It might be a mistake to contact them in any way except as advised by legal counsel. I know nothing of the law in this area, but someone I know was once contacted by an organization trying to collect an alleged debt of a dead person, and the legal advice in that case was that to acknowledge the correspondence could make things more difficult.
Ultimately, you are right - it is a losing position to argue that a word means something other than what common usage has chosen for it to mean.
'Computer science' has always been a misleading term, because whatever it is, it is not science. As it is taught, computer science resembles a branch of engineering more than anything else. We have something that calls itself software engineering, but that field looks more like a branch of business management, and one, furthermore, that is predicated on the mistaken idea that creating software is a form of manufacturing where success is guaranteed if we would only run it like a production line.
The field of computing seems to have a problem in finding appropriate suffixes.
"CS is not about software development, it is a branch of mathematics."
That depends entirely on what college or university you are attending.
Computer science has a meaning for more than just students, and that meaning lies primarily within the domain of mathematics. What gets taught in the name of computer science depends on the institution doing the teaching.
"[Orin] Kerr says that, as the law stands, the charges against Swartz were "pretty much legit," and that the law itself should be the target of the internet community's angst, rather than the prosecutors."
There is no reason why both issues can not be considered together. There is more to moral behavior than following the letter of the law.
You know what the most serious source of revenue for a publication is? Readership.
The heart of the problem is that readership is no longer an adequate source of revenue. The Atlantic's actions should be seen as an act of desperation, not a sell-out.
We are all losers if it becomes unfeasible to perform the quality of journalism that the Atlantic built its reputation on.
| "onboard fires on airplanes are as bad as it gets"
Hmm... I'm sure a missing wing, or rapid loss of pressure due to a collision, or massive power failure, or lots of other things could be a lot worse than a battery fire.
Am I correct in assuming TFA doesn't know what on earth (or off it) they're on about?
No, you are not correct, you are either over-estimating your expertise or over-estimating the importance of being pedantic.
En-route cabin or hold fires fall into the category of events that will almost certainly be fatal to everyone on board. With a slight application of analytical thinking, it is possible to see that a fire on the ground immediately raises the question of whether this could occur in flight.
Either your company's coding standards didn't prohibit crap code, or previous employees didn't adhere to the standard.
While coding standards can require code to be syntactically well-structured, they cannot make it conceptually well-structured, and that is where the biggest problems in comprehension (and more than a few bugs) have their origin. This is why the first responder's reply, 'yes, but not by much' is correct.
I am in favor of reasonable coding standards, but I do not expect them to make much difference. They will certainly not 'prohibit bad code.'
He doesn't have to, because of the magical use of the meaningless term "Scientific consensus" by virtually all of the scientists and journalists writing about the field. What we're told, over and over, is that virtually all credible scientists are speaking with one voice.
It's a simple fact that virtually all credible scientists are speaking with one voice, and as such, it has meaning. It is not direct evidence that global warming is occurring; it is good evidence that the direct evidence has been thoroughly examined.
The idea that science is somehow subject to a vote is even scarier than the idea that it should be subservient to religion.
Well, I have comforting news for you: it's not. You seem to have scared yourself with your own rhetoric.
Meanwhile, most of the non-electronic locks manufactured in the world can be "hacked" by a pair of paper clips.
Onity's locks should be judged not only by their physical counterparts, but also by what can reasonably be achieved electronically. This problem was entirely avoidable, at little or no extra original expense (and much less overall) if Onity had just employed one or two competent, security-aware developer/designers. I don't expect perfection, and is reasonable competence too much to ask?
I'm calling bullshit here. Looks to me like their locks were fit for purpose, where its purpose is to keep honest people honest.
The larger issue that concerns me here is that this cavalier attitude to electronic security seems to be unjustifiably common, and it seems that someone needs to get slapped around a bit before businesses see this as something they need to pay attention to. If Onity is that someone, we are making progress.
Just because Onity got targetted doesn't mean they are suddenly less secure than all the others.
Right... for example, they could have been less secure than all the others from the start.
Your argument, quoted above, is not false, but it is useful only in pointing out that we cannot assume the alternatives are secure. To anyone for whom the security of hotel locks matter, Onity has been shown to have been incompetent in its design, and it is the degree of its incompetence that matters. The vulnerability exploited here was not a subtle mistake.
Seems like everyone would have been better off if everyone kept quiet and Onity just started shipping new units with the fix.
One group that would be worse off are hotel operators seeking a lock-system supplier. With this information out, they can make a slightly more informed choice.
"Onity’s proposal for franchisees is conditioned on the franchisee’s acknowledgement that Onity does not guarantee a lock’s invulnerability to hacking."
While this is a reasonable statement on its own, the real issue here is competence. Onity's design was in such blatant and avoidable violation of basic security principles (e.g. a small keyspace and a lack of real cryptography) that it might be be called negligent.
-Advertising is obnoxious -No, it isn't: my advertisements are not obnoxious -Well, your advertisements are not the real class of advertisements we are talking here.
Isn't it the very definition of the "no true scotsman" falacy?
No. Superficially, it has the same form as true no-true-scotsman fallacies, but the definition of trueness is not ad-hoc - it is a meaningful distinction that matters beyond the 3-line argument you are calling a fallacy. Innocent_white_lamb's advertising is a combination of making available information for people to find if they want to, and sending notification to those who request it. In contrast, the advertising under discussion here is sent to people who did not specifically request it (by using a site they may have implicitly consented to receive advertising, but that is not the same as subscribing to a specific information feed from a specific source that they are interested in, which is what innocent_white_lamb provides.)
Ethics are a matter of conscious decision-making. Until we have conscious machines, we will not have ethical machines. What Marcus is writing about is the application of ethics in the design of machinery, which is a growing topic in its own right, but not nearly as click-inducing (or alliterative) as is 'moral machines'.
So.... where's the story? I don't see anything on slashdot about normal burglars breaking into house with zipguns and the like, why is THIS news?
Security, and in particular the continuing use of amateurs to develop software and systems that should be secure, is a topic that definitely belongs here (as would new developments in lock-picking, in my opinion).
This lock was very badly designed, and Onity acted irresponsibly in not taking security seriously (and for a lock, no less). It will send a valuable message to the marketplace if they go out of business as a result.
There are at least two other plausible explanations for the Fermi paradox: 1) interstellar travel is really hard. 2) it is hard for technologically-advanced civilizations to last long. We have no evidence on 2, and the best evidence we have on 1 is in the affirmative.
One time pads are not impossible to crack, provided you have some clues about detecting a successful decoding.
In addition to all the valid arguments against this fallacy that have been made here, it is perhaps worth noting that most of the clues you are positing are equally valid whether or not you have an intercepted message. The only constraints that having a message puts on your set of clues is the fact that some message was sent, the maximum length of that message, and some constraints on the time and location of its creation. You cannot even know whether the message is pertinent to your clues. Guessing the content of a message from these clues is not decrypting it, even if, by chance, you get the exact wording right, and if you are doing this sort of guessing, the specifics of the message's encryption are irrelevant.
Your citation is incomplete. Key reuse is one way to weaken the encoding without forking over the key itself, though this needs multiple messages encoded with the same key. Less than perfectly random sources can be another attack vector. "Used properly" is not just about protecting the key.
Reusing a key or generating a key from less than perfectly random keys are both key-protection issues, as they both provide avenues by which an attacker may recover the key, and in both cases, these attacks depend on properties of the key, not the message.
Slashdot Mirror
It's not just in Amsterdam but also in New Amsterdam - this is playing now on New York Public Radio's morning news program:
http://www.wnyc.org/shows/newtechcity/blogs/new-tech-city-blog/2013/feb/05/nyc-tells-airbnb-hosts-dont-get-too-cosy/
It seems to have worked well for almost 60 years, during which time the global economy did pretty well.
It might be a mistake to contact them in any way except as advised by legal counsel. I know nothing of the law in this area, but someone I know was once contacted by an organization trying to collect an alleged debt of a dead person, and the legal advice in that case was that to acknowledge the correspondence could make things more difficult.
Ultimately, you are right - it is a losing position to argue that a word means something other than what common usage has chosen for it to mean.
'Computer science' has always been a misleading term, because whatever it is, it is not science. As it is taught, computer science resembles a branch of engineering more than anything else. We have something that calls itself software engineering, but that field looks more like a branch of business management, and one, furthermore, that is predicated on the mistaken idea that creating software is a form of manufacturing where success is guaranteed if we would only run it like a production line.
The field of computing seems to have a problem in finding appropriate suffixes.
"CS is not about software development, it is a branch of mathematics."
That depends entirely on what college or university you are attending.
Computer science has a meaning for more than just students, and that meaning lies primarily within the domain of mathematics. What gets taught in the name of computer science depends on the institution doing the teaching.
if it wasn't for Darwin's delay, Wallace would probably only be known now to a handful of specialists.
"[Orin] Kerr says that, as the law stands, the charges against Swartz were "pretty much legit," and that the law itself should be the target of the internet community's angst, rather than the prosecutors."
There is no reason why both issues can not be considered together. There is more to moral behavior than following the letter of the law.
You know what the most serious source of revenue for a publication is? Readership.
The heart of the problem is that readership is no longer an adequate source of revenue. The Atlantic's actions should be seen as an act of desperation, not a sell-out.
We are all losers if it becomes unfeasible to perform the quality of journalism that the Atlantic built its reputation on.
| "onboard fires on airplanes are as bad as it gets"
Hmm... I'm sure a missing wing, or rapid loss of pressure due to a collision, or massive power failure, or lots of other things could be a lot worse than a battery fire.
Am I correct in assuming TFA doesn't know what on earth (or off it) they're on about?
No, you are not correct, you are either over-estimating your expertise or over-estimating the importance of being pedantic.
En-route cabin or hold fires fall into the category of events that will almost certainly be fatal to everyone on board. With a slight application of analytical thinking, it is possible to see that a fire on the ground immediately raises the question of whether this could occur in flight.
You mean people actually *PAY* programmers who are so shit at code comprehension that they can't work on code not in their indoctrinated style?!
It's more like they pay people who can only produce confused and confusing code, and then think coding standards will fix the problem.
Either your company's coding standards didn't prohibit crap code, or previous employees didn't adhere to the standard.
While coding standards can require code to be syntactically well-structured, they cannot make it conceptually well-structured, and that is where the biggest problems in comprehension (and more than a few bugs) have their origin. This is why the first responder's reply, 'yes, but not by much' is correct.
I am in favor of reasonable coding standards, but I do not expect them to make much difference. They will certainly not 'prohibit bad code.'
If there wasn't a huge amount of real scientific evidence for global warming, then that would be a point worth making.
He doesn't have to, because of the magical use of the meaningless term "Scientific consensus" by virtually all of the scientists and journalists writing about the field. What we're told, over and over, is that virtually all credible scientists are speaking with one voice.
It's a simple fact that virtually all credible scientists are speaking with one voice, and as such, it has meaning. It is not direct evidence that global warming is occurring; it is good evidence that the direct evidence has been thoroughly examined.
The idea that science is somehow subject to a vote is even scarier than the idea that it should be subservient to religion.
Well, I have comforting news for you: it's not. You seem to have scared yourself with your own rhetoric.
How I Learned to Stop Worrying and Love IPv6
Meanwhile, most of the non-electronic locks manufactured in the world can be "hacked" by a pair of paper clips.
Onity's locks should be judged not only by their physical counterparts, but also by what can reasonably be achieved electronically. This problem was entirely avoidable, at little or no extra original expense (and much less overall) if Onity had just employed one or two competent, security-aware developer/designers. I don't expect perfection, and is reasonable competence too much to ask?
I'm calling bullshit here. Looks to me like their locks were fit for purpose, where its purpose is to keep honest people honest.
The larger issue that concerns me here is that this cavalier attitude to electronic security seems to be unjustifiably common, and it seems that someone needs to get slapped around a bit before businesses see this as something they need to pay attention to. If Onity is that someone, we are making progress.
Just because Onity got targetted doesn't mean they are suddenly less secure than all the others.
Right... for example, they could have been less secure than all the others from the start.
Your argument, quoted above, is not false, but it is useful only in pointing out that we cannot assume the alternatives are secure. To anyone for whom the security of hotel locks matter, Onity has been shown to have been incompetent in its design, and it is the degree of its incompetence that matters. The vulnerability exploited here was not a subtle mistake.
Seems like everyone would have been better off if everyone kept quiet and Onity just started shipping new units with the fix.
One group that would be worse off are hotel operators seeking a lock-system supplier. With this information out, they can make a slightly more informed choice.
The leaked agreement contains this paragraph:
"Onity’s proposal for franchisees is conditioned on the franchisee’s acknowledgement that Onity does not guarantee a lock’s invulnerability to hacking."
While this is a reasonable statement on its own, the real issue here is competence. Onity's design was in such blatant and avoidable violation of basic security principles (e.g. a small keyspace and a lack of real cryptography) that it might be be called negligent.
Uh...
-Advertising is obnoxious
-No, it isn't: my advertisements are not obnoxious
-Well, your advertisements are not the real class of advertisements we are talking here.
Isn't it the very definition of the "no true scotsman" falacy?
No. Superficially, it has the same form as true no-true-scotsman fallacies, but the definition of trueness is not ad-hoc - it is a meaningful distinction that matters beyond the 3-line argument you are calling a fallacy. Innocent_white_lamb's advertising is a combination of making available information for people to find if they want to, and sending notification to those who request it. In contrast, the advertising under discussion here is sent to people who did not specifically request it (by using a site they may have implicitly consented to receive advertising, but that is not the same as subscribing to a specific information feed from a specific source that they are interested in, which is what innocent_white_lamb provides.)
Just because they never did anything about the whole 2008 mess, don't think they aren't watching you.
Ethics are a matter of conscious decision-making. Until we have conscious machines, we will not have ethical machines. What Marcus is writing about is the application of ethics in the design of machinery, which is a growing topic in its own right, but not nearly as click-inducing (or alliterative) as is 'moral machines'.
So.... where's the story? I don't see anything on slashdot about normal burglars breaking into house with zipguns and the like, why is THIS news?
Security, and in particular the continuing use of amateurs to develop software and systems that should be secure, is a topic that definitely belongs here (as would new developments in lock-picking, in my opinion).
This lock was very badly designed, and Onity acted irresponsibly in not taking security seriously (and for a lock, no less). It will send a valuable message to the marketplace if they go out of business as a result.
There are at least two other plausible explanations for the Fermi paradox: 1) interstellar travel is really hard. 2) it is hard for technologically-advanced civilizations to last long. We have no evidence on 2, and the best evidence we have on 1 is in the affirmative.
One time pads are not impossible to crack, provided you have some clues about detecting a successful decoding.
In addition to all the valid arguments against this fallacy that have been made here, it is perhaps worth noting that most of the clues you are positing are equally valid whether or not you have an intercepted message. The only constraints that having a message puts on your set of clues is the fact that some message was sent, the maximum length of that message, and some constraints on the time and location of its creation. You cannot even know whether the message is pertinent to your clues. Guessing the content of a message from these clues is not decrypting it, even if, by chance, you get the exact wording right, and if you are doing this sort of guessing, the specifics of the message's encryption are irrelevant.
Your citation is incomplete. Key reuse is one way to weaken the encoding without forking over the key itself, though this needs multiple messages encoded with the same key. Less than perfectly random sources can be another attack vector. "Used properly" is not just about protecting the key.
Reusing a key or generating a key from less than perfectly random keys are both key-protection issues, as they both provide avenues by which an attacker may recover the key, and in both cases, these attacks depend on properties of the key, not the message.