First off, demand that every software vendor provide a list of files that their product installs, where those files are installed by default and different checksums/hashes/etc for them.
It should be possible to boot a machine with a live CD (or PXE) and inventory every single file on that machine and identify the origin of each of them.
At least you'd know whether a machine was cracked or not.
Right now, with existing anti-virus, all you can say is that a machine does not have anything that matches the signatures that you have right now.
This renewal is carried out by the FISA Court under the business records section of the Patriot Act. Therefore, it is lawful.
Lawful is not the same as Constitutional. I'm pretty sure that our Founding Fathers would NOT have supported this.
As you know, this is just metadata.
If it is "just" anything then why are you so concerned about collecting it?
The information goes into a database,...
That's even worse. They're COMPILING information about citizens without even having a "reasonable suspicion" about those citizens.
... the metadata, but cannot be accessed without whatâ(TM)s called, and I quote, "reasonable, articulable suspicion" that the records are relevant and related to terrorist activity.
Who cares? If there is "reasonable, articulable suspicion" THEN you go after the records. With a WARRANT. And the warrant IDENTIFIES those SPECIFIC people you have a "reasonable, articulable suspicion" of.
As you know, and Iâ(TM)ve pointed out many times, there have been approximately 100 plots and also arrests made since 2009 by the FBI.
Go on...
I do not know to what extent metadata was used or if it was used, but I do know this:...
If YOU do not know then who DOES know?
And if YOU do not know then YOU should not be trying to IMPLY that there is any link between collecting this information and cracking any plots.
I do not know to what extent metadata was used or if it was used, but I do know this: That terrorists will come after us if they can and the only thing we have to deter this is good intelligence.
More of our people die when their own family kills them than die from "terrorists" in the US.
If "the only thing" that will protect us from these "terrorists" is collecting information on our own citizens then I am willing to take that risk.
My first question would be WHY do these have to be SECRET? If there's a legitimate need for the government to access them then why not be open about it?
Fascism begins when the efficiency of the Government becomes more important than the Rights of the People.
But for corporate users, a system level exploit allows things like installing sniffers and key loggers so that more passwords can be collected. Including the admin/root passwords.
Which can be used against the computers in the Accounting department to transfer money from the corporate accounts to "money mules".
But WHY does it take longer when you add more people? The answer is "communication channels".
And they follow the formula of (n*(n-1))/2 So 1 person has 0 communication channels to maintain. 3 people have 3 channels. 5 people have 10 channels. And if the EXACT same message is not present upon every one of those channels then problems start.
So the key is NOT to focus on 10 communication channels between 5 people but to focus on reducing the scope as quickly as possible so that fewer people are needed. And the means that your best programmers can spend more of their time programming and less on maintaining communication channels.
But when processes are so amateurish, as in the anecdotes provided in the fine article,...
Emphasis on that. Crappy data leads to crappy conclusions. And her "data" is extremely crappy.
From TFA:
In another team of seven or eight people, developers were encouraged to do whatever they felt like... which turned out to include, "Have every developer write code in a different language."
I count at least two WTF's in there. You wouldn't build cars engineered around blind people would you?
Also from TFA:
The best of those indicators? The one that most commonly predicts quality results? Good team communication.
So a baseball team or a football team with good communication should be able to crank out "quality" code. Wrong. And that gets back to the crappy examples she uses. Just because communication CAN be the biggest problem in a given situation does not mean that communication IS the biggest problem for all situations.
Seriously, what programmer would not ask which language was being used? Or not have MORE questions when the answer was "everyone uses whatever they want to".
However, for those that think the drones should be removed, just what do you propose to replace them with? or are you ok submitting to the Islamic political order under Sharia (which is the stated and published goal of the OIC, if you care to listen:
So you believe that the ONLY alternative to drone attacks is to convert to Sharia law?
Who, exactly, is going to impose Sharia law on the US? And I don't mean who would LIKE to. Who, exactly, has that capability?
The OIC realised it can't get its agenda through sovereign national parliaments - so what it is doing is manipulating the UN and then the resulting treaties will then be applied.
How about you look up who has veto power at the UN. Here's a hint, the US is one of them. If we don't like it, we can veto it.
There is a shadow war for freedom that is going on right now. If you don't stand up and argue for your liberties then the OIC (through the UN) *will* progressively take them away - it may take decades, but they are determined to reach their goal (Sharia) because it is a matter of faith for them.
Exactly HOW is ANYONE going to replace any part of the US legal system or Constitution with Sharia law?
Besides that, one data leak and it's the CEO's who's job will no longer exist.
Maybe. Maybe not. It depends upon how well he (or she) can spin it.
And the easiest way to spin it is to blame you.
So if you're having trouble getting the CEO to support the "NO BYOD HERE" policy then start hunting for a job with a more informed CEO. Leave that job and that CEO to one of the BYOD advocates. Let them deal with whatever loss happens.
... I'll have another job by next week anyway.
Maybe. It depends upon how high profile the loss is. It's easier to get a different job BEFORE the story about how the company lost $500,000 because someone in Accounting brought in an infected laptop and the CxO's and BoD are all claiming that it was your fault. Be proactive.
But Gaiman never claimed that it was "new". And I'm sure that if you asked him he could give you a dozen or more references that he pulled from for that.
The problem is when you take something as obvious (and done multiple times) as a detective story with supernatural elements and call it "new". It shows a lack of research.
Michael Reaves:... I can't really comment on the "Twinkleteeth" style of vamps, because I haven't seen any,...
It's only the most successful vampire franchise at the moment.
David Raiklen: It's time to give old myths a new spin.
Look at the book sales and movies. There are easily a THOUSAND different interpretations of vampires out there right now. What will be different about YOUR "spin" that hasn't been done over and over already?
Michael Reaves: Well, how about just plain people, instead of overblown Transylvanian counts?
You mean like in every vampire story EXCEPT Dracula?
David Raiklen:... And there's nothing supernatural about our vampires.
So you'll have a different origin story for the first vampire and they won't have a problem with crosses and they will reflect in mirrors and so on.
Unless they don't reflect in mirrors in which case you'll have to explain how a non-supernatural (does that make it natural?) breaks the laws of physics.
Also note that despite the claims of the Muslims that Allah is the God of Abraham, this claim must be false when scriptures are compared.
Except that they both use the same original scriptures. Islam just adds on the words of their prophet similar to what Christianity does.
Similarly, when scripture is compared the Islamic "Mehdi" pretty much has the characteristics given of a Christian Anti-Christ (there is more than one, this one just happens to be the one most detailed in Revelations).
Except that the concept of "anti-Christ" does not exist in the original scriptures. Only in the addendum of the Christians.
I'm an atheist so "have no skin in the game", I'm just giving a comparison of mythologies since that comparison is not known even to most religious and educated people.
The problem is that none of the mythologies make any sense unless you are already a believer. So comparing three mythologies that do not make sense to each other will not result in any insights except that they are different.
From your link:
Are we to assume that just because the Quran states that Allah is Yahweh of the Bible that both Jews and Christians are obligated to believe this to be true?
Are you obligated to consider MY fan-fiction to be canonical? Am I obligated to consider YOUR fan-fiction to be canonical? Particularly when the ORIGINAL material was a "shared-world" effort with lots of individual contributors who dealt with a lot of allegories and parables and such.
Yet, the Quran teaches that Allah is the author of evil:
When you have a monotheistic religion where EVERYTHING was created by a single omnipotent, omniscient god then arguing about whether that god created "evil" or "sin" is kind of silly.
Whomever wrote the link that you linked to has a religious point-of-view.
If you're a spy or diplomat or whatever, don't use Gmail. At the very least it is subject to the US government's laws. Get yourself a secured server somewhere else.
But with the newer stuff, their abilities are amped and their weaknesses are nerfed. Why not?
Exactly. You get eternal youth (at whatever age you "died") and all kinds of extras in exchange for a literal blood thirst. Which may or may not require you to kill a person (depending upon the writer) or animal.
So what effect would that have on society? And when did it start?
Are there "good" vampires and if so, why aren't they converting some of our best scientists? Why aren't they our space program? Stake them on Earth, send them to Mars and have a machine pull the stake. No need for food during the trip. Be the first vampire to see Saturn up close and then turn the ship back to Earth. How many astronauts on Earth would willingly "go vampiric" to do that?
Do you feel that we should stick more with the classic mythos? Or are you in favor with your own spin.
The problem would be FINDING the "classic" vampire. They've been changing ever since they were first invented. Mostly because the person telling the story needed a certain feature set for that story.
I'm not saying anything against Michael Reaves. But the main problem with most of the stories is that the reality created by the writer is inherently limited to the knowledge of the writer. So there are usually huge plot holes such as "if vampires are so cool then why wouldn't everyone want to be a vampire" or "if vampires are so powerful then why do they have to hide".
#1. Unless your password is "password" or some variant AND the site does not limit password attempts then "password strength" isn't that important.
#2. You are more likely to have your passwords compromised by using a cracked computer or by falling for a phishing link.
#3. If not #2 then when one of the sites you use is cracked and their username/password file (unhashed, unsalted) is stolen.
Also, why can't a site tell you what the requirements are PRIOR to you having to come up with a username/password/secondary-password/pet-name/school-name/maiden-name-mother?
The example given is around shark attacks. While the risk of shark attack is extraordinarily low, the media often makes it seem like an epidemic, and the gullible populace overreacts. The authors give many examples of where people don't comprehend risk and statistics. The authors note that people buy lottery tickets, often described as a tax on the mathematically disinclined, despite knowing the odds.
So if you misjudge a shark attack, you keep all your limbs and you have one fun day at the beach. Otherwise you might end up dead or crippled.
But if you misjudge the lottery, you lose the few dollars you put into it. Otherwise you end up with a lot more money than you started with.
They are not at all similar. At least not until you get into "gambling addiction" and phobias.
uh... I've always thought that to gain any meaningful stats, you need a large enough sample...
That works for trends. Not for the actions of individuals.
From TFA:
Rather than thinking of intelligence as a simple connect-the-dots picture, think of it as a million unnumbered pictures superimposed on top of each other.
He's a bit wrong there. It isn't a million unnumbered pictures. It's one picture per person in the country at the time. That's over 300 million pictures. Each one overlapping millions of other pictures.
uh... I've always thought that to gain any meaningful stats, you need a large enough sample...
And after a certain point you are just amplifying the "noise". And enough "noise" can appear to be a pattern.
It is only after an event that the "noise" can be filtered out and the extraneous pictures discarded.
The additional data allows a more solid case to be built, and makes it easier to find co-conspirators.
Yep. So the "compromise" could be lots of data collected but only kept for a short time (weeks, not years).
On the other hand, the frequency of any threats is so rare that do we really want to erode our liberties like this? Is regular police work just not capable of "connecting the dots" without this kind of surveillance?
Fascism begins when the efficiency of the Government becomes more important than the Rights of the People.
I think that the main issue is that people see the TV shows and movies and think that "life" has to look like that.
But those are just theatrics so that human actors can play the parts. Look at the variations of life on Earth. From whales to worms.
The Universe is so large that it cannot possibly be that we are the only life thriving on a planet orbiting a star.
It's not just whether there are other civilizations out there. It's also whether either of us would develop technology that the other would be able to understand or recognize as signals AND broadcast them during the time when they could be received AND with sufficient power to be received.
Slashdot Mirror
First off, demand that every software vendor provide a list of files that their product installs, where those files are installed by default and different checksums/hashes/etc for them.
It should be possible to boot a machine with a live CD (or PXE) and inventory every single file on that machine and identify the origin of each of them.
At least you'd know whether a machine was cracked or not.
Right now, with existing anti-virus, all you can say is that a machine does not have anything that matches the signatures that you have right now.
Of course there will be.
And there will be the opposite where things that were moved "to the cloud" are being brought "in house".
It's the beautiful cycle of IT.
Outsource to save money.
Insource to provide reliability/accountability.
Repeat.
It depends upon which part of the cycle the company is on.
Remember that CIO's do not get credit for "maintaining the status quo". They have to identify and "fix" a "problem".
Accounting servers are expensive and techs to maintain them cost too much. Move it all to the vendor's "cloud".
Can't write paychecks because someone is DDOS'ing that vendor or the ISP flooded or a backhoe cut the fiber? Better bring it in house.
Seriously? You think that the NSA had metadata on bin Laden's calls? But not the content of those calls?
From that article:
Lawful is not the same as Constitutional. I'm pretty sure that our Founding Fathers would NOT have supported this.
If it is "just" anything then why are you so concerned about collecting it?
That's even worse. They're COMPILING information about citizens without even having a "reasonable suspicion" about those citizens.
Who cares? If there is "reasonable, articulable suspicion" THEN you go after the records. With a WARRANT. And the warrant IDENTIFIES those SPECIFIC people you have a "reasonable, articulable suspicion" of.
Go on ...
If YOU do not know then who DOES know?
And if YOU do not know then YOU should not be trying to IMPLY that there is any link between collecting this information and cracking any plots.
More of our people die when their own family kills them than die from "terrorists" in the US.
If "the only thing" that will protect us from these "terrorists" is collecting information on our own citizens then I am willing to take that risk.
My first question would be WHY do these have to be SECRET? If there's a legitimate need for the government to access them then why not be open about it?
Fascism begins when the efficiency of the Government becomes more important than the Rights of the People.
That is correct for home users.
But for corporate users, a system level exploit allows things like installing sniffers and key loggers so that more passwords can be collected. Including the admin/root passwords.
Which can be used against the computers in the Accounting department to transfer money from the corporate accounts to "money mules".
So a basketball team with 4 people will tie a team with 8 people 50% of the time? (all individual skill levels being equal)
Or a tug-of-war competition between two teams (one with 4 people and one with 8) of people with similar physical builds will be a tie.
I always took Ringelmann's findings as support for "work expands to fill the available time" rather than an upper limit on a group's capabilities.
But WHY does it take longer when you add more people? The answer is "communication channels".
And they follow the formula of (n*(n-1))/2
So 1 person has 0 communication channels to maintain.
3 people have 3 channels.
5 people have 10 channels.
And if the EXACT same message is not present upon every one of those channels then problems start.
So the key is NOT to focus on 10 communication channels between 5 people but to focus on reducing the scope as quickly as possible so that fewer people are needed. And the means that your best programmers can spend more of their time programming and less on maintaining communication channels.
Emphasis on that. Crappy data leads to crappy conclusions. And her "data" is extremely crappy.
From TFA:
I count at least two WTF's in there. You wouldn't build cars engineered around blind people would you?
Also from TFA:
So a baseball team or a football team with good communication should be able to crank out "quality" code. Wrong. And that gets back to the crappy examples she uses. Just because communication CAN be the biggest problem in a given situation does not mean that communication IS the biggest problem for all situations.
Seriously, what programmer would not ask which language was being used? Or not have MORE questions when the answer was "everyone uses whatever they want to".
The weird part is that he keeps posting things like that and they keep getting mod'ed up. Here's his page here:
http://slashdot.org/~SplashMyBandit
Not mod'ed "flamebait" or "off topic".
Is this something on /. to generate more page hits by mod'ing up anti-UN / anti-Islam / conspiracy rants?
So you believe that the ONLY alternative to drone attacks is to convert to Sharia law?
Who, exactly, is going to impose Sharia law on the US? And I don't mean who would LIKE to. Who, exactly, has that capability?
How about you look up who has veto power at the UN. Here's a hint, the US is one of them. If we don't like it, we can veto it.
Exactly HOW is ANYONE going to replace any part of the US legal system or Constitution with Sharia law?
And if it's about "detective investigates X and finds vampire" then there's even more stuff out there.
But it wasn't a real vampire. Just someone faking it for an alibi or an insane guy who believed he was. But it wasn't a real vampire.
Dum dum DUMMMMMM!
Or WAS it?!?
Anyway, how about a list of clichés that you do NOT want to see in a vampire movie? Mine are:
1. Vampires dress normally. NOT like they just left the fetish party.
2. Vampirism that does NOT seem like most of the people in the world would prefer that to their current existence.
3. The vampire "lives" in a place that seems reasonable. NOT a castle or a mansion that looks like a castle. People tend to inquire as to who owns huge estates.
Maybe. Maybe not. It depends upon how well he (or she) can spin it.
And the easiest way to spin it is to blame you.
So if you're having trouble getting the CEO to support the "NO BYOD HERE" policy then start hunting for a job with a more informed CEO. Leave that job and that CEO to one of the BYOD advocates. Let them deal with whatever loss happens.
Maybe. It depends upon how high profile the loss is. It's easier to get a different job BEFORE the story about how the company lost $500,000 because someone in Accounting brought in an infected laptop and the CxO's and BoD are all claiming that it was your fault. Be proactive.
But Gaiman never claimed that it was "new". And I'm sure that if you asked him he could give you a dozen or more references that he pulled from for that.
The problem is when you take something as obvious (and done multiple times) as a detective story with supernatural elements and call it "new". It shows a lack of research.
There's even a TVTropes page dedicated to the sub-genre of detective-vampire.
http://tvtropes.org/pmwiki/pmwiki.php/Main/VampireDetectiveSeries
From their answers:
It's only the most successful vampire franchise at the moment.
Look at the book sales and movies. There are easily a THOUSAND different interpretations of vampires out there right now. What will be different about YOUR "spin" that hasn't been done over and over already?
You mean like in every vampire story EXCEPT Dracula?
So you'll have a different origin story for the first vampire and they won't have a problem with crosses and they will reflect in mirrors and so on.
Unless they don't reflect in mirrors in which case you'll have to explain how a non-supernatural (does that make it natural?) breaks the laws of physics.
Just a few points:
Except that they both use the same original scriptures. Islam just adds on the words of their prophet similar to what Christianity does.
Except that the concept of "anti-Christ" does not exist in the original scriptures. Only in the addendum of the Christians.
The problem is that none of the mythologies make any sense unless you are already a believer. So comparing three mythologies that do not make sense to each other will not result in any insights except that they are different.
From your link:
Are you obligated to consider MY fan-fiction to be canonical? Am I obligated to consider YOUR fan-fiction to be canonical? Particularly when the ORIGINAL material was a "shared-world" effort with lots of individual contributors who dealt with a lot of allegories and parables and such.
When you have a monotheistic religion where EVERYTHING was created by a single omnipotent, omniscient god then arguing about whether that god created "evil" or "sin" is kind of silly.
Whomever wrote the link that you linked to has a religious point-of-view.
If you're a spy or diplomat or whatever, don't use Gmail. At the very least it is subject to the US government's laws. Get yourself a secured server somewhere else.
Exactly. You get eternal youth (at whatever age you "died") and all kinds of extras in exchange for a literal blood thirst. Which may or may not require you to kill a person (depending upon the writer) or animal.
So what effect would that have on society? And when did it start?
Are there "good" vampires and if so, why aren't they converting some of our best scientists? Why aren't they our space program? Stake them on Earth, send them to Mars and have a machine pull the stake. No need for food during the trip. Be the first vampire to see Saturn up close and then turn the ship back to Earth. How many astronauts on Earth would willingly "go vampiric" to do that?
The problem would be FINDING the "classic" vampire. They've been changing ever since they were first invented. Mostly because the person telling the story needed a certain feature set for that story.
I'm not saying anything against Michael Reaves. But the main problem with most of the stories is that the reality created by the writer is inherently limited to the knowledge of the writer. So there are usually huge plot holes such as "if vampires are so cool then why wouldn't everyone want to be a vampire" or "if vampires are so powerful then why do they have to hide".
All excellent points. And there are still more.
#1. Unless your password is "password" or some variant AND the site does not limit password attempts then "password strength" isn't that important.
#2. You are more likely to have your passwords compromised by using a cracked computer or by falling for a phishing link.
#3. If not #2 then when one of the sites you use is cracked and their username/password file (unhashed, unsalted) is stolen.
Also, why can't a site tell you what the requirements are PRIOR to you having to come up with a username/password/secondary-password/pet-name/school-name/maiden-name-mother?
The part that annoys me is:
So if you misjudge a shark attack, you keep all your limbs and you have one fun day at the beach. Otherwise you might end up dead or crippled.
But if you misjudge the lottery, you lose the few dollars you put into it. Otherwise you end up with a lot more money than you started with.
They are not at all similar. At least not until you get into "gambling addiction" and phobias.
That works for trends. Not for the actions of individuals.
From TFA:
He's a bit wrong there. It isn't a million unnumbered pictures. It's one picture per person in the country at the time. That's over 300 million pictures. Each one overlapping millions of other pictures.
And after a certain point you are just amplifying the "noise". And enough "noise" can appear to be a pattern.
It is only after an event that the "noise" can be filtered out and the extraneous pictures discarded.
Yep. So the "compromise" could be lots of data collected but only kept for a short time (weeks, not years).
On the other hand, the frequency of any threats is so rare that do we really want to erode our liberties like this? Is regular police work just not capable of "connecting the dots" without this kind of surveillance?
Fascism begins when the efficiency of the Government becomes more important than the Rights of the People.
Who happen to breath the same combination of gases and who are comfortable in the same temperature range and gravity range.
Not to mention the inter-breeding. So much inter-breeding.
But that's what happens when you have writers who know more about getting a job writing for a show than they know about science.
I think that the main issue is that people see the TV shows and movies and think that "life" has to look like that.
But those are just theatrics so that human actors can play the parts. Look at the variations of life on Earth. From whales to worms.
It's not just whether there are other civilizations out there. It's also whether either of us would develop technology that the other would be able to understand or recognize as signals AND broadcast them during the time when they could be received AND with sufficient power to be received.