I'm always happy for research done to improve mobility and functioning for disabled people. Not enough is done to help those who are vision, mobility, or hearing impaired. That said... be really careful out there. There's way too many people who are scared by anyone who looks different. Steve Mann was recently attacked for having a digital eye prothetic by employees of a McDonald's. There didn't appear to be any motive for the assault other than a fear of his prothetics. His family was with him at the time.
I've heard similar reports of people being attacked who have brain implants to deliver electrical stimulation due to epilepsy, depression, etc. If it's visible, sooner or later some stupid neanderthal bastard's going to attack you for it. I personally think it should be a hate crime to attack a disabled (or 'augmented') person... but it's still more science fiction than science fact to our legislators to consider, I think.
If they were smart they would be dating guys who accept them (or want them) for who they are.
Every relationship is a negotiation, and over time, some of us smart girls have learned that it's easier to get the lion's share of what we want if we downplay certain things, at least at first.
Assuming your platform will "win big with programmers" is silly. Programmers will work with whatever you give them, and combine it with whatever they know. And no two programmers will have the same approach. Thinking you know what programmers want is like believing you know what women want. As if every woman (like every programmer) would be a cookie cutter copy of the other.
There are only a select few things I've found that programmers esteem and have in common, and it all has very little to do with programming per-se. They are patient. They often have the ability to hyper-focus for hours or (in extreme cases) days on a specific problem, going without food, water, sleep, social contact... in fact, interrupting them may get something chucked at your head. Prolonged and intense programming over a period of days or weeks can result in epic logic failures in their daily life -- "Hey hun, can you go to the store and if they have bread, pick up some eggs?" Programmer comes home with just eggs. They can and sometimes do become obsessed with details of a project (not just computer projects... ANY kind of project) and totally lose track of everything else; time, space, the fact that the house around them is on fire, that the girlfriend (cough, hi) is threatening to bean them if they don't come to bed and cuddle them, etc. Programmers are also endlessly fascinated with a difficult to define quality I call "Niftiness". If something is nifty, they will be drawn to it like a moth to fire. However, what is nifty to one is completely mundane to another... and "Niftiness" is a time-sensitive thing... it degrades rapidly with time.
You'll note that nowhere in there did I mention anything resembling a computer, or anything about programming itself. Programming attracts a particular kind of person; It is not the result of a particular way of doing something.
All the other posts here were either self-serving, or missed the point with an epic 'whoosh' noise. I won't be replying to them. You, however, seem to have thought about it rather than just re-arranged your prejudices and called that thinking.
First, yes, I am mostly interested in women, but not because I'm gay per-se. I'm actually bi, I just have had such terrible luck with men that I've largely given up finding one. But it's easier to identify myself as gay so they stop trying to put forth arguments about how I really want their cock when I don't -- again, self-serving male ego.
Basically, any time you go against a social norm, you're going to lose a measure of privilege. It's maybe not obvious to the person, or to observers, but the farther you push towards the fringe, the less tolerance and understanding people have. That translates to fewer opportunities, whether they're romantic, economic, etc. It's a rare lesbian indeed that makes good money; I'll leave you to figure out why. Amongst same-gendered company, it doesn't happen -- there's no stereotype threat. There's no expected social role. Amongst members of the same tribe, social clique, etc., there's no need for rule conformity -- no need to prove anything. But add men to the mix and it becomes a very different game. There are conversational dynamics that aren't present in mixed-gender company; Nobody is honest, not men, not women, because of stereotype threat. Of course, as the 7 posts other than yours underscored -- men simply aren't aware of complex social dynamics like that. They tend to think in very straight-forward terms... what they don't see, doesn't exist. Men also tend to have a smaller set of social identities than women -- a man at work and a man at home still has approximately the same personality and disposition. I know plenty of women that aren't anything like they are at work outside of it. Again, social expectations.
As to whether I'd continue to lie to my partner, no. And it's not lying, it's understating. I'm not going to geek-out on a first date, or even a third. That's something you discover later on... which is how most people work in relationships. There's some things you put forward right away, and there's other things you hold back. Men do it too: Take the single guy who's out excercising and riding up to women on his bike. They're putting forward what they think will attract a woman. Will he still be excercising and riding a bike a year into the relationship? Much less likely. Frankly, "be yourself" is about the worst advice you can give someone. Not everyone who listens wants to be your friend, not everyone who appears happy actually is. We engage in a hundred social lies a day... everyone has their 'shields' up when they're in public. You don't really meet the person the first time you talk to them -- you meet their representative. Social roles and expectations have a pervasive impact on how people behave, and they're often unaware of that impact because it's been internalized. You have to learn ways to get 'off script' with someone -- maybe it's a d20 left on the table, or a guy who has a Terry Pratchett book on the shelf. People don't just come out and say what all their social identities are... but they're also hard to avoid leaving clues about. Clues that other members of those social identities will recognize. GLBT people have tons of little tells for each other, resulting in so-called 'gaydar'. But it's hardly mysterious; Every social group that deals with negative stereotyping develops ways to signal their inclusion in the group in a way only group members can identify.
It's all such a terribly obvious thing to say... but most men just don't get it. To use a programming analogy... women frequently change contexts and 'woman' is just a base class. But you would never know, since the base class has no public functions to interact with; Everything you see is derived.
Also, I know a lot of openly gay hackers, so I find the title of the article dumb for that reason as well.
Yeah. Hi. The only reason I've stayed on with IT is because I am gay. Going into science and technology fields has the same effect on society's perception of a woman's femininity as going into fashion design does for men. Imagine Chuck Norris in fashion design. It hurts, doesn't it? Most of us women in IT go to some lengths to avoid disclosing it in casual gatherings. It's often the "great reveal" in a relationship... Most men are intimidated by smart women, and so most women who are smart try to conceal it.
First, implying that this is only a problem for men is stupid. Women without responsibilities get into trouble too, often with consequences far beyond simple criminal mischief. Secondly, getting saddled with a relationshp does decrease the tendancy towards crime -- but then so does getting a car, a job, a house, etc. It'd be more accurate to say that criminals commit crime because they have less to lose.
That's a terribly obvious thing to say, and it also provides no insight into what to do to achieve it. Should we institute arranged marriages? A chicken in every pot, and a car in every garage? Should we force employers to hire people with a criminal record? Please, do tell. I'm all ears.
The US is one of the very few countries to get a stable democracy out of a revolution. That's not what usually happens.
We're not a democracy. We're a representative federated republic. Also, it doesn't always end with a Stalin or a Castro: Sometimes it ends with a Ghandi or a Mandela too. Revolution provides the impetus for change; That is true. However, implying that this change is always in one direction is not. The outcome of a revolution is unpredictable. Sometimes you get something better, sometimes worse... the only constant is that it's different than before.
Randomization doesn't make the attack impossible; It simply reduces the number of times it works to some fraction of the original. It's like using a salt on a crypto function: It increases the number of times the attack needs to be performed before it'll work. Although the locations in memory are random, there have to be API calls and such to pull those locations. If your bootstrap code calls those APIs... eventually it'll hit the right offset and your code will run in its entirety, you'll get the locations you need, and the payload can be delivered.
This is security through obscurity; It is not going to stop the attack, it'll just mean they need to do it N times before it's more likely than not to complete.
When you're writing malware, you don't have to get 100% of your target... 5% is valuable too. Or even 1%.
"Diabetes is caused by a buildup of glucose in the blood, which can lead to heart disease, stroke, kidney failure and blindness." Wrong! the buildup of glucose in the blood is a symptom of diabetes, not the cause.
It's not an inaccurate statement. Clinically, abnormally high glucose levels after fasting is diagnostic for the disease. Although, like all things in biology, it's not the root cause; High glucose levels are due to insulin resistance. Insulin resistance is not fully understood but it is is often found in patients who are obese. This is why diabetes is referred to as a syndrome. There are many potential causes, and it varies from patient to patient. Obesity is the most common medical condition found co-existing (comorbid) with diabetes.
So just because the author didn't describe the full pathology of the disease, that doesn't make him wrong. If you have high glucose levels, you (very likely) have diabetes. In layman's terms, that's the cause.
Just commenting to undo a bad mod. Pity about the good mods, but dems da breaks.
You need to stop doing that. Here on slashdot we have +1, Insightful (I agree with your political statement), -1, Flamebait (You said something bad about [religion]... Die Heathen!), +1, Funny (You said something obvious, but in a novel way), +1 Underrated (A lot of people are going to downmod you for this in meta, but I love you in secret), and -1, Overrated (I'm too cowardly to delurk and tell you why I disagree).
Your post clearly indicates you are unaware of this and are attempting to moderate based on a novel concept known as 'merit'. I hope they mod you into oblivion, you community-destroying monster! You corrupt everything/. moderation is about. It's a debasement of our esteemed institution of knee-jerk moderation.:)
You, sir, have very low expectations for the noble profession of pseudo-science. I both demand and expect a whole lot more from my committees of space pseudo-scientists
My expectations are merely average; I expect anyone who calls themselves a scientist to, from time to time, actually use the scientific method. That means experiments. Lab work. Testing. Peer review. The IAU has done none of those things -- many people in and out of the scientific community denounced their arbitrary definition of a planet to exclude Pluto. They rode ahead anyway (peer review? screw that). The people on the committee aren't active in doing anything that could be considered experimentation or observation with an eye towards scientific understanding... in other words, they're posers.
They're bureaucrats... and it shows. Darwin, Dmitri Mendeleev, Copernicus -- lots of scientists have made lasting contributions to how to classify and organize things that were useful, practical, and followed natural laws. The IAU's proclimations are arbitrary, often useless, and change frequently. They ought to be loaded into a cannon and fired into the next passing asteroid... at least then we could watch the impact and say they finally contributed something useful to the field.
I'm sorry David, I cannot allow you to pass that car.
Okay, that's funny, but this is more serious: "I'm sorry officer, I didn't cause that accident -- the car's controls stopped responding." Robotics are fine and dandy, we already have airplanes that can fly themselves, but those controls can be disabled or overridden in an emergency, because a computer's decisions are only as good as its programming.
Maybe the car in front of you cuts you off... and so it applies the brakes hard to avoid the collision. It doesn't see your friend's car that you're towing with just a tow rope. Crunch. Or how about this one: It's 3 am tuesday morning. You're the designated driver for a friend that's had way too much to drink because his wife just left him. You're a mile from a hospital when your passenger starts showing signs of cardiac arrest caused by alcohol poisoning. The speed limit is only 30 MPH. You try and floor it, but the car's engine keeps cutting out, saying you're travelling at an unsafe speed. Four minutes later, you make it to the ER lot, but not before you have to crawl there at 15 MPH because of the posted signs along the hospital's main entrance. It takes another three minutes before paramedics can get to your friend and start recussitation efforts. After 8 minutes without oxygen to the brain, your friend is permanently brain damaged. You could have made it to the hospital in half that time, saving your friend from a life of permanent disability. But the computer wouldn't let you. Or here's another one: You're in a bad neighborhood, driving a fancy state of the art semi-autonomous vehicle. It looks like a million bucks. Two guys in the car in front of you think the same thing and decide to pull out guns and try to car jack you. You're in traffic and there's no option to reverse as cars are behind you. Your only option is to break to the right lane and accelerate out of the kill zone... but the car detects an obstacle (the gunman) in your path, and applies the brakes. He takes aim. You keep pumping the accelerator, but nothing happens. Seconds later, rounds come through the windshield. You're dead.
Technologies like this are fine for everyday use, but in an emergency, they need to be able to be fully disabled. If they can't be, then the manufacturer needs to accept full legal liability for situations like those mentioned above.
Astronomical knowledge is evolving quite a bit faster than the rest of the library. I'm not necessarily saying that any IAU decisions are correct but I don't see anything fundamentally wrong with recategorizing. Isn't it that a hallmark of the intelligent?
No. I can write a computer algorithm to sort something; that doesn't make it intelligent. Anyone can make something more complicated -- true genius is making things simpler.
Why do you call the committee members pseudo-scientists? I'm rather sure everyone has a PhD in astronomy/astrophysics. (I'm technically an IAU member, although I've had little involvement with it.)
They don't experiment. They don't work in a lab. They may be involved in the scientific community, but they're not doing any scientific work per-se. They're bureaucrats with training in science.
The IAU has been trying to redefine things in bulk, and then growing discontent with those definitions and changing them yet again. It's a far cry from the organization's original role: Cataloging astronomical objects. To put it in perspective, they're like a librarian that changes the layout of the indexing system weekly. They don't actually move the books around, but they rename the aisles, recategorize things, and generally make a massive mess of it all.
But then, I'd expect nothing less from a committee of pseudo-scientists; They're so engrossed with their own administrations they've become cut off from the people they're supposed to be helping.
The problem with news is that the quality is crap. It's biased, the headlines are misleading, and there's often no research done ahead of time. Nothing of value will be lost there. But good journalism, research, unbiased headlines... they're getting screwed too. And that makes me sad, because the news is essential for the proper functioning of a democratic society. If we don't know what's going on, if we don't have people willing to get in there to get the full story, not just the press releases... we're screwed.
Lesson 2: If a deal involves putting all your eggs in one basket, you should assume that the basket is faulty, and that everyone knows it but you.
Lesson 3: If you're a first time entrepreneur, and you've managed to become successful and now want to maintain that by going to reputable industry leaders for advice and support, you're gonna get raped. They don't want more successful people; it cuts into the profit margin of those who already are.
You should research how covert channels work, before you pretend to know about it.
I know how covert channels worked. I have done work for the government where they were used. Communication between two devices sharing the same physical medium can be covert. Transmitting data over links that have been secured by a third party that doesn't have your channel-enabling technology will not. It's digital. It encodes and decodes, and forwards, based on what it can read. If the device can't see it, it cannot forward it. So compromise every device in the network, but if your device at the contact point to the outside work hasn't been, your covert channel does you exactly dick.
Communication protocols have lots of fields that the sender can initialize however it please. Some of those fields are specifically supposed to be random. No amount of inspecting such packets can reveal if the bits are actually random.
Yes, and most of those fields can be zeroed or hard-coded by your border router, eliminating said 'randomness'. Everything about the packet's header can be rewritten dynamically in an IP-based network (which is what most telecom equipment is). In fact, when setting up secured communication facilities, the default configuration strips most of this data out or rewrites it so that it is consistent to prevent such sidechannel attacks. It's standard operating procedure. The only thing you can't modify in a packet without causing problems is the payload (if it's encrypted). If it's not encrypted, then you can diddle the bits all you want. Take voice codecs; the LSB is often targetted for stego attack, but it's just as easily defeated by randomizing that data. The original payload goes through... your 'covert channel' is overwritten with noise.
Look, I know you've read a few wiki pages on this, and you'd like to think you're an expert, but you're not. You haven't been paid to do this kind of testing, and had it vetted by a team of people who's job depends on making sure it was done right. I have. If you do it right, there's no way for covert communication to leave your network. Now if you're allowing 3rd party traffic through, and it's encrypted (like a VPN), then it's no longer a covert channel. If a channel can be modified in situ undetected, then you have bigger problems.
This isn't a question of whether or not it can be secured. It's a question of whether or not it's cost-effective. And yes, a lot of times, amateurs like yourself can be tapped to setup such equipment, and it'll work well enough for its intended purpose, but it can also provide exactly the channels you're describing. But if it's designed by a professional, then no. You can put a thousand compromised devices on a network I've setup. Not a one of them will go undetected once activated.
No need to look at thousands of ICs. Looking at a few of the most interesting targets is still going to be valuable.
Analyzing only the elephant's trunk tells us very little about the elephant.
I know one person who using just off the shelf equipment was able to read the ROM from a microcontroller in his sparetime. All it took was a cheap microscope and a webcam.
So a cheap microscope and a webcam is capable of resolution down to 18 nanometers, and can see through multiple layers of silicon etchings. How come everyone isn't doing it then? Oh right: Because a cheap ROM tacked onto a low power microcontroller is a very different beast from a modern SOC chip.
You don't need to compromise the entire chain. You just need to piggyback on a legitimate communication for hops between compromised equipment.
You just failed basic network engineering. The packets have to leave the network somewhere. If you don't control that border router, then even if everything else is compromised, the data can't leave undetected.
A compromised router anywhere on the path the VPN connection takes could pick out the data.
Most telecommunications equipment doesn't talk to the public internet or access the public internet; Those access points are carefully controlled at what are called Network Access Points, or NAPs. Most of the telecommunications network is controlled only by the company. Just because you hook something up to the internet doesn't mean it borgifies and cross-connects every node on your network. Again, engineering fail.
Sending data from the router without risk of being noticed is slightly more tricky.
By slightly, you mean impossibly more tricky if the router isn't compromised.
Bottom line here is, it's a digital communications medium. The bit is either there, or it isn't there. You can't hide that fact if you have properly setup your equipment and laid out your network with that in mind.
We even have the power to shutdown foreign companies like Megaupload w/o needing to prove they did anything wrong. But we're the "good" guys. So that makes it okay. After all we only killed 300,000 people this last decade, versus China who killed..... ummm..... wait there's something wrong with my theorem.
Yeah. We own up to the people we kill. We rationalize their deaths, minimize them, call them collateral damage, but we do say "Yup. That was our bomb." The Chinese are not so transparent: There is no way to know how many die in their country each year. And yes, we can shutdown foreign companies, but that's because foreign companies were stupid enough to put their assets in this country to begin with. There's plenty of other countries and businesses to choose from that don't feel the laws of their country extend worldwide. And other sovereign powers are starting to notice the US' aggressive use of extradition treaties. The UK won't extradite anyone facing charges in Minnesota, for example, due to laws about indefinite detainment (which is against their human rights policy) -- in fact, that may well be EU law as well, meaning that in cases where indefinite detainment is sought, they won't extradite. Several EU countries also won't extradite anyone to Texas due to their love of the death penalty (also against human rights legislation). The list continues to grow daily of treaty obligations other countries will no longer honor because of our broken judiciary.
It's a slow process... but feather by feather, the goose is plucked.
Emphasis added on the word potential. Now where's the proof (preferably from a chip teardown by a reputable hardware hacker or hacking group)?
There won't be any. Anyone with the capability of analyzing and reverse-engineering thousands of ICs would need deep pockets -- Either a large corporation or a government. A hacking group won't have the resources, even a well-funded one. You're talking about several hundred highly trained engineers from a dozen different disciplines working for years on the project, with no return on investment. There's no reason for a large corporation to conduct such business domestically -- they already have comparable products, and the Chinese equipment doesn't have any capabilities that aren't commonly available elsewhere. That leaves governments with a GDP in excess of a hundred billion USD per year. Short list. Said governments wouldn't disclose the results of such a search either, as it's a legitimate intelligence asset that would need to remain classified -- you don't want your enemy to know what you know, especially not before you come up with a way to defend against the attack or co-opt the infrastructure for your own purposes.
Second, forensically analyzing tens of thousands of chips and microprocessors would be pointless anyway: There still has to be some method of communicating the information back, and they can't compromise the entire communications chain, which is what would be required. Telecommunications equipment is designed to be evesdropping-friendly; Complete with port mirroring, trace and audit logs, selective forwarding based on rules... it's all standard. We're not even talking about the law enforcement black boxes, this is just stuff used for legitimate business purposes. The moment any such 'bug' went active, it would set off alarms -- by necessity, the communications would have to occur over the provider's own network. Unless their network admins are idiots they should notice the abberant traffic.
China would have to be very stupid to leverage such an intelligence asset for peanuts; It's basically a one-shot, and it would cost them billions in telecommunications contracts domestically. So if they do have such a capability, they're not going to use it until the value of the intelligence they would gain from it equals or exceeds that amount.
So there's two arguments right there based just on the economics of the situation. I strongly suspect that this unnamed pentagon analyst is being paid to spread disinformation. Such disinformation would serve the purpose of keeping the american public sucking the tit of the Department of Homeland Security's fear juice, and exaggerating our actual intelligence capabilities -- rather than waste hundreds of millions on a reverse engineering project that could never be made public, we'll just insinuate that "We know. We're on to you," and rattle our sabre a little. Maybe it deters them, maybe it forces them to expend resources to find out whether we're telling the truth or not, but it costs us nothing to make such a statement.
This "former pentagon analyst"... Did he have access to intelligence reports of this nature? If so, and he's disclosing this now, I'm assuming the relevant documentation would be available via a Freedom of Information Act request? Since disclosing classified intelligence would be an act of treason, you know.
Just out of curiousity, this "former pentagon analyst" wouldn't happen to be employed with a defense firm now that would stand to profit from any products the company offers to combat this threat, would it? As many a scientist has uttered before, "Extraordinary claims require extraordinary proof." That doesn't change because we're discussing a matter of national security: You still have to put up, or shut up.
The cellular network has to know where you are to route calls to you.
Not anymore than it's necessary to know where your TV station's broadcast tower is to receive programming content. It has to know which cell tower(s) your phone can communicate with. Pinpointing someone's location to within a few feet or meters is not necessary to perform the primary function of the phone; Locating a handset to within a narrow geographic footprint is an ancilliary function, and there is no reason for a carrier to maintain logs on a handset's location, travel speed, elevation, etc., except when playing a call to emergency services, in which case that information would only need to be available during the call, and perhaps for a limited time after to assist law enforcement in responding to the call out.
If laws were passed banning the use of such information for any purposes other than network diagnostics (knowing that a lot of calls get dropped along a certain street, etc.), or for law enforcement, there would be no discernable degregation in service for the average cell phone user.
Problem: Private corporations selling our private data in order to sell us more useless shit, tracking our every move, and engaging in behavior that, if it were done in real life, would have them serving 380 million consecutive sentences for stalking.
Solution: Make it illegal, or begin carpet bombing the offending corporations... and out of the ashes will rise a new government-controlled cellular network. It'll probably cost more, do less, and it'll still track everything you do... but at least they won't try to sell you 2 for 1 deals on toilet paper.
... Or, you know, we could just tell the FCC to fuck itself and build our own networks ala pirate radio... The airwaves are, afterall, a shared public resource. If it's being mismanaged, take it back. -- Abraham Lincoln.
Yes and no. If the original vaccinations are the vector for the new virus, then, yes, the vaccinations are part of the problem.
That would mean the vaccinations are contaminated. That's a problem with the manufacturing process-- that's not an argument against the treatment's effectiveness and benefit.
Slashdot Mirror
I'm always happy for research done to improve mobility and functioning for disabled people. Not enough is done to help those who are vision, mobility, or hearing impaired. That said... be really careful out there. There's way too many people who are scared by anyone who looks different. Steve Mann was recently attacked for having a digital eye prothetic by employees of a McDonald's. There didn't appear to be any motive for the assault other than a fear of his prothetics. His family was with him at the time.
I've heard similar reports of people being attacked who have brain implants to deliver electrical stimulation due to epilepsy, depression, etc. If it's visible, sooner or later some stupid neanderthal bastard's going to attack you for it. I personally think it should be a hate crime to attack a disabled (or 'augmented') person... but it's still more science fiction than science fact to our legislators to consider, I think.
If they were smart they would be dating guys who accept them (or want them) for who they are.
Every relationship is a negotiation, and over time, some of us smart girls have learned that it's easier to get the lion's share of what we want if we downplay certain things, at least at first.
Assuming your platform will "win big with programmers" is silly. Programmers will work with whatever you give them, and combine it with whatever they know. And no two programmers will have the same approach. Thinking you know what programmers want is like believing you know what women want. As if every woman (like every programmer) would be a cookie cutter copy of the other.
There are only a select few things I've found that programmers esteem and have in common, and it all has very little to do with programming per-se. They are patient. They often have the ability to hyper-focus for hours or (in extreme cases) days on a specific problem, going without food, water, sleep, social contact... in fact, interrupting them may get something chucked at your head. Prolonged and intense programming over a period of days or weeks can result in epic logic failures in their daily life -- "Hey hun, can you go to the store and if they have bread, pick up some eggs?" Programmer comes home with just eggs. They can and sometimes do become obsessed with details of a project (not just computer projects... ANY kind of project) and totally lose track of everything else; time, space, the fact that the house around them is on fire, that the girlfriend (cough, hi) is threatening to bean them if they don't come to bed and cuddle them, etc. Programmers are also endlessly fascinated with a difficult to define quality I call "Niftiness". If something is nifty, they will be drawn to it like a moth to fire. However, what is nifty to one is completely mundane to another... and "Niftiness" is a time-sensitive thing... it degrades rapidly with time.
You'll note that nowhere in there did I mention anything resembling a computer, or anything about programming itself. Programming attracts a particular kind of person; It is not the result of a particular way of doing something.
All the other posts here were either self-serving, or missed the point with an epic 'whoosh' noise. I won't be replying to them. You, however, seem to have thought about it rather than just re-arranged your prejudices and called that thinking.
First, yes, I am mostly interested in women, but not because I'm gay per-se. I'm actually bi, I just have had such terrible luck with men that I've largely given up finding one. But it's easier to identify myself as gay so they stop trying to put forth arguments about how I really want their cock when I don't -- again, self-serving male ego.
Basically, any time you go against a social norm, you're going to lose a measure of privilege. It's maybe not obvious to the person, or to observers, but the farther you push towards the fringe, the less tolerance and understanding people have. That translates to fewer opportunities, whether they're romantic, economic, etc. It's a rare lesbian indeed that makes good money; I'll leave you to figure out why. Amongst same-gendered company, it doesn't happen -- there's no stereotype threat. There's no expected social role. Amongst members of the same tribe, social clique, etc., there's no need for rule conformity -- no need to prove anything. But add men to the mix and it becomes a very different game. There are conversational dynamics that aren't present in mixed-gender company; Nobody is honest, not men, not women, because of stereotype threat. Of course, as the 7 posts other than yours underscored -- men simply aren't aware of complex social dynamics like that. They tend to think in very straight-forward terms... what they don't see, doesn't exist. Men also tend to have a smaller set of social identities than women -- a man at work and a man at home still has approximately the same personality and disposition. I know plenty of women that aren't anything like they are at work outside of it. Again, social expectations.
As to whether I'd continue to lie to my partner, no. And it's not lying, it's understating. I'm not going to geek-out on a first date, or even a third. That's something you discover later on... which is how most people work in relationships. There's some things you put forward right away, and there's other things you hold back. Men do it too: Take the single guy who's out excercising and riding up to women on his bike. They're putting forward what they think will attract a woman. Will he still be excercising and riding a bike a year into the relationship? Much less likely. Frankly, "be yourself" is about the worst advice you can give someone. Not everyone who listens wants to be your friend, not everyone who appears happy actually is. We engage in a hundred social lies a day... everyone has their 'shields' up when they're in public. You don't really meet the person the first time you talk to them -- you meet their representative. Social roles and expectations have a pervasive impact on how people behave, and they're often unaware of that impact because it's been internalized. You have to learn ways to get 'off script' with someone -- maybe it's a d20 left on the table, or a guy who has a Terry Pratchett book on the shelf. People don't just come out and say what all their social identities are... but they're also hard to avoid leaving clues about. Clues that other members of those social identities will recognize. GLBT people have tons of little tells for each other, resulting in so-called 'gaydar'. But it's hardly mysterious; Every social group that deals with negative stereotyping develops ways to signal their inclusion in the group in a way only group members can identify.
It's all such a terribly obvious thing to say... but most men just don't get it. To use a programming analogy... women frequently change contexts and 'woman' is just a base class. But you would never know, since the base class has no public functions to interact with; Everything you see is derived.
Also, I know a lot of openly gay hackers, so I find the title of the article dumb for that reason as well.
Yeah. Hi. The only reason I've stayed on with IT is because I am gay. Going into science and technology fields has the same effect on society's perception of a woman's femininity as going into fashion design does for men. Imagine Chuck Norris in fashion design. It hurts, doesn't it? Most of us women in IT go to some lengths to avoid disclosing it in casual gatherings. It's often the "great reveal" in a relationship... Most men are intimidated by smart women, and so most women who are smart try to conceal it.
First, implying that this is only a problem for men is stupid. Women without responsibilities get into trouble too, often with consequences far beyond simple criminal mischief. Secondly, getting saddled with a relationshp does decrease the tendancy towards crime -- but then so does getting a car, a job, a house, etc. It'd be more accurate to say that criminals commit crime because they have less to lose.
That's a terribly obvious thing to say, and it also provides no insight into what to do to achieve it. Should we institute arranged marriages? A chicken in every pot, and a car in every garage? Should we force employers to hire people with a criminal record? Please, do tell. I'm all ears.
The US is one of the very few countries to get a stable democracy out of a revolution. That's not what usually happens.
We're not a democracy. We're a representative federated republic. Also, it doesn't always end with a Stalin or a Castro: Sometimes it ends with a Ghandi or a Mandela too. Revolution provides the impetus for change; That is true. However, implying that this change is always in one direction is not. The outcome of a revolution is unpredictable. Sometimes you get something better, sometimes worse... the only constant is that it's different than before.
Randomization doesn't make the attack impossible; It simply reduces the number of times it works to some fraction of the original. It's like using a salt on a crypto function: It increases the number of times the attack needs to be performed before it'll work. Although the locations in memory are random, there have to be API calls and such to pull those locations. If your bootstrap code calls those APIs... eventually it'll hit the right offset and your code will run in its entirety, you'll get the locations you need, and the payload can be delivered.
This is security through obscurity; It is not going to stop the attack, it'll just mean they need to do it N times before it's more likely than not to complete.
When you're writing malware, you don't have to get 100% of your target... 5% is valuable too. Or even 1%.
"Diabetes is caused by a buildup of glucose in the blood, which can lead to heart disease, stroke, kidney failure and blindness." Wrong! the buildup of glucose in the blood is a symptom of diabetes, not the cause.
It's not an inaccurate statement. Clinically, abnormally high glucose levels after fasting is diagnostic for the disease. Although, like all things in biology, it's not the root cause; High glucose levels are due to insulin resistance. Insulin resistance is not fully understood but it is is often found in patients who are obese. This is why diabetes is referred to as a syndrome. There are many potential causes, and it varies from patient to patient. Obesity is the most common medical condition found co-existing (comorbid) with diabetes.
So just because the author didn't describe the full pathology of the disease, that doesn't make him wrong. If you have high glucose levels, you (very likely) have diabetes. In layman's terms, that's the cause.
Just commenting to undo a bad mod. Pity about the good mods, but dems da breaks.
You need to stop doing that. Here on slashdot we have +1, Insightful (I agree with your political statement), -1, Flamebait (You said something bad about [religion]... Die Heathen!), +1, Funny (You said something obvious, but in a novel way), +1 Underrated (A lot of people are going to downmod you for this in meta, but I love you in secret), and -1, Overrated (I'm too cowardly to delurk and tell you why I disagree).
Your post clearly indicates you are unaware of this and are attempting to moderate based on a novel concept known as 'merit'. I hope they mod you into oblivion, you community-destroying monster! You corrupt everything /. moderation is about. It's a debasement of our esteemed institution of knee-jerk moderation. :)
P.S. Thanks.
You, sir, have very low expectations for the noble profession of pseudo-science. I both demand and expect a whole lot more from my committees of space pseudo-scientists
My expectations are merely average; I expect anyone who calls themselves a scientist to, from time to time, actually use the scientific method. That means experiments. Lab work. Testing. Peer review. The IAU has done none of those things -- many people in and out of the scientific community denounced their arbitrary definition of a planet to exclude Pluto. They rode ahead anyway (peer review? screw that). The people on the committee aren't active in doing anything that could be considered experimentation or observation with an eye towards scientific understanding... in other words, they're posers.
They're bureaucrats... and it shows. Darwin, Dmitri Mendeleev, Copernicus -- lots of scientists have made lasting contributions to how to classify and organize things that were useful, practical, and followed natural laws. The IAU's proclimations are arbitrary, often useless, and change frequently. They ought to be loaded into a cannon and fired into the next passing asteroid... at least then we could watch the impact and say they finally contributed something useful to the field.
I'm sorry David, I cannot allow you to pass that car.
Okay, that's funny, but this is more serious: "I'm sorry officer, I didn't cause that accident -- the car's controls stopped responding." Robotics are fine and dandy, we already have airplanes that can fly themselves, but those controls can be disabled or overridden in an emergency, because a computer's decisions are only as good as its programming.
Maybe the car in front of you cuts you off... and so it applies the brakes hard to avoid the collision. It doesn't see your friend's car that you're towing with just a tow rope. Crunch. Or how about this one: It's 3 am tuesday morning. You're the designated driver for a friend that's had way too much to drink because his wife just left him. You're a mile from a hospital when your passenger starts showing signs of cardiac arrest caused by alcohol poisoning. The speed limit is only 30 MPH. You try and floor it, but the car's engine keeps cutting out, saying you're travelling at an unsafe speed. Four minutes later, you make it to the ER lot, but not before you have to crawl there at 15 MPH because of the posted signs along the hospital's main entrance. It takes another three minutes before paramedics can get to your friend and start recussitation efforts. After 8 minutes without oxygen to the brain, your friend is permanently brain damaged. You could have made it to the hospital in half that time, saving your friend from a life of permanent disability. But the computer wouldn't let you. Or here's another one: You're in a bad neighborhood, driving a fancy state of the art semi-autonomous vehicle. It looks like a million bucks. Two guys in the car in front of you think the same thing and decide to pull out guns and try to car jack you. You're in traffic and there's no option to reverse as cars are behind you. Your only option is to break to the right lane and accelerate out of the kill zone... but the car detects an obstacle (the gunman) in your path, and applies the brakes. He takes aim. You keep pumping the accelerator, but nothing happens. Seconds later, rounds come through the windshield. You're dead.
Technologies like this are fine for everyday use, but in an emergency, they need to be able to be fully disabled. If they can't be, then the manufacturer needs to accept full legal liability for situations like those mentioned above.
Astronomical knowledge is evolving quite a bit faster than the rest of the library. I'm not necessarily saying that any IAU decisions are correct but I don't see anything fundamentally wrong with recategorizing. Isn't it that a hallmark of the intelligent?
No. I can write a computer algorithm to sort something; that doesn't make it intelligent. Anyone can make something more complicated -- true genius is making things simpler.
Why do you call the committee members pseudo-scientists? I'm rather sure everyone has a PhD in astronomy/astrophysics. (I'm technically an IAU member, although I've had little involvement with it.)
They don't experiment. They don't work in a lab. They may be involved in the scientific community, but they're not doing any scientific work per-se. They're bureaucrats with training in science.
The IAU has been trying to redefine things in bulk, and then growing discontent with those definitions and changing them yet again. It's a far cry from the organization's original role: Cataloging astronomical objects. To put it in perspective, they're like a librarian that changes the layout of the indexing system weekly. They don't actually move the books around, but they rename the aisles, recategorize things, and generally make a massive mess of it all.
But then, I'd expect nothing less from a committee of pseudo-scientists; They're so engrossed with their own administrations they've become cut off from the people they're supposed to be helping.
The problem with news is that the quality is crap. It's biased, the headlines are misleading, and there's often no research done ahead of time. Nothing of value will be lost there. But good journalism, research, unbiased headlines... they're getting screwed too. And that makes me sad, because the news is essential for the proper functioning of a democratic society. If we don't know what's going on, if we don't have people willing to get in there to get the full story, not just the press releases... we're screwed.
Lesson 2: If a deal involves putting all your eggs in one basket, you should assume that the basket is faulty, and that everyone knows it but you.
Lesson 3: If you're a first time entrepreneur, and you've managed to become successful and now want to maintain that by going to reputable industry leaders for advice and support, you're gonna get raped. They don't want more successful people; it cuts into the profit margin of those who already are.
You should research how covert channels work, before you pretend to know about it.
I know how covert channels worked. I have done work for the government where they were used. Communication between two devices sharing the same physical medium can be covert. Transmitting data over links that have been secured by a third party that doesn't have your channel-enabling technology will not. It's digital. It encodes and decodes, and forwards, based on what it can read. If the device can't see it, it cannot forward it. So compromise every device in the network, but if your device at the contact point to the outside work hasn't been, your covert channel does you exactly dick.
Communication protocols have lots of fields that the sender can initialize however it please. Some of those fields are specifically supposed to be random. No amount of inspecting such packets can reveal if the bits are actually random.
Yes, and most of those fields can be zeroed or hard-coded by your border router, eliminating said 'randomness'. Everything about the packet's header can be rewritten dynamically in an IP-based network (which is what most telecom equipment is). In fact, when setting up secured communication facilities, the default configuration strips most of this data out or rewrites it so that it is consistent to prevent such sidechannel attacks. It's standard operating procedure. The only thing you can't modify in a packet without causing problems is the payload (if it's encrypted). If it's not encrypted, then you can diddle the bits all you want. Take voice codecs; the LSB is often targetted for stego attack, but it's just as easily defeated by randomizing that data. The original payload goes through... your 'covert channel' is overwritten with noise.
Look, I know you've read a few wiki pages on this, and you'd like to think you're an expert, but you're not. You haven't been paid to do this kind of testing, and had it vetted by a team of people who's job depends on making sure it was done right. I have. If you do it right, there's no way for covert communication to leave your network. Now if you're allowing 3rd party traffic through, and it's encrypted (like a VPN), then it's no longer a covert channel. If a channel can be modified in situ undetected, then you have bigger problems.
This isn't a question of whether or not it can be secured. It's a question of whether or not it's cost-effective. And yes, a lot of times, amateurs like yourself can be tapped to setup such equipment, and it'll work well enough for its intended purpose, but it can also provide exactly the channels you're describing. But if it's designed by a professional, then no. You can put a thousand compromised devices on a network I've setup. Not a one of them will go undetected once activated.
No need to look at thousands of ICs. Looking at a few of the most interesting targets is still going to be valuable.
Analyzing only the elephant's trunk tells us very little about the elephant.
I know one person who using just off the shelf equipment was able to read the ROM from a microcontroller in his sparetime. All it took was a cheap microscope and a webcam.
So a cheap microscope and a webcam is capable of resolution down to 18 nanometers, and can see through multiple layers of silicon etchings. How come everyone isn't doing it then? Oh right: Because a cheap ROM tacked onto a low power microcontroller is a very different beast from a modern SOC chip.
You don't need to compromise the entire chain. You just need to piggyback on a legitimate communication for hops between compromised equipment.
You just failed basic network engineering. The packets have to leave the network somewhere. If you don't control that border router, then even if everything else is compromised, the data can't leave undetected.
A compromised router anywhere on the path the VPN connection takes could pick out the data.
Most telecommunications equipment doesn't talk to the public internet or access the public internet; Those access points are carefully controlled at what are called Network Access Points, or NAPs. Most of the telecommunications network is controlled only by the company. Just because you hook something up to the internet doesn't mean it borgifies and cross-connects every node on your network. Again, engineering fail.
Sending data from the router without risk of being noticed is slightly more tricky.
By slightly, you mean impossibly more tricky if the router isn't compromised.
Bottom line here is, it's a digital communications medium. The bit is either there, or it isn't there. You can't hide that fact if you have properly setup your equipment and laid out your network with that in mind.
We even have the power to shutdown foreign companies like Megaupload w/o needing to prove they did anything wrong. But we're the "good" guys. So that makes it okay. After all we only killed 300,000 people this last decade, versus China who killed..... ummm..... wait there's something wrong with my theorem.
Yeah. We own up to the people we kill. We rationalize their deaths, minimize them, call them collateral damage, but we do say "Yup. That was our bomb." The Chinese are not so transparent: There is no way to know how many die in their country each year. And yes, we can shutdown foreign companies, but that's because foreign companies were stupid enough to put their assets in this country to begin with. There's plenty of other countries and businesses to choose from that don't feel the laws of their country extend worldwide. And other sovereign powers are starting to notice the US' aggressive use of extradition treaties. The UK won't extradite anyone facing charges in Minnesota, for example, due to laws about indefinite detainment (which is against their human rights policy) -- in fact, that may well be EU law as well, meaning that in cases where indefinite detainment is sought, they won't extradite. Several EU countries also won't extradite anyone to Texas due to their love of the death penalty (also against human rights legislation). The list continues to grow daily of treaty obligations other countries will no longer honor because of our broken judiciary.
It's a slow process... but feather by feather, the goose is plucked.
Emphasis added on the word potential. Now where's the proof (preferably from a chip teardown by a reputable hardware hacker or hacking group)?
There won't be any. Anyone with the capability of analyzing and reverse-engineering thousands of ICs would need deep pockets -- Either a large corporation or a government. A hacking group won't have the resources, even a well-funded one. You're talking about several hundred highly trained engineers from a dozen different disciplines working for years on the project, with no return on investment. There's no reason for a large corporation to conduct such business domestically -- they already have comparable products, and the Chinese equipment doesn't have any capabilities that aren't commonly available elsewhere. That leaves governments with a GDP in excess of a hundred billion USD per year. Short list. Said governments wouldn't disclose the results of such a search either, as it's a legitimate intelligence asset that would need to remain classified -- you don't want your enemy to know what you know, especially not before you come up with a way to defend against the attack or co-opt the infrastructure for your own purposes.
Second, forensically analyzing tens of thousands of chips and microprocessors would be pointless anyway: There still has to be some method of communicating the information back, and they can't compromise the entire communications chain, which is what would be required. Telecommunications equipment is designed to be evesdropping-friendly; Complete with port mirroring, trace and audit logs, selective forwarding based on rules... it's all standard. We're not even talking about the law enforcement black boxes, this is just stuff used for legitimate business purposes. The moment any such 'bug' went active, it would set off alarms -- by necessity, the communications would have to occur over the provider's own network. Unless their network admins are idiots they should notice the abberant traffic.
China would have to be very stupid to leverage such an intelligence asset for peanuts; It's basically a one-shot, and it would cost them billions in telecommunications contracts domestically. So if they do have such a capability, they're not going to use it until the value of the intelligence they would gain from it equals or exceeds that amount.
So there's two arguments right there based just on the economics of the situation. I strongly suspect that this unnamed pentagon analyst is being paid to spread disinformation. Such disinformation would serve the purpose of keeping the american public sucking the tit of the Department of Homeland Security's fear juice, and exaggerating our actual intelligence capabilities -- rather than waste hundreds of millions on a reverse engineering project that could never be made public, we'll just insinuate that "We know. We're on to you," and rattle our sabre a little. Maybe it deters them, maybe it forces them to expend resources to find out whether we're telling the truth or not, but it costs us nothing to make such a statement.
This "former pentagon analyst"... Did he have access to intelligence reports of this nature? If so, and he's disclosing this now, I'm assuming the relevant documentation would be available via a Freedom of Information Act request? Since disclosing classified intelligence would be an act of treason, you know.
Just out of curiousity, this "former pentagon analyst" wouldn't happen to be employed with a defense firm now that would stand to profit from any products the company offers to combat this threat, would it? As many a scientist has uttered before, "Extraordinary claims require extraordinary proof." That doesn't change because we're discussing a matter of national security: You still have to put up, or shut up.
The cellular network has to know where you are to route calls to you.
Not anymore than it's necessary to know where your TV station's broadcast tower is to receive programming content. It has to know which cell tower(s) your phone can communicate with. Pinpointing someone's location to within a few feet or meters is not necessary to perform the primary function of the phone; Locating a handset to within a narrow geographic footprint is an ancilliary function, and there is no reason for a carrier to maintain logs on a handset's location, travel speed, elevation, etc., except when playing a call to emergency services, in which case that information would only need to be available during the call, and perhaps for a limited time after to assist law enforcement in responding to the call out.
If laws were passed banning the use of such information for any purposes other than network diagnostics (knowing that a lot of calls get dropped along a certain street, etc.), or for law enforcement, there would be no discernable degregation in service for the average cell phone user.
Problem: Private corporations selling our private data in order to sell us more useless shit, tracking our every move, and engaging in behavior that, if it were done in real life, would have them serving 380 million consecutive sentences for stalking.
Solution: Make it illegal, or begin carpet bombing the offending corporations... and out of the ashes will rise a new government-controlled cellular network. It'll probably cost more, do less, and it'll still track everything you do... but at least they won't try to sell you 2 for 1 deals on toilet paper.
... Or, you know, we could just tell the FCC to fuck itself and build our own networks ala pirate radio... The airwaves are, afterall, a shared public resource. If it's being mismanaged, take it back. -- Abraham Lincoln.
Yes and no. If the original vaccinations are the vector for the new virus, then, yes, the vaccinations are part of the problem.
That would mean the vaccinations are contaminated. That's a problem with the manufacturing process-- that's not an argument against the treatment's effectiveness and benefit.