Posts by Charles 9

Got any alternatives not prone to similar corruption? Even benevolent dictators can be turned.

Re: When will they just make the internet a public utility already?

You should've seen fire companies before the governments took them over. They basically became extortion rackets...

Re: Break it all

Until you have to order something you can only get from a site you can't reach...and no, you can't get it from the Sears catalog, either.

"Option 3 is therefore the most likely. Nothing much of anything will happen. The Registrars will comply with the law. ICANN will continue to flail for another few years, then eventually accept the inevitable. Grumpily, and possibly after having been hit with the fine stick. The board will continue to be smug, useless wankers, continue to increase the size of their bonuses, and when the money starts to run out will consider selling some more .name domains to raise cash."

But there's a wildcard to Option 3: President Trump, who you've noticed is VERY protectionist. Not to mention impulsive. If he starts noticing the GDPR as Europe stepping on American toes, there's bound to be a brouhaha that can potentially tie ICANN's hands. Not to mention put California under an uncomfortable microscope.

Counterproductive. Your sheer weight of numbers will CAUSE rather than prevent balkanization because cartel behavior will eventually set in.

But fines won't faze ICANN much; they can hide behind sovereignty and never go to Europe. What WILL hurt ICANN is a Power Play: a move to usurp their control over say the DNS roots and .com. But doing that will cause the Internet to fragment.

Thing, is the EU willing to play the ultimatum card and eventually start the wholesale balkanization of the Internet by usurping all ICANN functions? So far, I haven't heard threat of such an ultimatum which would probably be the only way to really get ICANN'S attention (since they can probably play sovereignty against the fines).

Re: I'll switch browsers...

"I will NOT do the hassle to make all that HTTPS, if indeed I even can for the simpler things - I already have a real decent protection from the internet at large going on - in one spot, between all that and the 'net."

Also, doesn't this present a SPoF problem if someone goes out of their way to tackle you "one spot" to get at all the things behind it?

Re: Shut up about the Chinese Cannon and the Verizon Supercookie

But unlike your scenario, the Chinese Cannon is transparent. Even the most observant user can't tell whether an encrypted connection has been altered on the fly. In fact, there IS no way to tell until it's too late, PLUS there's no way to block it because it happens outside your control, unlike all your scenarios which require either user intervention (installing rogue certificates) or user ignorance (not noticing a bad certificate pin). So I say my scenario still stands, PLUS it's actually happened in real life, so we KNOW it CAN and WILL happen.

Re: I'll switch browsers...

But how do you vote with your wallet when ALL providers are looking to swindle you AND you can't go without? It's not like you can go back to the Sears catalog, seeing as how Sears itself is on the brink.

Re: Shut up about the Chinese Cannon and the Verizon Supercookie

"In fact, you don't have to be a "state level actor" (TM) to MITM a HTTPS session."

OK, then, explain. How do you MITM an HTTPS session without the private key, without breaking certificate pinning, AND if you've been there before (breaking the First Contact Problem)?

Re: "sniff for HTML in the clear, inject malware, and PROFIT!

"Actually, today is far easier to distribute malware through ads than trying to intercept connections which may require a far higher access to the target network."

Which well-resourced, well-connected, or state-sponsored actors (Chinese Cannon) are likely able to do.

Re: FFS Google

"HTTP is only insecure when sensitive information is being exchanged."

OR if it's being MITM'd like with the Chinese Cannon and the Verizon Supercookie...

Re: Shared Hosting

And MY point is that ANY unencrypted HTML page, even an Apache test page, can be hijacked by a man in the middle, altered on the fly to inject malware, and then sent alone with the end user none the wiser. It's what allows things like the Chinese Cannon and Verizon Supercookie to work (both use MITM techniques). THAT'S why the push to remove unencrypted HTML, no matter the content (because the content is irrelevant--it's the mere fact it's unencrypted that's the key here). Similar to why Telnet made way for Secure Shell.

Re: Shared Hosting

They can STILL be MITM'd.

Re: Idiots...

The Chinese Cannon happened. Now it's clear that ANYONE who wants to drive-by a victim can just hit a midpoint, sniff for HTML in the clear, inject malware, and PROFIT! Just like with Telnet, there's only one practical solution to a malicious MITM: give Mallory no cleartext to sniff.

Re: I think you miss the point ...

NO unencrypted website can really be considered safe anymore due to increasing MITM attacks like the Chinese Cannon and Verdon Supercookie. Malate can be injected even into a vanilla HTML page, on the fly, by an agent sniffing for ANY unencrypted Web traffic to hijack.

Re: If only it were that easy

Even a plain information site can be MITM'd. Remember the Chinese Cannon?

Re: I got to press the red button for real.

"So I did. It produced quite impressive results."

Surprised the button wasn't blue instead of read, since it seems you triggered what many hospitals term a "Code Blue," meaning a life-threatening emergency, usually a cardiac arrest (in your case, it was respiratory arrest and cyanosis on a newborn). Given the promptness of the reply, the alarm was probably local to the ward you were in because a crash team was already in place.

"Only after someone else signs off that you can do that. I wasn't taking the blame."

Also, the other department likely has a signature saying they were authorized, too. And if their signature is from someone over yours...

Re: Is it likely

"I am fairly sure that if I want security and privacy the only good device is one that is switched off."

How about a good device that's actually useful?

Re: Trust

The problem is that machines are still made by man. Meaning it's possible to corrupt the machine.

I think what they're saying is that, once goodwill runs thin (and history indicates it WILL run thin), competition and attrition will result in one or more of the providers going away. Not because ICANN wants it that way, but because the providers want it that way.

Re: It's not an actual problem

"In some places, like Europe you have the additional possibility of getting your time via longwave transmitters. The DCF77 signal, carries the time in a way you can get your error well down below a millisecond. Other simmilar transmitters will still get you the time to a fraction of a second."

The US equivalent is WWV out of Fort Collins, Colorado, which gets its timebase from NIST in nearby Boulder. It transmits several different time signals with varying degrees of precision.

Re: Tears

But what if it could prevent a severe downer on the same patrons? Meaning they may look at it similarly to something that would boost them? I mean, who wants to hassle with red tape?

Re: CA leading the way?

CA leads the way in pollution standards due to Los Angeles (pollution ducks when you live in a thermal inversion zone). And districting remains in each state's hands (per the Constitution IIRC so the Feds can't usurp). Abortion can be a hot topic, but popular opinion still favors the status quo which can make the courts leery.

Re: Now for gun laws?

Too polarizing. Plus constant fear of the Day of the Jackboot justified by writings of the Founding Fathers.

Re: About California's initiative process

Actually, it's too late. The deadline's passed, and all the signatures are now void, unless he lied or pulled a bait-and-switch by presenting a stricter one.

Re: Tears

Why don't they just send a puppet to challenge it in court, say on First Amendment grounds or something?

Oh? AT&T is still standing and arguably bigger than ever. The Baby Bells simply glommed themselves back together through attrition, mergers, and buyouts. It's hard to break up something that big without it naturally trying to come back together through those methods.

Well, I believe the big catch is that the only way to amend a ballot initiative is with another ballot initiative, barring judicial intervention.

Re: "El Reg's highly capable ad operations team"

"I have empirical evidence that radio advertising works (I got customers from it)"

I have empirical evidence of the opposite. Seems most people change the station or turn the radio OFF when the ads come on (and let me tell you, some of them are LAME).

Re: A fraud peddling frauds is frauduent indeed.

So what happens when the frauds are found to themselves be frauds which in turn were frauds themselves until it's paper turtles all the way down?

Re: "El Reg's highly capable ad operations team"

Only when the public will accept the fact the zinger net isn't free and everything starts disappearing behind pay walls and people either pony up or go, "Stop the Internet! I wanna get off!"...and go back to the TV spots, product placement, international junk calls with fake Caller IDs, billboards, and junk mail...

Re: Ads are rubbish

I've personally used DNS66 myself. Has its own sets of options, also FOSS and available from F-Droid.

Re: No Wear Levelling hmmmmmm

I guess it's simply a cade of Your Mileage May Vary, as it seems EVERY manufacturer from SanDisk to Samsung has had bad days. My firsthand experience makes me trust Samsung and SanDisk most. Meanwhile, the only MicroSD card I've had wear out was a 16GB Lexar...in a dash cam.