We run general purpose computers. Can't we trust our own operating systems enough to think they might store a couple bits of secretish data? If not, what good is any encryption since the attackers get every session key anyway? (not to mention the keylogger with the raw password and the memory debugger that sees every block encrypted and decrypted)
The only thing a dongle provides is certainty that another computer can't impersonate a fully compromised device without the dongle. Of course, dongle-failure could very well lock you out of your own services. (and with a back-door in place, session hijacking is very possible)
Many sites, like gmail for example, require "registering" each new device via phone IM or pre-shared key. This happens after password success. Secret keys are then created and stored as securely as the device is maintained. Only if the device is deeply compromised will they be stolen.
If we create a landscape where 90% of computers AREN'T compromised thoroughly this really isn't that horrible. Throw in a bit of geo-location and email warnings about every interesting event (password change, new device registration, stale device login, Computer moved to Ukraine) and really things aren't all that bleak especially for services used every day or even once a week.
Then of course, there's cracking down on IP's and ISP's generating compromising packets, but that's a whole other subject.
See: 18 U.S. Code 2701 - Unlawful access to stored communications
Have their ISP shut down the IP connecting them to the internet. Once the infected broken device is removed, their NATed sub-network can have internet again.
You can't use a system without "testing" it in some way.
Purposely taking control of a computer system above your sanction is breaking the law.
These are OK:
Oops my keyboard slipped and I accidentally typed: John Smith'
Oops my name is: O'Riley
Robert'); DROP TABLE Students; --
Crime is a waste, it produces no goods or resources.
A link isn't "instructions". It's just the address of where to find something.
What you're saying is like prosecuting me for prostitution if I tell you there's a brothel at 411 B street.
In 2086, copyright will be lifetime + 140 years (or 160 years for works for hire). Steamboat Willie can never enter the public domain after all...
Easy password resets are a bigger problem than never changing passwords. Nothing worse than getting my account compromised because someone ELSE changed the password.
Society (aka "the market"), not government, controls what businesses can exist.
If a business is messed up enough, people will eventually vote with their feet.
Wouldn't you have a lot more control over the Carnot cycle at a power plant? (run hotter, cool, cooler)
> During the day and in fair weather, google's cars are already safer than humans.
On a closed course?
> People *need* healthcare. They get sick. They don't *need* Internet access;
Ok so give up your telephone, electricity and plumbing. You don't *need* any of that. People may not need Facebook and Twitter, but some level of remote communication makes life a whole lot easier (not to mention efficient). If I have internet I don't need any other telecommunications, internet is the modern information carrier.
If that's an ethernet network it might still be more secure than encrypted wireless... You'd at least have to physically be in the hospital at some point to exploit it.
In any case, it's kinda hard to imagine explaining how someone died because the doctor forgot their password.
Psst - Don't you mean no shit?
...though his invention worked superbly -- his theory was a crock of sewage from beginning to end. -- Vernor Vinge, "The Peace War"