complaints about blackwater in Iraq was that they would make a mess and then leave things to the US armed forces for them to fix.

In certain ways, Blackwater is equivalent to rennaissance mercenaries, and the sections about mercenaries are still valid today.

I bet your reception is going to be rather lousy when scuba diving.

So does it or doesn't it include prostitution?

That would be unfair. With multiple positions in one job, their statistics would go sky high.