Once established, the tool chain does not change; therefore, the introduction of malicious code is not possible
What I am saying - sorry I didn't say in the earlier post but I did say elsewhere in this monster thread - is that OSS is evolving very fast. Try for example to compile a current kernel with GCC from two years back. Or any big new project with an old-toolchain.
Either (a) the vendor has to fork a project (and thereby loses most of the benefit of having it be open source since they have to maintain and backport new features/fixes or (b) or they have to evolve with the toolchain/system and get certified along the way at every point. Either way its added expense and time that closed-vendors dont have to worry about.
all the statements you have made apply to proprietary vendors as well.
That is false. That's the basis of these vendors. There products already are considered in many cases "trusted" by various agencies (there are different standards at different departments). If you are a contractor making a bid, you can start with their platform and toolchain and skip much of the hassle.
Part of what Green Hills (which I've worked with products, generally not that good) and competitors provide is a "trusted starting point".
Design a test system that detects a high-precision (80 digits or more, let's say) variable degrading over the course of an unknown number of hours of continuous use. That's what you'd be up against.
You can't test for every case. If someone can estimate your test cases, they can estimate a way around them.
if the military wanted
This is where you are wrong. The military isn't a software company. The military is an organization designed to break things/people.
What the military does do is work with civilian contractors. That's where the decision will be made.
The problem is that Linux as a platform isn't very stable. The short-term will see a big spike in Linux usuage, if you ask me. And's that fine. But over the long-run (5-10 years, or more) it's unclear whether or not it's going to work out. I am not saying crashes, I mean, from a code standpoint, it's very rapidly evolving.
Which is good for users. But not so good when your goal is stable, low-maintenance platform. For example, try to compile the latest sources for any typical linux library with an old version of GCC. Of an old version of any dependent library.
It will very likely give you trouble. The commerical adtantage to closed-systems is that they can control every bit and byte of code that runs on that machine. And doing so allows them to control the pace of evolution, something that a single company/contractor cannot do with Linux.
At some point they will have to fork development to slow progress. And at that point, they really don't have much of an advantage over closed-systems.
I can imagine dozens of ways to break test cases. Like a slowly degrading precision value.. during testing it would show fine.. on the battlefield after a few days the precision would begin to drift.. drift... and drift.. it would be very hard to test for it. It would pass verification and testing without fail everytime. But after 36-48 hours of heavy real-life usuage, it would be effectively useless. Design a test system that would catch this (I'll give you more than two-words)
Peer review. I imagine Linus, Alan, Andrew, Ingo, Tigran, et. al., are more capable of:
Except that Linus himself has said that the sheer volume of patches coming into the kernel means he barely scans the patches before accepting them. It's very difficult to tell what minor changes a small fix will have. Just ask people who have to debug problems in the kernel. It's not fun/easy/simple.
Also, we are not just talking about the "brand name" projects. We are talking about the unsexy, not-front-page projects. The things at risk are the ones without thousands of eyes looking at it. It's the ones with just dozens, or a handful of eyes, looking at it. Projects that make up stuff in the buildchain. Projects like filesystem drivers. Projects like device drivers. Compilers. Linkers. All of them would have to be validated and audited, for each change, for each version, on each platform. A malicious patch anywhere along the way can lead to a trojan. Even code that otherwise looks good could be poisoned. A single unchecked buffer. A single small simple looking error - big consequences.
the government trust them over a different group of developers?
I've worked for government projects on a lower-level of security/oversight than the DoD. Here are some reasons.
1. Background checks. Not just instant ones, ones overseen by an actual person at the DOJ.
2. Penalty of Law. Programming logs and notes are kept to incredible detail. Every scrap of source is accounted for. If someone intentionally threw some nasties in it, well, it wouldn't take long for you to be in jail.
3. Financial motivation. Bad software/buggy software/trojan'd software will lead to cancelled contracts. That's bad for the contractor. It also leads to strict internal guidelines and procedures. Especially in companies where 100% of the company business is Defense contracting.
4. Trusted base. Most/many of the projects are based on trusted platforms or semi-trusted platforms. If you only have to review the changes to an exisiting system it is much more appealing than starting from scratch.
Again, I am not saying that OSS should or shouldn't be used for certain projects. Just that it's not a no-brainer one way or the other.
I think it'd be tricky
It would be possible though to engineer a specific set of cases so that a less-than highly used library would produce certain results for only a single user (or a small handful of users). It could be so crafty as well. I can imagine setting things up so that when a certain "bug" I introduce is fixed the real behaviour I wanted becomes apparent. How could you prove I set out to intentionally make that error?
Fred, why does line 314 do a bit shift without checking the foobar?" And then the patch would be rejected.
You and I know however that over time maintainers become more and more trusting of what a submitter gives them. How long would one need to invest to get the trust of a submitter? 3 months? 6 months? What if a person contributed weekly to a project a front-company for six months.. what level of scrutiny would that patch receive?
doubt any maintainer would accept such a patch. I don't accept patches for PMD without reading them, and if I got a 3K line patch I'd reject it out of hand.
How long would it take for a badly intentioned person to take over as a maintainer? A year, two years?
Is it possible that an unknown/untrsuted person could engineer a bit of code that would pass initial scrutiny but still be dangerous?
The answer to that is an unqualified yes, I believe. The auditors would have to audit every bit of the toolchain, the compiler and linker, and the rest of the system to be able successfully rely on the code audit.
You should be auditing the code of any product you're going to use in a sensitive enviroment anyway, wether it's closed or open source.
Absolutely. The point being however that's harder and you have more code to audit in the open source world. In the closed source/defense world, they rarely change things like compilers, build environments, etc. In the open source world it becomes difficult if you want to work with a compiler 6 years old, let alone 2 or 3 or 4 years old. As a test, get the latest glibc and compile it with a 3 year old copy of GCC.
I am not saying it's a definitive answer one way or another.. just that it's hard.
It's easy to retort GreenHills FUD by saying all changes will be baselined and a change control board will review any updates (easy enough huh).
Actually, not easy enough.
Can you honestly tell me that the government is going to hire a panel of people to check in in-depth source changes on OSS projects? People who are familiar enough that they can catch an exploit that may only take 3-4 lines of code to perform?
Let's say I knew that DoD used a certain package in gunnery firmware. Let's say a math library that would be used to make calculations to calibrate the weapon. How hard would it be to build in a small tiny bit of error that would only be useful in cases of calibration of high-tech weapons? If 3000 lines of dense mathematically rich C were checked in and a dozen lines acted in concert to create a miscalculation, how much expertise would be needed to catch that?
I think that having experts able to review each line of code checked in and put into production defeats the whole idea of using Open Source: at that point, you might as well just hire the experts to write the code in the first place and eliminate the vector all together.
on space programs, when so many of it's citizens are starving and dying in the streets
I defy you to find me three (3) cases in the last 10 years of an American starving to death.
IF you can find even one, I would be shocked. I would be even more shocked if that case of starvation wasn't from abuse/neglect.
The simple fact is that if there is any American who starves to death from poverty it is an absolute aberration.
But beyond a doubt, there aren't hordes of peoples, or thousands, or hundreds, or even dozens of people starving and dying on the streets as you suggest.
Recent technology previews of mozilla firefox and thunderbird, along with other web content software (shareware as well as open source) are much better in terms of performance than the existing stuff from the MS stable.
Exactly right. By the time LongHorn comes out, not a single person anywhere will be able to claim that MS has a monopoly on Desktop OS's. Already in terms of a legal argument it's pretty weak.
In 3-4 more years, the penetration of Linux will reach double digits, and MS will be free from any and all anti-trust regulation.
How does that fix the problem of said people having dozens of usernames/passwords on multiple websites?
Who said that's a problem again? Is there some popular outburst of anger about having multiple usernames/passwords that I am unaware of?
It is especially useless, since there is no code. No implementations. It's nothing. It's trying to solve a problem that doesn't exisit, and certainly doesn't warrant a 150-company comission.
...Single sign-on outside the corporate network (aka, the Internet at large) is a problem that doesn't need much solving..
..and both MS and Sun will fail at solving a problem that doesn't really need solving.
A better approach would be for either MS or Sun to develop multi-langauge, multi-platform products that will help web developers implement standard password requirements, username/password schemes, etc.
Forcing a lame implementation of bad technology isn't going to work.
You have very little real freedom left.
That is a vast overstatement. The freedoms that have been chipped away are on the fringe. It hasn't been a big deal because 99.99% of people haven't felt the tinest bit of difference.
With the DMCA
That's a joke to include in the list. This is a minor issue. It's not like having the DMCA has put us on par with North Korea.
surveilence cameras
Again, minor. In public places you have no expectation of privacy.
a state that locks people up without charges and detains them indefintely
Funny thing happened. The wheels of justice turned and that has been ruled a no-no.
media so powerful they won't even let you share your films with your own friends over the internet
That is false. What they try to prevent you from doing is sharing *thier* films over the Internet. Theirs != yours.
about all you have left is freedom of speech - and even that is in doubt
No, really, it's not.
Check your trousers, I think someone has pickpocketed your freedom while you were all busy buying the next big piece of crap that the marketeers have been selling you
No, actually not. Life has changed very little.
You *had* freedom, that's for sure, but it's been eroded over the last few decades. You need to act now if you want to preserve what you have left. Let's face it, you can't even show a bit of tit on your TV during the superbowl, just exactly what sort of freedom are you talking about?
Let's see here. You can show anything you want on TV. You cannot broadcast indecency over public airwaves. Big difference.
You pay $33k/year in *payroll* tax? Not income tax? I'm not familiar with your finances - could you clarify or confirm? There could certainly be a pariah industry singled out by the tax code for the reverse cashmir producer treatment, but it sounds odd.
Payroll tax is everything that the government takes out of your paycheck: Federal Income Tax, State Income Tax, Local Income Tax (yes, my city has an income tax!), FICA, Social Security, Unemployment insurance, etc. It is, excluding voluntary contributions, everything that is the difference between net pay and gross pay.
Poor people pay more tax as a proportion of income than the rich do.
I know, and it's shameful. However, two points. When you make little money, any amount of tax will be a big amount of your income. Sales tax, excise, use taxes - even small ones - will be a big percentage. Obviously when you make more that $5 use tax isn't so big, or that toll isn't so big.
If you read my original post, I am talking specifically about income tax. I agree that the myraid of other taxes we have should be better structured. It is my opinion that if you are in poverty or below the poverty line, you should pay zero taxes on essential things. No income taxes, no sales tax on non-crap (ie, clothes no tax, designer clothes, yes; healthy food no, beer and red bull, yes), no excise tax, etc. As that person rises out of poverty that taxes they must pay can be layered in one at a time.
Umm, I think that the number of people who would be getting back something like $1200 in your example would be far greater than the number of people getting back something like $18,750.
Of course. But 15 times more? That's a good question for staticians to answer, and one that's not too useful consider I just used example numbers.
I would also claim that having $1200 reduction in taxes for a person making $20,000 per year improves that person's standard of living more than a $18,750 reduction in taxes for a
That is in fact true. However, it is a hypothetical point since in real life people making 20,000 a year pay $0 in income tax, and end up getting a heft Earned Income Tax Credit in most cases.
When they feel that a certain increase in taxes on the rich decreases efficiency in a way that outweighs the gain in equity, then they won't support such increases
Thats provably false, and you know. Until Kennedy cut marginal tax rates, and then Reagan cut them again, income tax rates were confiscatory and there was no talk of equity. For example, in 1950 any income over $40,000 (a princely sum for those days, but equal to CEO pay today) you paid 50%. If you made $100,000 you paid 68%, if you made $400,000 you paid 84%.
The point of it all is that right, now taxes for the poor, lower income, and middle income are the lowest they've ever been. Check it out. If you made $4,000 in 1970 you paid 22.50% federal income tax. Inflation injusted, that is $16,500 dollars. What rate do people pay on that now? 15%, with a $4,850 standard deduction, (meaing that you only pay taxes on $12,000 of it).
Claiming that the poor, low, and middle class earners pay too much income tax is a joke.
I wonder how many high school students today even know we put a man on the moon...
I'd be willing to bet you a serious pile of money that at least 90% (if not 99%) of all high school students (randomly sampled, of course) would be able to properly answer the question: "True or false. Man has walked on the moon?".
As to the details.. that's different..
If you are willing to take me up on this bet, e-mail and we can set terms.
Re:Changed the view of the US?
on
Bobby Fischer Found
·
· Score: 2, Interesting
Following the news I've also continusouly heard about the continuing growth of the gap between the most wealthy and least, but I'm not sure if its real or just a statistical effect.
I am not so concerneda about the gap. Having wealth leads to more wealth - that's the nature of investment and interest. And as people have wealth and retain it, it will inevitably grow. I am fine with that.
The disparity would be concerning if the rest of the stake holders lost ground, but that is not happening based on the information you provided. The wealth of the "average" and median American continues to grow. It is growing more quickly for the wealthy thanks to compounding returns.
I think the income tax right now is almost just right.
COmpanies used to use child labor util we made laws about it. Companies used to work people round the clock until we made laws about it.
This is not generally true.
The labor laws that we have are designed to prevent outliers cases. Abominiations and whatnot.
For example, by the time the civil war in the United States rolled around, a large number of plantations had started or already completed rolling back slave labour. Why? It is expensive. By the late 1800's, a number of factories in my home state (Maine) had limited the average work day, instituted minimum working age, and improved safety conditions considerably before the trend of unionization took over.
Why?
Because in the end, businesses are all about the bottom line. In the short term, sending unprofitable things and expensive things offshore saves the bottom line. But in the long run it is bad for business: bad for consumers, bad for the image of the company, etc. We are in the early phases of the outsourcing IT cycle. Some companies will go over board, some will do nothing, some will go down the middle. The ones who go too far will be burned, the ones who do nothing will be burned, the ones who choose just right will win.
until we unite and make a law about it
Yeah, that's what we need! Yet another protectionist law!
Somehow I don't think a few more lines of law on top of the 110 million we already have are going to solve all of our problems...
Re:Changed the view of the US?
on
Bobby Fischer Found
·
· Score: 5, Insightful
Ok, IANAE (I am not an economist),
Imagine that. A person without economic background trying to tell policy makers what to do.
but from what I understand the "trickle down effect" just doesn't work the way people want it to.
There isn't any thing related to "trickle down" going. Behind the rhetoric is something called Supply-Side economics". It's a serious topic that academics and policy wonks debate.
Giving them even more isn't going to
It's not "giving" them more. It's adjusting everyone's rate equally. For example, if the top rate was 25%, another rate 16%, and the bottom rate 12%, a 50% tax cut would mean that rates were 12.5%, 8%, and 6%. A person making 20,000 year taxed at the bottom rate would go from paying 2400 to 1200, a savings of $1200. A person making 150,000 would go from paying $37,500 to $18,750. That means in political rhetoric terms "The rich were given 94% of the tax cut with the poor only getting 6%" is completely accurate.
big an impact as doing the same to a poorer person.
See, now, that is just silly. If you are trying to get capital back into the marketplace, would you rather send back $1200, or $18,750?
Secondly, the rich still only make up a small percentage of the world's
Yes, but what you don't realize is that the rich pay the VAST majority of income taxes. The top 50% of income earners pay 96% of all income taxes paid. (link).
And lastly, the money spent by a rich person doesn't really trickle down to the needy
Can you trace the history of a rich person from point a to the pocket of poor person b? Of course not. It's a complex system that takes *years* to fall into place. Again, it is way more complicated than I think you can grasp in this situation. Additionally though, it was claimed that the "rich" were going trickle down to the poor.
When they buy up-market products, the money will very quickly "leave" the local area since it's likely to be imported (no matter where they live).
Wrong. The total value of goods and services consumed in the US is 10.40 trillion for last year (link). The trade deficit totals about $200B (link) a year. That means we import more than export. Even if you figure the rich will tend to import more than your average person, it is not reasonable to assume that most of their spending will go overseas.
The money goes to some company, and executive pay is almost universally improportionate to the worker's pay.
This is a major issue: productivity and profitiability are way up, but so far wages are flat. This however has nothing to do with "trickle down". What does happen however is that employment increases. Which is what we have seen. So far this year it is estimated that 1.4 million jobs have been created (link). That is significant.
tax cut for the poor would have made a much better and longer lasting impact to many more people
Here is the little dirty secret that people who don't know what is going on don't realize. The poor in this country pay very, very, very little income tax. If you are literally poor, as in impoverished, you not only don't pay any income tax, you get a refund for taxes you never paid. Yes, that's right. It's an "Earned income tax credit". A tax refund for taxes you never paid (link).
People could pay off debts, get a better education, spend more time with the kids, start a small business, etc.
Slashdot Mirror
Once established, the tool chain does not change; therefore, the introduction of malicious code is not possible
What I am saying - sorry I didn't say in the earlier post but I did say elsewhere in this monster thread - is that OSS is evolving very fast. Try for example to compile a current kernel with GCC from two years back. Or any big new project with an old-toolchain.
Either (a) the vendor has to fork a project (and thereby loses most of the benefit of having it be open source since they have to maintain and backport new features/fixes or (b) or they have to evolve with the toolchain/system and get certified along the way at every point. Either way its added expense and time that closed-vendors dont have to worry about.
all the statements you have made apply to proprietary vendors as well.
That is false. That's the basis of these vendors. There products already are considered in many cases "trusted" by various agencies (there are different standards at different departments). If you are a contractor making a bid, you can start with their platform and toolchain and skip much of the hassle.
Part of what Green Hills (which I've worked with products, generally not that good) and competitors provide is a "trusted starting point".
Design a test system that detects a high-precision (80 digits or more, let's say) variable degrading over the course of an unknown number of hours of continuous use. That's what you'd be up against.
You can't test for every case. If someone can estimate your test cases, they can estimate a way around them.
if the military wanted This is where you are wrong. The military isn't a software company. The military is an organization designed to break things/people.
What the military does do is work with civilian contractors. That's where the decision will be made.
The problem is that Linux as a platform isn't very stable. The short-term will see a big spike in Linux usuage, if you ask me. And's that fine. But over the long-run (5-10 years, or more) it's unclear whether or not it's going to work out. I am not saying crashes, I mean, from a code standpoint, it's very rapidly evolving.
Which is good for users. But not so good when your goal is stable, low-maintenance platform. For example, try to compile the latest sources for any typical linux library with an old version of GCC. Of an old version of any dependent library.
It will very likely give you trouble. The commerical adtantage to closed-systems is that they can control every bit and byte of code that runs on that machine. And doing so allows them to control the pace of evolution, something that a single company/contractor cannot do with Linux.
At some point they will have to fork development to slow progress. And at that point, they really don't have much of an advantage over closed-systems.
I can imagine dozens of ways to break test cases. Like a slowly degrading precision value.. during testing it would show fine.. on the battlefield after a few days the precision would begin to drift.. drift... and drift.. it would be very hard to test for it. It would pass verification and testing without fail everytime. But after 36-48 hours of heavy real-life usuage, it would be effectively useless. Design a test system that would catch this (I'll give you more than two-words)
Peer review. I imagine Linus, Alan, Andrew, Ingo, Tigran, et. al., are more capable of:
Except that Linus himself has said that the sheer volume of patches coming into the kernel means he barely scans the patches before accepting them. It's very difficult to tell what minor changes a small fix will have. Just ask people who have to debug problems in the kernel. It's not fun/easy/simple.
Also, we are not just talking about the "brand name" projects. We are talking about the unsexy, not-front-page projects. The things at risk are the ones without thousands of eyes looking at it. It's the ones with just dozens, or a handful of eyes, looking at it. Projects that make up stuff in the buildchain. Projects like filesystem drivers. Projects like device drivers. Compilers. Linkers. All of them would have to be validated and audited, for each change, for each version, on each platform. A malicious patch anywhere along the way can lead to a trojan. Even code that otherwise looks good could be poisoned. A single unchecked buffer. A single small simple looking error - big consequences.
the government trust them over a different group of developers?
I've worked for government projects on a lower-level of security/oversight than the DoD. Here are some reasons.
1. Background checks. Not just instant ones, ones overseen by an actual person at the DOJ.
2. Penalty of Law. Programming logs and notes are kept to incredible detail. Every scrap of source is accounted for. If someone intentionally threw some nasties in it, well, it wouldn't take long for you to be in jail.
3. Financial motivation. Bad software/buggy software/trojan'd software will lead to cancelled contracts. That's bad for the contractor. It also leads to strict internal guidelines and procedures. Especially in companies where 100% of the company business is Defense contracting.
4. Trusted base. Most/many of the projects are based on trusted platforms or semi-trusted platforms. If you only have to review the changes to an exisiting system it is much more appealing than starting from scratch.
Again, I am not saying that OSS should or shouldn't be used for certain projects. Just that it's not a no-brainer one way or the other.
I think it'd be tricky It would be possible though to engineer a specific set of cases so that a less-than highly used library would produce certain results for only a single user (or a small handful of users). It could be so crafty as well. I can imagine setting things up so that when a certain "bug" I introduce is fixed the real behaviour I wanted becomes apparent. How could you prove I set out to intentionally make that error?
Fred, why does line 314 do a bit shift without checking the foobar?" And then the patch would be rejected.
You and I know however that over time maintainers become more and more trusting of what a submitter gives them. How long would one need to invest to get the trust of a submitter? 3 months? 6 months? What if a person contributed weekly to a project a front-company for six months.. what level of scrutiny would that patch receive?
doubt any maintainer would accept such a patch. I don't accept patches for PMD without reading them, and if I got a 3K line patch I'd reject it out of hand.
How long would it take for a badly intentioned person to take over as a maintainer? A year, two years?
The question is though:
Is it possible that an unknown/untrsuted person could engineer a bit of code that would pass initial scrutiny but still be dangerous?
The answer to that is an unqualified yes, I believe. The auditors would have to audit every bit of the toolchain, the compiler and linker, and the rest of the system to be able successfully rely on the code audit.
You should be auditing the code of any product you're going to use in a sensitive enviroment anyway, wether it's closed or open source.
Absolutely. The point being however that's harder and you have more code to audit in the open source world. In the closed source/defense world, they rarely change things like compilers, build environments, etc. In the open source world it becomes difficult if you want to work with a compiler 6 years old, let alone 2 or 3 or 4 years old. As a test, get the latest glibc and compile it with a 3 year old copy of GCC.
I am not saying it's a definitive answer one way or another.. just that it's hard.
It's easy to retort GreenHills FUD by saying all changes will be baselined and a change control board will review any updates (easy enough huh).
Actually, not easy enough.
Can you honestly tell me that the government is going to hire a panel of people to check in in-depth source changes on OSS projects? People who are familiar enough that they can catch an exploit that may only take 3-4 lines of code to perform?
Let's say I knew that DoD used a certain package in gunnery firmware. Let's say a math library that would be used to make calculations to calibrate the weapon. How hard would it be to build in a small tiny bit of error that would only be useful in cases of calibration of high-tech weapons? If 3000 lines of dense mathematically rich C were checked in and a dozen lines acted in concert to create a miscalculation, how much expertise would be needed to catch that?
I think that having experts able to review each line of code checked in and put into production defeats the whole idea of using Open Source: at that point, you might as well just hire the experts to write the code in the first place and eliminate the vector all together.
Because the binaries come over the internet, and are very small. The CD has to mailed from an island nation.
Except that the vast vast majority of 18-24 don't vote..
Let's see, would you like the 50 million members of 60+ demographic, of whom 80%+ vote, or the 60 million members 18-24 who vote at a rate of 18%?
on space programs, when so many of it's citizens are starving and dying in the streets
I defy you to find me three (3) cases in the last 10 years of an American starving to death.
IF you can find even one, I would be shocked. I would be even more shocked if that case of starvation wasn't from abuse/neglect.
The simple fact is that if there is any American who starves to death from poverty it is an absolute aberration.
But beyond a doubt, there aren't hordes of peoples, or thousands, or hundreds, or even dozens of people starving and dying on the streets as you suggest.
Recent technology previews of mozilla firefox and thunderbird, along with other web content software (shareware as well as open source) are much better in terms of performance than the existing stuff from the MS stable.
Exactly right. By the time LongHorn comes out, not a single person anywhere will be able to claim that MS has a monopoly on Desktop OS's. Already in terms of a legal argument it's pretty weak.
In 3-4 more years, the penetration of Linux will reach double digits, and MS will be free from any and all anti-trust regulation.
How does that fix the problem of said people having dozens of usernames/passwords on multiple websites?
Who said that's a problem again? Is there some popular outburst of anger about having multiple usernames/passwords that I am unaware of?
It is especially useless, since there is no code. No implementations. It's nothing. It's trying to solve a problem that doesn't exisit, and certainly doesn't warrant a 150-company comission.
No, Sun's effort is as usless as MS's, since actual sites don't want to use it.. either MS or Sun.
It's all useless.
...Single sign-on outside the corporate network (aka, the Internet at large) is a problem that doesn't need much solving..
..and both MS and Sun will fail at solving a problem that doesn't really need solving.
A better approach would be for either MS or Sun to develop multi-langauge, multi-platform products that will help web developers implement standard password requirements, username/password schemes, etc.
Forcing a lame implementation of bad technology isn't going to work.
You have very little real freedom left.
That is a vast overstatement. The freedoms that have been chipped away are on the fringe. It hasn't been a big deal because 99.99% of people haven't felt the tinest bit of difference.
With the DMCA
That's a joke to include in the list. This is a minor issue. It's not like having the DMCA has put us on par with North Korea.
surveilence cameras
Again, minor. In public places you have no expectation of privacy.
a state that locks people up without charges and detains them indefintely
Funny thing happened. The wheels of justice turned and that has been ruled a no-no.
media so powerful they won't even let you share your films with your own friends over the internet
That is false. What they try to prevent you from doing is sharing *thier* films over the Internet. Theirs != yours.
about all you have left is freedom of speech - and even that is in doubt
No, really, it's not.
Check your trousers, I think someone has pickpocketed your freedom while you were all busy buying the next big piece of crap that the marketeers have been selling you
No, actually not. Life has changed very little.
You *had* freedom, that's for sure, but it's been eroded over the last few decades. You need to act now if you want to preserve what you have left. Let's face it, you can't even show a bit of tit on your TV during the superbowl, just exactly what sort of freedom are you talking about?
Let's see here. You can show anything you want on TV. You cannot broadcast indecency over public airwaves. Big difference.
You pay $33k/year in *payroll* tax? Not income tax? I'm not familiar with your finances - could you clarify or confirm? There could certainly be a pariah industry singled out by the tax code for the reverse cashmir producer treatment, but it sounds odd.
Payroll tax is everything that the government takes out of your paycheck: Federal Income Tax, State Income Tax, Local Income Tax (yes, my city has an income tax!), FICA, Social Security, Unemployment insurance, etc. It is, excluding voluntary contributions, everything that is the difference between net pay and gross pay.
Poor people pay more tax as a proportion of income than the rich do.
I know, and it's shameful. However, two points. When you make little money, any amount of tax will be a big amount of your income. Sales tax, excise, use taxes - even small ones - will be a big percentage. Obviously when you make more that $5 use tax isn't so big, or that toll isn't so big.
If you read my original post, I am talking specifically about income tax. I agree that the myraid of other taxes we have should be better structured. It is my opinion that if you are in poverty or below the poverty line, you should pay zero taxes on essential things. No income taxes, no sales tax on non-crap (ie, clothes no tax, designer clothes, yes; healthy food no, beer and red bull, yes), no excise tax, etc. As that person rises out of poverty that taxes they must pay can be layered in one at a time.
Umm, I think that the number of people who would be getting back something like $1200 in your example would be far greater than the number of people getting back something like $18,750.
Of course. But 15 times more? That's a good question for staticians to answer, and one that's not too useful consider I just used example numbers.
I would also claim that having $1200 reduction in taxes for a person making $20,000 per year improves that person's standard of living more than a $18,750 reduction in taxes for a
That is in fact true. However, it is a hypothetical point since in real life people making 20,000 a year pay $0 in income tax, and end up getting a heft Earned Income Tax Credit in most cases.
When they feel that a certain increase in taxes on the rich decreases efficiency in a way that outweighs the gain in equity, then they won't support such increases
Thats provably false, and you know. Until Kennedy cut marginal tax rates, and then Reagan cut them again, income tax rates were confiscatory and there was no talk of equity. For example, in 1950 any income over $40,000 (a princely sum for those days, but equal to CEO pay today) you paid 50%. If you made $100,000 you paid 68%, if you made $400,000 you paid 84%.
The point of it all is that right, now taxes for the poor, lower income, and middle income are the lowest they've ever been. Check it out. If you made $4,000 in 1970 you paid 22.50% federal income tax. Inflation injusted, that is $16,500 dollars. What rate do people pay on that now? 15%, with a $4,850 standard deduction, (meaing that you only pay taxes on $12,000 of it).
Claiming that the poor, low, and middle class earners pay too much income tax is a joke.
I wonder how many high school students today even know we put a man on the moon...
I'd be willing to bet you a serious pile of money that at least 90% (if not 99%) of all high school students (randomly sampled, of course) would be able to properly answer the question: "True or false. Man has walked on the moon?".
As to the details.. that's different..
If you are willing to take me up on this bet, e-mail and we can set terms.
Following the news I've also continusouly heard about the continuing growth of the gap between the most wealthy and least, but I'm not sure if its real or just a statistical effect.
I am not so concerneda about the gap. Having wealth leads to more wealth - that's the nature of investment and interest. And as people have wealth and retain it, it will inevitably grow. I am fine with that.
The disparity would be concerning if the rest of the stake holders lost ground, but that is not happening based on the information you provided. The wealth of the "average" and median American continues to grow. It is growing more quickly for the wealthy thanks to compounding returns.
I think the income tax right now is almost just right.
COmpanies used to use child labor util we made laws about it. Companies used to work people round the clock until we made laws about it.
This is not generally true.
The labor laws that we have are designed to prevent outliers cases. Abominiations and whatnot.
For example, by the time the civil war in the United States rolled around, a large number of plantations had started or already completed rolling back slave labour. Why? It is expensive. By the late 1800's, a number of factories in my home state (Maine) had limited the average work day, instituted minimum working age, and improved safety conditions considerably before the trend of unionization took over.
Why?
Because in the end, businesses are all about the bottom line. In the short term, sending unprofitable things and expensive things offshore saves the bottom line. But in the long run it is bad for business: bad for consumers, bad for the image of the company, etc. We are in the early phases of the outsourcing IT cycle. Some companies will go over board, some will do nothing, some will go down the middle. The ones who go too far will be burned, the ones who do nothing will be burned, the ones who choose just right will win.
until we unite and make a law about it
Yeah, that's what we need! Yet another protectionist law!
Somehow I don't think a few more lines of law on top of the 110 million we already have are going to solve all of our problems...
Ok, IANAE (I am not an economist),
Imagine that. A person without economic background trying to tell policy makers what to do.
but from what I understand the "trickle down effect" just doesn't work the way people want it to.
There isn't any thing related to "trickle down" going. Behind the rhetoric is something called Supply-Side economics". It's a serious topic that academics and policy wonks debate.
Giving them even more isn't going to
It's not "giving" them more. It's adjusting everyone's rate equally. For example, if the top rate was 25%, another rate 16%, and the bottom rate 12%, a 50% tax cut would mean that rates were 12.5%, 8%, and 6%. A person making 20,000 year taxed at the bottom rate would go from paying 2400 to 1200, a savings of $1200. A person making 150,000 would go from paying $37,500 to $18,750. That means in political rhetoric terms "The rich were given 94% of the tax cut with the poor only getting 6%" is completely accurate.
big an impact as doing the same to a poorer person.
See, now, that is just silly. If you are trying to get capital back into the marketplace, would you rather send back $1200, or $18,750?
Secondly, the rich still only make up a small percentage of the world's
Yes, but what you don't realize is that the rich pay the VAST majority of income taxes. The top 50% of income earners pay 96% of all income taxes paid. (link).
And lastly, the money spent by a rich person doesn't really trickle down to the needy
Can you trace the history of a rich person from point a to the pocket of poor person b? Of course not. It's a complex system that takes *years* to fall into place. Again, it is way more complicated than I think you can grasp in this situation. Additionally though, it was claimed that the "rich" were going trickle down to the poor.
When they buy up-market products, the money will very quickly "leave" the local area since it's likely to be imported (no matter where they live).
Wrong. The total value of goods and services consumed in the US is 10.40 trillion for last year (link). The trade deficit totals about $200B (link) a year. That means we import more than export. Even if you figure the rich will tend to import more than your average person, it is not reasonable to assume that most of their spending will go overseas.
The money goes to some company, and executive pay is almost universally improportionate to the worker's pay.
This is a major issue: productivity and profitiability are way up, but so far wages are flat. This however has nothing to do with "trickle down". What does happen however is that employment increases. Which is what we have seen. So far this year it is estimated that 1.4 million jobs have been created (link). That is significant.
tax cut for the poor would have made a much better and longer lasting impact to many more people
Here is the little dirty secret that people who don't know what is going on don't realize. The poor in this country pay very, very, very little income tax. If you are literally poor, as in impoverished, you not only don't pay any income tax, you get a refund for taxes you never paid. Yes, that's right. It's an "Earned income tax credit". A tax refund for taxes you never paid (link).
People could pay off debts, get a better education, spend more time with the kids, start a small business, etc.