OSHA would be in charge of evaluating the safety of the machines from the perspective of the TSA and other airline/airport workers. Other agencies, like the FDA, are responsible for the safety to passengers.
There's so much focus on the passenger safety, though, that danger to the workers is the more likely problem, particularly because of how often and how long they are in proximity of the machines.
And yes, it's likely that OSHA would have no qualms about busting them for poor workplace safety.
The more urgent issue is whether these things, as deployed, are dosing people at the correct level, which is easy to evaluate, and no one currently is doing so.
They've conducted lots of dosage surveys of the actual devices in use and posted the results publicly. That hardly qualifies as "no one is currently doing so".
Backscatter dosage effects are extrapolated, too -- toward zero. There isn't sufficient data on the carcinogenic effects of ionizing radiation at very low dosages. (It would be a difficult experiment, as the doses are well below that of natural radiation.) So in general they assume a linear-to-zero model because it's a good safe choice. (There's no reason to suspect that low doses would produce cancer at higher-than-linear rates. They could be less-than-linear, but it's good to assume the more conservative option.)
Which term? Low power is correct, as is low intensity. (While there are also low-energy X-rays, meaning that the energy per photon is low, this is the same as low-frequency or high-wavelength X-rays and is rarely what people mean when they say low-energy.)
They're a few orders of magnitude higher-energy: UV is on the order of 10-100 eV, and backscatter X-rays are on the order of 1-10 keV. Everything above UV is ionizing, so the dose (and potentially intensity) matter.
The power they use varies substantially, but quite a few of them are not safe for humans. (If I remember correctly, if it uses X-rays and can look through metal, you shouldn't be in the vicinity.)
Should the public trust a study of radiology and human health designed by a US Senator whose highest degree is a bachelor's degree in government?
No, but it doesn't seem like she's designing the study. I suppose the text of the proposed bill would be relevant here. (Perhaps the poster was simply avoiding hypocracy here -- just as it's reasonable for someone with no real scientific background to commission a study, it's reasonable for someone with little understanding of the Internet to draft regulations for it. The latter doesn't seem to be a popular opinion, though. What matters, of course, is the extent to which they use information from experts to guide their decisions.)
Is it reasonable to expect an organization accused of jeopardizing the health and safety of hundreds of millions of air travelers to pick a truly unbiased lab?
Yes. As people like to point out, accusation is not conviction and people (and agencies) can be accused of just about anything. Provided that it's publicly-known what independent lab they pick -- which has been the case for previous studies -- it's easy enough for others to evaluate whether they're unbiased. That's not to say it will necessarily satisfy all critics -- there are many people who will claim that the chosen lab is biased, regardless of what lab is chosen.
Is this a credible experimental protocol?
I don't see an experimental protocol described. I do see an intent to commission a third-party study, which is common and quite credible. The only part that's questionable is determining "whether there are any biological signs of cellular damage caused by the scans." For one, "any" isn't necessarily a good safety cutoff, particularly if you're not being specific about what kind of cellular damage. For another, with the power that's used, you're well into the very-rare-event range for carcinogenic effects. You shouldn't anticipate scanning a test piece of flesh and looking for signs of cellular damage -- it would be easy to get a false negative. This is a part (admittedly, probably a small part) of why the health effects are disputed. At these power levels, you have to measure the dosing and then use a mathematical model to estimate the probability of causing cancer. It's easy to dispute the details of such models. (Is cancer incidence from ionizing radiation really linear and independent of other sources all the way to zero? Does weighting toward skin deposition matter?)
Would any lab chosen deliver a critical report and risk future funding?
Funding from whom? The TSA? Apparently they're not getting business from them now, so that seems like a pretty reasonable risk to take. Plenty of labs aren't government-funded. Even for those that are, releasing a report that's negative about one government organization only risks funding from a completely different organization if you assume some Massive Government Conspiracy. The NIH won't deny your grant because you discovered that backscatter machines really aren't safe.
They did. It might have been insufficiently independent, depending on how much you buy into a Massive Government Conspiracy to pump a few million dollars into two companies and secretly irradiate you.
The general technology has been studied extensively. Third-party labs test the specific equipment used by the TSA. I think the most comprehensive reports are done by the U.S. Army Public Health Command and available on the TSA's website.
Also, there's a dramatic difference in quality between WSJ articles and anything in the Opinion section, particularly the online-only Opinion articles. The latter are more or less what you'd expect for online opinionating, really.
What? CO2 is colorless and odorless. Exhaled air has ~5% CO2, which is a pretty high concentration compared to the 390 ppm in the air and the ~10% onset of toxicity.
It also lets them quickly get in to new areas of business. For example, they decide they need some kind of "cloud service thing". Fine, except they'll need a few new massive data centers. No problem, throw a few billion at it and now you have data centers!
Solving problems quickly is easily done if you have a lot of cash on hand and results in you getting a product to market fast. Getting things to market quickly is a pretty important bit of Apple's business.
They split their shares a couple of times in... early 2000s maybe? Maybe late 90s. (Okay, I looked it up: 2000 and 2005.) Apparently they don't do it any more because having high per-share prices is trendy in tech companies.
To an extent, it doesn't matter. Most individual investors these days (the only ones who would invest a small amount of money) purchase securities through pooled investment vehicles like mutual funds and ETFs.
Mac OS X has a BSD subsystem, but most of that isn't present in iOS. Both systems, as far as I know, use the xnu kernel, which is a modified Mach (which is not BSD). It's a little disingenuous to say that it's "primarily based on BSD", though. A number of core components (Darwin) are open-source -- either derived from existing open-source projects (like WebKit) or new projects made open-source by Apple. That accounts for only a small component of the operating system, though. The majority of the frameworks are not open-source, and it's these that provide the features that developers actually use.
This is basically the DRM problem -- how do you propose to actually implement this? If you did it in software, the system would need to be always on and modifying itself to keep up with the time deadline. If they show up and pull the plug before the time deadline passes, they rig a system to simply lie to the software about what time it is, allowing them to enter the password whenever they want. Roughly the best you can do is to have an always-on system that only ever holds the decryption key in memory, making it reasonably easy to dump the key. Of course, if you ever lose power or need to reboot, you'd lose your data.
Those are two interpretations of the 5th Amendment that are not correct. You can be required to provide evidence that will be used against you. You cannot, however, be required to testify against yourself.
Or steganographically hide it in plain sight in the digital picture frame with your kid's pictures. Without the passphrase, they can't prove that a suitably random key exists in a JPG.
Most steg tools leave signatures that clearly indicate that steganography was applied to the image. Many steg tools use sub-par security. I wouldn't go that route.
Bullshit. You can make bit-for-bit copies (which necessarily do not change the hash value) of disks/files encrypted with FileVault, FileVault 2, TrueCrypt, LUKS, PGP, and BitLocker, at the least. I've done it myself for most of those. Only drives that have encryption in the drive hardware can prevent it, and most of them support bit-for-bit copying anyway.
Well, if this was a criminal case where the police were asking for your password, they'd probably laugh and tell you that you need to buy a bigger hard drive. Downloading copyrighted material is a civil matter at best, and the forensic investigator working your case probably has a bigger music collection than you do.
Absolutely, and they're very common. They're a bit annoying with computer cases, because often it's unreasonably difficult to restrict your search to the terms they provide. It does mean, though, that unless the investigator comes across obvious evidence of a serious crime (which they'd be compelled to report), they can restrict the results they report to only the material requested by the warrant.
Actually, when that happens they need to apply for a new warrant, since the warrant (for computer searches) does generally specify what information is being searched for. Usually these new warrants are granted, but if you use a warrant as a fishing expedition to find something incriminating, you're unlikely to get the new warrant approved.
Slashdot Mirror
OSHA would be in charge of evaluating the safety of the machines from the perspective of the TSA and other airline/airport workers. Other agencies, like the FDA, are responsible for the safety to passengers.
There's so much focus on the passenger safety, though, that danger to the workers is the more likely problem, particularly because of how often and how long they are in proximity of the machines.
And yes, it's likely that OSHA would have no qualms about busting them for poor workplace safety.
The more urgent issue is whether these things, as deployed, are dosing people at the correct level, which is easy to evaluate, and no one currently is doing so.
They've conducted lots of dosage surveys of the actual devices in use and posted the results publicly. That hardly qualifies as "no one is currently doing so".
They who? Because the Army Public Health Command has measured the dosage for dozens of the devices. Their reports are publicly available.
Backscatter dosage effects are extrapolated, too -- toward zero. There isn't sufficient data on the carcinogenic effects of ionizing radiation at very low dosages. (It would be a difficult experiment, as the doses are well below that of natural radiation.) So in general they assume a linear-to-zero model because it's a good safe choice. (There's no reason to suspect that low doses would produce cancer at higher-than-linear rates. They could be less-than-linear, but it's good to assume the more conservative option.)
Which term? Low power is correct, as is low intensity. (While there are also low-energy X-rays, meaning that the energy per photon is low, this is the same as low-frequency or high-wavelength X-rays and is rarely what people mean when they say low-energy.)
They're a few orders of magnitude higher-energy: UV is on the order of 10-100 eV, and backscatter X-rays are on the order of 1-10 keV. Everything above UV is ionizing, so the dose (and potentially intensity) matter.
The power they use varies substantially, but quite a few of them are not safe for humans. (If I remember correctly, if it uses X-rays and can look through metal, you shouldn't be in the vicinity.)
Should the public trust a study of radiology and human health designed by a US Senator whose highest degree is a bachelor's degree in government?
No, but it doesn't seem like she's designing the study. I suppose the text of the proposed bill would be relevant here. (Perhaps the poster was simply avoiding hypocracy here -- just as it's reasonable for someone with no real scientific background to commission a study, it's reasonable for someone with little understanding of the Internet to draft regulations for it. The latter doesn't seem to be a popular opinion, though. What matters, of course, is the extent to which they use information from experts to guide their decisions.)
Is it reasonable to expect an organization accused of jeopardizing the health and safety of hundreds of millions of air travelers to pick a truly unbiased lab?
Yes. As people like to point out, accusation is not conviction and people (and agencies) can be accused of just about anything. Provided that it's publicly-known what independent lab they pick -- which has been the case for previous studies -- it's easy enough for others to evaluate whether they're unbiased. That's not to say it will necessarily satisfy all critics -- there are many people who will claim that the chosen lab is biased, regardless of what lab is chosen.
Is this a credible experimental protocol?
I don't see an experimental protocol described. I do see an intent to commission a third-party study, which is common and quite credible. The only part that's questionable is determining "whether there are any biological signs of cellular damage caused by the scans." For one, "any" isn't necessarily a good safety cutoff, particularly if you're not being specific about what kind of cellular damage. For another, with the power that's used, you're well into the very-rare-event range for carcinogenic effects. You shouldn't anticipate scanning a test piece of flesh and looking for signs of cellular damage -- it would be easy to get a false negative. This is a part (admittedly, probably a small part) of why the health effects are disputed. At these power levels, you have to measure the dosing and then use a mathematical model to estimate the probability of causing cancer. It's easy to dispute the details of such models. (Is cancer incidence from ionizing radiation really linear and independent of other sources all the way to zero? Does weighting toward skin deposition matter?)
Would any lab chosen deliver a critical report and risk future funding?
Funding from whom? The TSA? Apparently they're not getting business from them now, so that seems like a pretty reasonable risk to take. Plenty of labs aren't government-funded. Even for those that are, releasing a report that's negative about one government organization only risks funding from a completely different organization if you assume some Massive Government Conspiracy. The NIH won't deny your grant because you discovered that backscatter machines really aren't safe.
They did. It might have been insufficiently independent, depending on how much you buy into a Massive Government Conspiracy to pump a few million dollars into two companies and secretly irradiate you.
The general technology has been studied extensively. Third-party labs test the specific equipment used by the TSA. I think the most comprehensive reports are done by the U.S. Army Public Health Command and available on the TSA's website.
Also, there's a dramatic difference in quality between WSJ articles and anything in the Opinion section, particularly the online-only Opinion articles. The latter are more or less what you'd expect for online opinionating, really.
What? CO2 is colorless and odorless. Exhaled air has ~5% CO2, which is a pretty high concentration compared to the 390 ppm in the air and the ~10% onset of toxicity.
If you're not using Kelvin, you're wrong regardless.
With nothing but hydrogen atoms, just about the only thing you can make is hydrogen gas. So, not really a lot of options to work through.
Perhaps you meant to include quite a few other elements in your weird analogy.
It also lets them quickly get in to new areas of business. For example, they decide they need some kind of "cloud service thing". Fine, except they'll need a few new massive data centers. No problem, throw a few billion at it and now you have data centers!
Solving problems quickly is easily done if you have a lot of cash on hand and results in you getting a product to market fast. Getting things to market quickly is a pretty important bit of Apple's business.
Sure, but how much money is in a business is not well-correlated to how essential it is. Ask a farmer.
They split their shares a couple of times in... early 2000s maybe? Maybe late 90s. (Okay, I looked it up: 2000 and 2005.) Apparently they don't do it any more because having high per-share prices is trendy in tech companies.
To an extent, it doesn't matter. Most individual investors these days (the only ones who would invest a small amount of money) purchase securities through pooled investment vehicles like mutual funds and ETFs.
Mac OS X has a BSD subsystem, but most of that isn't present in iOS. Both systems, as far as I know, use the xnu kernel, which is a modified Mach (which is not BSD). It's a little disingenuous to say that it's "primarily based on BSD", though. A number of core components (Darwin) are open-source -- either derived from existing open-source projects (like WebKit) or new projects made open-source by Apple. That accounts for only a small component of the operating system, though. The majority of the frameworks are not open-source, and it's these that provide the features that developers actually use.
This is basically the DRM problem -- how do you propose to actually implement this? If you did it in software, the system would need to be always on and modifying itself to keep up with the time deadline. If they show up and pull the plug before the time deadline passes, they rig a system to simply lie to the software about what time it is, allowing them to enter the password whenever they want. Roughly the best you can do is to have an always-on system that only ever holds the decryption key in memory, making it reasonably easy to dump the key. Of course, if you ever lose power or need to reboot, you'd lose your data.
Those are two interpretations of the 5th Amendment that are not correct. You can be required to provide evidence that will be used against you. You cannot, however, be required to testify against yourself.
Yeah, after all, computer forensic professionals don't know anything about setting up isolated test systems.
Or steganographically hide it in plain sight in the digital picture frame with your kid's pictures. Without the passphrase, they can't prove that a suitably random key exists in a JPG.
Most steg tools leave signatures that clearly indicate that steganography was applied to the image. Many steg tools use sub-par security. I wouldn't go that route.
Bullshit. You can make bit-for-bit copies (which necessarily do not change the hash value) of disks/files encrypted with FileVault, FileVault 2, TrueCrypt, LUKS, PGP, and BitLocker, at the least. I've done it myself for most of those. Only drives that have encryption in the drive hardware can prevent it, and most of them support bit-for-bit copying anyway.
Well, if this was a criminal case where the police were asking for your password, they'd probably laugh and tell you that you need to buy a bigger hard drive. Downloading copyrighted material is a civil matter at best, and the forensic investigator working your case probably has a bigger music collection than you do.
You realize that article indicates that it's happened at least twice, right? That's not very often.
Absolutely, and they're very common. They're a bit annoying with computer cases, because often it's unreasonably difficult to restrict your search to the terms they provide. It does mean, though, that unless the investigator comes across obvious evidence of a serious crime (which they'd be compelled to report), they can restrict the results they report to only the material requested by the warrant.
It's okay as long as the john solicits her. Entrapment covers crimes that the person would not have committed if not for enticement by the police.
Actually, when that happens they need to apply for a new warrant, since the warrant (for computer searches) does generally specify what information is being searched for. Usually these new warrants are granted, but if you use a warrant as a fishing expedition to find something incriminating, you're unlikely to get the new warrant approved.