[liberationtech] CFAA Extremism
So, I've been wondering... If the CFAA makes it a felony to violate a website's terms of service, wouldn't the logical way to protest this absurd interpretation of the law to write Terms of Service that forbid members of the US government-- especially Congress and the Department of Justice-- from visiting your page and then file criminal complaints en masse whenever a DoJ employee or congressman visits your site? Just a thought :) Scott -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] CFAA Extremism
Individuals can't file criminal charges and it is up to law enforcement and prosecutor's discretion as to whether they do. They won't so you're out of luck there. You could file civil lawsuits as the CFAA has a right of civil action. However, you'd need to fund it with the high likelihood that you'd lose. Judges don't like people filing lawsuits to prove a point. They will likely look for any means of dismissing your action. Jason On 9/22/2013 1:42 PM, Scott Arciszewski wrote: So, I've been wondering... If the CFAA makes it a felony to violate a website's terms of service, wouldn't the logical way to protest this absurd interpretation of the law to write Terms of Service that forbid members of the US government-- especially Congress and the Department of Justice-- from visiting your page and then file criminal complaints en masse whenever a DoJ employee or congressman visits your site? Just a thought :) Scott *R. Jason Cronk, Esq., CIPP/US* /Privacy Engineering Consultant/, *Enterprivacy Consulting Group* enterprivacy.com * phone: (828) 4RJCESQ * twitter: @privacymaverick.com * blog: http://blog.privacymaverick.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] CFAA Extremism
Do you have a link? On 9/22/13 11:51 AM, Griffin Boyce wrote: There are some really great unenforceable TOSs out there. The best I've seen is a clause which states that it is a violation of the Terms of Service to read the Terms of Service. (But of course, how would you know unless you read them?) ~Griffin -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] The missing component: Mobile to Web interoperability (in Internet Freedom Technologies)
On 09/17/2013 04:46 PM, Michael Rogers wrote: [...] Please push me back on the right track if I have a blind spot here-- I'm having a difficult time seeing a technical difference between a social network that allows partial views of the graph in order to maintain a semblance of privacy, and a system of distributing digital copies of music that tries to limit the number of times a file may be copied. The difference is goodwill. It may be reasonable to give a piece of information (such as a list of your friends) to each of your friends, and ask them not to share it any further. I'm very skeptical of goodwill being the killer feature that ends up impeding the global distribution of private data through the internet. Goodwill is a pre-internet concept that is predicated on things like short human memories, and it wholesale ignores all the moral hazards that come from being able to install a splitter on a single line and copying all data everywhere, private or not, for nearly nothing. Not to mention store it forever. Not to mention retrieve it for next to nothing... So if you want to bring goodwill into the post-Snowden leak era, you have to explain how the users of your system are able to reasonably ignore those threats, which didn't exist when the term was coined and now do. I don't think that's possible. The current centralized approach seems to be to keep ignoring the risks, but do so unreasonably. The federated approach seems to be to take these threats that did not previously exist (or if they did only for extreme cases), and decrease the risk by dividing by something slightly greater than one. Unfortunately the p2p model seems to be to make a prototype, or even a working system, and stop at the point where it's minimally functional, usually because funds are scarce. That's unfortunate, because for anything like an updated concept of goodwill to really function in such a system the user _must_ know what the current threats are and a way to accurately glean the mid-term and maybe long-term threats. Otherwise you create a social network that looks like it has checks and balances built-in, but, e.g, no one really understands _why_ sharing beyond the first node is a danger and no one cares about honoring the premise (including the friend sharing the list in the first place). Nearly every social network UX is designed to hide such risks, and I don't see any examples of an alternative. Does yours offer one? Best, Jonathan -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] CFAA Extremism
People would be generally safe, since my experience is that only dweebs such as ourselves ever read them. ;) Everyone else ticks off the box and moves on. I have been tempted to write TOS that contract to promise rights to primageniture bondage and see what happens... yrs, On Sun, Sep 22, 2013 at 2:51 PM, Griffin Boyce grif...@cryptolab.netwrote: There are some really great unenforceable TOSs out there. The best I've seen is a clause which states that it is a violation of the Terms of Service to read the Terms of Service. (But of course, how would you know unless you read them?) ~Griffin -- Cypherpunks write code not flame wars. --Jurre van Bergen #Foucault / PGP: 0xAE792C97 / OTR: sa...@jabber.ccc.de My posts are my own, not my employer's. -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu. -- Shava Nerad shav...@gmail.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
Re: [liberationtech] Question re Cisco auth and remote login best-practices
On 9/22/2013 10:32 PM, Bill Woodcock wrote: So, if we assume the worst, and figure we're just doing damage-control and minimizing a large problem, what are the best-practices to follow in configuring Cisco routers in remote locations? Generate max-length (4096-bit?) RSA keys on them, for the SSH sessions… Use remote auth to do command-by-command authorization, no level-15 logins? Run TACACs over IPsec? Over something else? Locally trusted human. :-) - ferg -- Paul Ferguson Vice President, Threat Intelligence Internet Identity, Tacoma, Washington USA IID -- Connect and Collaborate -- www.internetidentity.com -- Liberationtech is public archives are searchable on Google. Violations of list guidelines will get you moderated: https://mailman.stanford.edu/mailman/listinfo/liberationtech. Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu.
