The geniuses who came up with this idea apparently never owned a cat before. Seriously, how do you train a cat to do anything?
Have you ever owned a cat? Yes, they're not as easy to train as a dog, because the average cat is more intelligent and more strong-willed than the average dog, but it's not all that difficult either, with a bit of patience...
Again, the basic concept is invalid. What you describe (penalizing a corporation only because it has become to large or too profitable) is "penalizing success," and nobody actually believes in doing that.
What people do believe in is penalizing abuse, and simply because a corporation has to become successful before having enough power to get away with being abusive still doesn't turn that into penalizing success.
Penalizing a corporation for being "too" successful does not foster a environment of economic growth. It would be counterproductive.
Please avoid ridiculous corporatist tropes like "penalizing success" if you want your arguments to be taken seriously. "Penalizing success" is a Libertarian strawman designed to provoke a knee-jerk reaction that distracts people's attention from the real issue.
No (sane) person believes in a policy of penalizing success. What is a good policy, however, is penalizing abuse of power. Since an organization has to be successful to a certain degree in order to gain enough power to become abusive toward society in general, it's easy to accidentally conflate the two, especially if a malicious actor with an agenda has already deliberately conflated the two to try to confuse you.
"Unhackable system" is semantically a slightly weaker version of "bug-free system," which I'll agree is impossible to achieve 100%. However, it doesn't mean we should simply throw up our hands in despair. Two simple changes could eliminate the bugs responsible for the vast majority of hacks: making SQL database engines reject non-parametrized queries by default, and abandoning the use of C and its unsafe kin in network-facing software. (See my comment above.)
It wouldn't magically make everything perfect, but it would be a vast improvement. Low-hanging fruit, as developers like to say.
To be completely fair, Title II shouldn't be the be-all and end-all of these communications with the FCC: it should be one of a great raft of measures designed to open up and shatter the duopolies across the vast majority of the US for cable and actual broadband data speeds.
Very true.
Senator Elizabeth Warren has gotten a lot of press lately for boldly, bluntly stating in sessions of Congress that the largest banks are actively harmful and need to be broken up. She's right, but I'd add that they aren't the only ones. Major telecom companies, Comcast in particular, belong on the same list.
There are two very simple fixes that would eliminate the vast majority of hacks and security vulnerabilities on the entire Internet. Everyone knows it, and has known it for decades, and yet we haven't implemented either one.
The two largest sources of devastating security hacks over a network involve compromising the application server via buffer attacks (a venerable technique dating back to the 1980s and the Morris Worm) and compromising the database via SQL injection.
SQL injection is very simple. Without getting too technical, you can stop it in its tracks by using something called Parametrized Queries. If you properly set up parameters on every bit of SQL you write, it's 100% impossible for your site to get hacked by SQL injection. The problem is, parametrization is not an obvious process, and a lot of people create SQL injection vulnerabilities out of pure ignorance: they just don't know that the obvious way is wrong, or how to do it the right way.
This could be fixed by having a mode in the database server--which is on by default and can only be turned off by someone who knows what they're doing--that will reject any query that's not properly parametrized with an error message stating that you need to use parameters. Goodbye SQL injection! But we've never done it.
Buffer overflows, likewise, have a very simple solution, because they stem from a very well-defined problem, and that problem is people creating poorly-managed buffers in C and closely related languages. In most languages outside the closest relatives of C, buffer overflows are either flat-out impossible or take some real effort to create because of improved memory management baked in at the language level. But in C, it's so easy to get wrong that not only can an ignorant developer who doesn't know what he's doing easily screw it up, but people with years of experience who honestly do know better can and do make the same mistakes, consistently!
This is where a good number of those security patches you get every month comes from. The devastating Heartbleed vulnerability was a buffer overrun bug. They've been making the Internet insecure for a quarter-century now, and all along the solution has been obvious: stop using C for network-facing software!
But we haven't.
Fixing those two simple things would instantly clear up the majority of all hacks. It wouldn't magically "create unhackable systems" like Tyson seems to think is possible, but it would get us pretty darn close, and it would be easy! But we haven't done it.
Try, fail, learn, try again. That's how innovation works, but in computer security, we seem to keep falling flat on our faces at the "learn" step.
And of course I'm sure there's no way to bust them over this. How is it that running a MITM attack and issuing a bogus security certificate to let you spy on someone else's private transmissions doesn't fall afoul of wiretap laws?
Baths were considered unhealthy (as well as immoral)
[citation needed] Particularly in Europe, the concept of "wash and be clean" was a major part of both Judaism and Christianity from the very beginning.
Precisely. This is the point that the sociop^H^H^H^H^H^H Objectivist crowd willfully refuses to understand. High-quality infrastructure and basic services are an investment in one's own quality of life, and everyone else's as well, but due to the principle of the Tragedy of the Commons, they're not maximally profitable investments from an individual's perspective.
Infrastructure must be managed by society and not by individuals driven by a profit motive, because high-quality infrastructure is unprofitable and attempts to make it profitable inevitably decreases its quality, to the detriment of all. (See: Comcast, Verizon, AT&T, TWC, toll roads, privatization of water supplies, privatization of prisons, and so on...)
Most of the messes I read about daily are directly caused by states bitching between themselves about things states have been bitching about for centuries.
We must be reading about different messes then. Most of the ones I read about daily are caused by small, unaccountable, powerful individuals and groups loyal only to themselves (and occasionally to shareholders, which also mostly falls under "themselves" in most cases) pursuing unchecked greed and attempting to live by the rule of Might Makes Right. You know, barbarism.
Did you appreciate how the Nazis and Soviets (and ChiComs, and Pol Pot, and Japanese Empire, ...) "organized their populations productively"?
I really ought to call Godwin on this and be done with it. But let me point out two things. First, every one of those governments failed, and failed pretty quickly, far faster than the average, and they are no longer with us. Communist China is sort of an edge case; technically they're still with us, but they've changed so much in the last few decades that Mao wouldn't really recognize the modern Chinese government.
Second, I really do appreciate the way the Nazis organized their population productively. They took a war-torn nation suffering under crippling poverty, debt, and hyperinflation, and in the course of a few short years they managed to turn it into an industrial powerhouse that was the envy of the world. And then they got into a war of conquest, genocide, and all manner of horrible things that have since turned their very name into a synonym for "evil," but just imagine if they had put that all that potential to a productive use instead!
How exactly is a "state" necessary to "build a strong civilization"? I thought that sort of thing was up to people like you and me.
When's the last time you built a road, commissioned a police or fire department, established standards for things we use every day to work together, or educated a child? I've never done any of those things as an individual "person like you and me," but as a citizen, I do all of the above and more on a regular basis, by paying taxes and contributing to things larger than myself, which raises my standard of living, and yours, and that of all citizens. That's what civilization is: a group of individuals working together in an organized fashion to accomplish things beyond the scope of what they could accomplish on their own.
It's pretty silly that you believe barbarism is the only option. I'm trying to get us out of it.
Sure sounds like you're trying to do away with civilization and revert to a every-man-for-himself society. That is the very definition of barbarism.
Regardless, nationhood came to be recognized and accepted as the best way to organize populations productively and build a strong civilization, and we've been building on that foundation ever since. I wish humanity could devolve back into barbarism, but too many others appear to prefer this state of affairs (so far).
Well, he's right about that. But if the fundamental premise (that North Korea did it) is invalid, then the derived conclusion (that China had a hand in North Korea's hack) is also invalid.
Re: Not a fair assessment of Comcast or Time Warner.
Not true. Plenty of people want to, but Comcast and TWC (and the other giants in the space) actively want to not have the competition and they use ma)icious lawsuits and bought-and-paid-for local ordinances to make sure no one crowds in on their cozy monopolies.
Re: Re: Re: Good thing this syndrome didn't begin in an earlier era
Android "fragmentation" has nothing to do with IP, and in fact it looks a whole lot like the state of the PC market back when "IBM-compatible" was still a term used to describe it.
It's a sign of healthy competition in a still-developing market, and it's not anywhere near as big a problem as the self-serving iDiot shills proclaim it to be, in large part because Google has the historical experience of the early IBM-compatible era to look back at and help guide their decisions WRT the evolution of the platform.
On the post: DailyDirt: Cyborgs Animals To Do Our Bidding
Have you ever owned a cat? Yes, they're not as easy to train as a dog, because the average cat is more intelligent and more strong-willed than the average dog, but it's not all that difficult either, with a bit of patience...
On the post: Techdirt Podcast Episode 6: Should Kids Be Forced To Learn Coding? Or Economics? Or Stats?
Re:
Are you sure?
On the post: Broadband, Airline Industries Are Incredible Innovators -- When It Comes To Giving You Less But Claiming It's More
Re: Re: Re: Re:
What people do believe in is penalizing abuse, and simply because a corporation has to become successful before having enough power to get away with being abusive still doesn't turn that into penalizing success.
On the post: Toyota Joins Tesla In Freeing A Bunch Of Key Patents
Re: Re:
On the post: Broadband, Airline Industries Are Incredible Innovators -- When It Comes To Giving You Less But Claiming It's More
Re: Re:
Please avoid ridiculous corporatist tropes like "penalizing success" if you want your arguments to be taken seriously. "Penalizing success" is a Libertarian strawman designed to provoke a knee-jerk reaction that distracts people's attention from the real issue.
No (sane) person believes in a policy of penalizing success. What is a good policy, however, is penalizing abuse of power. Since an organization has to be successful to a certain degree in order to gain enough power to become abusive toward society in general, it's easy to accidentally conflate the two, especially if a malicious actor with an agenda has already deliberately conflated the two to try to confuse you.
On the post: Sharyl Attkisson Sues Justice Department For Hacking Her CBS Laptop Over Benghazi Reports Even Though That Didn't Happen
Re: Re:
On the post: Help Create Some Neil deGrasse Tysonisms: Tautologically Meaningless Solutions To All The World's Problems
Re: Re: Re: Re: Re:
It wouldn't magically make everything perfect, but it would be a vast improvement. Low-hanging fruit, as developers like to say.
On the post: Google Quietly Argues Broadband Competition, Google Fiber Build Out Could Be Aided By Title II
Re:
Very true.
Senator Elizabeth Warren has gotten a lot of press lately for boldly, bluntly stating in sessions of Congress that the largest banks are actively harmful and need to be broken up. She's right, but I'd add that they aren't the only ones. Major telecom companies, Comcast in particular, belong on the same list.
On the post: Google Quietly Argues Broadband Competition, Google Fiber Build Out Could Be Aided By Title II
poles?
On the post: Help Create Some Neil deGrasse Tysonisms: Tautologically Meaningless Solutions To All The World's Problems
Re:
There are two very simple fixes that would eliminate the vast majority of hacks and security vulnerabilities on the entire Internet. Everyone knows it, and has known it for decades, and yet we haven't implemented either one.
The two largest sources of devastating security hacks over a network involve compromising the application server via buffer attacks (a venerable technique dating back to the 1980s and the Morris Worm) and compromising the database via SQL injection.
SQL injection is very simple. Without getting too technical, you can stop it in its tracks by using something called Parametrized Queries. If you properly set up parameters on every bit of SQL you write, it's 100% impossible for your site to get hacked by SQL injection. The problem is, parametrization is not an obvious process, and a lot of people create SQL injection vulnerabilities out of pure ignorance: they just don't know that the obvious way is wrong, or how to do it the right way.
This could be fixed by having a mode in the database server--which is on by default and can only be turned off by someone who knows what they're doing--that will reject any query that's not properly parametrized with an error message stating that you need to use parameters. Goodbye SQL injection! But we've never done it.
Buffer overflows, likewise, have a very simple solution, because they stem from a very well-defined problem, and that problem is people creating poorly-managed buffers in C and closely related languages. In most languages outside the closest relatives of C, buffer overflows are either flat-out impossible or take some real effort to create because of improved memory management baked in at the language level. But in C, it's so easy to get wrong that not only can an ignorant developer who doesn't know what he's doing easily screw it up, but people with years of experience who honestly do know better can and do make the same mistakes, consistently!
This is where a good number of those security patches you get every month comes from. The devastating Heartbleed vulnerability was a buffer overrun bug. They've been making the Internet insecure for a quarter-century now, and all along the solution has been obvious: stop using C for network-facing software!
But we haven't.
Fixing those two simple things would instantly clear up the majority of all hacks. It wouldn't magically "create unhackable systems" like Tyson seems to think is possible, but it would get us pretty darn close, and it would be easy! But we haven't done it.
Try, fail, learn, try again. That's how innovation works, but in computer security, we seem to keep falling flat on our faces at the "learn" step.
On the post: Help Create Some Neil deGrasse Tysonisms: Tautologically Meaningless Solutions To All The World's Problems
Re: Re:
Or a system designed to get around "air-gaps". See Stuxnet, for example.
On the post: Gogo Inflight Wifi Service Goes Man-In-The-Middle, Issues Fake Google SSL Certificates
On the post: FBI Waking Up To The Fact That Companies With Itchy Trigger Fingers Want To Hack Back Hacking Attacks
Re: Re: Re: FBI
[citation needed] Particularly in Europe, the concept of "wash and be clean" was a major part of both Judaism and Christianity from the very beginning.
On the post: FBI Waking Up To The Fact That Companies With Itchy Trigger Fingers Want To Hack Back Hacking Attacks
Re: Devolving back into barbarism
Infrastructure must be managed by society and not by individuals driven by a profit motive, because high-quality infrastructure is unprofitable and attempts to make it profitable inevitably decreases its quality, to the detriment of all. (See: Comcast, Verizon, AT&T, TWC, toll roads, privatization of water supplies, privatization of prisons, and so on...)
On the post: FBI Waking Up To The Fact That Companies With Itchy Trigger Fingers Want To Hack Back Hacking Attacks
Re: Re: Re: Re: Nations are rather new
We must be reading about different messes then. Most of the ones I read about daily are caused by small, unaccountable, powerful individuals and groups loyal only to themselves (and occasionally to shareholders, which also mostly falls under "themselves" in most cases) pursuing unchecked greed and attempting to live by the rule of Might Makes Right. You know, barbarism.
I really ought to call Godwin on this and be done with it. But let me point out two things. First, every one of those governments failed, and failed pretty quickly, far faster than the average, and they are no longer with us. Communist China is sort of an edge case; technically they're still with us, but they've changed so much in the last few decades that Mao wouldn't really recognize the modern Chinese government.
Second, I really do appreciate the way the Nazis organized their population productively. They took a war-torn nation suffering under crippling poverty, debt, and hyperinflation, and in the course of a few short years they managed to turn it into an industrial powerhouse that was the envy of the world. And then they got into a war of conquest, genocide, and all manner of horrible things that have since turned their very name into a synonym for "evil," but just imagine if they had put that all that potential to a productive use instead!
When's the last time you built a road, commissioned a police or fire department, established standards for things we use every day to work together, or educated a child? I've never done any of those things as an individual "person like you and me," but as a citizen, I do all of the above and more on a regular basis, by paying taxes and contributing to things larger than myself, which raises my standard of living, and yours, and that of all citizens. That's what civilization is: a group of individuals working together in an organized fashion to accomplish things beyond the scope of what they could accomplish on their own.
Sure sounds like you're trying to do away with civilization and revert to a every-man-for-himself society. That is the very definition of barbarism.
On the post: FBI Waking Up To The Fact That Companies With Itchy Trigger Fingers Want To Hack Back Hacking Attacks
Re: Re: Nations are rather new
FTFY
On the post: FBI Waking Up To The Fact That Companies With Itchy Trigger Fingers Want To Hack Back Hacking Attacks
Nation states. Every time I see that term, I have to wonder who came up with it and why. A nation is a state, so that's kind of redundant.
Do you go around calling people "person beings"? What sort of pets do you prefer? Are you a feline cat person being, or a canine dog person being?
On the post: FBI Still Standing By Its 'North Korea Did It!' Claims On The Sony Hack
Re: Washington Senators
On the post: Despite Endless Improvement Promises, Comcast, Time Warner Cable Still Least Liked Companies -- In Any Industry
Re: Not a fair assessment of Comcast or Time Warner.
On the post: Will Patents Ruin The Most Important Biotech Discovery In Recent Years?
Re: Re: Re: Good thing this syndrome didn't begin in an earlier era
It's a sign of healthy competition in a still-developing market, and it's not anywhere near as big a problem as the self-serving iDiot shills proclaim it to be, in large part because Google has the historical experience of the early IBM-compatible era to look back at and help guide their decisions WRT the evolution of the platform.
Next >>