Re: "Stone" admits wishes to be RULED by corporations!
Corporations are not "persons" as defined in the Constitution
This supposition is broadly wrong. Corporations are legal persons under the law, both at the time of the adoption of the constitution, and now. See Blackstone's final chapter, that uses that literal term in the first paragraph.
And more broadly, under US federal law, the Dictionary Act states: the words “person” and “whoever” include corporations, companies, associations, firms, partnerships, societies, and joint stock companies, as well as individuals
And, see the 1819 Supreme Court case, Dartmouth College v. Woodward, which established that corporations enjoy some of the rights of persons under the constitution (in particular property and contract rights). Where it makes sense, corporations have always been people in the US.
This is my banana. There are many like it, but this one is mine. My banana is my best friend. It is my life. I must master it as I must master my life. Without me, my banana is useless. Without my banana, I am useless. I must peel my banana true. I must peel faster than the monkey who is trying to steal my bananas. I must eat it before he eats it.
Uh, no. No, it doesn't. Or, well, libel per se eliminates the burden of proof that the statement is damaging, which is slightly accurate, but libel against a private individual emphatically does not.
But it doesn't matter for defamation--calling or implying someone is racist is not a statement of fact. It's an opinion. You need false statements of fact to sustain a defamation claim. That's sorely lacking here.
Re: Read the list first, saved much time. I have never sued a cat.
A) REALLY suspicious of anyone who says this. Do you know the history of common law? It was so cruel that in the 18th century hundreds of crimes resulted in the death penalty. The courts of chancery were introduced to grant some small, very small measures of leniency.
And, there is no federal common law. Federal law derives exclusively from the constitution.
They even granted a monopoly on adult-related TLDs to a single registry (ICM), with rules on what kinds of content is allowed on them
Uh, yeah, because .xxx is a Sponsored TLD. Use policies are not only allowed, they're expected by the nature of STLDs. ICANN is not regulating any content here; they've created a TLD where the sponsor is expected to develop its own use policies consistent with the proposed nature of the TLD.
Re: Don't let strangers in your network (IoT device === stranger)
"using WPA-2 Enterprise, combined with a RADIUS server would work. (I'm not a network guy, just paranoid enough to learn)"
Very very few consumer devices support 802.1x. I wish they did. I hate having a single PSK for the devices on my network that are probably the least secure. I isolate them and apply strict ingress and egress rules for traffic to them.
"If you haven’t configured the kettle, it’s trivially easy for hackers to find your house and take over your kettle," Munro says. ... "I send two commands and it discloses your wireless key in plain text."
If you haven't configured it yet, how can they get your PSK?
It's easy to mix up rules for eating fries dropped on the floor with rules for snooping on people's private communications. Happens nearly daily for me.
Yes, abuse of certificate authority is something that's hard to protect against. That's where we rely on the PKI infrastructure to audit CA issuing procedure--it would suck for Verizon if they were caught doing that, and Cybertrust's root CA got revoked. Why would they risk it?
"I'd love to see a protocol somewhere between http and https, that negotiates and encrypts traffic, but doesn't rely on a trust framework."
It's possible to implement TLS without X.509 PKI infrastructure. In fact, there's an RFC out there that has an alternative, RFC 5081, which allows exchange of OpenPGP keys--this has been allowed since the TLS 1.2 standard (2008 or so); actually the RFC implies other types of cert exchange may be used if it's explicitly negotiated, but 5081 is the only one I know of.
As far as I know, no one has implemented it yet. There seems to be no interest in it.
"Verizon does not need the private key since they can use their own private key to encrypt everything again. The only way that you'll notice this is when you check that public key that you've received. "
No, part of the SSL verification process on the client side is verifying that the domain you're going to matches the domain in an X.509 certificate (the CN in the Subject portion). Unless Verizon managed to acquire a certificate with www.google.com as the CN, you'll get a cert mismatch error on your browser.
TLS is well-designed to prevent MITM attacks. Now if the MITM has the private key, that's a different matter. Perfect forward secrecy prevents decrypting after the fact if the session is simply packet-captured. It's not protection against a proxy when the evil party can redirect your traffic through it. And if the cert issuing process is compromised, that's another problem. But people people notice when a CA can't be trusted.
It remains costlier to scale because of the additional computational overheard of TLS. That's still a fact in 2015. It's not necessarily prohibitive, but it has to be taken into account. Load balancers acting as SSL proxies may need additional licensing, or a lot more cpu resources. CDNs charge more for it. And, worse, if you're making that money back in ad revenue, advertising services can pay less when forced to use ssl (or, you might have to skip some sources because they don't serve ssl ads and you don't want one of those "some elements of this page are insecure" messages on your site).
It's probably important to note these are "disaster recovery tapes", not email archive tapes. As such, they're probably full disk or LUN image backups, probably taken at regular intervals (month? quarter?). A fragment of data is not particularly useful in a DR situation. So I can easily imagine that recovering email over several years requires examination of a bunch of tapes, especially if there's a regular purge going on, on the servers. DR tapes aren't going to have space-saving measures like incremental diffs or dedupe. You want to dump a full image and bring it up as fast as possible.
(Also, as for size, I have 9 years of email from a previous job, from 2005 to 2014, exported as PSTs, converted to mbox format and exported to timestamped individual files. The median size is 12k [ls -l | awk '{print $5}' | sort -n | sed -n "$(($(echo * | wc -w)/2))p"], but the average size is a much larger 180k [46k messages totalling 8.1G], and I know I would frequently delete mails with big attachments that I didn't want to save).
The magazine that introduced America to theories that Vince Foster was murdered by Clinton to suppress stories about him ordering state troopers to kidnap women and carry them to his boudoir?
Ok, they don't seem as crazy as they did 20 years ago, but does anyone pay attention to them?
On the post: No, Your Kid Isn't Growing Horns Because Of Cellphone Use
Grrr
Dammit, I've been increasing my mobile usage the last 6 hours in an attempt to speed my horn growth.
On the post: Self-Described Feminist Loses Lawsuit Against Twitter For Banning Her Account
Re: "Stone" admits wishes to be RULED by corporations!
Corporations are not "persons" as defined in the Constitution
This supposition is broadly wrong. Corporations are legal persons under the law, both at the time of the adoption of the constitution, and now. See Blackstone's final chapter, that uses that literal term in the first paragraph.
And more broadly, under US federal law, the Dictionary Act states:
the words “person” and “whoever” include corporations, companies, associations, firms, partnerships, societies, and joint stock companies, as well as individuals
And, see the 1819 Supreme Court case, Dartmouth College v. Woodward, which established that corporations enjoy some of the rights of persons under the constitution (in particular property and contract rights). Where it makes sense, corporations have always been people in the US.
On the post: Today In Bananas Copyright Law: Court Urged To Rule That A Banana Costume Is Not Infringing
This is my banana!
This is my banana. There are many like it, but this one is mine. My banana is my best friend. It is my life. I must master it as I must master my life. Without me, my banana is useless. Without my banana, I am useless. I must peel my banana true. I must peel faster than the monkey who is trying to steal my bananas. I must eat it before he eats it.
On the post: Catholic School Teen's Lawyers File $250M Defamation Suit Against The Washington Post; Fail To List Any Actual Defamation
libel per se
Uh, no. No, it doesn't. Or, well, libel per se eliminates the burden of proof that the statement is damaging, which is slightly accurate, but libel against a private individual emphatically does not.
On the post: Catholic School Teen's Lawyers File $250M Defamation Suit Against The Washington Post; Fail To List Any Actual Defamation
Re: racism
But it doesn't matter for defamation--calling or implying someone is racist is not a statement of fact. It's an opinion. You need false statements of fact to sustain a defamation claim. That's sorely lacking here.
On the post: Catholic School Teen's Lawyers File $250M Defamation Suit Against The Washington Post; Fail To List Any Actual Defamation
Re: False light defamation
False light defamation has a higher standard of proof than public figure defamation. They'll have a devil of a hard time making that stick.
On the post: Rep. Louie Gohmert Wants To Strip Section 230 Immunity From Social Media Platforms That Aren't 'Neutral'
Re:
See: http://transition.fcc.gov/Reports/1934new.pdf
On the post: Twelve Rules For Not Being A Total Free Speech Hypocrite
Re: Read the list first, saved much time. I have never sued a cat.
And, there is no federal common law. Federal law derives exclusively from the constitution.
On the post: California DMV Rejects 1NFOS3C Vanity Plate Because Of 'Sexual Connotation'
Lucky
http://plover.net/~agarvin/chupacabra.jpg
On the post: Judge Says No Way To Attorneys General Looking To Block IANA Transition
Re:
Uh, yeah, because .xxx is a Sponsored TLD. Use policies are not only allowed, they're expected by the nature of STLDs. ICANN is not regulating any content here; they've created a TLD where the sponsor is expected to develop its own use policies consistent with the proposed nature of the TLD.
The process for authorizing STLDs is pretty transparent: https://archive.icann.org/en/tlds/stld-apps-19mar04/
If that doesn't worry you
It doesn't.
On the post: Easily Hacked Tea Kettle Latest To Highlight Pathetic Internet Of Things 'Security'
Re: Don't let strangers in your network (IoT device === stranger)
Very very few consumer devices support 802.1x. I wish they did. I hate having a single PSK for the devices on my network that are probably the least secure. I isolate them and apply strict ingress and egress rules for traffic to them.
On the post: Easily Hacked Tea Kettle Latest To Highlight Pathetic Internet Of Things 'Security'
Uh...simple question:
If you haven't configured it yet, how can they get your PSK?
On the post: Judge Tells FBI It Doesn't Have A 'Two-Minute Rule' That Allows It To Listen In On Personal Phone Calls
Understandable
On the post: Yes, Switching To HTTPS Is Important, And No It's Not A Bad Thing
Re: Re: Re: Re: Re: Troublesome certificates...
On the post: Yes, Switching To HTTPS Is Important, And No It's Not A Bad Thing
Re: Running a CA
It's possible to implement TLS without X.509 PKI infrastructure. In fact, there's an RFC out there that has an alternative, RFC 5081, which allows exchange of OpenPGP keys--this has been allowed since the TLS 1.2 standard (2008 or so); actually the RFC implies other types of cert exchange may be used if it's explicitly negotiated, but 5081 is the only one I know of.
As far as I know, no one has implemented it yet. There seems to be no interest in it.
On the post: Yes, Switching To HTTPS Is Important, And No It's Not A Bad Thing
Re: Re: Re: Troublesome certificates...
No, part of the SSL verification process on the client side is verifying that the domain you're going to matches the domain in an X.509 certificate (the CN in the Subject portion). Unless Verizon managed to acquire a certificate with www.google.com as the CN, you'll get a cert mismatch error on your browser.
TLS is well-designed to prevent MITM attacks. Now if the MITM has the private key, that's a different matter. Perfect forward secrecy prevents decrypting after the fact if the session is simply packet-captured. It's not protection against a proxy when the evil party can redirect your traffic through it. And if the cert issuing process is compromised, that's another problem. But people people notice when a CA can't be trusted.
On the post: Yes, Switching To HTTPS Is Important, And No It's Not A Bad Thing
There are lots of great arguments but...
On the post: IRS Finally Examines Backup Tapes, Recovers 30,000 'Missing' Lois Lerner Emails
Re: What the heck were they thinking?
(Also, as for size, I have 9 years of email from a previous job, from 2005 to 2014, exported as PSTs, converted to mbox format and exported to timestamped individual files. The median size is 12k [ls -l | awk '{print $5}' | sort -n | sed -n "$(($(echo * | wc -w)/2))p"], but the average size is a much larger 180k [46k messages totalling 8.1G], and I know I would frequently delete mails with big attachments that I didn't want to save).
On the post: American Spectator Magazine Deletes All Mentions Of Brett Kimberlin Following Apparent Settlement
American Spectator has journalistic integrity?
Ok, they don't seem as crazy as they did 20 years ago, but does anyone pay attention to them?
On the post: Huffington Post Finally Responds, Stands By Its Completely Bogus, Totally Debunked 'History Of Email' Series
You're arguing with the Puffington Host!
Next >>