No, it is that data mining doesn't work, against this particular problem. That's because data mining works for, as you say, trends and probabilities. But terrorists are individual events, making up something under one millionth of the population, and data mining simply can't see that kind of thing.
No offense, but what's the point of posting a long quote and adding absolutely none of your own words? If I wanted to read Rand, I'd get one of her books.
That's nice, but kind of a detour from the discussion. I was responding to someone who said, "They are no better off than your average couple."
The 2000 census puts the income of the average Alaskan household at about $60,000. In 2005-2006, the average was about $57,000 (yes, it went down). $80,000 is comfortably above even the Alaskan average. Plus we're not even counting her husband, whatever he does. (Maybe he doesn't work?)
I'm not saying she's overpaid or anything of the sort, just that contrary to the original claim, she is more well off than average.
Nobody said to throw the baby out with the bathwater. But "it's hard to do a better job" is hardly a reason not to complain. It's not going to get better if everybody decides that this is the best we can have. Pointing out injustice is always worthwhile, even when that injustice is impractical to remedy.
What's supposed to be the point in comparing Palin's salary to other governors, when the question is how she compares to average couples? Do you consider other governors to be average couples?
Here in my world, a couple where one spouse is making over $80,000/year is considerably above the average.
Well, that just means she's getting lots of police attention because she's well-connected, not because she's rich.
She's slightly closer to you and me than most politicians. But any national-level politician is extremely distant from you and me when it comes to this kind of thing.
Perform this thought experiment. You discover that your e-mail account has been hacked. You call the police. What happens then?
If you answered "sweet fuck all" then you are correct! A normal person is never going to get law enforcement to dedicate any resources to the hacking of a free e-mail account. If you are very lucky then perhaps you'll be able to do all the legwork yourself, gather all the evidence pointing to the perpetrator, and convince the DA to prosecute. But even this is unlikely.
But if you're candidate for Vice President suddenly the FBI and Secret Service come swarming out of the woodwork and put this guy into PMITA Federal Prison post-haste!
Yeah, it sucks her privacy was violated. But I care much more about the fact that this guy is only getting prosecuted because he hacked the account of somebody "important".
The salary for the position of governor of alaska was $81,648 in 2001. It may be higher now. In any case, that amount is quite a bit more than "your average couple", although I'll freely admit that that is far from being rich. However, political connections can buy justice just as well, if not better, than money.
Hell fucking yes. If burglars break into Obama's mansion he should get the exact same response that I would get if a burglar broke into my place.
Obama is not King and we are not his subjects. He's a citizen like everybody else, who just happens to hold a high office. Law enforcement should not treat him specially just because of that.
I have a much better idea. Sell a copy, not a license. This idea that when you buy a physical object you're really just buying a license is insane and needs to die.
At least someone on here is sane! It astounds me how many replies I'm getting saying that it's somehow proper to make more noise about self-signed SSL certs than plain HTTP. People are nuts!
Absolutely false. The browser could use any number of ways to indicate that a CA-issued cert is much more secure than a self-signed cert. There's no need to put up a big warning for the self-signed cert, any more than there's a need to put up a big warning for a plain HTTP connection.
Nonsensical. SSL with a self-signed cert is more secure than HTTP. It's less secure than "real" SSL, sure. But the only reason there's any kind of "false sense of security" is because the browsers give it to the user, and instead of taking that away, they try to fight against themselves by adding warnings. It's bizarre.
Self-signed certs only give a false sense of security because they're stupidly implemented. Remove the lock icon! Stop treating it like a secure connection! If you do these things, then people will not assume the connection is secure. There's absolutely no reason to treat it as worse than HTTP.
SSH is not just as dangerous as using a self-signed cert. A self-signed cert can be spoofed at any time with no difficulties, unless the user is being extremely paranoid and actually recording what the browser says every single time. With SSH, if you spoof me then you must always spoof me, and always have spoofed me, in a manner which is 100% consistent or else you will be discovered. In practice, that means that it's impossible to spoof SSH without being discovered unless you can intercept traffic at a point very close to the server.
That's just plain wrong. If I'm anywhere that your traffic passes through, then HTTP will expose your passwords and any other information you're transferring to me by simply running a sniffer. SSL with a self-signed cert requires me to actively run interference on your connection, with something like DNS or ARP spoofing, and running active software on my computer, and all of this is detectible to some degree. It's all doable, certainly, and not extremely hard, but it gives you a great deal over a raw unprotected connection like HTTP.
So stop displaying the lock symbol! Nothing requires you to treat "real" SSL and self-signed SSL identically. It should be obvious that the current standard approach of making them look exactly the same except for a scary warning that appears the first time you hit a self-signed site is broken. But nobody cares about doing better because it's the "standard".
Slashdot Mirror
Of course it does. Why wouldn't it?
And shutting down huge swaths of the country whenever the President goes somewhere isn't?
No, it is that data mining doesn't work, against this particular problem. That's because data mining works for, as you say, trends and probabilities. But terrorists are individual events, making up something under one millionth of the population, and data mining simply can't see that kind of thing.
No offense, but what's the point of posting a long quote and adding absolutely none of your own words? If I wanted to read Rand, I'd get one of her books.
If they've done something illegal, then arrest and prosecute them. If they haven't, then they should be free to go about their lives.
All innocent people should be equal in the eyes of the law.
That's nice, but kind of a detour from the discussion. I was responding to someone who said, "They are no better off than your average couple."
The 2000 census puts the income of the average Alaskan household at about $60,000. In 2005-2006, the average was about $57,000 (yes, it went down). $80,000 is comfortably above even the Alaskan average. Plus we're not even counting her husband, whatever he does. (Maybe he doesn't work?)
I'm not saying she's overpaid or anything of the sort, just that contrary to the original claim, she is more well off than average.
So in other words, the significance of a crime depends on the importance of the victim. Glad to know where you stand!
Nobody said to throw the baby out with the bathwater. But "it's hard to do a better job" is hardly a reason not to complain. It's not going to get better if everybody decides that this is the best we can have. Pointing out injustice is always worthwhile, even when that injustice is impractical to remedy.
What's supposed to be the point in comparing Palin's salary to other governors, when the question is how she compares to average couples? Do you consider other governors to be average couples?
Here in my world, a couple where one spouse is making over $80,000/year is considerably above the average.
I gather you're being sarcastic, but what good reason is there for the police to treat one more seriously than the other?
I really don't see the problem. Plenty more where they came from.
Well, that just means she's getting lots of police attention because she's well-connected, not because she's rich.
She's slightly closer to you and me than most politicians. But any national-level politician is extremely distant from you and me when it comes to this kind of thing.
It's rather the opposite, really.
Perform this thought experiment. You discover that your e-mail account has been hacked. You call the police. What happens then?
If you answered "sweet fuck all" then you are correct! A normal person is never going to get law enforcement to dedicate any resources to the hacking of a free e-mail account. If you are very lucky then perhaps you'll be able to do all the legwork yourself, gather all the evidence pointing to the perpetrator, and convince the DA to prosecute. But even this is unlikely.
But if you're candidate for Vice President suddenly the FBI and Secret Service come swarming out of the woodwork and put this guy into PMITA Federal Prison post-haste!
Yeah, it sucks her privacy was violated. But I care much more about the fact that this guy is only getting prosecuted because he hacked the account of somebody "important".
Unfortunately the example it makes is that you can get away with crimes as long as the victim isn't important.
The salary for the position of governor of alaska was $81,648 in 2001. It may be higher now. In any case, that amount is quite a bit more than "your average couple", although I'll freely admit that that is far from being rich. However, political connections can buy justice just as well, if not better, than money.
Hell fucking yes. If burglars break into Obama's mansion he should get the exact same response that I would get if a burglar broke into my place.
Obama is not King and we are not his subjects. He's a citizen like everybody else, who just happens to hold a high office. Law enforcement should not treat him specially just because of that.
I have a much better idea. Sell a copy, not a license. This idea that when you buy a physical object you're really just buying a license is insane and needs to die.
One can only hope that he is prosecuted to the exact same extent that he would be prosecuted for hacking my Yahoo mail account.
Most machines are on switches these days.
Heh! Most machines are on wifi these days.
At least someone on here is sane! It astounds me how many replies I'm getting saying that it's somehow proper to make more noise about self-signed SSL certs than plain HTTP. People are nuts!
Absolutely false. The browser could use any number of ways to indicate that a CA-issued cert is much more secure than a self-signed cert. There's no need to put up a big warning for the self-signed cert, any more than there's a need to put up a big warning for a plain HTTP connection.
Nonsensical. SSL with a self-signed cert is more secure than HTTP. It's less secure than "real" SSL, sure. But the only reason there's any kind of "false sense of security" is because the browsers give it to the user, and instead of taking that away, they try to fight against themselves by adding warnings. It's bizarre.
Self-signed certs only give a false sense of security because they're stupidly implemented. Remove the lock icon! Stop treating it like a secure connection! If you do these things, then people will not assume the connection is secure. There's absolutely no reason to treat it as worse than HTTP.
SSH is not just as dangerous as using a self-signed cert. A self-signed cert can be spoofed at any time with no difficulties, unless the user is being extremely paranoid and actually recording what the browser says every single time. With SSH, if you spoof me then you must always spoof me, and always have spoofed me, in a manner which is 100% consistent or else you will be discovered. In practice, that means that it's impossible to spoof SSH without being discovered unless you can intercept traffic at a point very close to the server.
That's just plain wrong. If I'm anywhere that your traffic passes through, then HTTP will expose your passwords and any other information you're transferring to me by simply running a sniffer. SSL with a self-signed cert requires me to actively run interference on your connection, with something like DNS or ARP spoofing, and running active software on my computer, and all of this is detectible to some degree. It's all doable, certainly, and not extremely hard, but it gives you a great deal over a raw unprotected connection like HTTP.
So stop displaying the lock symbol! Nothing requires you to treat "real" SSL and self-signed SSL identically. It should be obvious that the current standard approach of making them look exactly the same except for a scary warning that appears the first time you hit a self-signed site is broken. But nobody cares about doing better because it's the "standard".