Parallel computing, virtualization, all these things were either developed on paper or implemented in some form long before many of us were born.
And yet none of them were available to me for the majority of my life. Why is that? It's because nobody had gotten around to the hard work of turning into something actually useful.
Available to you. Mainframes have made extensive use of both since the early 80s, at least. The hard work was done, it was just done in an environment that relatively few people interacted with directly.
While there are some Stockholm syndrome poor and middle class people who might balk, the majority of us WOULD like the health and safety regulations in place worldwide, mostly because it would be a barrier to the cost effectiveness of domestic firms outsourcing to foreign locations.
It's really those other countries who would object strenuously. In most of the developing world, the only competitive asset they have is low-cost labor. If you could legislate that away from them, they'd have nothing, no way to lift themselves economically. All of the education resources, all of the intellectual capital, all of the big markets... they're all in the rich world, especially the US and EU. We have every possible competitive advantage, including much higher per-hour productivity, the only thing they have is being cheap because their standard of living is so low.
of course the consequence of that is that 'the young and reproductive' of other countries are entering and replacing the indigenous population that has stopped reproducing. Darwin would claim that the more productive shall win. I guess we will see.
You missed the point. The global birthrate has peaked and is declining. That includes those young and reproductive. They're still reproducing at more than replacement rate, but they're trending downward, too. And much of the developed world is already well below replacement rate. Some northern European countries have actually started public service advertising campaigns encouraging couples to make babies, because the declining population numbers are playing havoc with their labor market and their economic structure (especially pension systems).
It turns out that birthrate is positively correlated with infant and child mortality and negatively correlated with wealth and female education. Better access to medical care reduces infant and child mortality, which appears to reduce the motivation of parents to make lots of 'em, just in case. Wealth and female education both enable family planning, and while women generally like babies, they also don't want to have more than they can really manage or care for. And given the very low baseline much of the world is at, wealth and education levels are exploding. People are still living in what you and I would consider unbearable poverty, but it's dramatically better than what the last generation had.
These facts also point out exactly how we can take action to reduce population even faster: Work harder to empower and educate more people in the third world. Actually, great progress is being made in the poor areas of Asia. The big opportunities are in Africa. Teach African men to farm more effectively, make education more available to men and women, make medical supplies and facilities more accessible, and provide international oversight to reduce the damage done by their kleptocratic (and in some cases, genocidal) governments, and you'll make peak population happen sooner, and at a lower level.
The way I see it, there's only 2 benefits to a startup
There's a third, and an even more important one: Having it be yours. Even given the significant freedom that Googlers have (and we do have a lot... and as you move up the ladder it increases), there's no substitute for seeing if you can really build something from scratch, with absolutely no one to question you, and being able to look at it at the end of the day and say "I did that"... which includes all of the business stuff. It's about playing the grand game and winning, and you can't really play it while drawing a paycheck.
Also, Google's founder's award didn't really compete with the open-ended possibilities of a startup payout. I mean, you could end up with Larry Page money. You won't, but you could, and you could never get that at Google. Unless Larry Page gave you all his money, which he won't.
Climate is only one of the big threats we face, and we can to some extent simply adjust to it, but unless we learn to curb overconsumption in a serious way, it won't matter all that much.
What are the others? Keep in mind that we're already on track to have a smaller population by the end of this century than we did at the beginning, and it's also quite clear that we'll have no trouble feeding and housing the expected peak population of just under 10B. In terms of energy generation, we're moving pretty quickly away from fossil fuels, within a few decades renewables will be cheaper. That won't happen quickly enough to head off serious climate change, but we aren't going to have population-driven energy shortages.
So unless there are some other serious problems related to overconsumption (whatever that is), it seems to me that it just might be easier to engineer the climate than it is to engineer human behavior. Not that the former is easy, but the latter is damned near impossible.
We already are. The global birthrate peaked a few years ago. The population continues growing only because the global demographics are skewed young, so as we fill out the older cohorts the population rises. But each generation is smaller than the ones that came before and barring significant life extension the population is going to peak in 30 years or so, then start declining. This is globally; many regions of the industrialized world are already at negative population growth when you subtract out immigration.
Heh. I did notice the change in spelling but wrote it off as a typo.
Your point is a good one, though, and it's actually a little worse than what you described, since Gmail normally displays the user's name, not their email address. I suppose one simple countermeasure would be to display first-time senders' messages in a different color, or even to specifically notice and warn about new emails from addresses/names that are very similar to previously-received messages but from a different user account.
If you're in the habit of accepting public keys from anyone that sends one, and rekeying, automatically, then you're never going to notice an intercept, and you're sure as hell not going to notice an email from zealath at gmail.com as being something other than zaelath at gmail.com so I really don't have to be government.
The question is how you would obtain a forged certificate that would be signed by the Gmail CA.
Yeah, that's one. What do you think the odds are of the same thing happening to every Engineer at Google w/ aspirations of being a CEO?
Low, but that's not really the point.
The point is that if the engineers are paid so well that they no longer need their Google income, they're free to go try to become a CEO of their own mega-successful startup. Whether or not the startup is likely to succeed doesn't change that equation, especially if they're careful to avoid putting much of their own cash into it, so they are still comfortable even if their startup bombs -- as it most likely will.
Another Google-related example of this phenomenon, I think, is the now-discontinued "Founder's Award" program. It used to be that truly exceptional performers could win a Founder's Award which came with a huge cash (or stock, not sure) bonus... like $10M. The theory was that it was a way to convince people that they could become wealthy by staying at Google, rather than leaving to found their own companies. It was quietly discontinued, though, and the rumor is that it's because they discovered that nearly all of the winners took their big pile of cash and left to found their own companies. The sort of people who won the awards were exactly the sort of technically-skilled but entrepreneurial leaders who were well-suited to and interested in starting their own companies. Not giving them a big pile of cash might make them decide to leave, but giving them one pretty much guaranteed it.
So, I guess the ideal compensation approach for retention is to walk the line between paying them enough that they can't leave without taking a pay cut, but not so much that they become financially independent.
perhaps it could be standardized with some automatic key exchange mechanism
And there's your problem, key exchange is the hardest (most expensive at least) part of PKI.
It's not so bad with email. Large email providers are well-positioned to be their own CAs and to establish the necessary mutual trust relationships. Smaller email providers can establish a relationship with a larger CA to facilitate automatic issuance of user certs. What makes this all feasible is that the only identity that needs to be tied to a given user's public key certificate(s) is the email address so there's no further vetting that needs to be done.
In most cases public key exchange can also be trivially done in the emails themselves. The first email I send you goes unencrypted, but signed, and includes my public key. So your reply is fully secured, and contains your public key.
This presumes that the email providers do a good job of ensuring that they only issue certs to authenticated users, of course. And this approach leaves open the possibility that government could lean on providers to MITM their users' communications. But if your enemy is your government, you're going to have to be willing to work much, much harder than is reasonable for the typical user.
27 year old here. This isn't about the vintage of the wine 30 years ago. It's the vintage of the wine now. I happy you lived a good life. I wish your children the best of success.
The trick is the same as it was 20 years ago when I was your age: Get an education in an in-demand field, without debt, be willing to work crap jobs to work your way through school and build up experience, be willing to relocate as needed to where the jobs are, and be willing to work hard to get ahead in whatever job you have. Whatever your income is, save 20% of it, adjusting your standard of living if needed. If that means buying your clothes and furniture from Goodwill, driving an old beater that you repair yourself, never eating out, not having nice phones, etc., etc., so be it. Avoid debt, except for buying a home -- and don't buy more house than you can afford, even if that means all you can get is a tiny fixer-upper.
Granted that the economic conditions you face are worse than what I did... but they're not so much worse that it can't be done. In fact they're far better than what my grandfather's generation faced, and probably better than my dad's.
because of this: "I make enough money that I didn't really have to choose".
Meh. Irrelevant.
I have a lot of family members who have always struggled financially, and they completely agree that kids are incredibly rewarding. For that matter, we were pretty low-income when my first two children arrived, and didn't really get comfortable until about ten years ago. I'm still not rich, and never will be, though I do make enough that we're comfortable and have some disposable income on a single salary.
I think it's a question of perspective and priorities, not income.
Most folks don't really get to choose. A substantial percentage of the populace has no or restricted access to birth control and well, it's a biological imperative for a reason.
This argument is a complete red herring.
I suppose that's true if you're talking about the worldwide population, but I highly doubt that the readership of/. is even remotely in that position. In the industrialized world birth control is readily and cheaply available even to people in the lowest income categories.
The problem is that we'd have to rent a place to put all of our stuff as her house is small
$100 per month gets you a decent-sized storage unit most places.
In the last few years I've done two different variants of this piecemeal moving.
I did the long-distance thing for six months when I started my current job. We did it mostly because we wanted to let the kids finish out the school year. I found a cheap one-bedroom apartment (in a house with a bunch of college girls, actually; I was moving to a college town) for a few hundred a month and the family stayed in our old home. I actually considered just living in a tent on nearby national forest land for a while, and might have done that if it weren't deep winter for most of the time. Get creative:-). My wife worked on selling the old house while I looked for a new one (though I didn't commit to it until she'd flown out and looked over the options I'd found). We closed on the old home before school was out, so she and the kids lived with her parents for a while.
Then three years later we needed to move back, to care for aging parents. I negotiated a remote-work deal with my employer, and we packed the Colorado house up and put it all in storage back home. When we moved back we stayed with my parents, then hers, for a while until we got a house of our own, then moved everything from storage into the house.
These things are complicated, and painful, but it's doable. Of course, in my case I already had a job at both locations so I wasn't worried about that, but if I were in your shoes I think I'd save up two or three weeks of vacation, get a bunch of job interviews queued up, then fly out and hit the job search hard for a while, with the plan that if I found a good place who wanted me to start immediately, I'd stay. You do have the advantage that you'd have a place to stay free while you're there, assuming you don't mind living with your mother-in-law.
Another option is to try to get your wife's mom to move to the midwest. That would probably be the easiest, logistically, but may have the disadvantage of being completely and utterly impossible.
The subject line's arrogance about non-technical users is the source of much that's wrong with computer security today.
Computer users are not idiots, they just don't have specialized knowledge that specialists have. They should not need to have such specialized knowledge, and they're absolutely right when they think we're nuts for wanting them to obtain that knowledge.
There are many different levels of this particular form of arrogance, too. One of my ambitions is to develop a crypto API which developers can use without having to understand cryptography. I've often seen other crypto experts shake their heads in disgust about "idiot" developers who foolishly MAC then encrypt rather than encrypt then MAC (hint: both have problems), or use some block cipher mode with a known weakness in certain usage without first proving that its safe (or, better yet, simply using a mode without the weakness), or using PKCS#1 v1.5 padding for RSA encryption rather than OAEP, or failing to understand why using an IND-CCA2 scheme is always better than IND-CCA1 even if they are sure that the latter is good enough.
For that matter, even most cryptographers would struggle to define an appropriate cipher suite for a TLS-capable web server. Knowing what makes sense there requires deep understanding of not just the ciphers, digests and signature algorithms, but the protocol and its history, and the state of browser support and the tradeoffs involved in particular choices.
Security, especially cryptographic security, is a field that is both intricately detailed and very fast-moving, with lots of extremely subtle issues. I've been doing crypto security professionally for 20+ years and I don't make a move without consulting serious, world-class experts (to whom I'm lucky enough to have access)... and their first step is always to review all of the literature that is relevant to the problem at hand. At every level of knowledge in this space you look like an idiot to those at a higher level, and those at the highest level look like idiots to their future selves.
So, no, the fact that non-technical computer users don't understand cryptography doesn't make them idiots. They shouldn't have to understand it. It's the job of experts to make it Just Work, securely. The fact that we've failed to do so is on us, not on them.
The concept of using PGP is privacy in your private messages. That concept goes out of the window once google is managing your keys.
Google's end-to-end encryption approach relies on a key store in your browser, so Google isn't managing them. The keys could optionally be backed up to Google, but encrypted with a key derived from a passphrase you choose. However, that development effort seems to be stalled (I don't know if it is; I'm just looking at the last-update dates in the Github repo).
I think what might work is for Gmail to offer fully-automatic encryption with Google-handled key management, plus a way for users who want to transition smoothly to browser-managed keys via the end-to-end extension. Of course, that would only address Gmail, but perhaps it could be standardized with some automatic key exchange mechanism for integration with other email providers, and grow organically from there.
I agree with the GP that the only way for email encryption to become practical for the masses is for it to be completely transparent and effortless.
Anyone that has kids has pretty much forfeited their ticket to the good life.
I counter your assertion with the opposite: Anyone who doesn't have kids has forfeited the greatest experiences life has to offer.
I've raised (or am still raising) four kids. The youngest is 15, the oldest 23. They're not perfect kids, by any means. Being a parent has been -- by far -- the most challenging thing I've ever done, and I think I've done some hard things. It's also simultaneously the most heartbreaking and most incredibly rewarding. There's a lot of truth in the idea that the deepest joy to be found in life comes from serving others, and there is no deeper, more thorough, more enduring or more dedicated service than that a parent gives to a child. I don't think the biological link has anything to do with it, either; raising an adopted baby to adulthood would be the same (I didn't do that, but I know several who did raise both biological and adopted children).
What it's about is caring for another human being from the time they're completely helpless until the time they can become independent and succeed on their own, and on their own terms. It's about loving them and building a unique and very human bond. And when I say "unique", I mean that it's different for every parent and child. My relationship with each of my children is very different, because they are very different people. It's about living through their heartbreaks and joys, their failures and victories, and supporting and encouraging them through it all. It's also about teaching them the ways of the world, and about right and wrong and good and bad.
Oh, life certainly has a lot to offer those who don't have children. I've been economically successful enough that my wife and I do a lot of the things that DINKs do and enjoy. We do have the "good life". We have hobbies, we travel and we have nice things, and all of those are good.
But all of those experiences are... shallow. Nothing like the challenges and joys of raising children. I make enough money that I didn't really have to choose, but if I did, knowing what I do, I'd take the kids and give the "good life" a pass.
Don't worry - they'll all require TLS on all connections soon. Then you'll need to do all the crypto in your head...
telnet and netcat don't support TLS (yet... it wouldn't surprise me if someone added it to netcat), but there are other tools which establish a TLS connection then let you type at the other end. The ones I'm aware of are openssl s_client, socat and ncat (part of the nmap suite). Personally, I prefer ncat, though socat is probably more powerful.
I find myself wondering whether pushing this during the Trump administration is a bad idea... or whether it's a great idea. On the one hand, we have an executive branch headed by a loose cannon who doesn't think the rules apply to him, and if he should decide that he wants to squash Eddington like a bug he may well be willing to take actions that no previous president (excepting Andrew Jackson, perhaps) would contemplate. If I were Eddington, that would make me think hard before poking my head up to get pounded.
On the other hand Trump's willingness to overreact and to do so with incomplete planning (as evidenced by the botch he made of the immigration order), has put the judiciary in a skeptical state of mind when it comes to anything this administration says. I suspect that judges are a lot less likely to take this administration's word for it when it cries "but National Security!", than they were with Obama, or Bush. And there's also the possibility that Trump may decide that letting this suit go forward will make the previous guys look bad, and that's good enough for him. In contrast, Obama clearly would have fought it, and fought it competently and with the aid of a more sympathetic judiciary.
Or maybe Eddington's timing is completely coincidental. Perhaps he's been working up to this suit for years and finally got the pieces put together and decided to file. But I doubt it. The coincidence is too perfect.
In a lot of ways, I think Trumpism may well be one of the best things to happen to this country, not because I think he'll do so much good, but because he'll provoke us to rethink how much power we have vested in the office of the president. Hopefully Eddington can also exploit this opportunity to crack the wall of secrecy and pattern of whistleblower intimidation that has been established in recent decades.
The summary's explanation of what this does isn't correct. It says:
Google's new software effectively extracts details from a few source pixels to enhance pixelated images.
It doesn't extract details from a few source pixels. It invents details to add to those source pixels, based on the knowledge that the pixelated image is of a face, and of what faces look like. It produces something that plausibly fits the input data. How close this is to the original image, pre-pixelation, depends on what images were in its training set.
This is an interesting piece of work, but it doesn't mean that you can recover data that has been discarded.
I'd honestly say that 30 to 50 years is still extremely optimistic.
I'd say we have no idea whatsoever how far away it is. We don't understand what intelligence is, we don't understand how much of it is actually required for various tasks, we don't know what hardware will be required to run a general intelligence. Perhaps quantum computing is an essential ingredient, perhaps it isn't. Maybe it's just a question of finding the right structure of self-referencing modules. Maybe self-awareness is crucial, maybe it's not. There's so much we don't know, and so much more that we don't know we don't know.
We could make the crucial breakthrough to achieving fully general artificial intelligence next week (not likely... but not impossible -- it's even possible we made it two years ago and just haven't recognized it yet), or we could still be struggling with it in 200 years.
However, what is very clear is that there are large classes of jobs which can be automated away using technology that exists right now. The premier example is driving. There are some four million professional truck drivers in the US, and probably 75% of their jobs could be eliminated with the self-driving tech we already have. Actually deploying it on a large scale will take a few years, but it's coming. In addition to the automatable jobs we can point to now, there are lots of others that we don't yet realize are automatable, because we're still learning what our existing AI tech can and can't do.
The EO contained three different time periods, 90 days, 120 days and unlimited, for different groups. The unlimited ban was for Syrian refugees, the 120-day ban was for all refugees, the 90-day ban was for any national of the seven countries -- later clarified not to include dual citizens or green card holders.
Well, so badly written and executed was the EO that the Administration had to clarify that Green Card holders were allowed back in. The way the EO was communicated, it was initially interpreted as a blanket ban. Doesn't Trump have somebody who understands how the government he's been elected to run works?
Worse than that, as written the EO applied to "Nationals" of the seven countries, which on its face even includes people with dual US/EvilSeven citizenship.
I often set the printer as the DMZ address on my network, because I'd rather have people sending crap at a printer than at my actual computers.
You don't want people to send crap to your actual computers, so you open a huge hole through your firewall, right into a powerful computer that has horribly buggy, rarely-updated firmware and frequently communicates with all of your actual computers, through their (also likely buggy) print drivers -- which on many systems execute with system permissions?
You need to rethink that strategy.
My recommendation (with some caveats, see below) is to use Google Cloud Print. Your printer opens a secure (TLS) outbound connection to a Google server, from which it receives print jobs. No need to open any inbound ports. Likewise, when you print your print jobs are send from your computer (or phone / tablet / Chromebook, works on all of them) over a secure connection to a Google server, which queues them for delivery to your printer.
Just like your solution, you can print from anywhere. More conveniently, you don't need to know your home IP address (or have DNS set up), and you don't have to fiddle with your firewall configuration. The downsides are (1) you need a printer that supports Cloud Print (or have it connected to an always-on computer -- not a good option, IMO) and (2) you have to be comfortable with letting Google see your print jobs -- and, theoretically, datamine them. AFAIK that doesn't actually happen, but you should assume it does. Personally, 99% of what I print is content written in Google Docs anyway.
Slashdot Mirror
Parallel computing, virtualization, all these things were either developed on paper or implemented in some form long before many of us were born.
And yet none of them were available to me for the majority of my life. Why is that? It's because nobody had gotten around to the hard work of turning into something actually useful.
Available to you. Mainframes have made extensive use of both since the early 80s, at least. The hard work was done, it was just done in an environment that relatively few people interacted with directly.
While there are some Stockholm syndrome poor and middle class people who might balk, the majority of us WOULD like the health and safety regulations in place worldwide, mostly because it would be a barrier to the cost effectiveness of domestic firms outsourcing to foreign locations.
It's really those other countries who would object strenuously. In most of the developing world, the only competitive asset they have is low-cost labor. If you could legislate that away from them, they'd have nothing, no way to lift themselves economically. All of the education resources, all of the intellectual capital, all of the big markets... they're all in the rich world, especially the US and EU. We have every possible competitive advantage, including much higher per-hour productivity, the only thing they have is being cheap because their standard of living is so low.
of course the consequence of that is that 'the young and reproductive' of other countries are entering and replacing the indigenous population that has stopped reproducing. Darwin would claim that the more productive shall win. I guess we will see.
You missed the point. The global birthrate has peaked and is declining. That includes those young and reproductive. They're still reproducing at more than replacement rate, but they're trending downward, too. And much of the developed world is already well below replacement rate. Some northern European countries have actually started public service advertising campaigns encouraging couples to make babies, because the declining population numbers are playing havoc with their labor market and their economic structure (especially pension systems).
It turns out that birthrate is positively correlated with infant and child mortality and negatively correlated with wealth and female education. Better access to medical care reduces infant and child mortality, which appears to reduce the motivation of parents to make lots of 'em, just in case. Wealth and female education both enable family planning, and while women generally like babies, they also don't want to have more than they can really manage or care for. And given the very low baseline much of the world is at, wealth and education levels are exploding. People are still living in what you and I would consider unbearable poverty, but it's dramatically better than what the last generation had.
These facts also point out exactly how we can take action to reduce population even faster: Work harder to empower and educate more people in the third world. Actually, great progress is being made in the poor areas of Asia. The big opportunities are in Africa. Teach African men to farm more effectively, make education more available to men and women, make medical supplies and facilities more accessible, and provide international oversight to reduce the damage done by their kleptocratic (and in some cases, genocidal) governments, and you'll make peak population happen sooner, and at a lower level.
The way I see it, there's only 2 benefits to a startup
There's a third, and an even more important one: Having it be yours. Even given the significant freedom that Googlers have (and we do have a lot... and as you move up the ladder it increases), there's no substitute for seeing if you can really build something from scratch, with absolutely no one to question you, and being able to look at it at the end of the day and say "I did that"... which includes all of the business stuff. It's about playing the grand game and winning, and you can't really play it while drawing a paycheck.
Also, Google's founder's award didn't really compete with the open-ended possibilities of a startup payout. I mean, you could end up with Larry Page money. You won't, but you could, and you could never get that at Google. Unless Larry Page gave you all his money, which he won't.
Climate is only one of the big threats we face, and we can to some extent simply adjust to it, but unless we learn to curb overconsumption in a serious way, it won't matter all that much.
What are the others? Keep in mind that we're already on track to have a smaller population by the end of this century than we did at the beginning, and it's also quite clear that we'll have no trouble feeding and housing the expected peak population of just under 10B. In terms of energy generation, we're moving pretty quickly away from fossil fuels, within a few decades renewables will be cheaper. That won't happen quickly enough to head off serious climate change, but we aren't going to have population-driven energy shortages.
So unless there are some other serious problems related to overconsumption (whatever that is), it seems to me that it just might be easier to engineer the climate than it is to engineer human behavior. Not that the former is easy, but the latter is damned near impossible.
Yes. Make. Fewer. New. People.
We already are. The global birthrate peaked a few years ago. The population continues growing only because the global demographics are skewed young, so as we fill out the older cohorts the population rises. But each generation is smaller than the ones that came before and barring significant life extension the population is going to peak in 30 years or so, then start declining. This is globally; many regions of the industrialized world are already at negative population growth when you subtract out immigration.
Condoms are cheap, and available anywhere in the industrialized world.
Heh. I did notice the change in spelling but wrote it off as a typo.
Your point is a good one, though, and it's actually a little worse than what you described, since Gmail normally displays the user's name, not their email address. I suppose one simple countermeasure would be to display first-time senders' messages in a different color, or even to specifically notice and warn about new emails from addresses/names that are very similar to previously-received messages but from a different user account.
If you're in the habit of accepting public keys from anyone that sends one, and rekeying, automatically, then you're never going to notice an intercept, and you're sure as hell not going to notice an email from zealath at gmail.com as being something other than zaelath at gmail.com so I really don't have to be government.
The question is how you would obtain a forged certificate that would be signed by the Gmail CA.
Yeah, that's one. What do you think the odds are of the same thing happening to every Engineer at Google w/ aspirations of being a CEO?
Low, but that's not really the point.
The point is that if the engineers are paid so well that they no longer need their Google income, they're free to go try to become a CEO of their own mega-successful startup. Whether or not the startup is likely to succeed doesn't change that equation, especially if they're careful to avoid putting much of their own cash into it, so they are still comfortable even if their startup bombs -- as it most likely will.
Another Google-related example of this phenomenon, I think, is the now-discontinued "Founder's Award" program. It used to be that truly exceptional performers could win a Founder's Award which came with a huge cash (or stock, not sure) bonus... like $10M. The theory was that it was a way to convince people that they could become wealthy by staying at Google, rather than leaving to found their own companies. It was quietly discontinued, though, and the rumor is that it's because they discovered that nearly all of the winners took their big pile of cash and left to found their own companies. The sort of people who won the awards were exactly the sort of technically-skilled but entrepreneurial leaders who were well-suited to and interested in starting their own companies. Not giving them a big pile of cash might make them decide to leave, but giving them one pretty much guaranteed it.
So, I guess the ideal compensation approach for retention is to walk the line between paying them enough that they can't leave without taking a pay cut, but not so much that they become financially independent.
perhaps it could be standardized with some automatic key exchange mechanism
And there's your problem, key exchange is the hardest (most expensive at least) part of PKI.
It's not so bad with email. Large email providers are well-positioned to be their own CAs and to establish the necessary mutual trust relationships. Smaller email providers can establish a relationship with a larger CA to facilitate automatic issuance of user certs. What makes this all feasible is that the only identity that needs to be tied to a given user's public key certificate(s) is the email address so there's no further vetting that needs to be done.
In most cases public key exchange can also be trivially done in the emails themselves. The first email I send you goes unencrypted, but signed, and includes my public key. So your reply is fully secured, and contains your public key.
This presumes that the email providers do a good job of ensuring that they only issue certs to authenticated users, of course. And this approach leaves open the possibility that government could lean on providers to MITM their users' communications. But if your enemy is your government, you're going to have to be willing to work much, much harder than is reasonable for the typical user.
27 year old here. This isn't about the vintage of the wine 30 years ago. It's the vintage of the wine now. I happy you lived a good life. I wish your children the best of success.
The trick is the same as it was 20 years ago when I was your age: Get an education in an in-demand field, without debt, be willing to work crap jobs to work your way through school and build up experience, be willing to relocate as needed to where the jobs are, and be willing to work hard to get ahead in whatever job you have. Whatever your income is, save 20% of it, adjusting your standard of living if needed. If that means buying your clothes and furniture from Goodwill, driving an old beater that you repair yourself, never eating out, not having nice phones, etc., etc., so be it. Avoid debt, except for buying a home -- and don't buy more house than you can afford, even if that means all you can get is a tiny fixer-upper.
Granted that the economic conditions you face are worse than what I did... but they're not so much worse that it can't be done. In fact they're far better than what my grandfather's generation faced, and probably better than my dad's.
because of this: "I make enough money that I didn't really have to choose".
Meh. Irrelevant.
I have a lot of family members who have always struggled financially, and they completely agree that kids are incredibly rewarding. For that matter, we were pretty low-income when my first two children arrived, and didn't really get comfortable until about ten years ago. I'm still not rich, and never will be, though I do make enough that we're comfortable and have some disposable income on a single salary.
I think it's a question of perspective and priorities, not income.
Most folks don't really get to choose. A substantial percentage of the populace has no or restricted access to birth control and well, it's a biological imperative for a reason.
This argument is a complete red herring.
I suppose that's true if you're talking about the worldwide population, but I highly doubt that the readership of /. is even remotely in that position. In the industrialized world birth control is readily and cheaply available even to people in the lowest income categories.
The problem is that we'd have to rent a place to put all of our stuff as her house is small
$100 per month gets you a decent-sized storage unit most places.
In the last few years I've done two different variants of this piecemeal moving.
I did the long-distance thing for six months when I started my current job. We did it mostly because we wanted to let the kids finish out the school year. I found a cheap one-bedroom apartment (in a house with a bunch of college girls, actually; I was moving to a college town) for a few hundred a month and the family stayed in our old home. I actually considered just living in a tent on nearby national forest land for a while, and might have done that if it weren't deep winter for most of the time. Get creative :-). My wife worked on selling the old house while I looked for a new one (though I didn't commit to it until she'd flown out and looked over the options I'd found). We closed on the old home before school was out, so she and the kids lived with her parents for a while.
Then three years later we needed to move back, to care for aging parents. I negotiated a remote-work deal with my employer, and we packed the Colorado house up and put it all in storage back home. When we moved back we stayed with my parents, then hers, for a while until we got a house of our own, then moved everything from storage into the house.
These things are complicated, and painful, but it's doable. Of course, in my case I already had a job at both locations so I wasn't worried about that, but if I were in your shoes I think I'd save up two or three weeks of vacation, get a bunch of job interviews queued up, then fly out and hit the job search hard for a while, with the plan that if I found a good place who wanted me to start immediately, I'd stay. You do have the advantage that you'd have a place to stay free while you're there, assuming you don't mind living with your mother-in-law.
Another option is to try to get your wife's mom to move to the midwest. That would probably be the easiest, logistically, but may have the disadvantage of being completely and utterly impossible.
The subject line's arrogance about non-technical users is the source of much that's wrong with computer security today.
Computer users are not idiots, they just don't have specialized knowledge that specialists have. They should not need to have such specialized knowledge, and they're absolutely right when they think we're nuts for wanting them to obtain that knowledge.
There are many different levels of this particular form of arrogance, too. One of my ambitions is to develop a crypto API which developers can use without having to understand cryptography. I've often seen other crypto experts shake their heads in disgust about "idiot" developers who foolishly MAC then encrypt rather than encrypt then MAC (hint: both have problems), or use some block cipher mode with a known weakness in certain usage without first proving that its safe (or, better yet, simply using a mode without the weakness), or using PKCS#1 v1.5 padding for RSA encryption rather than OAEP, or failing to understand why using an IND-CCA2 scheme is always better than IND-CCA1 even if they are sure that the latter is good enough.
For that matter, even most cryptographers would struggle to define an appropriate cipher suite for a TLS-capable web server. Knowing what makes sense there requires deep understanding of not just the ciphers, digests and signature algorithms, but the protocol and its history, and the state of browser support and the tradeoffs involved in particular choices.
Security, especially cryptographic security, is a field that is both intricately detailed and very fast-moving, with lots of extremely subtle issues. I've been doing crypto security professionally for 20+ years and I don't make a move without consulting serious, world-class experts (to whom I'm lucky enough to have access)... and their first step is always to review all of the literature that is relevant to the problem at hand. At every level of knowledge in this space you look like an idiot to those at a higher level, and those at the highest level look like idiots to their future selves.
So, no, the fact that non-technical computer users don't understand cryptography doesn't make them idiots. They shouldn't have to understand it. It's the job of experts to make it Just Work, securely. The fact that we've failed to do so is on us, not on them.
The concept of using PGP is privacy in your private messages. That concept goes out of the window once google is managing your keys.
Google's end-to-end encryption approach relies on a key store in your browser, so Google isn't managing them. The keys could optionally be backed up to Google, but encrypted with a key derived from a passphrase you choose. However, that development effort seems to be stalled (I don't know if it is; I'm just looking at the last-update dates in the Github repo).
I think what might work is for Gmail to offer fully-automatic encryption with Google-handled key management, plus a way for users who want to transition smoothly to browser-managed keys via the end-to-end extension. Of course, that would only address Gmail, but perhaps it could be standardized with some automatic key exchange mechanism for integration with other email providers, and grow organically from there.
I agree with the GP that the only way for email encryption to become practical for the masses is for it to be completely transparent and effortless.
Anyone that has kids has pretty much forfeited their ticket to the good life.
I counter your assertion with the opposite: Anyone who doesn't have kids has forfeited the greatest experiences life has to offer.
I've raised (or am still raising) four kids. The youngest is 15, the oldest 23. They're not perfect kids, by any means. Being a parent has been -- by far -- the most challenging thing I've ever done, and I think I've done some hard things. It's also simultaneously the most heartbreaking and most incredibly rewarding. There's a lot of truth in the idea that the deepest joy to be found in life comes from serving others, and there is no deeper, more thorough, more enduring or more dedicated service than that a parent gives to a child. I don't think the biological link has anything to do with it, either; raising an adopted baby to adulthood would be the same (I didn't do that, but I know several who did raise both biological and adopted children).
What it's about is caring for another human being from the time they're completely helpless until the time they can become independent and succeed on their own, and on their own terms. It's about loving them and building a unique and very human bond. And when I say "unique", I mean that it's different for every parent and child. My relationship with each of my children is very different, because they are very different people. It's about living through their heartbreaks and joys, their failures and victories, and supporting and encouraging them through it all. It's also about teaching them the ways of the world, and about right and wrong and good and bad.
Oh, life certainly has a lot to offer those who don't have children. I've been economically successful enough that my wife and I do a lot of the things that DINKs do and enjoy. We do have the "good life". We have hobbies, we travel and we have nice things, and all of those are good.
But all of those experiences are... shallow. Nothing like the challenges and joys of raising children. I make enough money that I didn't really have to choose, but if I did, knowing what I do, I'd take the kids and give the "good life" a pass.
Don't worry - they'll all require TLS on all connections soon. Then you'll need to do all the crypto in your head...
telnet and netcat don't support TLS (yet... it wouldn't surprise me if someone added it to netcat), but there are other tools which establish a TLS connection then let you type at the other end. The ones I'm aware of are openssl s_client, socat and ncat (part of the nmap suite). Personally, I prefer ncat, though socat is probably more powerful.
ncat -C --ssl <servername> 443
does the job quite handily in most cases.
You do realize that is just an ad homonym attack, right?
1. It's hominem, as in person.
ACs are "same nym" users, i.e. "homo nyms". It's actually kind of clever.
I find myself wondering whether pushing this during the Trump administration is a bad idea... or whether it's a great idea. On the one hand, we have an executive branch headed by a loose cannon who doesn't think the rules apply to him, and if he should decide that he wants to squash Eddington like a bug he may well be willing to take actions that no previous president (excepting Andrew Jackson, perhaps) would contemplate. If I were Eddington, that would make me think hard before poking my head up to get pounded.
On the other hand Trump's willingness to overreact and to do so with incomplete planning (as evidenced by the botch he made of the immigration order), has put the judiciary in a skeptical state of mind when it comes to anything this administration says. I suspect that judges are a lot less likely to take this administration's word for it when it cries "but National Security!", than they were with Obama, or Bush. And there's also the possibility that Trump may decide that letting this suit go forward will make the previous guys look bad, and that's good enough for him. In contrast, Obama clearly would have fought it, and fought it competently and with the aid of a more sympathetic judiciary.
Or maybe Eddington's timing is completely coincidental. Perhaps he's been working up to this suit for years and finally got the pieces put together and decided to file. But I doubt it. The coincidence is too perfect.
In a lot of ways, I think Trumpism may well be one of the best things to happen to this country, not because I think he'll do so much good, but because he'll provoke us to rethink how much power we have vested in the office of the president. Hopefully Eddington can also exploit this opportunity to crack the wall of secrecy and pattern of whistleblower intimidation that has been established in recent decades.
The summary's explanation of what this does isn't correct. It says:
Google's new software effectively extracts details from a few source pixels to enhance pixelated images.
It doesn't extract details from a few source pixels. It invents details to add to those source pixels, based on the knowledge that the pixelated image is of a face, and of what faces look like. It produces something that plausibly fits the input data. How close this is to the original image, pre-pixelation, depends on what images were in its training set.
This is an interesting piece of work, but it doesn't mean that you can recover data that has been discarded.
I'd honestly say that 30 to 50 years is still extremely optimistic.
I'd say we have no idea whatsoever how far away it is. We don't understand what intelligence is, we don't understand how much of it is actually required for various tasks, we don't know what hardware will be required to run a general intelligence. Perhaps quantum computing is an essential ingredient, perhaps it isn't. Maybe it's just a question of finding the right structure of self-referencing modules. Maybe self-awareness is crucial, maybe it's not. There's so much we don't know, and so much more that we don't know we don't know.
We could make the crucial breakthrough to achieving fully general artificial intelligence next week (not likely... but not impossible -- it's even possible we made it two years ago and just haven't recognized it yet), or we could still be struggling with it in 200 years.
However, what is very clear is that there are large classes of jobs which can be automated away using technology that exists right now. The premier example is driving. There are some four million professional truck drivers in the US, and probably 75% of their jobs could be eliminated with the self-driving tech we already have. Actually deploying it on a large scale will take a few years, but it's coming. In addition to the automatable jobs we can point to now, there are lots of others that we don't yet realize are automatable, because we're still learning what our existing AI tech can and can't do.
For 6 fucking months, Trumps is only 90 days.
The EO contained three different time periods, 90 days, 120 days and unlimited, for different groups. The unlimited ban was for Syrian refugees, the 120-day ban was for all refugees, the 90-day ban was for any national of the seven countries -- later clarified not to include dual citizens or green card holders.
Well, so badly written and executed was the EO that the Administration had to clarify that Green Card holders were allowed back in. The way the EO was communicated, it was initially interpreted as a blanket ban. Doesn't Trump have somebody who understands how the government he's been elected to run works?
Worse than that, as written the EO applied to "Nationals" of the seven countries, which on its face even includes people with dual US/EvilSeven citizenship.
I often set the printer as the DMZ address on my network, because I'd rather have people sending crap at a printer than at my actual computers.
You don't want people to send crap to your actual computers, so you open a huge hole through your firewall, right into a powerful computer that has horribly buggy, rarely-updated firmware and frequently communicates with all of your actual computers, through their (also likely buggy) print drivers -- which on many systems execute with system permissions?
You need to rethink that strategy.
My recommendation (with some caveats, see below) is to use Google Cloud Print. Your printer opens a secure (TLS) outbound connection to a Google server, from which it receives print jobs. No need to open any inbound ports. Likewise, when you print your print jobs are send from your computer (or phone / tablet / Chromebook, works on all of them) over a secure connection to a Google server, which queues them for delivery to your printer.
Just like your solution, you can print from anywhere. More conveniently, you don't need to know your home IP address (or have DNS set up), and you don't have to fiddle with your firewall configuration. The downsides are (1) you need a printer that supports Cloud Print (or have it connected to an always-on computer -- not a good option, IMO) and (2) you have to be comfortable with letting Google see your print jobs -- and, theoretically, datamine them. AFAIK that doesn't actually happen, but you should assume it does. Personally, 99% of what I print is content written in Google Docs anyway.