- monthly subscription or
- one time payment
- cancelable any time
"Tell the chef, the beer is on me."
Die Security-Industrie hat insgesamt schon was bewegt in den letzten 10 Jahren, auch wenn sich das immer wie ein Kampf gegen Windmühlen anfühlt. Ein Gutteil des Hebels in großen Firmen kam daher, dass man sagen konnte, schaut her, selbst Microsoft hat es geschafft, dafür einen Prozess zu etablieren!
Nun kann man natürlich sagen, hey, Microsoft hat immer noch kritische Fehler in ihrem Code. Die müssen immer noch einmal im Monat Patch-Tag machen und da sind immer wieder furchtbare Dinge bei. Stimmt. Aber bei Microsoft wissen wir immerhin, dass sie selber nach Fehlern bei sich suchen und die aktiv auszumerzen versuchen. Bei anderen wissen wir, dass sie darauf warten, dass jemand von außen Fehler meldet, und dann fixen sie sie — vielleicht.
cf. Blog entry from 2011-08-11:
// MozMozilla Labs designed the BrowserID experiment to increase user convenience and safety online. Using Mozilla’s Privacy & Data Operating Principles as guidelines, we built a system that seeks to maximize user privacy and control by shrinking the user-data minefield, disclosing information to sites only on a need-to-know basis, employing a model that is intuitive and users understand, and limiting tracking of browsing behavior while also enabling pseudonymity online. For more information, be sure to check out our blog post about privacy and BrowserID, as well as the BrowserID homepage. //
Wir sind jetzt also soweit, dass man mit Pastebin CAs runterfahren kann :-)
“ [...]— DigiNotar fully compromised - CyanogenMod Android ROM - Google Project Hosting | Issue 4266 - cyanogenmod - 2011-09-03
I know users of CyanogenMod in Iran who are directly impacted by this compromise of DigiNotar. Additionally, they use the GSM network and it is possible to set the clocks of GSM phones - so certificates that have been issued are not valid only during some window of time - the attackers literally control time. The attackers here have all of the cards and only by removing the trust in DigiNotar *at the root* will help those users to stay secure
[End of the full text version] ”
“— The NSTIC, you, and me (and Google?)… | BonnieNadri.Com - 2011-08-29
(L)egal identity needs to be administrated in the online domain (which, contrary to what NSTIC and others seem to think, is not demonstrably proven), it remains that without the protections outlined in the “dotrights” campaign, the NSTIC effort is an incredibly dangerous movement for state managed identity as well as for citizens/consumers and their rights/interests. But don’t take my word for it, consider carefully the wording and implications of Mr. Messina:
“The last thing that I’ll add — which itself is controversial — is that this whole system, at least at the outset, will be voluntary and opt-in,” Messina says. “That means that if you don’t want the convenience of not having to use passwords anymore, you won’t have to. If you’re okay rotating your passwords and maintaining numerous discreet accounts across the web, that’s cool too. I don’t think a mandatory system would succeed — at least not without proving its security, stability, convenience, and utility over several years.”
I would point out that the current efforts by Google are, in fact, “entirely voluntary and opt-in”.
I would also point out that they have made it exceedingly clear that they are being driven by a yet-unexplained motivation that makes taking a “don’t like it, leave” stance attractive for Google.
I would further point out that Google’s CEO Schmidt himself stated that (paraphrasing), “Google+ is an identity service”; this is also supported by Google’s own site.
My assertions and conclusions at this point are, I think, things that you will find utterly logical:
- Google intends to be one (the first? the premiere? the only?) identity service for the USA.
- Google intends that their existing hold over users (adoption of services and products and related entrenchment thereto) be the weight brought to bear that ensures adoption rather than abandonment.
- Google intends that their ability to demonstrate adoption will allow them to leverage themselves, if not into the position of sole provider, then into a position of an elite few.
- Google intends to lobby and support our government in reaching a point of transition at which this “entirely voluntary and opt-in” identity service may become a mandatory one.
- Google is counting on YOUR continued use and willingness to adopt and endure any change they make to accomplish this.
Seem far fetched? Why? Messina is obviously thinking about it, the NSTIC is as well, thus Google, our Government, and who knows who else are thinking about it, too. Look at this and understand: There is not that much distance at all between Messina’s statements and the above assertions and conclusions and, frankly, that distance will close rapidly if Google is right about consumer apathy and passive adoption.
“ [...]— Randi Zuckerberg Runs in the Wrong Direction on Pseudonymity Online | Electronic Frontier Foundation - 2011-08-02
The problem with the civility argument is that it doesn’t tell the whole story. Not only is uncivil discourse alive and well in venues with real name policies (such as Facebook), the argument willfully ignores the many voices that are silenced in the name of shutting up trolls: activists living under authoritarian regimes, whistleblowers, victims of violence, abuse, and harassment, and anyone with an unpopular or dissenting point of view that can legitimately expect to be imprisoned, beat-up, or harassed for speaking out.
via Diaspora* - https://joindiaspora.com/posts/365705 ”
“ [...]— Bilderkennung: Ich weiß, wer du bist | SPIEGEL ONLINE - Nachrichten - Netzwelt - 2011-08-02
Eine Geschichte aus einer möglichen Zukunft: Sie sitzen in der U-Bahn einem interessanten Menschen gegenüber. Wie heißt er? Wo arbeitet er? Wofür interessiert er sich? Sie halten kurz ihr Smartphone hoch, fotografieren unauffällig das Gesicht ihres Gegenübers und nach ein paar Sekunden erscheinen auf ihrem Handy all diese Details.
“ [...]— Sony Pictures hacked and Database Leaked by LulzSec ~ THN : The Hackers News 2011-06-02
Message By Lulzsec:
Our goal here is not to come across as master hackers, hence what we're about to reveal: SonyPictures.com was owned by a very simple SQL injection, one of the most primitive and common vulnerabilities, as we should all know by now. From a single injection, we accessed EVERYTHING. Why do you put such faith in a company that allows itself to become open to these simple attacks? What's worse is that every bit of data we took wasn't encrypted. Sony stored over 1,000,000 passwords of its customers in plaintext, which means it's just a matter of taking it. This is disgraceful and insecure: they were asking for it.
The general online media output is IMHO up to now low. I guess the mainstream media are avoiding intentionally to cover it as a focus in their news head lines.
“ New on Herdict blog: National Science Foundation Blocks Global Voices Advocacy: Last Wednesday, Berkman Senior R... http://bit.ly/gjjXgh— Twitter / Herdict: New on Herdict blog: Natio ... | 2011-04-25
When GVA inquired NSF’s commercial filtering provider Blue Coat about the reason, they responded,
“The website has verbiage indicating how to avoid proxy filtering, which clearly violates our security policy and therefore will remain blocked.”
As a non-profit organization that tracks Internet censorship across the globe and spreads knowledge about online filtering, GVA publishes information to teach others—specifically, online activists in developing countries that place restrictions on Internet content—how to circumvent domestic Internet filtering. However, Zuckerman noted the circular reasoning of this specific incident:
“In other words, the National Science Foundation is spending taxpayer money to (ineffectively) prevent scientists from learning about a debate about ‘internet freedom’ tools the US State Department and the Broadcasting Board of Governors are spending taxpayer money to support and promote, again using taxpayer money. Is there a Federal irony department where I can lodge a complaint?”
"Tell the chef, the beer is on me."
"Basically the price of a night on the town!"
"I'd love to help kickstart continued development! And 0 EUR/month really does make fiscal sense too... maybe I'll even get a shirt?" (there will be limited edition shirts for two and other goodies for each supporter as soon as we sold the 200)