Target is still speculation
on
Stuxnet Worms On
·
· Score: 2, Interesting
This attack is aimed at a very specific PLC configuration, and does nothing unless it finds that configuration.
Until someone who has the matching PLC configuration admits it, speculation as to the target remains speculation.
To be in the stores for the holiday shopping season, it would already have had to be shown to retailers, the retail space booked and paid for by Microsoft, and the first containers of product on ships in transit from China. It's too late in the retail cycle for this season.
It's a movie...based off a an actual event but injected with LOTS of fiction and creative juicy bits to make the story interesting and dramatic. The movie isn't flawed because it fails to mention the "magic behind the facebook story," as most people watching the movie don't give a shit about that stuff! It would be nonsense that distracts from the movie.
Yes, it's Hollywood. Don't expect realism. For those of us here in Silicon Valley, the amazing thing was Zuckerman finding, on a low budget, a house in Palo Alto a few blocks from the Stanford campus, with a pool.
There is, after all, plenty of "geek" stuff in the film. The sequence where Zuckerman writes screen scrapers to get all the Harvard house face books into his system even has valid Perl code shown on screen. Lessig has a point, though. It's getting harder to launch something like that as "the Internet" is divided into a series of walled gardens, run by Facebook, Comcast, Apple, and Google. It's not impossible. But there are more "gatekeepers" now.
I looked at Zuckerman's page on Facebook to see if he liked the movie, but he hasn't posted anything yet.
Is that actual open air? Wouldn't dirt and water in the air start causing problems?
It's probably not open air. My guess is that they have air-to-air heat exchangers behind all those grills, so the heat is dumped into the cold ambient air. Mostly the same air goes round and round in the data center, which keeps the humidity in range. So there's not much work for the chillers; mostly it's just fans.
That's what ADS-B is supposed to do - give anyone who wants it a picture of what's in nearby airspace. It may have been a mistake to implement that capability and mandate that the transmitters be installed on aircraft. But, with that done, bitching about people using the data is pointless.
An attacker could buy a general aviation ADS-B receiver for $1495 and get the same data on an HP iPAQ. So this only protects against terrorists with very low budgets.
Take something like a deadbolt lock and make an electric version, with a power source, switch, and solenoid, and tell me which is simpler to understand.
First off, where did they get that picture of a bunch of mini-tower machines on steel shelving, each with one Ethernet cable, one power cord, and one console connection, sitting on raised floor? That looks like clip art of some data center circa 1998.
Here's the actual Yahoo data center in Lockport, which, as you'd expect, is a big farm of 1U rackmounts. The "chicken coop" design is simply a low-cost prefabricated metal building with lots of ventilation grills. Looks like something ordered out of the Butler Buildings catalog.
Yahoo got $9 million in grants and 10 years of no taxes for this. Yet it will employ only 125 people. Probably less, once it's running.
Lockport is desperate. The big employer in town, Delphi Harrison Thermal Systems (formerly Harrison Radiator) had 6000 employees a decade ago. Now it has 2100, and has been threatened with closure several times.
I recently converted from Windows 2000 to 64-bit Windows 7. It wasn't bad at all. I'd never used Microsoft Office other than Word 97, and I didn't bother trying to re-install that on Windows 7. I'd been using OpenOffice for Word documents for years. Most of my programming is in Python, and I use mostly open source applications. MySQL installed nicely on Windows 7. Engineering tools for PCB design, electronic simulation, and CNC machining worked on both Windows 2000 and Windows 7; the API really hasn't changed much.
The only big headache was Visual SourceSafe. While my 10-year old boxed version of VSS refused to install on Windows 7, it turns out that when I copied over the VSS data directories, they contained a copy of the applications, and they didn't need to be "installed". All the client needed was a shortcut, and it ran fine. Even "analyze", the checking and recovery tool, runs. The VSS license from a decade ago permits a move to a new machine, so no problem there, and I now had access to my old files. I never used remote access to a VSS database anyway; my shared work is on Subversion. The Tortoise SVN client works fine on Windows 7.
The only new piece of software I had to buy was Adobe Photoshop Elements, a DRM problem, since installation ties it to a specific machine.
On the hardware front, Windows 7 recognized my old HP LaserJet 5L, even behind a USB to parallel converter, downloaded the appropriate driver, and ran it properly. I did have to replace my Canon LIDE scanner; Canon doesn't offer a 64-bit driver for the old model. But a newer scanner was only $50, and it's more than twice as fast.
If you read documents from the early history of the telegraph industry, you find that it was considered easier to hire and train "electricians" than "mechanics". People who could understand and fix printing telegraphs, which are complex mechanical devices, were hard to get. People who could wire up simple key-and-sounder Morse systems, maintain the batteries, and use the things were cheaper and easier to train.
Building working mechanical devices is hard, and designing complex ones is very hard. There aren't that many good mechanism designers, and there never were. Edison was one. All the good Teletype machines were designed by one man, Edward Kleinschmidt. Only a few people ever designed good mechanical calculators. It was really tough before CAD; when Burroughs was designing the first good adding machine, he had to draw on zinc sheets with scribing tools, because paper wasn't dimensionally stable enough.
Even today it's tough. You have to design within the limits of what can be manufactured, what can be manufactured cheaply, what doesn't need an excessive parts count, what will wear well, and such.
Bad mechanism designers today tend to build things that have too many moving parts and are overly expensive to build. If you build mechanical devices from standard components, the way you build electronics, you get a big kludge.
This one probably won't be true. Most wires just can't give out enough power. Recharging a car at speeds at which a gas car is charged takes around 5 megawatts. That means that 10 of my local costco gas stations = 1 powerplant.
It's not quite that bad. 1 megawatt is more like it. The Tesla Roadster battery has a capacity of 53kWh. Their "fast charge" is 3 hours, and requires 220V 80A, or 17.6 KW. To charge 60x faster, in 3 minutes, would require about 1 MW. (4KV at 250A, perhaps?)
It's been suggested that stations on weaker parts of the power grid might have local batteries, to level out their load. They could still charge a car in 3 minutes, but maybe only 5-10 cars per hour. Then they only need 100KW coming in.
Batteries that can take charge rates like that don't exist yet. There are claims from the "nanotechnology" crowd that they will be available Real Soon Now. We'll see.
15 minute charge, though, is feasible now. That can be addressed with marketing; the combo gas station/Burger King/Starbucks/grocery store might work. (Or not.)
Consider a service plaza on a major Interstate highway in an isolated area. A good example would be I-15 from LA to Vegas. Assume a range of 200 miles, like a Tesla roadster. Every 20 miles, there's a service plaza. Assume 10% of cars come in for a recharge at each service plaza. An expressway lane has a capacity of 2000 cars per hour, so an 8-lane freeway has 16,000 cars per hour at max. If 10% of those need a Tesla-sized recharge, that's about 50KWh per car, or 1600*50 KWH/hr, or 8 megawatts per service plaza per direction, or 16MW per service plaza, or 80MW for 100 miles of road. That's big, but not unreachable.
I heard Shai Agassi speak at the Commonwealth Club in SF, and met some of his people afterward when everyone went over to 111 Minna (a club). They talk big, but they have very little actually deployed. They talk about growing by a factor of 10 each year, and deployment all over the world. All they have are three (3) taxicabs in Tokyo, and one automated battery change station for them.
Their next deployment will be seven (7) cars at the Sheraton Waikiki Resort, plus and a few charging spots. That is a Government-funded project. They have yet to deploy anything that pays its own way, even with subsidies. There are much bigger electric taxi projects; Shenzen already has 100 electric taxis running. New York tried one in 2007, but "it got to spend a lot of time on the back of a flatbed tow truck and not a lot of time as a taxicab", especially in cold weather, so they're deploying hybrids in large quantities instead.
Better Place's basic assumptions are that 1) fast charging technology won't work, so battery changing will be necessary 2) leasing battery packs is a viable business, 3) enough cars can be designed around the standard battery packs to make this work, and 4) they can standardize the infrastructure around their standards. All four are iffy.
A female environmentalist friend who heard Agassi speak commented that he's really good looking, and too much of his credibility comes from that.
Hm, I think some folks would be willing to debate that: UKs-National-Portrait-Gallery-Threatens-To-Sue-Wikipedia-User
They threatened that back in 2009, but when Wikipedia's lawyers replied, the National Portrait Gallery never filed suit.
It's been over a decade since Bridgeman vs. Corel, and it hasn't been overturned. At least one related US case has made it to the appellate level (Meshwerks vs. Toyota) and not only did the appeals court cite Bridgeman as good law, they extended it to 3D scans of 3D objects.
There's some huffing and puffing from the museum community, but no museum has dared to force the issue in court, for fear of getting an even worse ruling, or being hit by a "false claim of copyright" prosecution.
That's bad. The Hollywood Reporter tracks almost everything Hollywood is doing, in more detail than you need unless you're in the industry. If their people haven't heard of it, it's unknown. There's one entry in THR's database: "MPAA ratings: Jan. 20, 2010", where The Hollywood Reporter listed the MPAA's rating decisions for the week. (It got an "R".) So the producers sent a copy in for rating and paid the fee.
Some DVDs are available for remainder prices on Amazon.
It's going to be hard for the producers of this turkey to demonstrate that they lost any money through downloading. They may have trouble finding anyone who actually viewed the download.
Those images have "Halta Definizione" stamped all over them. But it looks like that's being done client-side; the stamps appear and disappear as you scroll and change resolution. Someone should extract the underlying images and post them to the Wikimedia Commons in PNG format. This is legal; see "Bridgeman vs. Corel".
Society isn't currently "supporting" an "efficient market" system to this extent. The New York Stock Exchange is. There is a difference between the two.
No, there's substantial societal and legal support for the current financial system. For example,
Trades are not taxed. No sales tax. No withholding. Losses are fully deductible from profits.
There are three ways a company can pay for its capital: interest on loans, dividends, and stock
buybacks to pump up the stock price. Interest and buybacks are tax-deductible, but dividends
are not. This creates a bias against dividends and encourages volatility.
Corporations are permitted to pay executives with stock options. Options are valuable if the
stock price goes up, but don't cost anything if the price goes down. This is "pay for
volatility". The company that has a constant stock price and a steady dividend (like Pacific
Gas and Electric for the century before deregulation) is a good
investment, but bad for the top executives.
US pension funds are permitted to trade as "sophisticated investors," and trade derivatives.
(Pension funds own over half the assets in the US markets.)
So are banks that take deposits and have FDIC insurance. In neither case does this benefit the
beneficial owners of the funds.
I just finished reading through the whole report. It's fascinating, if you're into this.
First, none of this involved a "bug". All systems involved functioned as designed.
What's going on here is a logical consequence of the way the markets are set up. The Chicago Mercantile Exchange ("CME", the futures market, which started by trading grain) has a tradeable commodity called the "E-mini", which is a derivative security based on the S&P 500 stocks. Anyone can buy or sell contracts in E-minis, and can also buy or sell the underlying stocks. This generates a frantic amount of short-term trading from market players trying to profit from the differences between the two, which keeps the price of the E-mini close to the prices of the S&P 500 stocks.
None of this is productive activity, of course.
There's a consolidated feed from all markets that everybody gets. It has a few seconds of lag. To obtain an advantage in fast trading, some of the players buy direct exchange feeds with an average of 8ms (yes, 8 milliseconds) of lag.
What started the crash was that a fundamentals trader (one who actually pays attention to the companies involved) was selling $4 billion in stocks. Ordinarily, this isn't a big deal. They had a program throttling their rate of sale to 9% of market volume in the last minute, to avoid depressing the market. That's normal. So far, so good.
However, in response to this sale, the "high-frequency traders" started frantically trading back and forth to balance their portfolios. Their net effect didn't move prices much, but it pushed volume up. So the big seller started selling faster.
This generated enough volatility that some market players started dropping out, decreasing liquidity. That generated market imbalances which other traders started to exploit. Then, because of all this frantic trading, the consolidated market feed and the millisecond feed differed enough that some trading firms had data quality alarms and dropped out of trading. Since traders who are "market makers" are required to maintain buy and sell bids in the market, they defaulted to their default bids - buy at $0.01, sell at $100,000. Some trades actually took place at those prices. 895 shares of Apple stock were sold at $100,000. The price of Accenture fell from $30 to $0.01 in seven seconds, then recovered within the next minute.
Then "At 2:45:48, trading on E-Mini was paused for five seconds when the CME Stop Logic
Functionality was triggered in order to prevent a cascade of further price declines". Yes, a 5-second automatic trading halt. That was
enough to start to stabilize the E-mini contract trading on the CME. But by then, the E-mini was enough out of sync with the underlying stocks (mostly on the NYSE) that trading on the NYSE started to move stocks there to resync with the E-mini.
The NYSE still has a trading floor, which slows it down. This didn't help. But that's another story.
Nothing failed. Nobody did anything wrong. The original seller's strategy for unloading $4 billion in stock was reasonable. This is all a consequence of normal market operation. The report concludes that speeding up the consolidated market feed to get the 5-second lag (which was more than fast enough before program trading) down should be done. That's it.
Whether or not society should support an "efficient market" system to this extent is an question one is not supposed to ask.
If a group like the NAACP had tried the same stunts in a more dictatorial country, say Iran or Cuba, how long would they have lasted?
That sort of protest wouldn't even succeed today in the US. Everybody would just be arrested. Protesters would be fenced into "free speech zones" far from anything.
Some of the "revolutions" of the 1960s were near things. If the NYPD had brought in reinforcements at Stonewall, the "gay revolution" and AIDS epidemic would have never have happened.
Activism from the left is dead in the US. There's no significant, effective opposition to the wars in Iraq and Afghanistan, the concentration of wealth, the crushing of unions, the decline in wages, or the tax benefits enjoyed by Wall Street. (All of which would have been unacceptable to the Eisenhower administration, an indication of how far to the Right the US has moved.)
The activist organizations that accomplish anything are either on the Right, funded by big business, or church-based. Or they're purely self-interested, like gun owners and gays.
Much of '60s activism was powered by music. That's over. Today's musicians have near zero political effect.
It's these low end "background checks" and "clearances" that suck. I used to be in the aerospace business, working for a company that did business with the 3-letter agencies. I've been through the clearance process for the higher level clearances. At that level, there are real background checks, where Government investigators go out and quiz your neighbors, friends, previous employers, and creditors in person. Fingerprints are taken and checked. Police records are checked.
Birth certificates are checked; not only do you have to show yours, they check it against the hospital birth records. There are interrogations, lie detector tests, and an interview with a shrink. The whole process takes about a year.
But because the high level clearance process is reasonably thorough, it's not as random as the low-end stuff. It's not "competitive", in the hiring sense. There's a limited list of things the security people worry about, and they're the items that, historically, have caused people to sell or give secrets to the enemy - relatives in an enemy country, vulnerability to blackmail, financial problems, gambling or drug or alcohol abuse history. They don't care if your Facebook page makes you look like a jerk.
The house counterpart is worded a bit more broadly. It would extend the provisions described to cover text based messages as well.
That version was sidelined. Real status is in Thomas, Congress's revision control system. Check the "related bills" link and see which version is furthest along.. S.3304's revision history ("Major Congressional Actions") reads:
5/4/2010 Introduced in Senate
8/3/2010 Committee on Commerce, Science, and Transportation. Reported by Senator Rockefeller with an amendment in the nature of a substitute. Without written report.
8/5/2010 Passed/agreed to in Senate: Passed Senate with an amendment by Unanimous Consent.
9/28/2010 Passed/agreed to in House: On motion to suspend the rules and pass the bill Agreed to by voice vote.
9/28/2010 Cleared for White House.
Tthe House version went to the Senate, the Senate substituted their version and passed it, that version went back to the House (both houses must approve the identical text), was passed there yesterday, and the bill is off to the White House for signature or (unlikely) veto.
This attack is aimed at a very specific PLC configuration, and does nothing unless it finds that configuration. Until someone who has the matching PLC configuration admits it, speculation as to the target remains speculation.
There's an Analytical Engine emulator available. It's a Java applet.
There's no fundamental obstacle to making a working replica, other than money.
To be in the stores for the holiday shopping season, it would already have had to be shown to retailers, the retail space booked and paid for by Microsoft, and the first containers of product on ships in transit from China. It's too late in the retail cycle for this season.
It's a movie...based off a an actual event but injected with LOTS of fiction and creative juicy bits to make the story interesting and dramatic. The movie isn't flawed because it fails to mention the "magic behind the facebook story," as most people watching the movie don't give a shit about that stuff! It would be nonsense that distracts from the movie.
Yes, it's Hollywood. Don't expect realism. For those of us here in Silicon Valley, the amazing thing was Zuckerman finding, on a low budget, a house in Palo Alto a few blocks from the Stanford campus, with a pool.
There is, after all, plenty of "geek" stuff in the film. The sequence where Zuckerman writes screen scrapers to get all the Harvard house face books into his system even has valid Perl code shown on screen. Lessig has a point, though. It's getting harder to launch something like that as "the Internet" is divided into a series of walled gardens, run by Facebook, Comcast, Apple, and Google. It's not impossible. But there are more "gatekeepers" now.
I looked at Zuckerman's page on Facebook to see if he liked the movie, but he hasn't posted anything yet.
Is that actual open air? Wouldn't dirt and water in the air start causing problems?
It's probably not open air. My guess is that they have air-to-air heat exchangers behind all those grills, so the heat is dumped into the cold ambient air. Mostly the same air goes round and round in the data center, which keeps the humidity in range. So there's not much work for the chillers; mostly it's just fans.
That's what ADS-B is supposed to do - give anyone who wants it a picture of what's in nearby airspace. It may have been a mistake to implement that capability and mandate that the transmitters be installed on aircraft. But, with that done, bitching about people using the data is pointless.
An attacker could buy a general aviation ADS-B receiver for $1495 and get the same data on an HP iPAQ. So this only protects against terrorists with very low budgets.
Take something like a deadbolt lock and make an electric version, with a power source, switch, and solenoid, and tell me which is simpler to understand.
Electromagnetic lock. One moving part - the door.
First off, where did they get that picture of a bunch of mini-tower machines on steel shelving, each with one Ethernet cable, one power cord, and one console connection, sitting on raised floor? That looks like clip art of some data center circa 1998. Here's the actual Yahoo data center in Lockport, which, as you'd expect, is a big farm of 1U rackmounts. The "chicken coop" design is simply a low-cost prefabricated metal building with lots of ventilation grills. Looks like something ordered out of the Butler Buildings catalog.
Yahoo got $9 million in grants and 10 years of no taxes for this. Yet it will employ only 125 people. Probably less, once it's running.
Lockport is desperate. The big employer in town, Delphi Harrison Thermal Systems (formerly Harrison Radiator) had 6000 employees a decade ago. Now it has 2100, and has been threatened with closure several times.
Almost all of those problems are DRM-related.
I recently converted from Windows 2000 to 64-bit Windows 7. It wasn't bad at all. I'd never used Microsoft Office other than Word 97, and I didn't bother trying to re-install that on Windows 7. I'd been using OpenOffice for Word documents for years. Most of my programming is in Python, and I use mostly open source applications. MySQL installed nicely on Windows 7. Engineering tools for PCB design, electronic simulation, and CNC machining worked on both Windows 2000 and Windows 7; the API really hasn't changed much.
The only big headache was Visual SourceSafe. While my 10-year old boxed version of VSS refused to install on Windows 7, it turns out that when I copied over the VSS data directories, they contained a copy of the applications, and they didn't need to be "installed". All the client needed was a shortcut, and it ran fine. Even "analyze", the checking and recovery tool, runs. The VSS license from a decade ago permits a move to a new machine, so no problem there, and I now had access to my old files. I never used remote access to a VSS database anyway; my shared work is on Subversion. The Tortoise SVN client works fine on Windows 7.
The only new piece of software I had to buy was Adobe Photoshop Elements, a DRM problem, since installation ties it to a specific machine.
On the hardware front, Windows 7 recognized my old HP LaserJet 5L, even behind a USB to parallel converter, downloaded the appropriate driver, and ran it properly. I did have to replace my Canon LIDE scanner; Canon doesn't offer a 64-bit driver for the old model. But a newer scanner was only $50, and it's more than twice as fast.
If you read documents from the early history of the telegraph industry, you find that it was considered easier to hire and train "electricians" than "mechanics". People who could understand and fix printing telegraphs, which are complex mechanical devices, were hard to get. People who could wire up simple key-and-sounder Morse systems, maintain the batteries, and use the things were cheaper and easier to train.
Building working mechanical devices is hard, and designing complex ones is very hard. There aren't that many good mechanism designers, and there never were. Edison was one. All the good Teletype machines were designed by one man, Edward Kleinschmidt. Only a few people ever designed good mechanical calculators. It was really tough before CAD; when Burroughs was designing the first good adding machine, he had to draw on zinc sheets with scribing tools, because paper wasn't dimensionally stable enough. Even today it's tough. You have to design within the limits of what can be manufactured, what can be manufactured cheaply, what doesn't need an excessive parts count, what will wear well, and such.
Bad mechanism designers today tend to build things that have too many moving parts and are overly expensive to build. If you build mechanical devices from standard components, the way you build electronics, you get a big kludge.
This one probably won't be true. Most wires just can't give out enough power. Recharging a car at speeds at which a gas car is charged takes around 5 megawatts. That means that 10 of my local costco gas stations = 1 powerplant.
It's not quite that bad. 1 megawatt is more like it. The Tesla Roadster battery has a capacity of 53kWh. Their "fast charge" is 3 hours, and requires 220V 80A, or 17.6 KW. To charge 60x faster, in 3 minutes, would require about 1 MW. (4KV at 250A, perhaps?)
It's been suggested that stations on weaker parts of the power grid might have local batteries, to level out their load. They could still charge a car in 3 minutes, but maybe only 5-10 cars per hour. Then they only need 100KW coming in.
Batteries that can take charge rates like that don't exist yet. There are claims from the "nanotechnology" crowd that they will be available Real Soon Now. We'll see.
15 minute charge, though, is feasible now. That can be addressed with marketing; the combo gas station/Burger King/Starbucks/grocery store might work. (Or not.)
Consider a service plaza on a major Interstate highway in an isolated area. A good example would be I-15 from LA to Vegas. Assume a range of 200 miles, like a Tesla roadster. Every 20 miles, there's a service plaza. Assume 10% of cars come in for a recharge at each service plaza. An expressway lane has a capacity of 2000 cars per hour, so an 8-lane freeway has 16,000 cars per hour at max. If 10% of those need a Tesla-sized recharge, that's about 50KWh per car, or 1600*50 KWH/hr, or 8 megawatts per service plaza per direction, or 16MW per service plaza, or 80MW for 100 miles of road. That's big, but not unreachable.
How about Better Place [betterplace.com]?
I heard Shai Agassi speak at the Commonwealth Club in SF, and met some of his people afterward when everyone went over to 111 Minna (a club). They talk big, but they have very little actually deployed. They talk about growing by a factor of 10 each year, and deployment all over the world. All they have are three (3) taxicabs in Tokyo, and one automated battery change station for them. Their next deployment will be seven (7) cars at the Sheraton Waikiki Resort, plus and a few charging spots. That is a Government-funded project. They have yet to deploy anything that pays its own way, even with subsidies. There are much bigger electric taxi projects; Shenzen already has 100 electric taxis running. New York tried one in 2007, but "it got to spend a lot of time on the back of a flatbed tow truck and not a lot of time as a taxicab", especially in cold weather, so they're deploying hybrids in large quantities instead.
Better Place's basic assumptions are that 1) fast charging technology won't work, so battery changing will be necessary 2) leasing battery packs is a viable business, 3) enough cars can be designed around the standard battery packs to make this work, and 4) they can standardize the infrastructure around their standards. All four are iffy.
A female environmentalist friend who heard Agassi speak commented that he's really good looking, and too much of his credibility comes from that.
Hm, I think some folks would be willing to debate that: UKs-National-Portrait-Gallery-Threatens-To-Sue-Wikipedia-User
They threatened that back in 2009, but when Wikipedia's lawyers replied, the National Portrait Gallery never filed suit.
It's been over a decade since Bridgeman vs. Corel, and it hasn't been overturned. At least one related US case has made it to the appellate level (Meshwerks vs. Toyota) and not only did the appeals court cite Bridgeman as good law, they extended it to 3D scans of 3D objects.
There's some huffing and puffing from the museum community, but no museum has dared to force the issue in court, for fear of getting an even worse ruling, or being hit by a "false claim of copyright" prosecution.
The Hollywood Reporter on "Cornered!": "No, we've never heard of it either".
That's bad. The Hollywood Reporter tracks almost everything Hollywood is doing, in more detail than you need unless you're in the industry. If their people haven't heard of it, it's unknown. There's one entry in THR's database: "MPAA ratings: Jan. 20, 2010", where The Hollywood Reporter listed the MPAA's rating decisions for the week. (It got an "R".) So the producers sent a copy in for rating and paid the fee.
Some DVDs are available for remainder prices on Amazon.
It's going to be hard for the producers of this turkey to demonstrate that they lost any money through downloading. They may have trouble finding anyone who actually viewed the download.
Those images have "Halta Definizione" stamped all over them. But it looks like that's being done client-side; the stamps appear and disappear as you scroll and change resolution. Someone should extract the underlying images and post them to the Wikimedia Commons in PNG format. This is legal; see "Bridgeman vs. Corel".
Society isn't currently "supporting" an "efficient market" system to this extent. The New York Stock Exchange is. There is a difference between the two.
No, there's substantial societal and legal support for the current financial system. For example,
Each of those reflects a legislative decision.
The last big flap like this was over KZ Manager, which is a resource management game for managing an extermination camp.
I just finished reading through the whole report. It's fascinating, if you're into this.
First, none of this involved a "bug" . All systems involved functioned as designed.
What's going on here is a logical consequence of the way the markets are set up. The Chicago Mercantile Exchange ("CME", the futures market, which started by trading grain) has a tradeable commodity called the "E-mini", which is a derivative security based on the S&P 500 stocks. Anyone can buy or sell contracts in E-minis, and can also buy or sell the underlying stocks. This generates a frantic amount of short-term trading from market players trying to profit from the differences between the two, which keeps the price of the E-mini close to the prices of the S&P 500 stocks.
None of this is productive activity, of course.
There's a consolidated feed from all markets that everybody gets. It has a few seconds of lag. To obtain an advantage in fast trading, some of the players buy direct exchange feeds with an average of 8ms (yes, 8 milliseconds) of lag.
What started the crash was that a fundamentals trader (one who actually pays attention to the companies involved) was selling $4 billion in stocks. Ordinarily, this isn't a big deal. They had a program throttling their rate of sale to 9% of market volume in the last minute, to avoid depressing the market. That's normal. So far, so good.
However, in response to this sale, the "high-frequency traders" started frantically trading back and forth to balance their portfolios. Their net effect didn't move prices much, but it pushed volume up. So the big seller started selling faster.
This generated enough volatility that some market players started dropping out, decreasing liquidity. That generated market imbalances which other traders started to exploit. Then, because of all this frantic trading, the consolidated market feed and the millisecond feed differed enough that some trading firms had data quality alarms and dropped out of trading. Since traders who are "market makers" are required to maintain buy and sell bids in the market, they defaulted to their default bids - buy at $0.01, sell at $100,000. Some trades actually took place at those prices. 895 shares of Apple stock were sold at $100,000. The price of Accenture fell from $30 to $0.01 in seven seconds, then recovered within the next minute.
Then "At 2:45:48, trading on E-Mini was paused for five seconds when the CME Stop Logic Functionality was triggered in order to prevent a cascade of further price declines". Yes, a 5-second automatic trading halt. That was enough to start to stabilize the E-mini contract trading on the CME. But by then, the E-mini was enough out of sync with the underlying stocks (mostly on the NYSE) that trading on the NYSE started to move stocks there to resync with the E-mini.
The NYSE still has a trading floor, which slows it down. This didn't help. But that's another story.
Nothing failed. Nobody did anything wrong. The original seller's strategy for unloading $4 billion in stock was reasonable. This is all a consequence of normal market operation. The report concludes that speeding up the consolidated market feed to get the 5-second lag (which was more than fast enough before program trading) down should be done. That's it.
Whether or not society should support an "efficient market" system to this extent is an question one is not supposed to ask.
If a group like the NAACP had tried the same stunts in a more dictatorial country, say Iran or Cuba, how long would they have lasted?
That sort of protest wouldn't even succeed today in the US. Everybody would just be arrested. Protesters would be fenced into "free speech zones" far from anything.
Some of the "revolutions" of the 1960s were near things. If the NYPD had brought in reinforcements at Stonewall, the "gay revolution" and AIDS epidemic would have never have happened.
Activism from the left is dead in the US. There's no significant, effective opposition to the wars in Iraq and Afghanistan, the concentration of wealth, the crushing of unions, the decline in wages, or the tax benefits enjoyed by Wall Street. (All of which would have been unacceptable to the Eisenhower administration, an indication of how far to the Right the US has moved.)
The activist organizations that accomplish anything are either on the Right, funded by big business, or church-based. Or they're purely self-interested, like gun owners and gays.
Much of '60s activism was powered by music. That's over. Today's musicians have near zero political effect.
Online gaming is moving to a bribery-based model. Call this by its right name. Players have to bribe the game management to get an edge.
Here's the turbine from Bladon Jets (Isle of Man).
This is the interesting part. Turbine cars have been built before, but the turbine usually cost too much. Bradon claims "low manufacturing costs", but no numbers are given. Here's a video of the engine, and an interview with the designer. It only cost the company a million pounds to get to this point, which is impressive for a startup.
The turbine wheel is made in one piece, by electric discharge machining in an oil bath. That helps to keep the cost down.
This is what the FBI should be doing about online crime - following the money and taking down the people handling it.
The only problem is that these are the small fish. They haven't yet reached the people at the top. But they'll know who they are.
It's these low end "background checks" and "clearances" that suck. I used to be in the aerospace business, working for a company that did business with the 3-letter agencies. I've been through the clearance process for the higher level clearances. At that level, there are real background checks, where Government investigators go out and quiz your neighbors, friends, previous employers, and creditors in person. Fingerprints are taken and checked. Police records are checked. Birth certificates are checked; not only do you have to show yours, they check it against the hospital birth records. There are interrogations, lie detector tests, and an interview with a shrink. The whole process takes about a year.
But because the high level clearance process is reasonably thorough, it's not as random as the low-end stuff. It's not "competitive", in the hiring sense. There's a limited list of things the security people worry about, and they're the items that, historically, have caused people to sell or give secrets to the enemy - relatives in an enemy country, vulnerability to blackmail, financial problems, gambling or drug or alcohol abuse history. They don't care if your Facebook page makes you look like a jerk.
The house counterpart is worded a bit more broadly. It would extend the provisions described to cover text based messages as well.
That version was sidelined. Real status is in Thomas, Congress's revision control system. Check the "related bills" link and see which version is furthest along.. S.3304's revision history ("Major Congressional Actions") reads:
Tthe House version went to the Senate, the Senate substituted their version and passed it, that version went back to the House (both houses must approve the identical text), was passed there yesterday, and the bill is off to the White House for signature or (unlikely) veto.