If it was 'pure propaganda' why wouldn't Putin/Russia simply announce it to the world back in 2015?
Mostly because it'd be laughed at. Russia's been the poster child for psyops (including data manipulation and exfiltration) since WWII. If they unilaterally promise that they won't do nasty psyops things, there's no reason to believe them.
...assuming the Russian's wouldn't make such a proposal assumes that we are ALWAYS better than 'them'.
That's a false equivalence. Assuming the Russians wouldn't make such a proposal assumes that the Russians wouldn't make such a proposal. It would also be a safe assumption that the Americans would make such a proposal, but only with enough exceptions that it wouldn't prevent the CIA or NSA from doing their respective nasty things. Each country still does what they want; they just have their own preferred method of getting there.
Sure, it may be very difficult to come up with a treaty in this space that would have real impact but to not even try is just not reasonable.
Without the right political climate, such a proposal could do more harm than good. If Russia proposed a treaty and the US supported it, that leaves China as the major rogue hacking state. If China is pressured to join, then the Russian and American influence on the proposal could be spun as having an impact on the Great Firewall, which would be an affront to China's sovereignty. That in turn causes the other vocal anti-American countries like North Korea to push against the new allied threat, leading to even more aggressive acts.
Politics are difficult. It's not just "us vs. them", it's more "us against them and them against those guys and those guys against those other guys, but they're our friends because they owe us from last time and we want them to return the favor by convincing that other guy to stop pushing those guys to attack those guys who we still owe from that one thing they did fifty years ago". In that perspective, a treaty is as much a weapon as a missile.
Look, when will people understand that even in the West the '3-letter agencies' AND our governments do not really have the "people's" best interests at heart. They are doing things daily that should get them locked up & we just ignore it.
Yeah... I've worked for those three-letter agencies. The most amazing fact about them is that the people who work there are actually human people in disguise! It's true! They have families and friends, and watch football drink beer... or watch other-football and drink wine... or drink soda and wear a hijab. They're regular, normal, diverse people, and the most unusual thing (by American standards) about them is that they usually do in fact have the people's best interests at heart.
Now, even with "the people's best interests at heart", there is also diversity in opinions on how to serve those interests. There are certain branches of leadership who hold privacy as a vital human right. There are others who feel that as long as there are no (prosecution or interruption) consequences, privacy means little. Those opinions are also weighed against the need to catch the "bad guys", who will never hesitate to abuse a bureaucracy to buy themselves some time to operate.
It's wonderfully easy to say "lock them up", while conveniently forgetting that they can't do the same to you without a fair trial, piles of evidence, and a clear accounting of every oversight review and board approval. Sure, there are tons of anti-government websites and Slashdot posts complaining about the government's operations, but very little in the way of legal arguments that would be useful to the privacy-promoting factions on those review boards.
Wake up already.
I already woke up. That happened many years ago, when I realized that bad guys think they're the good guys. Then I got older, and realized that blaming people in groups like "bad guys" or "governments" is a slippery slope towards being one of the "bad guys".
There have been hundreds of database breaches in the past few years. Every password in those databases should be considered compromised. However, it's most likely that an attacker will use the dumped passwords as a dictionary, or at most try a few simple variations for a known user. It's far less likely that they will be able to guess the "simple" password if it's different and random for every organization.
Password reuse is a threat, and it's becoming more prevalent every day. The best defense is to utilize a password manager to keep a strong and unique password on every domain. The second-best defense is to force password changes, to minimize the chance of a user still having a password that was in a dumped database.
Precisely what law do I break by asking? The police might come by and ask what I'm doing, especially if the carrier office suspects illegal activity like stalking,
but that's not probably cause for any further action.
Also, the police are only asking. Without a warrant or court-approved subpoena, there's no consequence for denying their request.
Despite the claims of Slashdotters, America still follows the rule of law. Without following a predefined procedure, there's no requirement for a particular behavior.
Funny you should ask, since I used to work in medical data.
Your doctor owns the data, but it's protected by explicit PHI laws, most notably HIPAA. Under HIPAA, your doctor's practice has significant freedom in how they can use or release that data to HIPAA-compliant partners. Your acknowledgement of that practice is one of the many forms they have you fill out prior to receiving treatment.
If I make a call to my carrier's local office and ask to have a look at their data, I won't be arrested. They won't likely give me access, but it's not illegal to ask. Similarly, a police officer can call and make the same request, and the carrier can choose to grant them access. Per your test, there's no warrant required.
The key assumption I'm making though is that I'm asking for "their" data. To my knowledge, there is no precedent for precisely who owns personal location data that a third-party generated and stores. That's the key issue at hand: whether data about someone is also considered their personal effects as covered by the 4th Amendment.
You're not looking in (or being shown) the right places. As one example, I'll explain the Podesta "hack". Everything I say here comes from a particular thread on Twitter, which does a far better analysis than I will attempt here, or sources linked therein.
Yes, it was phishing. I wouldn't call the phish email "super-obvious", as it matches Google's style pretty much exactly. The key detail is that the phish link went to a bit.ly site, notably created via the bit.ly API, which requires creating an account. From information leaked from that account by researchers at the time, the same phishing campaign went to about 1800 people, individually targeted but using a common framework.
It's primarily from that mass of targets that we can determine motive, and from that we can attribute who had that motive. Almost two thirds of the targets were either military personnel or authors. Of the authors, about half were experts on Russia or the Ukraine. Of the military and government personnel, two thirds were U.S.-based, 14% were linked to NATO, and a few key Syrian rebel personnel were targeted as well.
Basically, the campaign that hit Podesta also targeted a lot of other folks, and the common thread is that Russia would want intelligence on them. There was no malware involved to be dissected, and no attempt to hide the origin of the campaign. In fact, the only way the analysis was possible was because the attackers had not set their bit.ly account private before they were discovered (though they did later). If the account were private, tracing a single victim's attack would have led only to a probably-hijacked server with a.tk domain.
(end citing the Twitter thread)
Similarly, other attacks can be attributed by the infrastructure they use. Some recent attacks on election committees, for example, used C&C servers that had previously been used in other attacks against Turkish and Ukranian governments, strongly indicating that the perpetrators of all the attacks were adversarial to Turkey and Ukraine.
In other attacks where malware and persistence are involved (like the DNC hack), expert analysis usually relies on identifying precisely which APT group is responsible for the attack. Each APT typically operates independently, using their own in-house-developed tools and preferred techniques. That's perfectly reasonable, because when the goal is stealth, an attacker will use the techniques they're most comfortable with to avoid costly mistakes. Once they are identified, though, that becomes a weakness, as the same pattern can be identified in other victim systems.
It is easy to spoof identifiers. Names, strings, and addresses can all be manipulated. What is more difficult to fake are behavior patterns. When a server starts seeing access requests for files starting every day at 2AM and ending at 10AM, it's a decent indicator that somebody with a seven-hour time zone difference is poking at your systems. Yes, that can be manipulated by having the attack teams work at odd hours, but it's just another bit of data. Then there's the localization of tools, exempted targets, and even the order in which tools are deployed.
Remember: These aren't amateurs. The attackers involved are professionals, clocking in and doing a job. There are the good ones, there are the sloppy ones, and there are the managers who make stupid decisions they have to deal with, just like in any other government office. They have their routines they follow to make it through the day, and it's through analysis of those routines that analysts learn about the attackers.
I'm not in Sweden, but from other more knowledgeable sources, I'm led to believe that this is indeed legal.
Really, very little has changed. The charges have not been dropped. Rather, the case has been suspended. In fact, the official statement sounds more like Sweden is saying "there's nothing else to do unless he comes out", so they're not putting more resources into the investigation until new options present themselves.
That's actually not how it works. All forfeitures go into the fund, and disbursements come out of that down to the state and local agencies, after all victim payouts are handled.
Shoplifting is an interesting case, since it exactly fits the topic of discussion: The shoplifters were literally invited into the store, but they still broke the law by shoplifting. Does the store get blamed for having the naivete to allow shoppers inside?
No. It actually makes a full HTTP request, and requires a good response. I believe MalwareTech originally even said that the killswitch was fragile, and he tried to make it somewhat resilient, but it's not a cure. It holds off the payload, but is absolutely not an excuse to avoid patching, updating, and disinfecting your systems.
Also, some bendejho federal judge has recorded an opinion that opening your door amounts to inviting the cops into the front room.
I'm not familiar with the precise case in question, but the usual rule of thumb is that the officers are allowed to check to ensure their own safety. If that means they have to check the area immediately inside the door, then so be it.
That would make you an idiot, but should not take any blame off of the thief, who still decided to break the law, regardless of whether you were an easy target or not.
Blaming thieves is one thing, but if you primary residence has a door, and you spend most of your time there AND you're dumb enough to answer the door when a well-disguised attacker knocks, then the thief can only take part of the blame.
I hope they know where to send the paycheck... I also apparently shill for big corporations, the Jews, the Illuminati, both the Republican and Democratic parties... and yet even though they know me well enough to bring me into their conspiracies, they apparently don't know where to send the damned payoff.
Technically a guy who used to make $30 an hour full time in a union factory job, then laid off, and now works part time for $12 an hour, is not unemployed.
...so are we now supposed to base our economic policies on what labor was worth at some point in the past when propped up by organized crime and industrialized extortion? That seems a little silly to me, but I digress.
If the hypothetical union worker is now employed, even at $12 an hour part-time, then he's not "unemployed". He might be "underemployed", but he has a job, and is making an income. That income might be lower than he's used to, but that falls into the "income" statistics, not the "employment" figures.
Also if you plain give up looking for a job and go on charity/welfare/whatever, you're not unemployed.
Yes, that's also correct. If you're not looking for a job, you're not in the statistics that track people who are looking for a job. There are other statistic sets that track welfare enrollment, often broken down by reason.
The only thing the BLS job numbers are intended for is tracking the state of the economy, not the state of people's lifestyles. Pundits and politicians (from all parties) like to confuse the issue for their own ends, but that's really all there is to it. The job numbers tell you how many people are able to find jobs. If you want to know whether the jobs are good or not, you'll have to look at other data sets that align with your definition of a "good" job.
If wages outpace inflation*, it encourages a bubble in consumer confidence, as consumers have literally more money than they know what to do with. That in turn lowers saving rates, as people finally splurge on the luxuries they've wanted, without thinking much about how temporary their windfall is. That increases risk to future economic downturn when the income stops and they're now in debt and used to a comfortable life. In short, think of 1925, but with rampant money instead of uncontrolled debt.
Of course, there are other issues with inflation outpacing wages for too long, as consumer confidence drops and they stop spending on the luxuries they can afford. That leads to a collapsing market for anything beyond survival, cutting employment rates and pushing wages further downward, which pushes prices up, reinforcing the inflation.
Economics: The field where everything is bad for complex reasons, and you're never right about just how bad it will be.
* Note that I'm not claiming any particular wage as good or bad, just that there are risks when they don't match.
The largest container ship in the world holds 20,000 TEU, and each TEU is roughly 40 cubic meters. To carry the same amount of ice as one towed iceberg, you'd need to have 100 such ships, and the Antarctica-side infrastructure to load them.
The biggest factor that makes a towed iceberg reasonable is just how little structure is needed. A significant amount of cable, of course, but nothing that makes the logistics unmanageable.
Iceberg towing has been studied a lot (though if you look through the many reports about this online there is a curious tendency for people to think they are analyzing this for the very first time and approach it with a blank slate).
Any particularly useful resources you recommend? I looked briefly, and didn't find much with actual measurements. I ended up taking a pure-math approach, assumed a spherical cow, and ultimately stopped caring about the shape when I found that there actually are tugboats powerful enough. Once the idea is deemed reasonable, improvements like ideal shape can be computed by the folks getting paid to do it.
...the ice source is free, abundant, and constantly renewed, and thus the only cost associated with any melting is the towing cost incurred thus far for that fraction of ice that melts.
That's one of my unstated early assumptions, that whoever is doing this is smart enough to cut off more than they need to deliver. Again, I figured that once you get into the "reasonable" area, those problems fall away with an economy of scale.
Considering in-transit melting as an example, we can consider that melting will be on the surface. and the majority of the volume won't be subject to such effects. Similarly, drag is mostly related to cross-sectional area, so this is one of the few situations where the square-cube law works in our favor. We can increase the towed volume (and thus the benefit) by a cubic rate, while only increasing the melting and power needs (and thus the costs) at a quadratic rate.
I never said 75 billion, or 80 billion. I have only ever discussed millions of cubic meters. The AC's correction was incorrect, but I was trying to be nice about it.
Pro tip: Never try to remember your scale or units. That makes it far too easy to forget a conversion or miss an order of magnitude. Instead, set out a big and ugly formula in small pieces, then plug in the numbers. Google will keep track of units for you, no matter how complicated they become. That provides a check at each step that you're actually calculating something that makes sense.
Originally, I picked a sphere thinking it'd make the math easier. While that did hold true (somewhat), it also has the interesting effect of reducing that C coefficient.
The drag coefficient C is 0.5 for a spherical object and can reach 2 for irregularly shaped objects according to Serway.
I haven't seen nearly enough information on icebergs to narrow it down more than that, so I figured the estimate would get me within an order of magnitude of correct.
Regardless, I don't see the issue here. Yes, 20 billion gallons is a volume equivalent to about 75 million (not billion) cubic meters. However, since we're also want to know the volume of ice, which is about 90% as dense as water, it becomes just over 84 million cubic meters. Using only one significant figure, that approximates to 80 million cubic meters.
I did some math. Previously, I've considered similar absurd ideas, and the cost just didn't fall in their favor.
I feel I should start with a disclaimer: It's currently a very late (or early, depending on one's perspective) hour of the evening, and my physics skill isn't what it used to be. I invite and encourage you all to review my work, and if I'm wrong, please tell me how.
Based on the figures provided, we can work out the magnitude of the problem. The first computation is simple: Our speed will be.3m/s, to travel the (roughly) 10000 kilometers between Antarctica and the UAE in one year.
20 billion gallons of water corresponds to roughly 80 million cubic meters of ice. Cut into a sphere for ease of transport and calculation, it would have a radius of about 300 meters, with a cross-sectional area of about 200,000 square meters. We'll ignore the air resistance of the 10% above water, which falls within the error of my rough calculations. Calculation for the force of drag is ugly*, but works out roughly to C*9*10^6 newtons. That "C" is a coefficient simplifying the effect of the iceberg's shape, ranging from 0.5 for a sphere to 2 for more troublesome shapes.
Considering that range, the water's drag is between 4 and 20 meganewtons. A power source (tugboat, added motors, etc) will need to supply that much force just to maintain speed. If I remember my physics correctly, at 0.3m/s, that's between 2000 and 7000 horsepower.
There are tugboats with that much power. I haven't found much information on the annual cost to operate such a beast, but one tugboat operator gives price estimates per hour. For the purposes of this discussion, we can assume that the quoted price covers the operator's expenses well enough to also cover the overhead of running such a large operation, and the benefits of scale will cover the higher costs of an ocean-going expedition. Those are some very large assumptions, but I don't have information to clarify it further.
With those assumptions, the cost to pull an iceberg for a year is only about $20 to $100 million. That's surprisingly cheap, putting the cost of mostly-fresh water at under $0.001 per liter ($0.005 per gallon). In comparison, a desalination plant supplies water at about $0.0005 to $0.003 per liter ($0.001 to $0.01 per gallon).
In short, it's expensive, but it's in the same ballpark as regular desalination for that much water, and if the losses due to melting and evaporation can be controlled, it might just be feasible. As noted in TFA and elsewhere, it would also be quite the spectacle, promoting yet more tourism to the area.
* The formula I ended up with is F[drag] = C*.5*1g/cm^3*(.9*pi*(80000000 m^3/(4*pi/3))^(2/3))*(0.3m/s)^2.
School regulations are the purview of state, not federal. It's much *much* better when the local population has a say in how their kids get schooled. Common core and "no child left behind" was a disaster.
Schools are better off managed at the local level.
Everyone knows that.
I call bullshit.
What actually happens is that local school administrators think they're better off, because they can put more money into the football program and cut out that high-falutin' nerd crap. After all, kids just don't need that fancy electronic stuff to run the farm. It was good enough for their grandpa, good enough for their pa, and it's good enough for them.
Yes, it's a stereotype, but all too often it holds true. Under the banners claiming "locals know best" and "parents know best", you find an army of last-generation people whose education hasn't actually progressed since the 1970s. The myths they grew up with become fact in their mind, and the priorities and politics of their small-town local life becomes the focus of a stagnated culture. Without mandates and guidance from an emotionally- and geographically-detached administration, the local schools are far more likely to base the curriculum on a local economy, effectively denying their students the skills needed to participate in a modern global society.
I was fortunate enough to have grown up in one of the outliers. In my area, the school superintendent had been an engineer for the government, and had moved around the country before settling in my little farming town. Previously, the school had used a curriculum focused on American history, home ec, and shop class, but the new administration fought to diversify the programs. We got a new arts program, computer lab, and even (much to parents' disgust) made wood shop an elective!
The end result was that is was possible for a student to learn more than their family's farming trade, and eventually afford to actually leave the town. The immediate effect was that there was a "lost generation", where graduates left the town, either for college or for jobs elsewhere. In the longer term, however, those students ended up being the most successful, with some of the highest-paid careers the school has ever produced.
In comparison, the neighboring district generally held that a proper education focused on physical strength and good morals. Last I heard, a drought had devastated their local farming economy, and the district had about 85% population below the poverty line.
A modern workforce demands a diverse skill set, and having a self-reinforcing education system eliminates opportunities for the students' skill set to widen. Schools are better off managed with input from all levels, providing students with options to make their own course through life.
As a business owner I could not possibly care less how much your life decisions cost you. My only concern is whether the cost of employing a person is justified by the value they will provide, either now or eventually.
I'm not saying that as a business owner you should do otherwise. I am, however, suggesting that if your business model doesn't support everyone involved, it would be reasonable for such a grossly exploitative business plan to be forbidden by law. I'm a capitalist, not a libertarian.
Is it not obvious I am talking about a worker's output and not their value as a human being?
No, it is not obvious, and in discussions about minimum wage laws, it rarely is.
Please take note of all the restaurants in California that have closed in the last few months that found out what happened when they tried to raise prices to accommodate the increased minimum wage.
Perhaps, then, their business was not actually sustainable, and it's right for them to close. Why is a business closing such a horrible thing, but an employee starving isn't? There is an argument that the employee now doesn't even have their minimal income, but they do now have time to find a higher-paying job or relocate.
See above.
I'm not sure exactly what I'm supposed to see. You haven't argued against marketing at all. If, for example, a restaurant can't afford to pay their wait staff living wages, then why is it unreasonable to expect the restaurant owner to start an ad campaign promoting their "premium" sandwiches that conveniently carry a 600% profit margin, rather than their cheaper items at a 10% profit?
How about the machines that replace workers altogether so their wage goes to the true minimum wage of zero?
Ah, yes... The weavers and buggy-whip makers will be destitute. Historically, though, this argument has never held true. Rather, new technology has brought an increase in jobs, as the technology opens markets making previously-unsustainable businesses profitable. In time, advances in food-handling technology might very well make those California restaurants viable again.
Who says they are locked in? Right to work goes both ways.
In theory, yes, but the reality is that changing jobs is expensive (as I mentioned earlier in the thread), and it's very common for low-earning employees to find themselves in a situation where they can't afford to get a better job. The first major expense is time. It takes time to prepare a resume, apply, and interview. If someone is already working all of their available hours just to meet expenses, they can't take the time out to find a better-paying job. There are also financial expenses in job-hunting. There are plenty of emotional appeals involving giving a homeless person a haircut and a suit, and seeing them get a good-paying job... but there aren't enough suit giveaways for everyone. If an employee is barely (or not) meeting expenses, finding the money to get a suit, pay a babysitter, or even take a bus or taxi to an interview can be a significant hardship.
As social services exist today, there is some assistance available for these difficulties, but they often don't apply if you quit your job, no matter how bad it was.
Whoever said society is supposed to benefit from anything a business owner does?
Nobody. Society is supposed to benefit from its laws, which is how this whole conversation started. My complaint is that whenever there is such a conversation, somebody (the AC first, then you) always brings up the argument that minimum wages stop new businesses and raise costs on existing businesses. The unspoken assumption is that it's good to have new businesses start and for existing businesses to make more money, but there's never any evidence of that.
Slashdot Mirror
Oh dear...
If it was 'pure propaganda' why wouldn't Putin/Russia simply announce it to the world back in 2015?
Mostly because it'd be laughed at. Russia's been the poster child for psyops (including data manipulation and exfiltration) since WWII. If they unilaterally promise that they won't do nasty psyops things, there's no reason to believe them.
...assuming the Russian's wouldn't make such a proposal assumes that we are ALWAYS better than 'them'.
That's a false equivalence. Assuming the Russians wouldn't make such a proposal assumes that the Russians wouldn't make such a proposal. It would also be a safe assumption that the Americans would make such a proposal, but only with enough exceptions that it wouldn't prevent the CIA or NSA from doing their respective nasty things. Each country still does what they want; they just have their own preferred method of getting there.
Sure, it may be very difficult to come up with a treaty in this space that would have real impact but to not even try is just not reasonable.
Without the right political climate, such a proposal could do more harm than good. If Russia proposed a treaty and the US supported it, that leaves China as the major rogue hacking state. If China is pressured to join, then the Russian and American influence on the proposal could be spun as having an impact on the Great Firewall, which would be an affront to China's sovereignty. That in turn causes the other vocal anti-American countries like North Korea to push against the new allied threat, leading to even more aggressive acts.
Politics are difficult. It's not just "us vs. them", it's more "us against them and them against those guys and those guys against those other guys, but they're our friends because they owe us from last time and we want them to return the favor by convincing that other guy to stop pushing those guys to attack those guys who we still owe from that one thing they did fifty years ago". In that perspective, a treaty is as much a weapon as a missile.
Look, when will people understand that even in the West the '3-letter agencies' AND our governments do not really have the "people's" best interests at heart. They are doing things daily that should get them locked up & we just ignore it.
Yeah... I've worked for those three-letter agencies. The most amazing fact about them is that the people who work there are actually human people in disguise! It's true! They have families and friends, and watch football drink beer... or watch other-football and drink wine... or drink soda and wear a hijab. They're regular, normal, diverse people, and the most unusual thing (by American standards) about them is that they usually do in fact have the people's best interests at heart.
Now, even with "the people's best interests at heart", there is also diversity in opinions on how to serve those interests. There are certain branches of leadership who hold privacy as a vital human right. There are others who feel that as long as there are no (prosecution or interruption) consequences, privacy means little. Those opinions are also weighed against the need to catch the "bad guys", who will never hesitate to abuse a bureaucracy to buy themselves some time to operate.
It's wonderfully easy to say "lock them up", while conveniently forgetting that they can't do the same to you without a fair trial, piles of evidence, and a clear accounting of every oversight review and board approval. Sure, there are tons of anti-government websites and Slashdot posts complaining about the government's operations, but very little in the way of legal arguments that would be useful to the privacy-promoting factions on those review boards.
Wake up already.
I already woke up. That happened many years ago, when I realized that bad guys think they're the good guys. Then I got older, and realized that blaming people in groups like "bad guys" or "governments" is a slippery slope towards being one of the "bad guys".
Please, grow up already.
You're missing the point.
There have been hundreds of database breaches in the past few years. Every password in those databases should be considered compromised. However, it's most likely that an attacker will use the dumped passwords as a dictionary, or at most try a few simple variations for a known user. It's far less likely that they will be able to guess the "simple" password if it's different and random for every organization.
Password reuse is a threat, and it's becoming more prevalent every day. The best defense is to utilize a password manager to keep a strong and unique password on every domain. The second-best defense is to force password changes, to minimize the chance of a user still having a password that was in a dumped database.
Precisely what law do I break by asking? The police might come by and ask what I'm doing, especially if the carrier office suspects illegal activity like stalking, but that's not probably cause for any further action.
Also, the police are only asking. Without a warrant or court-approved subpoena, there's no consequence for denying their request.
Despite the claims of Slashdotters, America still follows the rule of law. Without following a predefined procedure, there's no requirement for a particular behavior.
Funny you should ask, since I used to work in medical data.
Your doctor owns the data, but it's protected by explicit PHI laws, most notably HIPAA. Under HIPAA, your doctor's practice has significant freedom in how they can use or release that data to HIPAA-compliant partners. Your acknowledgement of that practice is one of the many forms they have you fill out prior to receiving treatment.
If I make a call to my carrier's local office and ask to have a look at their data, I won't be arrested. They won't likely give me access, but it's not illegal to ask. Similarly, a police officer can call and make the same request, and the carrier can choose to grant them access. Per your test, there's no warrant required.
The key assumption I'm making though is that I'm asking for "their" data. To my knowledge, there is no precedent for precisely who owns personal location data that a third-party generated and stores. That's the key issue at hand: whether data about someone is also considered their personal effects as covered by the 4th Amendment.
You're not looking in (or being shown) the right places. As one example, I'll explain the Podesta "hack". Everything I say here comes from a particular thread on Twitter, which does a far better analysis than I will attempt here, or sources linked therein.
Yes, it was phishing. I wouldn't call the phish email "super-obvious", as it matches Google's style pretty much exactly. The key detail is that the phish link went to a bit.ly site, notably created via the bit.ly API, which requires creating an account. From information leaked from that account by researchers at the time, the same phishing campaign went to about 1800 people, individually targeted but using a common framework.
It's primarily from that mass of targets that we can determine motive, and from that we can attribute who had that motive. Almost two thirds of the targets were either military personnel or authors. Of the authors, about half were experts on Russia or the Ukraine. Of the military and government personnel, two thirds were U.S.-based, 14% were linked to NATO, and a few key Syrian rebel personnel were targeted as well.
Basically, the campaign that hit Podesta also targeted a lot of other folks, and the common thread is that Russia would want intelligence on them. There was no malware involved to be dissected, and no attempt to hide the origin of the campaign. In fact, the only way the analysis was possible was because the attackers had not set their bit.ly account private before they were discovered (though they did later). If the account were private, tracing a single victim's attack would have led only to a probably-hijacked server with a .tk domain.
(end citing the Twitter thread)
Similarly, other attacks can be attributed by the infrastructure they use. Some recent attacks on election committees, for example, used C&C servers that had previously been used in other attacks against Turkish and Ukranian governments, strongly indicating that the perpetrators of all the attacks were adversarial to Turkey and Ukraine.
In other attacks where malware and persistence are involved (like the DNC hack), expert analysis usually relies on identifying precisely which APT group is responsible for the attack. Each APT typically operates independently, using their own in-house-developed tools and preferred techniques. That's perfectly reasonable, because when the goal is stealth, an attacker will use the techniques they're most comfortable with to avoid costly mistakes. Once they are identified, though, that becomes a weakness, as the same pattern can be identified in other victim systems.
It is easy to spoof identifiers. Names, strings, and addresses can all be manipulated. What is more difficult to fake are behavior patterns. When a server starts seeing access requests for files starting every day at 2AM and ending at 10AM, it's a decent indicator that somebody with a seven-hour time zone difference is poking at your systems. Yes, that can be manipulated by having the attack teams work at odd hours, but it's just another bit of data. Then there's the localization of tools, exempted targets, and even the order in which tools are deployed.
Remember: These aren't amateurs. The attackers involved are professionals, clocking in and doing a job. There are the good ones, there are the sloppy ones, and there are the managers who make stupid decisions they have to deal with, just like in any other government office. They have their routines they follow to make it through the day, and it's through analysis of those routines that analysts learn about the attackers.
I'm not in Sweden, but from other more knowledgeable sources, I'm led to believe that this is indeed legal.
Really, very little has changed. The charges have not been dropped. Rather, the case has been suspended. In fact, the official statement sounds more like Sweden is saying "there's nothing else to do unless he comes out", so they're not putting more resources into the investigation until new options present themselves.
That's actually not how it works. All forfeitures go into the fund, and disbursements come out of that down to the state and local agencies, after all victim payouts are handled.
Shoplifting is an interesting case, since it exactly fits the topic of discussion: The shoplifters were literally invited into the store, but they still broke the law by shoplifting. Does the store get blamed for having the naivete to allow shoppers inside?
No. It actually makes a full HTTP request, and requires a good response. I believe MalwareTech originally even said that the killswitch was fragile, and he tried to make it somewhat resilient, but it's not a cure. It holds off the payload, but is absolutely not an excuse to avoid patching, updating, and disinfecting your systems.
In the USA? The cops steal five times as much stuff, year in year out as burglars do.
Yes, yes.. Cops are bad, gub'mint is bad... I'm quite familiar with the typical bias of Slashdotters.
Fortunately, statistics are easily available which provide a more reasonable picture: In 2015, the last year for which full reports are available, burglary alone cost Americans $3.6 billion, while asset forfeiture only totaled $1.6 billion.
Also, some bendejho federal judge has recorded an opinion that opening your door amounts to inviting the cops into the front room.
I'm not familiar with the precise case in question, but the usual rule of thumb is that the officers are allowed to check to ensure their own safety. If that means they have to check the area immediately inside the door, then so be it.
That would make you an idiot, but should not take any blame off of the thief, who still decided to break the law, regardless of whether you were an easy target or not.
It must be a conspiracy or something...
Blaming thieves is one thing, but if you primary residence has a door, and you spend most of your time there AND you're dumb enough to answer the door when a well-disguised attacker knocks, then the thief can only take part of the blame.
I hope they know where to send the paycheck... I also apparently shill for big corporations, the Jews, the Illuminati, both the Republican and Democratic parties... and yet even though they know me well enough to bring me into their conspiracies, they apparently don't know where to send the damned payoff.
I see it a little differently:
Everybody thinks they're being helpful in discussing the latest breaking news and giving their opinion. Half of the time, though, it just adds noise.
Technically a guy who used to make $30 an hour full time in a union factory job, then laid off, and now works part time for $12 an hour, is not unemployed.
...so are we now supposed to base our economic policies on what labor was worth at some point in the past when propped up by organized crime and industrialized extortion? That seems a little silly to me, but I digress.
If the hypothetical union worker is now employed, even at $12 an hour part-time, then he's not "unemployed". He might be "underemployed", but he has a job, and is making an income. That income might be lower than he's used to, but that falls into the "income" statistics, not the "employment" figures.
Also if you plain give up looking for a job and go on charity/welfare/whatever, you're not unemployed.
Yes, that's also correct. If you're not looking for a job, you're not in the statistics that track people who are looking for a job. There are other statistic sets that track welfare enrollment, often broken down by reason.
The only thing the BLS job numbers are intended for is tracking the state of the economy, not the state of people's lifestyles. Pundits and politicians (from all parties) like to confuse the issue for their own ends, but that's really all there is to it. The job numbers tell you how many people are able to find jobs. If you want to know whether the jobs are good or not, you'll have to look at other data sets that align with your definition of a "good" job.
It's pretty much exactly that.
If wages outpace inflation*, it encourages a bubble in consumer confidence, as consumers have literally more money than they know what to do with. That in turn lowers saving rates, as people finally splurge on the luxuries they've wanted, without thinking much about how temporary their windfall is. That increases risk to future economic downturn when the income stops and they're now in debt and used to a comfortable life. In short, think of 1925, but with rampant money instead of uncontrolled debt.
Of course, there are other issues with inflation outpacing wages for too long, as consumer confidence drops and they stop spending on the luxuries they can afford. That leads to a collapsing market for anything beyond survival, cutting employment rates and pushing wages further downward, which pushes prices up, reinforcing the inflation.
Economics: The field where everything is bad for complex reasons, and you're never right about just how bad it will be.
* Note that I'm not claiming any particular wage as good or bad, just that there are risks when they don't match.
The largest container ship in the world holds 20,000 TEU, and each TEU is roughly 40 cubic meters. To carry the same amount of ice as one towed iceberg, you'd need to have 100 such ships, and the Antarctica-side infrastructure to load them.
The biggest factor that makes a towed iceberg reasonable is just how little structure is needed. A significant amount of cable, of course, but nothing that makes the logistics unmanageable.
Iceberg towing has been studied a lot (though if you look through the many reports about this online there is a curious tendency for people to think they are analyzing this for the very first time and approach it with a blank slate).
Any particularly useful resources you recommend? I looked briefly, and didn't find much with actual measurements. I ended up taking a pure-math approach, assumed a spherical cow, and ultimately stopped caring about the shape when I found that there actually are tugboats powerful enough. Once the idea is deemed reasonable, improvements like ideal shape can be computed by the folks getting paid to do it.
...the ice source is free, abundant, and constantly renewed, and thus the only cost associated with any melting is the towing cost incurred thus far for that fraction of ice that melts.
That's one of my unstated early assumptions, that whoever is doing this is smart enough to cut off more than they need to deliver. Again, I figured that once you get into the "reasonable" area, those problems fall away with an economy of scale.
Considering in-transit melting as an example, we can consider that melting will be on the surface. and the majority of the volume won't be subject to such effects. Similarly, drag is mostly related to cross-sectional area, so this is one of the few situations where the square-cube law works in our favor. We can increase the towed volume (and thus the benefit) by a cubic rate, while only increasing the melting and power needs (and thus the costs) at a quadratic rate.
I never said 75 billion, or 80 billion. I have only ever discussed millions of cubic meters. The AC's correction was incorrect, but I was trying to be nice about it.
Pro tip: Never try to remember your scale or units. That makes it far too easy to forget a conversion or miss an order of magnitude. Instead, set out a big and ugly formula in small pieces, then plug in the numbers. Google will keep track of units for you, no matter how complicated they become. That provides a check at each step that you're actually calculating something that makes sense.
Originally, I picked a sphere thinking it'd make the math easier. While that did hold true (somewhat), it also has the interesting effect of reducing that C coefficient.
The drag coefficient C is 0.5 for a spherical object and can reach 2 for irregularly shaped objects according to Serway.
I haven't seen nearly enough information on icebergs to narrow it down more than that, so I figured the estimate would get me within an order of magnitude of correct.
In my defense, I didn't do that conversion myself.
Regardless, I don't see the issue here. Yes, 20 billion gallons is a volume equivalent to about 75 million (not billion) cubic meters. However, since we're also want to know the volume of ice, which is about 90% as dense as water, it becomes just over 84 million cubic meters. Using only one significant figure, that approximates to 80 million cubic meters.
I did some math. Previously, I've considered similar absurd ideas, and the cost just didn't fall in their favor.
I feel I should start with a disclaimer: It's currently a very late (or early, depending on one's perspective) hour of the evening, and my physics skill isn't what it used to be. I invite and encourage you all to review my work, and if I'm wrong, please tell me how.
Based on the figures provided, we can work out the magnitude of the problem. The first computation is simple: Our speed will be .3m/s, to travel the (roughly) 10000 kilometers between Antarctica and the UAE in one year.
20 billion gallons of water corresponds to roughly 80 million cubic meters of ice. Cut into a sphere for ease of transport and calculation, it would have a radius of about 300 meters, with a cross-sectional area of about 200,000 square meters. We'll ignore the air resistance of the 10% above water, which falls within the error of my rough calculations. Calculation for the force of drag is ugly*, but works out roughly to C*9*10^6 newtons. That "C" is a coefficient simplifying the effect of the iceberg's shape, ranging from 0.5 for a sphere to 2 for more troublesome shapes.
Considering that range, the water's drag is between 4 and 20 meganewtons. A power source (tugboat, added motors, etc) will need to supply that much force just to maintain speed. If I remember my physics correctly, at 0.3m/s, that's between 2000 and 7000 horsepower.
There are tugboats with that much power. I haven't found much information on the annual cost to operate such a beast, but one tugboat operator gives price estimates per hour. For the purposes of this discussion, we can assume that the quoted price covers the operator's expenses well enough to also cover the overhead of running such a large operation, and the benefits of scale will cover the higher costs of an ocean-going expedition. Those are some very large assumptions, but I don't have information to clarify it further.
With those assumptions, the cost to pull an iceberg for a year is only about $20 to $100 million. That's surprisingly cheap, putting the cost of mostly-fresh water at under $0.001 per liter ($0.005 per gallon). In comparison, a desalination plant supplies water at about $0.0005 to $0.003 per liter ($0.001 to $0.01 per gallon).
In short, it's expensive, but it's in the same ballpark as regular desalination for that much water, and if the losses due to melting and evaporation can be controlled, it might just be feasible. As noted in TFA and elsewhere, it would also be quite the spectacle, promoting yet more tourism to the area.
* The formula I ended up with is F[drag] = C*.5*1g/cm^3*(.9*pi*(80000000 m^3/(4*pi/3))^(2/3))*(0.3m/s)^2.
School regulations are the purview of state, not federal. It's much *much* better when the local population has a say in how their kids get schooled. Common core and "no child left behind" was a disaster.
Schools are better off managed at the local level.
Everyone knows that.
I call bullshit.
What actually happens is that local school administrators think they're better off, because they can put more money into the football program and cut out that high-falutin' nerd crap. After all, kids just don't need that fancy electronic stuff to run the farm. It was good enough for their grandpa, good enough for their pa, and it's good enough for them.
Yes, it's a stereotype, but all too often it holds true. Under the banners claiming "locals know best" and "parents know best", you find an army of last-generation people whose education hasn't actually progressed since the 1970s. The myths they grew up with become fact in their mind, and the priorities and politics of their small-town local life becomes the focus of a stagnated culture. Without mandates and guidance from an emotionally- and geographically-detached administration, the local schools are far more likely to base the curriculum on a local economy, effectively denying their students the skills needed to participate in a modern global society.
I was fortunate enough to have grown up in one of the outliers. In my area, the school superintendent had been an engineer for the government, and had moved around the country before settling in my little farming town. Previously, the school had used a curriculum focused on American history, home ec, and shop class, but the new administration fought to diversify the programs. We got a new arts program, computer lab, and even (much to parents' disgust) made wood shop an elective!
The end result was that is was possible for a student to learn more than their family's farming trade, and eventually afford to actually leave the town. The immediate effect was that there was a "lost generation", where graduates left the town, either for college or for jobs elsewhere. In the longer term, however, those students ended up being the most successful, with some of the highest-paid careers the school has ever produced.
In comparison, the neighboring district generally held that a proper education focused on physical strength and good morals. Last I heard, a drought had devastated their local farming economy, and the district had about 85% population below the poverty line.
A modern workforce demands a diverse skill set, and having a self-reinforcing education system eliminates opportunities for the students' skill set to widen. Schools are better off managed with input from all levels, providing students with options to make their own course through life.
Everyone knows that.
As a business owner I could not possibly care less how much your life decisions cost you. My only concern is whether the cost of employing a person is justified by the value they will provide, either now or eventually.
I'm not saying that as a business owner you should do otherwise. I am, however, suggesting that if your business model doesn't support everyone involved, it would be reasonable for such a grossly exploitative business plan to be forbidden by law. I'm a capitalist, not a libertarian.
Is it not obvious I am talking about a worker's output and not their value as a human being?
No, it is not obvious, and in discussions about minimum wage laws, it rarely is.
Please take note of all the restaurants in California that have closed in the last few months that found out what happened when they tried to raise prices to accommodate the increased minimum wage.
Perhaps, then, their business was not actually sustainable, and it's right for them to close. Why is a business closing such a horrible thing, but an employee starving isn't? There is an argument that the employee now doesn't even have their minimal income, but they do now have time to find a higher-paying job or relocate.
See above.
I'm not sure exactly what I'm supposed to see. You haven't argued against marketing at all. If, for example, a restaurant can't afford to pay their wait staff living wages, then why is it unreasonable to expect the restaurant owner to start an ad campaign promoting their "premium" sandwiches that conveniently carry a 600% profit margin, rather than their cheaper items at a 10% profit?
How about the machines that replace workers altogether so their wage goes to the true minimum wage of zero?
Ah, yes... The weavers and buggy-whip makers will be destitute. Historically, though, this argument has never held true. Rather, new technology has brought an increase in jobs, as the technology opens markets making previously-unsustainable businesses profitable. In time, advances in food-handling technology might very well make those California restaurants viable again.
Who says they are locked in? Right to work goes both ways.
In theory, yes, but the reality is that changing jobs is expensive (as I mentioned earlier in the thread), and it's very common for low-earning employees to find themselves in a situation where they can't afford to get a better job. The first major expense is time. It takes time to prepare a resume, apply, and interview. If someone is already working all of their available hours just to meet expenses, they can't take the time out to find a better-paying job. There are also financial expenses in job-hunting. There are plenty of emotional appeals involving giving a homeless person a haircut and a suit, and seeing them get a good-paying job... but there aren't enough suit giveaways for everyone. If an employee is barely (or not) meeting expenses, finding the money to get a suit, pay a babysitter, or even take a bus or taxi to an interview can be a significant hardship.
As social services exist today, there is some assistance available for these difficulties, but they often don't apply if you quit your job, no matter how bad it was.
Whoever said society is supposed to benefit from anything a business owner does?
Nobody. Society is supposed to benefit from its laws, which is how this whole conversation started. My complaint is that whenever there is such a conversation, somebody (the AC first, then you) always brings up the argument that minimum wages stop new businesses and raise costs on existing businesses. The unspoken assumption is that it's good to have new businesses start and for existing businesses to make more money, but there's never any evidence of that.