internet with both privacy and security

7.26: co.apt/cyb/sec/cloud computing is not easy:
. I thought cloud computing would be a breeze;
it was just like SOA, right?
only SOA is on a private network,
while cloud computing is using a public network .
. can that even be done securely?
[ it seems like shifting code tech should do it .
. being able to initialize the session
might be complicated .]

7.8: sci.cyb/sec/how to get secure internet?:
. can there be secure communications networks
that are also self healing ?
how can we support openware and anonymity too?
to be anonymous you simply get another service to
send the message for you
but for openware that depends on
whether we need OS cooperation for the security .
[9.26:
. openware-based internet depends on
whether we need OS cooperation for the security?
I don't think the problem is software,
so, having openware wouldn't make the net more secure .
. there are 2 problems:
# denial of service:
. it's too easy for too many machines to be
owned by malware .
# id theft:
. it's too easy to spoof being someone else .
the solution?:
. there should be special hardware available
in order to authenticate your id;
if you don't have that box,
then you can't do banking, credit-card shopping,
and if there's a denial of service attack,
then you can't get through;
because, nodes stop forwarding your messages .]

7.10: news.cyb/sec/
DOD says we can have both privacy and security:Cybersecurity and American power 7.9:

At an American Enterprise Institute (AEI) event
U.S. Army Gen. Keith B. Alexander
urged us to support cybersecurity legislation
being pushed through Congress .
. it asks internet service providers to
help federal anti-virus software,
by searching all emails for viral signatures,
and reporting malware event parameters
(malware signature, source address, destination address).
. when asked about china's role in the motivation
he reminded us that there is a high cost from malware
due to intellectual property loss via cyber espionage.
"Symantec placed the cost of IP theft
at $250 billion a year .

The director of the National Security Agency (NSA)
and chief at the Central Security Service (CSS)
reemphasized an immense problem the U.S. is facing:
cybercrime has been "the greatest
transfer of wealth in history,"
Alexander said in a statement.
global cybercrime is $114 billion annually
($388 billion when you factor in downtime),
and McAfee estimates that
$1 trillion was spent globally under remediation.

[ you might think the reason we are such targets
is that our foreign policy is so offensive
to so many bright communists and liberals
but, we'd be in the same danger anyway,
because there's so much money to be gained
from cracking our banks and intellectual property .
9.26:
. when they talk about remediation costs
they are referring to having their hands tied
by an internet that is inherently insecure;
I wonder what the cost would have been
if we had just rebuilt the internet from scratch
with security in mind .
. can the surveillance proposed by this legislation
make up for the lack of a dual system,
one that promotes anonymity,
and the other that promotes reliability? ]

unhosted.org

7.10: news.cyb/net.unhosted.org:
@GoogleAppsDev

Tell us what it would take for you to
use "nothing but the web"
- google apps developer../2011/09/

. one reply was:

Unhosted.org-- to separate web apps from user data,
I must be in control of my data.
Once I put my data in the hands of a
third party web service or application,
I am no longer in control.

Unhosted.org ?

Unhosted.org is developing technology that will
put control of user data
back where it belongs: With the user.
Freedom from the web's monopolies
The web is not as open as it used to be:
monopoly platforms formed new proprietary layers on top of it.
But we create a better architecture for the web.
We break the package deal
»you get our app, we get your data«
with remoteStorage,
a cross-origin storage protocol
separating application servers from people's documents.
This enables everyone to use various web services
but keep their data in one place they choose and trust
– their remote storage,
their »home folder« for the web.
The applications will not run on servers you can't control,
but be pure Javascript which runs client-side, in your browser.
And app developers don't need to bother about
providing storage or managing user accounts.
Technically speaking, we define a protocol stack called remoteStorage.
A combination of WebFinger for discovery,
OAuth for authorization,
CORS (Cross-Origin Resource Sharing)
for cross-domain AJAX calls and GET, PUT, DELETE for synchronization.
We also work on its adoption through developing apps like
Libre Docs and Opentabs
as well as making existing apps and storage providers compatible.
If you speak French, there is also some info on Framablog en Français.
Unhosted is a movement by the people, for the people.
Everyone can participate, including you!

Libre Docs – liberate your ideas
libredocs.org
github.com/unhosted/libredocs
Remotestorage providers
github.com/unhosted/website/wiki/remoteStorage-providers
freemium providers:
    OwnCube recommended for end users!
    5apps recommended for javascript developers
domains that provide remoteStorage to their users:
    all Dutch universities
ways to run your own remoteStorage server:
    install pagekite on your computer
github.com/pagekite/plugins-pyUnhosted
    install ownCloud on a server
owncloud.org/
    coming soon: how to use your CouchDB instance as remoteStorage
pagekite
github.com/pagekite/plugins-pyUnhosted

. Unhosted.py is an HTTP server
implementing the bare minimum required for
the simple remoteStorage API from unhosted.org.
Hopefully this program will be useful for folks who want to
study how the remoteStorage protocol works
or as a development tool for people working on Unhosted apps.
As Unhosted matures,
Unhosted.py will hopefully also mature into a usable personal data-store
for people who want to store their Unhosted data on their own devices.
Getting started
Quick-start:
    Install pagekite.py
    In another console:
pagekite.py 6789 rs-YOURNAME.pagekite.me
You should now be able to use
whatever@rs-YOURNAME.pagekite.me
as a remoteStorage account.
If you prefer, you can also
use Unhosted.py without PageKite,
but you will need an SSL enabled
reverse HTTP proxy (such as Pound)
in order to comply with the protocol.
As far as I can tell,
hosting on http://localhost/ won't work.
Play!
5apps.com have written a nice Unhosted tutorial and test app
which works just fine with Unhosted.py.
Hacking
The file Unhosted.combined.py is combination of Unhosted.py
and the HttpdLite.py module it depends on.
For hacking, you'll want to check both out from github:
    Unhosted.py
    HttpdLite.py
The combined "binary" is generated using Breeder.
Where is my data?
Unhosted.py stores data in ~/.Unhosted.py/,
in a relatively intuitive directory structure:
~/.Unhosted.py/USER/CATEGORY/...
Each data folder will contain some regular files,
as well as a file named _RS_METADATA.js.
This meta-data file stores "real" names
for all keys, mime-types
and may store other meta-data in the future.
The meta-data file may also store key values as well,
if they are small and do not really "look like a file".
This is an optimization to reduce clutter and disk seeks
when working with small keys:
if the data is large or looks like an independent file,
it will be written as such to the filesystem,
although the name will probably be sanitized somewhat.
Note that changes to individual files of name:
_RS_METADATA.js
may be overwritten by Unhosted.py if it is running,
as it caches their contents in RAM.
Bugs
    Directory listings do not work yet.
    User names and passwords are ephemeral.
    _RS_METADATA.js could be overwritten by evil apps.
    Saving metadata fails sometimes due to a race condition.

hidden drive solved by permissions repair #mac

7.6: mis.cyb/mac.finder/
hiding the internal drive from user acct:
. my user acct's finder can't see anything on the internal drive
but on a visible external drive
there is a working link to a file on the internal drive,
so I know the files are there .
. the admin acct can see everything .
. there are no updates from Apple .
. use the disk utility app to verify and repair mac's permissions:
they are bad, but before fixing, verify disk is healthy .
web:
. others are seeing this last year,
and by 2 authors the terminal was suggested:
sudo chflags nohidden /
-- all but one mac user was not happy about that fix:
one just never came back to verify it worked;
and the other cracked jokes about
finding a fix by downloading xcode .
. I would find later that
Apple's diskUtility.permissionsFix
would fix my problem of finder hiding everything .

laptop suspended over recliner

7.6: proj.cyb/xuw/making it usable from easy chair:
. since my eyes can only see things a foot from my face,
I'm wondering how to make the laptop usable
while sitting in the easy chair:
. my first idea was to use it with glasses;
(I have some cheap prescription swimming goggles
to allow me to see things resting on my lap;
much cheaper than new scripts from the optometrist).
. I need a tray for another ergo kybd,
I'm using a spare 1ftx3ft plywood as tray
and resting it on arms of nearby chair when not in use ..

virginMobile's new outlook

7.9: aq.cell/Virgin Mobile/We Paid Your Monthly Charge
9.26: summary:
. I had to dump Virgin Mobile;
because, they kept double-billing me;
they used to have very high ratings
from Clark Howard
now I'm with tracfone.
. after I cut VM from my credit card
they sent me this piece of cheese ...

the new microsoft outlook

7.31: co.apt/cyb/the new microsoft outlook:
. what is the significance of microsoft getting into hardware?
I would have thought this was more of them owning the platform
just so they could abuse their position of power;
but they don't really have the power of monopoly anymore,
because, they are losing ground to opensource (google, apple).
. one thing I just noticed was that
they used to have a lot of clout with hardware vendors,
because hardware vendors needed ms's os;
but increasingly people are just as happy running linux;
so that may be a factor in why ms should be
very interested in getting into hardware
-- so it can still have control over that .

the last good cd

7.29: co.amazon/cyb`gear/review Taiyo Yuden-JVC Water Shield
White Inkjet Hub Printable 52X CD-R Media 50 Pack: 5-star"the last good cd as cd's are obsolete:
. the few I have tried have been good .
( I now do all my backups onto
spare harddrives instead of cd's,
I just use these for
sharing data by snailmail ).
. I was amazed it took so long
to find a cd maker who
got consistently good reviews;
all the others are selling cd's cheaper to us simply to
avoid having to sort out defective ones .
. on multiple sites, reviews have been good only for
this brand .