8) Now enter the command:
"C:\Program Files\Internet Explorer\iexplore.exe" "http://info.prevx.com/download.asp?GRAB=BLACKSCREENFIX"

...which starts the download of an executable file. Now, I have no idea who that guy (owner of prevx.com) is, and maybe he has nothing but good intentions, but I have this personal rule never to execute files downloaded from some random blog reassuring me they are going to "fix" my computer.

Until you get all the opinions on the table you simply are not having an objective debate on any issue.

I don't know. For me an objective debate usually involves facts, since opinions are (by definition) subjective.

Disclaimer: I am not from North America, and I also think that the USA has some serious racial issues. That being said, explain to me how comparing Bush to a monkey is not dehumanizing him?

Likening Bush to a monkey is not insulting him because he is white, and so is not racist.

Well that is a preposterous statement. I'm of the opinion that comparing any human being to a monkey is an insult to that person's mental capabilities. Whether or not it is also racist is a separate dimension of the insult, but fundamentally calling anyone a monkey is an insult. I might be wrong, but I think that those who called Bush a monkey were not using that word to make a factual statement about his biological makeup...

But then again, I come from South America, so I was never taught that "monkey" is a particularly racist insult (our monkeys are not all black, e.g. http://en.wikipedia.org/wiki/Golden_Lion_Tamarin).

Btw, Google fail in Switzerland: http://images.google.ch/images?q=Michelle%20Obama - first result.

It doesn't matter if you've got the best encryption on the planet, if I can gain physical access, YOU'RE FUCKED.

Shows how little you know. If I have the best encryption algorithm on the planet, and my data is encrypted, I can give you all of it (data and encryption algorithm). No amount of physical access to that encrypted data will get you closer to the plain text than knowing the key used for encryption. That is the whole point of encryption. The best you can do is crypto-analysis of the algorithms based on their mathematical formulas, and not on any particular set of data. I suggest you read more about attack models before spouting that kind of non-sense.

Heck, the whole idea of SSL/TLS is that you can have a secure, authenticated, private conversation over a completely unsecure, unauthenticated, compromised channel. Yes, you read it right: using SSL I can give you complete, 100% control of the communication channel. This will not give you any insight about the content of the conversation. The best you can do is deny service - which is, in fact, a physical security issue.

Another evidence of your ignorance about security: make a computer system completely secure from a physical point of view, so that no one can get physical access to it. If that system does not have also a strong layer of software security, your physical security is worth nothing. The botnets with millions of zombies PCs are an example of that. Or do you really think that whoever controls those botnets went from home to home to install the botnet software? I'm pretty sure that most of those PCs were safely locked in their owners' homes.

That is to say that I do acknowledge the need for physical security, but again, the whole thread was not about physical security, it was about software security. Which leads me back to my previous answer (which you quite conveniently ignored) that your rant is at best offtopic, if not just trolling. The unrestrained use of caps confirms that suspicion.

So there you go. My point was that indiechild was wrong to claim that security by obscurity was the same as hiding your personal info, since the definition of the term is about algorithms and not data. Then you came along and tried to shoehorn physical security in the conversation, for reasons unknown. I tried to tell you that in the scope of this conversation, physical security is irrelevant. And now you go even further out of topic, on some rant about how encryption cannot withstand scrutiny from physical access. In this post I showed that software security can resist some types of physical access attacks and that physical security is nothing without software security.

Ugh, just by reading your post again makes me cringe. What are "physical security protocols" anyways? I have heard about physical security policies, physical security mechanisms, but protocols? Is this when one spy says: "The polar bear collects spare change" and the other one answers "The cheese stands alone"? Seriously, for someone who is trying to criticize someone else's knowledge about a specific field, you should pay more attention to the terminology of the field.

By the way, those were rhetorical questions. I really do not need to read more half-baked, I-learned-it-from-teh-interwebs, non-sense about security.

Have a nice day.

One of these days someone might come around to explain to you the idea of conversation context. This whole thread is about software security. The OP mentioned security by obscurity, which is a concept usually used in the context of software security. Why would you bring a completely unrelated context to the thread?

Heck, if we wanted to be picky about it, we could say that your post is almost offtopic...

Security through obscurity is not about relying on secrecy of data, but about relying on secrecy of the algorithm or implementation. Those two things are different.

If you do not make the distinction between data/information secrecy and design/algorithm/protocol/implementation secrecy, then you do not understand what security is.

> Burning of scientists at the stake? Uhmmm... I'm trying to think of an example. Do you have one? I really can't think of one.

One. Google. Query. Away: http://www.google.ch/search?q=Burning%20of%20scientists%20at%20the%20stake
First result: http://en.wikipedia.org/wiki/Giordano_Bruno and now you know.

> Galileo got in trouble as much for being a jerk about it as for what he taught.

Citation needed. What I have found about Galileo is this: "Most historians agree Galileo did not act out of malice and felt blindsided by the reaction to his book." There are *five* references to other scholars confirming this point of view in there.

> nor to the millions of Christians who regard Constantinian Christianity as no Christianity at all.

Ahh, the good old "No True Scotsman" fallacy. Why then do you even bother to defend "them" at all?

> Religion was a post-hoc rationalization...Witch burnings...were quite rare if not unheard of prior to that time...Anti-semitism was not a Christian invention...

Which all leads to the OP's point that Christianity was either a motivator, catalyst or used as a justification for those acts. You are really making his point for him here.

> the Christian church has been a progressive force for women when you compare it to the times, not a repressive one

By having as one of the central tenants that a woman is only perfect as long she is immaculate? While having no such restriction on men? By condoning rape as long as you compensate her father for the financial loss? (Deuteronomy 22:28-29)

> it reads more like a tired list of he-said-she-said from someone who got everything he knows about religion and history from infidels.org ... So kindly exercise some discretion and actually learn something before you start flapping your gums and slandering things you know nothing about.

Since after investigating your claims for about 15 minutes, I managed to find 5 issues with, I'm gonna go and say perhaps you should take some of this advice yourself.

You are confusing login and authentication. The SSL protocol has provisions for certificate authentication (both server and client) way before any cypher key exchange is done. That is why you see a warning for unknown server certificates before you are allowed to type your login information.

Four words for you: man in the middle.

There is no such thing as "nobody else can read the transmission" if you don't have authentication.

How can you tell apart the proper destination and everybody else if you did not authenticate them? The very reason self-signed certificates are deemed dangerous by Firefox and others is that anyone can impersonate anyone else. In the end, you would certainly have an encrypted link to your destination, it is just that the destination could very likely not be who you think it is... and if the information is not important enough for you to bother about not letting it leak to a man in the middle, then why bother with encryption at all?

I did. Fourth result: http://www.quackwatch.org/01QuackeryRelatedTopics/emf.html From the link:

In summary: non-ionizing radiation has not been proven to cause various illnesses.

Actually, yes. Let them face the "real" lost revenue, instead of "imaginary" lost revenue (from TTS) to bash some sense in their skulls.

You seem to be confusing texture irregularity with material consistency. A house wall is not perfectly "razor sharp", but no matter how many times you look at it, they do not suffer from "randomness" or are in any way "uncertain". At least not if you are not looking at a sub-atomic level. Also, the bandwidth would not be that high, if you take into account that human eyes have very little resolution, and thus an extreme amount of detail at a distance would be pretty much irrelevant.

When I was in Rome, a fellow I met told me that, in Italy in general but Rome in particular, you should NEVER look while crossing the street. If the drivers see you looking, they'll know you've seen them and they won't stop. He said you should just step out into traffic without the slightest hint that you might have noticed them. Only then will they stop.

... which goes completely against my experience. I was in Rome the second week of last december, and the best way of making a driver stop was to make direct eye contact until they saw you, sustain it, and cross the street. And keep a serious face.

My guess is that then they understand that not only you are aware of them, but that if you survive, you will possibly be able to identify them.

It goes without saying that I would only do that on pedestrian crossings.