The networking of "things" is not a problem as long as you can opt out of it. Can you stop the toaster of the future from talking to the vendor, the crock pot, Google, the neighbors, your router?
Policy-wise we need a requirement of opt-in: the manufacturer can try to convince you that connecting the device to internet is beneficial for you, but has to let you say no.
And on the technical side, if it needs to be authorized in your router, you already have an opt-in. If it's going to connect by default somehow, maybe by open mesh wireless or somesuch, that's a problem for privacy and security.
Implantables, and particularly life-essential ones like pacemakers, are different. They need remote access to enable updating without surgery, but it must be secured well enough to prevent the sort of vulnerabilty the article describes.
BTW, if you were intent on killing someone, wouldn't it be just as effective to direct a strong RF signal to burn out the electronics, overwhelming any access controls?
"an open conversation about knowledge that can easily kill people"
This phrase and the article contain the same fallacy ( ("disclosing 0days when they can kill people"). I may be accused of semantic quibbling here, but I think it is important to state the issues clearly and accurately.
Information cannot kill anyone, nor exert any effects at all, ever. It is not causal. Actions using the information may be enabled by knowledge of the information, but they are human choices and not automatic.
This is not merely a matter of careless expression that does not affect the argument. In fact the fallacy is not only, or not exactly supposing that knowledge is causal, but rather in eliding the whole articulation of what happens between the revealing or acquisition of knowledge and the action that may or may not use it in some way.
The situation has a common element with the gun control issue: if someone has a gun, violence is easier, and this may be considered bad, but it does not excuse conflating the shooter's action with someone else's conduct of merely allowing that person to have a gun. It does not shift any responsibility from a competent adult actor to someone who merely allows a gun to be available.
Note also that the gun-possessor, or the person newly armed with knowledge, need not act on it at all, and those who confuse things by missing these distinctions manage to avoid the fallacy in those cases.
"My recommendation is to plan privacy ahead. Think of your product as something that should not 'keep everything, analyze later' but 'keep what we must, and dump the rest'."
This is what we call "solving the wrong problem". Yes, those observations are good ones (albeit obvious) for anyone seeking to design a privacy-respecting service. But how do we get anyone to do that?
As long as companies are profit-oriented and legally able to do so, they will data-mine everyone as far as they can. What can be done about this? The author has nothing to say on this latter question.
Even a "correct" tap installation might cause an outage due to the particulars of optical-fiber manipulation. There have been occasional reports of cable breaks in the news - I've noticed since about the 1990s. They have been attributed, usually to ship anchors, or other accidental occurrences. (Supposedly also, sharks bite cables, attracted by current, but this may apply more to wire than fiber)
How to get there is a difficult question - particularly the political question of how to get better policies in place. It is effectively a test of democracy, whether the people in each country (the majority of whom, I assume, prefer not to be pervasively wiretapped) can actually influence government behavior.
As for what the policy would look like, well probably each national government will be unwilling to give up much of its interception capabilities, but maybe they would like to avoid interception by other governments. So as one possible reform, one can imagine an international arrangement where nations would monitor the undersea cables and remove any spy devices.
My first thought was, wow, they could have had computers based on sets of these connected in different ways, as logic circuits. As I recall from the Stephenson version, Turing and co. were using something similar in the analog days.
This is the right answer and it's too bad it was way down the page (I upvoted).
For your situation, mark_I_watson, probably get a cert from a CA, the cheap "domain only" variety where you can verify your site to the CA simply by putting a file in the web root directory.
I say this assuming the content is whatever you were already displaying to the world without encryption - therefore low-security. The cert allows you to put meaningful authentication on your site (otherwise passwords go in plaintext, for example).
For a medium security level, sufficient for online money transactions, you would have to get a higher-assurance type of cert - this requires more money, sending business and personal ID documents to verify your business to the CA, etc..
For really secret communications - getting into a degree of NSA-proofing - among other things you have to avoid involving a CA, and preferably make browser certificates for trusted clients, to spare them the warnings that browsers throw up on non-CA server certificates. This is unsuitable for (legal) commerce (commercial payment processors would reject your business), and still vulnerable to metadata collection (unless you put it on TOR or equivalent), and still vulnerable to state coercion of private keys or forced code-trojaning.
Note that the third solution requires that your clients have a means of verifying that the site is yours rather than an imposter - you avoid a CA having the power to enable some other site to impersonate yours, but trusted users must have a basis for trust by a "side channel" such as knowing you personally, you being their employer, or reputation of your digital signature over time.
Could you elaborate on what you find meaningful about the authentication a CA provides?
Another neat trick is creating your own CA, and putting your root into the local trust stores of client nodes that you care about. (Be sure to permanently airgap your root key, and create intermediate signers.)
I meant that sending logon + password is somewhat pointless if it's plaintext over the internet, while if you have some encryption going on, someone intercepting the data in transit would have a harder time using it to trick the client or the server. In that sense authentication is more meaningful with a certificate -- even though using a CA still allows interception by a government actor. It narrows the range of those who can "break" the attempted security.
Well, a self-signed certificate still offers that encryption.
None of my arguments about X.509 / CAs are about government actors in particular, though. There are enough root CAs trusted by the major browser vendors that breaches can (and have) happened with minimal resource expenditure.
Amusingly, the areas where the most US Americans are familiar with SI are gun calibers and recreational drugs. [n] (OK, I may have a warped sense of humor, but it's true)
Great, maybe it will spread to other countries :-)
Actually I'd like to see the actual width of the screen (bezel included) rather than the diagonal, which is pretty useless. It's to the width that I've been looking at recently when I wanted to know which TV fits into the space I have for it.
As a USian I can testify that there's a lot of irrational opposition here. Disclaimer: I don't have scientific sources on this, just subjective impressions from a lot of little interactions and clues.
The resistance seems to be largely: (a) older people who doubt their own ability to adjust (b) right-wingers who are convinced it's a socialist conspiracy or somesuch (these are people who think international cooperation is taking sovereignty from the US, or something like that - they're a bit incoherent) and (c) politicians perceive it as unpopular and risky to advocate (presumably because of a and b) or just not a vote-getter.
I've occasionally tried to promote SI by using units in casual contexts, but it's perceived as pretentious or obnoxious. The situation is better online as I participate only in fora like this where US obtuseness is not necessarily expected. It is hard to even find products like thermometers and measuring cups (for cooking) with all-SI.
Ghostery, the last time I checked it out was closed-source, subject to control or influence by advertisers, and reporting to the vendor about users' browsing. Clearly lots of people like it, but I would consider it gross breach of my security policy.
My recommendation for anyone who's serious about controlling his/her online footprint is Request Policy. It's open source and simply blocks requests according to user directions - you can put it on a whitelist or blacklist basis, and decide for yourself what servers to contact from each page. Of course this is too inconvenient for most people, but it gets asyptotically less troublesome as the list is perfected.
1. Closed-source javascript is not a thing, and Ghostery's code is very readable.
2. Technically, anything is subject to influence by third parties, but I'm quite certain you possess zero evidence that Ghostery is actually influenced by advertisers. Implying that Ghostery might do something nefarious at the behest of advertisers (based on nothing but personal paranoia) seems maliciously disinformational.
3. Ghostrank is opt-in by default. You have to intentionally check a box that plainly says you agree to send "anonymous statistical data" to them.
We are most definitely not influenced by third parties, if anything, companies now contact us directly to provide their registration information for monitoring by Ghostery. Additionally, we keep the database changes public here: https://www.ghostery.com/en/database/changelog
Policy-wise we need a requirement of opt-in: the manufacturer can try to convince you that connecting the device to internet is beneficial for you, but has to let you say no.
And on the technical side, if it needs to be authorized in your router, you already have an opt-in. If it's going to connect by default somehow, maybe by open mesh wireless or somesuch, that's a problem for privacy and security.
Implantables, and particularly life-essential ones like pacemakers, are different. They need remote access to enable updating without surgery, but it must be secured well enough to prevent the sort of vulnerabilty the article describes.
BTW, if you were intent on killing someone, wouldn't it be just as effective to direct a strong RF signal to burn out the electronics, overwhelming any access controls?