(I'm a member Android Security team who worked on bits of Lollipop FDE)
The issue with FDE in Android has for long been the lack of combining strong passwords with a pattern lock or pin lock for unlocking the screen. In other words, your encryption key is only as strong as the pin code or password you are willing to put in every time you open your screen lock.
This isn't completely true on Lollipop devices that have hardware-backed credential storage. (Well, it's not really "hardware-backed", but it's in a Trusted Execution Environment, typically ARM TrustZone.)
For Lollipop, a big change to FDE was the inclusion of a hardware-backed key in the key derivation function (KDF) for the FDE master key encryption key. This provides two benefits:
1) It means that a dump of the contents of your encrypted flash is useless without the device.
2) It means that brute force search of your PIN/pattern/password space is serialized and rate-limited by the performance of the device. In a way this means that faster devices are less secure, though we also apply a device-tuned scrypt function as part of the KDF, which compensates in the case of an attacker who tries to perform the entire attack on-device.
The best attack against Lollipop FDE, on a device with HW-backed credentials, is to dump the data from the device flash, then flash a custom OS which makes calls into the HW crypto to create an oracle, processing a stream of requests and returning the responses. Then you do a brute force attack with a mixture of on-device and off-device resources, computing the first scrypt function offline, then performing the on-device crypto operation, then taking the results of that and performing the second scrypt function offline, which you then use to try to decrypt the FDE master key, offline.
The fastest devices on the market today will perform the HW-backed crypto operation in about 50 ms. Assuming everything is pipelined properly, this is the brute force attempt rate: 20 attempts per second. With a four-digit PIN, this is negligible: the entire space can be searched in 8 minutes. However, a six-character alphanumeric password (random, all lowercase) would take 630 days, on average, to break. That's pretty reasonable security.
In theory. In practice it would take much longer than that. I tried running this test on a Nexus 9 and found the device kept throttling itself because it got too hot, plus even with a 2A charger it consumed more power than was being provided to it, so I had to stop when the battery died and wait for it to recharge.
Pre-Lollipop, and even on Lollipop devices that lack HW-backed crypto, you can conduct the entire attack off-line, parallelized, on however much hardware you care to throw at it. I can't make any promises about the future, but I will say that I, personally, really want to significantly improve Android FDE in the future. I have changes in mind that will make brute force essentially impossible, unless you can break into the Trusted Execution Environment.
Bah. Outright falsehood-pushing "journalism" is as old as journalism, and the online version of it as old as online journalism. Wikipedia has been abused as long as it has existed, and the Woozle Effect is also nothing new -- indeed the name and awareness of the phenomenon predates the existence of ARPANET, much less the Internet.
It had come a long way, then it started being manipulated by ideology pushing extremists that have become very adept at abusing the hell out of labrynthian policies to the point that even when the author of a news article flat out says "They're lying, I never said that at all" it's the author that gets punished.
This exact same complaint was common before it was shown that Wikipedia is on par with dead tree encyclopedias. What makes it more true now than it was then?
Yes, but it's not progress if it destroys the more technical constructs that allow more knowledgeable people to be more productive. Replacing whole interfaces with a search box does just that.
Does it? I don't think so. The omnibox makes me more productive, not less. The difference is tiny, granted, but it's non-zero.
You are assuming the company would know the legal limits of an NSL. you are assuming the company would care about legal limits. If the NSA agent makes a good case of "Terrorism" then they will likely get what they want.
Of course the company would know the legal limits. They have attorneys.
That they might not care I addressed in the second paragraph.
I guess even if there was a way, the vendor would probably just get a NSL to put the backdoor in himself
NSLs can't do that. The law is quite specific about what an NSL can request. Not only can't it demand pro-active measures like backdoors, NSLs can't even demand the content of communications that the recipient already has. NSLs are limited by law to demanding communications metadata only.
Well, I suppose a letter can be issued that demands anything at all, and companies may choose to comply, but they don't legally have to if the letter specifies more than what is allowed by law.
URLs have a reason to exist, and they will. The same way that IPs have a reason to exist and will, even though we rarely use them today.
Clearly they're important, and will be whether or not people see or use them. To the degree we can build infrastructure that hides the technical details and provides people with more human-friendly interfaces, we've made progress. Of course, the security engineer in me worries about the attack surface provided by these additional layers of abstraction.
But 10 years ago, I knew the IPs of all my servers by heart. Today I need them rarely, but sometimes I do and I know where to find them.
A few years from now you'll be glad that you need them rarely. Even with zero-compression, IPv6 addresses are unwieldy for humans.
Today I know all my domains by heart. Maybe in 10 years I will use them rarely, but when I do, I know how to do it.
It will be interesting to see what direction we go.
Okay, so the submitter asked for "good" solutions, and this may not qualify, but it's what I do: A whiteboard at each location, with a camera pointed at it. I can't draw on your drawing, but I can see what you draw, and you can see what I draw. I've experimented with various web-based shared whiteboards, but they all require drawing on the computer. Even with a tablet (either Wacom-style attached to a laptop/PC or a mobile device) and a pen, a real whiteboard is better.
In my case, generally there are at most three locations in the meeting, and usually only two: My home office and a group of people in a conference room. Having more may make the "real whiteboards" solution less effective.
Well, then that's their limitation, not mine. I am tired of this trend of dumbing things down to the lowest possible.
Damn straight. It's like all these stupid GUI interfaces. I mean, I can see using a graphical interface if you're editing photos or something, but for reading and writing text? It's ridiculous and just makes it so that stupid people can do it without having to understand anything.
It all started with visual text editors, you know? Line editing was good enough, heck, you could argue that it made things too easy, too. What was really good was when we used toggle switches to enter data and read the output from a sequence of lights. If you can't mentally translate binary to ASCII you don't deserve the power of computation.
Right on. It annoys me when I see people using google search to go to a specific website, rather than use the address bar to go there directly. If you try to explain to them that the address bar will take them there without having to click the first search result, it's like they don't even want to know.
I think this is just a further extension of the location bar vs search bar change.
I remember when I first saw the Chrome omnibox. It offended me. Mildly, but still. I know the difference between a search and a URL, and I am perfectly capable of clicking into the correct bar. Then I actually used the omnibox for a while (because Chrome was so blindingly fast compared to other browsers at the time) and found that when I jumped back to Firefox I got annoyed at the mental effort required to use the split location/search fields, even though it was trivial.
The fact is that low effort is not the same as zero effort. I like the omnibox because I just click and type, no need to spend a millisecond deciding which box I should click into.
I can see what you describe as the next step, so people don't have to bother understanding, or thinking about if they do understand, the difference between "cnn" and "cnn.com". Or I suppose those who type slowly may prefer to omit the last four characters purely for that reason.
I hope Elon Musk isn't getting arrogant, with the push into communication satellites, and hyperloop. The size of the hyperloop vehicles, suggests that it will have a lower capacity than a high speed rail line.
But much higher velocity, which can be combined with frequent runs to create high capacity.
If a high speed rail line wanted to, it could run the long, double deck high speed trains from Japan, that can carry ~1,600 passengers, every 3 minutes. Multiple trains could be stuck end to end.
That would provide massive throughput, but higher latency.
I have a friend at Google that says the real backlash was internal, and he thinks Matt Cutts even threatened to quit over this.
(I'm a Google employee)
Internal backlash was massive, and as far as I can tell hugely stronger than the fairly mild complaints outside the company. The strength of the internal opposition took me by surprise. I understood that while Google doesn't wish to censor the web it also doesn't wish to be the entity serving up sexual content. That seems like a reasonable position to me. I thought the 30-day notice was a bit short, even though the terms of service only offer 14 days, but other than that it seemed reasonable to me, basically bringing blogger into line with the policies in place for YouTube, etc., for years.
Many of my colleagues, however, vehemently disagreed, calling it censorship, application of one region's values upon the world and generally declaiming it as the beginning of the end for Google as a force for openness and access to information. Many called the decision deeply inconsistent with Google's stated mission, "To organize the world's information and make it universally accessible and useful". The internal memegen system was awash in anti-censorship memes, and one of the memegen team went further and more or less shut the system down in protest, replacing it with a complaint about the blogger shutdown. Eng-misc, a high-volume internal mailing list for random discussions of, well, anything, was overrun with threads complaining about it. The founders got hammered with questions and complaints in the weekly company-wide TGIF meeting (which is actually held on Thursday these days, so more Googlers around the world can see it live).
It's been quite the storm.
As soon as the internal reaction started I expected the reversal, though it went further than I expected. I thought the result would just be more notice, maybe 90 days. But I suppose that's because I thought the basic decision was reasonable, and only the short notice unreasonable. Many others felt differently, obviously.
It's going to be interesting to see if this provokes re-examination of the YouTube and G+ policies. I doubt it, but I was wrong about the nature of the reversal, too.
Actually, it's the Return on investment (ROI) that matter in business. Or in other word, how many time it'll take to make enough profit to cover the cost of the initial investment. And in this case, the US$9.95 billion California High-Speed Rail is a huge example on how much money you can make on transportation.
Using the $56 million per km quoted on California High-Speed Rail as the low estimate of how much it would cost to build a hyper loop, the minimum cost across the US would be $56 million per km * 3000 miles * 1.6 km per mile = $270 Billion dollars MINIMUM. That's going to have a hell of a long ROI, and because of that I can't see anyone in their right mind financing such a project in the near future.
Did Musk ever propose transcontinental hyperloops? I don't believe he did. As I recall this was always intended as a regional transportation technology, something for distances short enough that air travel is inconvenient because of the airport delays at both ends, but long enough that traditional train travel is too slow.
Genius executive: Maybe we should promise not to do stuff like that anymore.
Super-genius executive: Maybe we should promise not to do stuff like that any more, but exempt "security software and Lenovo applications". That way we can continue getting paid by McAfee and others to continue loading their stuff, as long as they don't mind us slapping our logo on it.
So THAT'S why my package is dropkicked to my porch...
If that happens you should complain. Customer complaints aren't addressed quite as strongly as accidents, but getting many complaints is pretty bad for a driver.
Just the fact that you're trying to pretend that this all stopped in the 1930s means I have no more patience for this tangent.
I said no such thing. You were the one who brought up the 30s, I just used your era.
And I really have no dog in this fight, and would be interested to hear about examples of the Teamsters behaving badly in recent years. So I asked if you had any evidence that they still behave this way. You apparently don't.
They are drivers not coders. We can build a metric to rank them. (Packages/hour - (SafetyWeight * accidents/year)) would work for drivers with similar routes.
At UPS they incent performance for drivers in ways that don't interfere with the seniority system.
Accident handling is pretty simple: If you have one, barring really, really clear evidence that it's not only not your fault but there is no possible way you could have avoided it, you're fired. The Teamsters lawyer will fight to get you a decent severance package, but that's it. Even with said evidence, you'd better not ever have another.
As for packages/per hour, UPS has a system that calculates the time required for a given route, including driving and deliveries. Drivers get paid max(route_time, actual_time), so if they can get the route done in less than the estimated time they get to go home early without losing pay. Experienced drivers can always beat the estimated time, usually by large margins, and even in the event of breakdowns, etc.
Further, habitually beating your route time gives you the opportunity to take on longer routes. So, many good UPS drivers habitually do 12-hour routes in 7 hours, which means they get paid for 14 hours (the last four of the 12 are time and a half) for working 7. Meanwhile, drivers who habitually take longer than their estimated times get assigned shorter and shorter routes, and, of course, there is a point at which drivers are taking so much longer than the estimate, that they can be fired for cause.
BTW, if you have the perception that UPS drivers are well-paid, you're both wrong and right. Their nominal hourly wages are decent, maxing out at around $20 per hour or a bit above, but those who work hard can easily earn lots of "fake" overtime, as in my example of 14 hours' pay for 7 hours' work. That plus massive amounts of real overtime around the holidays means that UPS drivers' incomes can approach six figures -- but only if they work hard.
This is utter bullshit. Most people which seek suicide do not "do it without telling it". In fact many have along phase where you can detect symptoms (unfortunately most often hindsight) and call for help.
A little more nuance:
Suicide attempts can be generally divided into sincere and insincere. Insincere attempts are those that aren't really intended to succeed, but just to call attention to the person's suffering in a way that is hard to ignore. Most attempts by people who think "This will show them all" are insincere, because the person's goal isn't really death. This doesn't mean insincere attempts aren't dangerous, they certainly are. The individual needs to get close enough to death to make it convincing, and a slight miscalculation -- by someone who isn't thinking all that clearly -- can be fatal.
Insincere attempts are basically always preceded by a long period of calls for help, of the form you mention. Sadness, thoughts of death, wishes for death, etc. Algorithms should definitely be able to detect this, and warning someone who can take action can save lives.
Sincere attempts may or may not have this call for help phase. People who are self-possessed and determined don't often commit suicide, but when they do, it's often without any warning. Most people will call for help for a while, but the biggest warning sign of a sincere attempt is that the calls for help cease. The individual suddenly cheers up, often without any apparent cause. The cause is that they have decided to end their lives, and that decision lifts a burden off of them and makes them feel much better. This cheerfulness also facilitates their planning of an effective suicide. Another key characteristic of this sudden happiness is that it rarely includes discussion of the person's future, because they've decided they don't have one.
I think very good algorithms could also detect this process of sadness with occasional thoughts of death, followed by sudden present-focused good cheer, and this is the situation in which prompt and active intervention is most crucial.
I'm an engineer, not a psychologist, but my personal life has unfortunately included a great deal of exposure to these issues.
I think you're applying their reputation from the 30s. I'm not a fan of unions in general, but I see a little of the modern Teamsters though my brother, a UPS driver. UPS is a union shop. Other than their strict enforcement of a seniority system, I frankly don't really see any problem. I think they do a lot of good for the UPS drivers, and see no evidence that they believe it's still 1930.
(I'm a member Android Security team who worked on bits of Lollipop FDE)
The issue with FDE in Android has for long been the lack of combining strong passwords with a pattern lock or pin lock for unlocking the screen. In other words, your encryption key is only as strong as the pin code or password you are willing to put in every time you open your screen lock.
This isn't completely true on Lollipop devices that have hardware-backed credential storage. (Well, it's not really "hardware-backed", but it's in a Trusted Execution Environment, typically ARM TrustZone.)
For Lollipop, a big change to FDE was the inclusion of a hardware-backed key in the key derivation function (KDF) for the FDE master key encryption key. This provides two benefits:
1) It means that a dump of the contents of your encrypted flash is useless without the device.
2) It means that brute force search of your PIN/pattern/password space is serialized and rate-limited by the performance of the device. In a way this means that faster devices are less secure, though we also apply a device-tuned scrypt function as part of the KDF, which compensates in the case of an attacker who tries to perform the entire attack on-device.
The best attack against Lollipop FDE, on a device with HW-backed credentials, is to dump the data from the device flash, then flash a custom OS which makes calls into the HW crypto to create an oracle, processing a stream of requests and returning the responses. Then you do a brute force attack with a mixture of on-device and off-device resources, computing the first scrypt function offline, then performing the on-device crypto operation, then taking the results of that and performing the second scrypt function offline, which you then use to try to decrypt the FDE master key, offline.
The fastest devices on the market today will perform the HW-backed crypto operation in about 50 ms. Assuming everything is pipelined properly, this is the brute force attempt rate: 20 attempts per second. With a four-digit PIN, this is negligible: the entire space can be searched in 8 minutes. However, a six-character alphanumeric password (random, all lowercase) would take 630 days, on average, to break. That's pretty reasonable security.
In theory. In practice it would take much longer than that. I tried running this test on a Nexus 9 and found the device kept throttling itself because it got too hot, plus even with a 2A charger it consumed more power than was being provided to it, so I had to stop when the battery died and wait for it to recharge.
Pre-Lollipop, and even on Lollipop devices that lack HW-backed crypto, you can conduct the entire attack off-line, parallelized, on however much hardware you care to throw at it. I can't make any promises about the future, but I will say that I, personally, really want to significantly improve Android FDE in the future. I have changes in mind that will make brute force essentially impossible, unless you can break into the Trusted Execution Environment.
Bah. Outright falsehood-pushing "journalism" is as old as journalism, and the online version of it as old as online journalism. Wikipedia has been abused as long as it has existed, and the Woozle Effect is also nothing new -- indeed the name and awareness of the phenomenon predates the existence of ARPANET, much less the Internet.
> it was shown that Wikipedia is on par with dead tree encyclopedias
The linked article above is from 2005. A LOT has changed in a decade.
What has changed that's relevant? The existence of mobile devices? Bah.
> What makes it more true now than it was then?
Thanks to the wonders of modern technology and the rise of political correctness fanatics
Political correctness is new since 2005? Ummm, let me guess, you're under 30, aren't you?
You have groups openly state on Wikipedia that it's their goal to push their viewpoints on articles.
Which was also true before 2005.
Clickbait sites written by people close to these groups get turned into sources.
Also true before 2005.
I'll stop here, but nothing you mention was any different previously.
It had come a long way, then it started being manipulated by ideology pushing extremists that have become very adept at abusing the hell out of labrynthian policies to the point that even when the author of a news article flat out says "They're lying, I never said that at all" it's the author that gets punished.
This exact same complaint was common before it was shown that Wikipedia is on par with dead tree encyclopedias. What makes it more true now than it was then?
Nah, you can do things with GUI that can't be done at a text prompt. The reverse is also true. I don't think your analogy applies.
I'll bet your text prompt is displayed on a GUI, nearly all of the time. Mine certainly is.
Yes, but it's not progress if it destroys the more technical constructs that allow more knowledgeable people to be more productive. Replacing whole interfaces with a search box does just that.
Does it? I don't think so. The omnibox makes me more productive, not less. The difference is tiny, granted, but it's non-zero.
You are assuming the company would know the legal limits of an NSL. you are assuming the company would care about legal limits. If the NSA agent makes a good case of "Terrorism" then they will likely get what they want.
Of course the company would know the legal limits. They have attorneys.
That they might not care I addressed in the second paragraph.
I guess even if there was a way, the vendor would probably just get a NSL to put the backdoor in himself
NSLs can't do that. The law is quite specific about what an NSL can request. Not only can't it demand pro-active measures like backdoors, NSLs can't even demand the content of communications that the recipient already has. NSLs are limited by law to demanding communications metadata only.
Well, I suppose a letter can be issued that demands anything at all, and companies may choose to comply, but they don't legally have to if the letter specifies more than what is allowed by law.
Perhaps they should be asking for a ".google" gTLD, for that purpose, instead of trying to monopolize a generic identifier.
I was about to suggest the same, but with ".goog", to make it shorter.
They've applied for and received (been delegated) both.
https://gtldresult.icann.org/applicationstatus/applicationdetails/1429
https://gtldresult.icann.org/applicationstatus/applicationdetails/1430
URLs have a reason to exist, and they will. The same way that IPs have a reason to exist and will, even though we rarely use them today.
Clearly they're important, and will be whether or not people see or use them. To the degree we can build infrastructure that hides the technical details and provides people with more human-friendly interfaces, we've made progress. Of course, the security engineer in me worries about the attack surface provided by these additional layers of abstraction.
But 10 years ago, I knew the IPs of all my servers by heart. Today I need them rarely, but sometimes I do and I know where to find them.
A few years from now you'll be glad that you need them rarely. Even with zero-compression, IPv6 addresses are unwieldy for humans.
Today I know all my domains by heart. Maybe in 10 years I will use them rarely, but when I do, I know how to do it.
It will be interesting to see what direction we go.
So... still nothing to back up your claim. I get it already.
Assuming you are going to type something in that box, see if you can find the TAB key
Why? Why not just type without bothering with the tab and let the machine figure it out? That's my whole point.
Okay, so the submitter asked for "good" solutions, and this may not qualify, but it's what I do: A whiteboard at each location, with a camera pointed at it. I can't draw on your drawing, but I can see what you draw, and you can see what I draw. I've experimented with various web-based shared whiteboards, but they all require drawing on the computer. Even with a tablet (either Wacom-style attached to a laptop/PC or a mobile device) and a pen, a real whiteboard is better.
In my case, generally there are at most three locations in the meeting, and usually only two: My home office and a group of people in a conference room. Having more may make the "real whiteboards" solution less effective.
Well, then that's their limitation, not mine. I am tired of this trend of dumbing things down to the lowest possible.
Damn straight. It's like all these stupid GUI interfaces. I mean, I can see using a graphical interface if you're editing photos or something, but for reading and writing text? It's ridiculous and just makes it so that stupid people can do it without having to understand anything.
It all started with visual text editors, you know? Line editing was good enough, heck, you could argue that it made things too easy, too. What was really good was when we used toggle switches to enter data and read the output from a sequence of lights. If you can't mentally translate binary to ASCII you don't deserve the power of computation.
</sarcasm>
Right on. It annoys me when I see people using google search to go to a specific website, rather than use the address bar to go there directly. If you try to explain to them that the address bar will take them there without having to click the first search result, it's like they don't even want to know.
I think this is just a further extension of the location bar vs search bar change.
I remember when I first saw the Chrome omnibox. It offended me. Mildly, but still. I know the difference between a search and a URL, and I am perfectly capable of clicking into the correct bar. Then I actually used the omnibox for a while (because Chrome was so blindingly fast compared to other browsers at the time) and found that when I jumped back to Firefox I got annoyed at the mental effort required to use the split location/search fields, even though it was trivial.
The fact is that low effort is not the same as zero effort. I like the omnibox because I just click and type, no need to spend a millisecond deciding which box I should click into.
I can see what you describe as the next step, so people don't have to bother understanding, or thinking about if they do understand, the difference between "cnn" and "cnn.com". Or I suppose those who type slowly may prefer to omit the last four characters purely for that reason.
I hope Elon Musk isn't getting arrogant, with the push into communication satellites, and hyperloop. The size of the hyperloop vehicles, suggests that it will have a lower capacity than a high speed rail line.
But much higher velocity, which can be combined with frequent runs to create high capacity.
If a high speed rail line wanted to, it could run the long, double deck high speed trains from Japan, that can carry ~1,600 passengers, every 3 minutes. Multiple trains could be stuck end to end.
That would provide massive throughput, but higher latency.
I have a friend at Google that says the real backlash was internal, and he thinks Matt Cutts even threatened to quit over this.
(I'm a Google employee)
Internal backlash was massive, and as far as I can tell hugely stronger than the fairly mild complaints outside the company. The strength of the internal opposition took me by surprise. I understood that while Google doesn't wish to censor the web it also doesn't wish to be the entity serving up sexual content. That seems like a reasonable position to me. I thought the 30-day notice was a bit short, even though the terms of service only offer 14 days, but other than that it seemed reasonable to me, basically bringing blogger into line with the policies in place for YouTube, etc., for years.
Many of my colleagues, however, vehemently disagreed, calling it censorship, application of one region's values upon the world and generally declaiming it as the beginning of the end for Google as a force for openness and access to information. Many called the decision deeply inconsistent with Google's stated mission, "To organize the world's information and make it universally accessible and useful". The internal memegen system was awash in anti-censorship memes, and one of the memegen team went further and more or less shut the system down in protest, replacing it with a complaint about the blogger shutdown. Eng-misc, a high-volume internal mailing list for random discussions of, well, anything, was overrun with threads complaining about it. The founders got hammered with questions and complaints in the weekly company-wide TGIF meeting (which is actually held on Thursday these days, so more Googlers around the world can see it live).
It's been quite the storm.
As soon as the internal reaction started I expected the reversal, though it went further than I expected. I thought the result would just be more notice, maybe 90 days. But I suppose that's because I thought the basic decision was reasonable, and only the short notice unreasonable. Many others felt differently, obviously.
It's going to be interesting to see if this provokes re-examination of the YouTube and G+ policies. I doubt it, but I was wrong about the nature of the reversal, too.
Actually, it's the Return on investment (ROI) that matter in business. Or in other word, how many time it'll take to make enough profit to cover the cost of the initial investment. And in this case, the US$9.95 billion California High-Speed Rail is a huge example on how much money you can make on transportation.
Using the $56 million per km quoted on California High-Speed Rail as the low estimate of how much it would cost to build a hyper loop, the minimum cost across the US would be $56 million per km * 3000 miles * 1.6 km per mile = $270 Billion dollars MINIMUM. That's going to have a hell of a long ROI, and because of that I can't see anyone in their right mind financing such a project in the near future.
Did Musk ever propose transcontinental hyperloops? I don't believe he did. As I recall this was always intended as a regional transportation technology, something for distances short enough that air travel is inconvenient because of the airport delays at both ends, but long enough that traditional train travel is too slow.
Genius executive: Maybe we should promise not to do stuff like that anymore.
Super-genius executive: Maybe we should promise not to do stuff like that any more, but exempt "security software and Lenovo applications". That way we can continue getting paid by McAfee and others to continue loading their stuff, as long as they don't mind us slapping our logo on it.
So THAT'S why my package is dropkicked to my porch...
If that happens you should complain. Customer complaints aren't addressed quite as strongly as accidents, but getting many complaints is pretty bad for a driver.
So... you still have nothing to cite.
Just the fact that you're trying to pretend that this all stopped in the 1930s means I have no more patience for this tangent.
I said no such thing. You were the one who brought up the 30s, I just used your era.
And I really have no dog in this fight, and would be interested to hear about examples of the Teamsters behaving badly in recent years. So I asked if you had any evidence that they still behave this way. You apparently don't.
They are drivers not coders. We can build a metric to rank them. (Packages/hour - (SafetyWeight * accidents/year)) would work for drivers with similar routes.
At UPS they incent performance for drivers in ways that don't interfere with the seniority system.
Accident handling is pretty simple: If you have one, barring really, really clear evidence that it's not only not your fault but there is no possible way you could have avoided it, you're fired. The Teamsters lawyer will fight to get you a decent severance package, but that's it. Even with said evidence, you'd better not ever have another.
As for packages/per hour, UPS has a system that calculates the time required for a given route, including driving and deliveries. Drivers get paid max(route_time, actual_time), so if they can get the route done in less than the estimated time they get to go home early without losing pay. Experienced drivers can always beat the estimated time, usually by large margins, and even in the event of breakdowns, etc.
Further, habitually beating your route time gives you the opportunity to take on longer routes. So, many good UPS drivers habitually do 12-hour routes in 7 hours, which means they get paid for 14 hours (the last four of the 12 are time and a half) for working 7. Meanwhile, drivers who habitually take longer than their estimated times get assigned shorter and shorter routes, and, of course, there is a point at which drivers are taking so much longer than the estimate, that they can be fired for cause.
BTW, if you have the perception that UPS drivers are well-paid, you're both wrong and right. Their nominal hourly wages are decent, maxing out at around $20 per hour or a bit above, but those who work hard can easily earn lots of "fake" overtime, as in my example of 14 hours' pay for 7 hours' work. That plus massive amounts of real overtime around the holidays means that UPS drivers' incomes can approach six figures -- but only if they work hard.
That's fine... if they behave themselves then maybe everything will be fine. We'll see.
So, does that response mean you are applying their reputation from the 30s, rather than basing your comment on recent behavior?
This is utter bullshit. Most people which seek suicide do not "do it without telling it". In fact many have along phase where you can detect symptoms (unfortunately most often hindsight) and call for help.
A little more nuance:
Suicide attempts can be generally divided into sincere and insincere. Insincere attempts are those that aren't really intended to succeed, but just to call attention to the person's suffering in a way that is hard to ignore. Most attempts by people who think "This will show them all" are insincere, because the person's goal isn't really death. This doesn't mean insincere attempts aren't dangerous, they certainly are. The individual needs to get close enough to death to make it convincing, and a slight miscalculation -- by someone who isn't thinking all that clearly -- can be fatal.
Insincere attempts are basically always preceded by a long period of calls for help, of the form you mention. Sadness, thoughts of death, wishes for death, etc. Algorithms should definitely be able to detect this, and warning someone who can take action can save lives.
Sincere attempts may or may not have this call for help phase. People who are self-possessed and determined don't often commit suicide, but when they do, it's often without any warning. Most people will call for help for a while, but the biggest warning sign of a sincere attempt is that the calls for help cease. The individual suddenly cheers up, often without any apparent cause. The cause is that they have decided to end their lives, and that decision lifts a burden off of them and makes them feel much better. This cheerfulness also facilitates their planning of an effective suicide. Another key characteristic of this sudden happiness is that it rarely includes discussion of the person's future, because they've decided they don't have one.
I think very good algorithms could also detect this process of sadness with occasional thoughts of death, followed by sudden present-focused good cheer, and this is the situation in which prompt and active intervention is most crucial.
I'm an engineer, not a psychologist, but my personal life has unfortunately included a great deal of exposure to these issues.
Cite?
I think you're applying their reputation from the 30s. I'm not a fan of unions in general, but I see a little of the modern Teamsters though my brother, a UPS driver. UPS is a union shop. Other than their strict enforcement of a seniority system, I frankly don't really see any problem. I think they do a lot of good for the UPS drivers, and see no evidence that they believe it's still 1930.