How was the Minister supposed to know that there were security issues? If they had ignored advice to spend money on security testing and auditing then they certainly would be responsible, but in general it is the responsibility of the IT contractors producing software to advise the client on what is required.
To be honest, there is a major problem with the understanding of security issues in the IT industry. Even a basic understanding of networking, a healthy dose of distrust and attention to the flow of information can drastically cut the number and severity of security vulnerabilities.
I don't think we're anywhere near good enough yet and if we don't get it, we can't rely on clients to be able to do so either.
I should clarify my main reasoning behind this - defending yourself with lethal force is only acceptable when you are attacked with lethal force. The presence of a gun in a situation immediately escalates it to the lethal force level, regardless of who holds it.
No, I don't deem self-defence an immoral act. I deem it immoral to carry or store weapons with the intent of using them on people, and don't consider self-defence to be an acceptable reason for doing so.
We can accept that things that we need or use can have a dangerous side. A car is dangerous, as is a gun intended for hunting. What I really find unbelievable is that people living in a modern country would keep guns expressly for the purpose of using against other people. It isn't OK to have a gun for "defense". An implement of death increases the chance of everybody in its vicinity dying, regardless of who holds it.
Hah! I've just come up with a new trick, though I doubt I'm anywhere near the first to think of it. To protect content you could just disguise the encrypted files as DRM-protected media. It receives much better protection in most places nowadays than any other encrypted content and media files can plausibly take up a lot of space. Big brother may not hesitate to bully you but they'll think twice if they think the/..AA/ might get involved.
We don't have a clue what caused it, if it will continue, or anything.
Who cares what the cause is? We know the greenhouse effect exists and is capable of increasing the temperature. Whether the temperature is increasing because of that or for any other reason or any combination of causes, it's still a good idea to cut back on the things we can control.
Plus, it isn't even global warming, its local warming some places have higher highs and others don't. Just take a look in an Almanac and you will see that the highest temperatures for a given day don't correspond with the CO2 emissions for the year. Same thing with the lows.
Of course there's no correlation between the daily high temperatures for a year and the CO2 emissions for that year. The whole point is that the effect is cumulative - it's easy to pump CO2 in to the atmosphere and it is naturally removed at a slower rate. It's the CO2 level that is important and the daily highs aren't really a good measure of temperature either.
It's really easy to fail to find support for a hypothesis by looking in the wrong direction.
Ok, so some of the costland is gone and cities must be moved further inland. That is also assuming that technology will not advance to where that is no longer a problem which my guess is based on technology throughout history is that if there is a problem humans will solve it.
Seas rise, drought increases, for both reasons farmland disappears and the world's already excessive population begins to starve. Of course the rich nations will probably survive, but people will experience even worse problems in the countries where life is already hard.
Atmospheric quality is a global commons and damage to it is an externality of many industries. Unless we have world-wide coordination to set standards and maintain air quality it will always be the situation that nobody will pay for it.
I'm sure we all agree that we ought to love one another and I know there are people in the world that do not love their fellow human beings and I hate people like that.
But can anybody recommend a good version control system to use with LaTeX, or a way to collaborate on documents in a large(ish) group?
LaTeX is plain text and whitespace-insensitive so it works really well with conventional software version control systems. It may be advantageous for organisation and navigation to split the text up by chapter / section, etc. It just makes it a bit easier to navigate and work with in the presence of many people changing things. That handles the tech side - now you just need good communication.
I used to have my laptop hard disk encrypted (using LUKS) but the hardware is getting pretty old now and I was starting to have problems with timing-sensitive applications such as audio and video. I think it was more bad timing interaction between the crypto layer, LVM, ext3 and the memory cache than raw throughput issues. I had a lot of layers and they weren't quite talking to each other right. Most of the time this was fine but occasionally it would add a tiny bit of latency to a disk request and audio would skip or video would jitter. It drove me round the bend.
Now, with everything else the same but minus the crypto layer things are much better. My laptop isn't as secure but then again I don't move it around nearly as much any more and don't have that much of worth on here anyway. Whether or not to apply something like this depends entirely on the situation.
Need I point out that previous generations didn't have the option of practical digital storage? Digital media may decay but digital information can be perfectly copied at next to no cost and can be encoded using error-correction techniques to tolerate significant damage and still be perfectly reconstructed. If I wanted future generations to see my face I would want the data to be stored in digital form in multiple places and copied at regular intervals. Digital data may be lost but only if we tie it to a physical device.
Artificial neural networks bear little to no resemblance to biological ones. Modeling a brain is a bit more difficult than training a system of artificial 'neurons' to approximate a (possibly unknown) function.
Biological neural networks are comprised of many more units of much higher complexity and containing much more variety than we could hope to simulate even on a tiny scale yet, even if we had a list of all the types of neurons and connections required. Add to this that the cells themselves exist in a chemical environment where oxygen, hormones and surrounding cells play a key role in the whole system and our efforts to digitise ourselves are, with the present state of technology, totally and utterly feeble.
Simulating an avian brain is going to be no easier - we still need all the knowledge about brain structure that we simply don't have. We are probably in fact closer to being able to simulate our own brains - a lot more research has gone in to our brains than those of Magpies.
Encryption like that is practically useless without verification of some sort. Man in the middle attacks will allow an attacker to read the traffic without some means of forcing the person at the other end to identify themselves.
The simplest mechanism when you connect to one entity a lot is simply to check that the private key never changes. This is used by SSH but would be unsuitable for the web as you need to be able to authenticate sites quickly and without user intervention. SSL handles this by delegating responsibility to a CA, the only requirements for which are that they be well known, competent and trusted.
However, I personally think that the SSL PKI shouldn't be necessary at all for general internet use. If we had cryptographically signed DNS records then this would be much easier - rather than having a separate key infrastructure you could simply include a digest of your key in the DNS result. Your DNS provider would have keys for each top level name they control and would sign a certificate giving you (i.e. your key) control of a domain under that. You would sign records of subdomains and could then publish them in an open, decentralised system of DNS servers. The servers used for domain lookups would not need to be trusted and encrypted end-to-end connections could be formed without anything more than the DNS record.
My memory from first year biology lectures is getting a bit vague but I'm pretty sure that around three months is when the foetus begins to manufacture its own hormones to control development. Before that the mother's body can supply most of the required hormones.
As a result 3 months is a very common time for miscarriage to occur since many defects in the embryo only show up once it has to maintain its own chemical & hormonal equilibrium. A foetus older than three months is significantly more likely to be born than one younger.
Perhaps after the first trimester isn't quite as arbitrary as it seems.
P.S. Take this with a grain of salt as it depends on the accuracy of my memory. The reasons may be entirely different.
Haskell, for example, has ghc, which has no relation to gcc. Except when compiling with -O or -fvia-C. These both make GHC output C then compile that with an optimising C compiler. Sure you can use another C compiler instead of GCC but the tuning and optimisation options are pretty GCC-centric.
24,100 years? Uranium 235's half life is about 700 million years. The longer the half life, the less radioactive the material and the less risk it poses.
You're right that making good encryption algorithms public has no impact on their security. The problem is that encryption cannot have any effect when the keys are provided. Once the key is in the hands of the attacker your only protection is obscurity and it's a damned poor one. In DRM your recipient is your attacker - the encryption is only another form of obscurity.
The most recent large-scale system of DRM key distribution, AACS, is an example of an extremely well designed system which is ultimately pointless. Once the user can decrypt the content (which they must be able to do) it can be copied however they please. Even after they start using the terribly misnamed `traitor tracing' features (which give different readers slightly different data), I anticipate it will be trivial to use several readers and recombine the fingerprinted fragments to thwart detection.
I live in NZ and nowadays you do require ID to board a domestic flight when you check in. I expect somebody else could still board under your name though. Most of the security here is purely theatrical.
There was a little scandal a while back when the media discovered that the metal detectors at parliament were being disabled during peak hours because they slowed things down too much. One group of reporters also decided to visit the parliament buildings during the night, got in without seeing any security people and went around with a TV camera filming the cabinet meeting rooms and other important places.
Really though NZ is just a very safe place to live. Most small-time criminals wouldn't carry a gun, let alone normal people. Any firearm must be locked away and cannot be carried in public. All semi-automatic guns and all handguns are under total ban. Even our police have to ask permission to arm themselves with a firearm (from a locked box in the boot of the car) and that only happens in violent situations. One of the hottest controversies of 2008 was whether they should be allowed to carry tasers.
Slashdot Mirror
How was the Minister supposed to know that there were security issues? If they had ignored advice to spend money on security testing and auditing then they certainly would be responsible, but in general it is the responsibility of the IT contractors producing software to advise the client on what is required.
To be honest, there is a major problem with the understanding of security issues in the IT industry. Even a basic understanding of networking, a healthy dose of distrust and attention to the flow of information can drastically cut the number and severity of security vulnerabilities.
I don't think we're anywhere near good enough yet and if we don't get it, we can't rely on clients to be able to do so either.
I should clarify my main reasoning behind this - defending yourself with lethal force is only acceptable when you are attacked with lethal force. The presence of a gun in a situation immediately escalates it to the lethal force level, regardless of who holds it.
No, I don't deem self-defence an immoral act. I deem it immoral to carry or store weapons with the intent of using them on people, and don't consider self-defence to be an acceptable reason for doing so.
There's something deeply wrong with a country's attitude to privacy when its people have to turn to the US for better protection.
We can accept that things that we need or use can have a dangerous side. A car is dangerous, as is a gun intended for hunting. What I really find unbelievable is that people living in a modern country would keep guns expressly for the purpose of using against other people. It isn't OK to have a gun for "defense". An implement of death increases the chance of everybody in its vicinity dying, regardless of who holds it.
Hah! I've just come up with a new trick, though I doubt I'm anywhere near the first to think of it. To protect content you could just disguise the encrypted files as DRM-protected media. It receives much better protection in most places nowadays than any other encrypted content and media files can plausibly take up a lot of space. Big brother may not hesitate to bully you but they'll think twice if they think the /..AA/ might get involved.
We don't have a clue what caused it, if it will continue, or anything.
Who cares what the cause is? We know the greenhouse effect exists and is capable of increasing the temperature. Whether the temperature is increasing because of that or for any other reason or any combination of causes, it's still a good idea to cut back on the things we can control.
Plus, it isn't even global warming, its local warming some places have higher highs and others don't. Just take a look in an Almanac and you will see that the highest temperatures for a given day don't correspond with the CO2 emissions for the year. Same thing with the lows.
Of course there's no correlation between the daily high temperatures for a year and the CO2 emissions for that year. The whole point is that the effect is cumulative - it's easy to pump CO2 in to the atmosphere and it is naturally removed at a slower rate. It's the CO2 level that is important and the daily highs aren't really a good measure of temperature either.
It's really easy to fail to find support for a hypothesis by looking in the wrong direction.
Ok, so some of the costland is gone and cities must be moved further inland. That is also assuming that technology will not advance to where that is no longer a problem which my guess is based on technology throughout history is that if there is a problem humans will solve it.
Seas rise, drought increases, for both reasons farmland disappears and the world's already excessive population begins to starve. Of course the rich nations will probably survive, but people will experience even worse problems in the countries where life is already hard.
Atmospheric quality is a global commons and damage to it is an externality of many industries. Unless we have world-wide coordination to set standards and maintain air quality it will always be the situation that nobody will pay for it.
I'm sure we all agree that we ought to love one another and I know there are people in the world that do not love their fellow human beings and I hate people like that.
Tom Lehrer
But can anybody recommend a good version control system to use with LaTeX, or a way to collaborate on documents in a large(ish) group?
LaTeX is plain text and whitespace-insensitive so it works really well with conventional software version control systems. It may be advantageous for organisation and navigation to split the text up by chapter / section, etc. It just makes it a bit easier to navigate and work with in the presence of many people changing things. That handles the tech side - now you just need good communication.
Tap water? Don't they put chlorine and fluoride in that? Nasty stuff!
I used to have my laptop hard disk encrypted (using LUKS) but the hardware is getting pretty old now and I was starting to have problems with timing-sensitive applications such as audio and video. I think it was more bad timing interaction between the crypto layer, LVM, ext3 and the memory cache than raw throughput issues. I had a lot of layers and they weren't quite talking to each other right. Most of the time this was fine but occasionally it would add a tiny bit of latency to a disk request and audio would skip or video would jitter. It drove me round the bend.
Now, with everything else the same but minus the crypto layer things are much better. My laptop isn't as secure but then again I don't move it around nearly as much any more and don't have that much of worth on here anyway. Whether or not to apply something like this depends entirely on the situation.
Need I point out that previous generations didn't have the option of practical digital storage? Digital media may decay but digital information can be perfectly copied at next to no cost and can be encoded using error-correction techniques to tolerate significant damage and still be perfectly reconstructed. If I wanted future generations to see my face I would want the data to be stored in digital form in multiple places and copied at regular intervals. Digital data may be lost but only if we tie it to a physical device.
That isn't equivalent to i++ - it takes i, increments it then sets it back to the original value. i++ is post-increment, not pre-increment.
Artificial neural networks bear little to no resemblance to biological ones. Modeling a brain is a bit more difficult than training a system of artificial 'neurons' to approximate a (possibly unknown) function.
Biological neural networks are comprised of many more units of much higher complexity and containing much more variety than we could hope to simulate even on a tiny scale yet, even if we had a list of all the types of neurons and connections required. Add to this that the cells themselves exist in a chemical environment where oxygen, hormones and surrounding cells play a key role in the whole system and our efforts to digitise ourselves are, with the present state of technology, totally and utterly feeble.
Simulating an avian brain is going to be no easier - we still need all the knowledge about brain structure that we simply don't have. We are probably in fact closer to being able to simulate our own brains - a lot more research has gone in to our brains than those of Magpies.
Encryption like that is practically useless without verification of some sort. Man in the middle attacks will allow an attacker to read the traffic without some means of forcing the person at the other end to identify themselves.
The simplest mechanism when you connect to one entity a lot is simply to check that the private key never changes. This is used by SSH but would be unsuitable for the web as you need to be able to authenticate sites quickly and without user intervention. SSL handles this by delegating responsibility to a CA, the only requirements for which are that they be well known, competent and trusted.
However, I personally think that the SSL PKI shouldn't be necessary at all for general internet use. If we had cryptographically signed DNS records then this would be much easier - rather than having a separate key infrastructure you could simply include a digest of your key in the DNS result. Your DNS provider would have keys for each top level name they control and would sign a certificate giving you (i.e. your key) control of a domain under that. You would sign records of subdomains and could then publish them in an open, decentralised system of DNS servers. The servers used for domain lookups would not need to be trusted and encrypted end-to-end connections could be formed without anything more than the DNS record.
My memory from first year biology lectures is getting a bit vague but I'm pretty sure that around three months is when the foetus begins to manufacture its own hormones to control development. Before that the mother's body can supply most of the required hormones. As a result 3 months is a very common time for miscarriage to occur since many defects in the embryo only show up once it has to maintain its own chemical & hormonal equilibrium. A foetus older than three months is significantly more likely to be born than one younger. Perhaps after the first trimester isn't quite as arbitrary as it seems. P.S. Take this with a grain of salt as it depends on the accuracy of my memory. The reasons may be entirely different.
24,100 years? Uranium 235's half life is about 700 million years. The longer the half life, the less radioactive the material and the less risk it poses.
Dvorak layout?
You're right that making good encryption algorithms public has no impact on their security. The problem is that encryption cannot have any effect when the keys are provided. Once the key is in the hands of the attacker your only protection is obscurity and it's a damned poor one. In DRM your recipient is your attacker - the encryption is only another form of obscurity. The most recent large-scale system of DRM key distribution, AACS, is an example of an extremely well designed system which is ultimately pointless. Once the user can decrypt the content (which they must be able to do) it can be copied however they please. Even after they start using the terribly misnamed `traitor tracing' features (which give different readers slightly different data), I anticipate it will be trivial to use several readers and recombine the fingerprinted fragments to thwart detection.
Wrote before thinking. This makes me look stupid...
I dunno, that thing would have to have some serious grunt.
I live in NZ and nowadays you do require ID to board a domestic flight when you check in. I expect somebody else could still board under your name though. Most of the security here is purely theatrical. There was a little scandal a while back when the media discovered that the metal detectors at parliament were being disabled during peak hours because they slowed things down too much. One group of reporters also decided to visit the parliament buildings during the night, got in without seeing any security people and went around with a TV camera filming the cabinet meeting rooms and other important places. Really though NZ is just a very safe place to live. Most small-time criminals wouldn't carry a gun, let alone normal people. Any firearm must be locked away and cannot be carried in public. All semi-automatic guns and all handguns are under total ban. Even our police have to ask permission to arm themselves with a firearm (from a locked box in the boot of the car) and that only happens in violent situations. One of the hottest controversies of 2008 was whether they should be allowed to carry tasers.
ISO format uses most significant digit first, like numeric notation. This makes dates easy to compare without actually parsing them.