People using it colloquially is exactly the thing that leads to trademark erosion.
Most eroded trade marks were previously owned and registered. It's not the registration that gives trademark protection. Trademark protection exists to protect the market place. It prevents companies from piggybacking on someone else's success.
But if the consumer doesn't think that "Jeep" is a mark, but a form factor, then no one is protected from any misunderstanding and it would be no longer a trade mark. Happened to Motorola in 2005 with "flip phone".
Really I think this illustrates best that trademarks are of dubious sanity. They attempt to police language but have no real control over it - pouncing like attack dogs to try to set an example to the kind of people who call all game consoles "Nintendos". In practice it seems like makework for lawyers which we need like a hole in a head - while to defend imaginary property in pursuit of imaginary lost profits.
I can't help but think society would be better served by using the court system for just about anything else including seeking damages from the gentleman who sold them the brooklyn bridge.
I would want some defense if someone was using say a trademark I made for kid entertainment vulgarly. Unfortunately marketing does sometimes mean policing language, if you would end up in an unfortunate position due to association
The regulations are not "weird". Before telcos were required to route all calls without discrimination, they didn't. And as soon as telcos are no longer required to route their competitors' calls, they stop. A recent example is the new area code for VOIP calls introduced in Germany in 2009. Major telcos just didn't route them, citing "technical reasons" despite being able to route local area numbers with the same mechanism without problem.
Competition is only a solution for problems where the telcos' interest and the consumers' interest align. And that's very rare.
I don't think this was an attempt in good faith to participate in the discussion about the utility or futility of codes of conducts. This seems to be, depending on your inclination to give the authors the benefit of the doubt, either a joke in bad taste or simply a troll.
The straw-man "Frequently Asked Question" about the project name sounding like cock makes me lean to the latter option. In any case, this isn't really worth discussing much, as it's primary use seems to be to poison that discussion right from the beginning.
I think it might be true on the grounds that credit cards are only king in the US and Latin America, whereas they represent less than 10% of cashless payments in the large markets, namely Asia.
Developed countries have more accessible and cheaper systems, like M-Pesa. In China, you generally just scan a QR code to make a payment. Neither of these systems piggyback on the expensive and slow credit card system.
So, I think this statistic might be as true as it is misleading. Impressive marketshare, just not as big a market.
Is that just a rant or do you have an actual reason to call TrueCrypt crappy? It was at least somewhat solid and it definitely had a great mindshare at the time. It wasn't niche.
Also, describing small-scale intervention in cryptography by services "mythologic" in a thread about news about large-scale intervention in cryptography by those services is a bit odd.
I don't even understand the theory underneath this supposed conspiracy, since full-disk encryption is utterly mainstream at this point. I also don't need to get too deep into what I don't like about TrueCrypt; use it if you like it. The problem is with the model of full-disk encryption; outside of phones with deeply integrated hardware designs that support it, FDE is the least powerful form of encryption we use. It wasn't even a speed bump for the Ulbricht investigators.
By all means: enable FDE. You have to turn it on. It's not optional. But the threat it defends against is not the threat many people think it defends against. It's hard to imagine it being such a priority that any government would launch a conspiracy to shut down an open source project.
Again: why do you use such belittling words like "conspiracy theory"? We know that the services interfere. We know that they interfered with vendors of cryptography products. And we know that National Security Letters exist, as do other – legal – means to pressure such vendors. There is no conspiracy needed for them to try to pressure someone by, say, threatening them with denial of a entry visa. Or they could have simply tried to buy them off which they might not have liked. It's not a crazy idea by any stretch.
> It wasn't even a speed bump for the Ulbricht investigators.
Are you talking about the situation where they had to very carefully snatch a running laptop from a suspect so that they can't lock it? Seems to me like FDE would have been at least a significant speedbump had they not circumvented it. Why else would they go to such trouble? And what would they have done if the suspect hadn't used his laptop in a public place?
We in fact do not know that NSLs of the form suggested in the root comment exist. Such an NSL, requiring developers to stop work on a project, would in fact be unprecedented. It is, in fact, a conspiracy theory. In reality, the exact opposite thing occurs: the USG-backed Broadcast Board of Governors actively funds cryptographic privacy technology, both through direct grants to projects and, to head off other conspiracy theories, in much harder-to-subvert grants to 3rd party pentesters to find and report vulnerabilities in those tools.
Pretty sure you misinterpreted that comment. It's not suggesting that they pressured the devs to stop work, it says they were pressured to stop making it so awesome. The inference being that they were pressured to weaken the product and they walked away instead.
Lavabit was a service that effectively held keys for its users and was compelled to disclose them. If we were discussing whether a vulnerable service was somehow compelled by the USG, I wouldn't argue. I doubt you'd even need an NSL compromise Lavabit; you might even be able to do it with routine civil litigation. Don't ever use things like Lavabit. That's why we talk about "end to end encryption", as opposed to the bad kind of encryption.
Lavabit also sent the private keys from their servers to clients using TLS that utilized RSA for key exchange. Levison was to put it into a word, a fool, for letting that happen. Once he had to submit the private RSA-key for the certificate, FBI could decrypt every past session, and every private key of every user. IMO he'd have to put a hell of a lot of effort if I'm ever going to look at his creations again.
While not an NSL, we do know USG leans on companies to implement weaker/breakable cryptography. There is at least one public example (attempts to compel Apple), and presumably there are many more successful undocumented attempts.
> what would they have done if the suspect hadn't used his laptop in a public place?
Screw open his laptop when it's turned off and he's away from home, install a keylogger into the bios. Put a camera onto the shelf to film which keys he types to log in. If he puts a blanket over his head: solely rely on the sound each key makes. Hack his computer remotely using one of the government owned 0days and dump the keys. Use side channels to attain the password via the power outlet in the neighbouring house.
They had countless ways and they chose the one that revealed the least about their capabilities.
The biggest problem with FDE is that as long as you're using the encrypted computer, FDE isn't protecting you. It doesn't take technical capabilities to exploit this; you just wait until the target has their laptop open to do the interdiction.
FDE's not worthless. Again, I don't think it's even optional; one of your laptops is eventually going to get stolen, and you're going to want the reassurance that at the very least, once it loses power, the thief won't have access to your data (meaning, in effect, that most thieves will never have access to your data). And it's somewhat more powerful on phones, which have integrated designs to make FDE more granular.
But the idea that of all the things the USG could spend energy on, aftermarket FDE software would be their target? It's not very plausible.
Are Apple's new machines with T2 secure enclave less vulnerable in this regard? They claim all storage encryption goes through the chip, making it more like an integrated phone design.
Yeah, on the county sheriff level those capabilities are probably not available. However, Ulbricht was target of investigations on a federal level. He was arrested by FBI agents.
Yeah, but are there any other forms of encryption that could have mitigated any of those attacks? Once your adversary has physical access to your environment/hardware, it's pretty much game over for security.
Someone started talking to him while someone else snagged his laptop - a thing you and a friend can do to more or less anyone. It's not like people rappelled down from helicopters with guns drawn.
They developed USBKill right after to prevent against stuff like this. That said, I'm sure the FBI knows about that now as well and would avoid sticking USBs into computers they want to target randomly.
It does work well though. As a user, I can't remember significant Wikipedia or Wikidata outages.
And I'm really not sure if whatever blockchain solution that person on twitter wants Wikimedia to use is even able to get to that scale, yet alone perform better an it than what Wikimedia currently has.
Because Wikipedia's database is centralized, and lives at a particular (range of) IP addresses, it's trivial for a state actor to censor it.
Does a sprinkling of magic blockchain solve this problem? Not really. But something more specific to the problem might; being able to torrent the full data dump is a step in the right direction.
Yes, in a strictly semantic sense, it is a limitation. However, in general such access would be not only a bad idea due to the loss of abstraction and additional work to implement (duplicate) access controls, it would also not be very useful for users over the multiple possibilities for access that already exist.
And all this is really a red herring, both in relation to the unspecified use of blockchain and in relation to resistance to state censorship.
No, it's not a red herring. The point is that Wikipedia could use a database that didn't rely on a limited number of access endpoints, which would make it harder to censor. And you don't need duplicate access controls if the database implemented them fully.
This is not restricted to the blockchain, of course. Something like e.g. SSB fits the bill.
Since not all information in the database is public, yes, you'd need to duplicate the work. You'd also need to put a lot of work into securing the now open service against attack and denial of service.
It would still be just as easy to censor. If a censor goes beyond simple DNS manipulation and drops packages to specific IPs, he can just as easily add the few hundred IPs of database servers to that list as he can add the few hundred IPs of the frontend web servers.
Now, your example of SSB shows very well why this is a red herring. Even if Mediawiki put in the huge work to use SSB as a storage backend, nothing would change at all regarding censorship. What you really want is, I assume, a federated version of Wikimedia's architecture.
Feel free to develop such a system but I don't think anything but a complete rewrite of Mediawiki would allow for that, and even then, I doubt it would be much more censorship resistant, unless you also take on such features like using TOR hidden services or invite-only networks, which are both perfectly possible right now (and are in fact available right now).
And as I said, there is a multitude of options to access the data right now. For example, to build mirrors of Wikipedia for citizens of countries where Wikipedia is blocked. However, it's not necessarily trivial and it doesn't get easier simply by sprinkling some cryptography over the storage layer of all places.
I want nothing. I merely stated a fact, with which for some reason you seem to take issue.
The choice of database, much like the choices of the rest of the architecture, limit it in some ways. That's it. It's not a "red herring". And of course, other choices would have limited in different ways, no doubt.
By the way, the use case I was thinking of was updating pages over sneakernet, which is how information is disseminated in countries where Internet assess is not just censored, but also quite limited. TOR and other tunneling systems are no help at all with this. But like I said, I do not want Wikipedia to be changed. I just want to note that it's a limitation it has.
MediaWiki is federated already, due to the interwiki links mechanism. Any large public wiki can have an editable list of shortcuts to other such wikis, and then a link such as [[otherwiki:Some Article]] will work just as well as a local one to [[Some Article]]. This is the exact same federation model as, e.g. email.
Most eroded trade marks were previously owned and registered. It's not the registration that gives trademark protection. Trademark protection exists to protect the market place. It prevents companies from piggybacking on someone else's success.
But if the consumer doesn't think that "Jeep" is a mark, but a form factor, then no one is protected from any misunderstanding and it would be no longer a trade mark. Happened to Motorola in 2005 with "flip phone".