That's actually been recently studied. The main question is really at the very low end of the spectrum -- is there some low rate at which the body is able to "heal" as a reaction to the exposure. As far as I've read, it seems that carcinogenic effect and total exposure are linear throughout the low-intensity regime.
I don't think it's effective, either, but that doesn't stop me from being annoyed when everyone and their dog brings up the canard of "they're causing cancer with their mysterious radiations".
One backscatter X-ray is a 10 microrem dose. Background radiation on the ground is 28 microrem per hour.
You'd have to undergo one backscatter X-ray per 20 minutes to receive exposure to radiation equal to standing on the ground doing nothing.
Radiation intensity doesn't matter for carcinogenic and mutagenic effects; it only becomes relevant at much higher intensities, when it becomes sufficient to cause cell death.
Distribution of the dosage only matters if you get a high enough concentration of radiation that it becomes fatal to cells rather than simply carcinogenic. The carcinogenic effect of radiation is linear in the radiation dose and appears to have no "safe" level. (That is, there's no quantity of radiation so small that it has zero effect.) Estimates say that the skin receives a 2-orders-of-magnitude higher dose per volume than the trivial body average. That still puts it at a very low radiation dose to the skin.
Now, it might mean that you end up with skin cancer instead of lung cancer, but the frequency of causing cancer should be the same, since the total dosage is constant; only the distribution is wrong.
No, because the magnitude of background radiation is much much lower, disorganized, diffused by the Earth's atmosphere and electromagnetic field, non-directional, and not pointed in an organized fashion directly at your body, and doesn't reach nearly the energy levels of the backscatter machine.
I'm not convinced you didn't just mix random, scientific-sounding words together. "Magnitude" here means "quantity", a measure of "how much". Quantity cannot be disorganized, diffuse, nondirectional, or "not pointed in an organized fashion". However, those four adjectives (well, one phrase) all mean the same thing. Regardless, you measure background radiation exposure to humans with a dosimeter attached to the human. That makes it easy to correct for the influence of the atmosphere, Earth's magnetic field, standing inside buildings, and other protective effects. (Also, a lot of the radiation doesn't come from the Sun, but rather from terrestrial sources like rocks.) The "organized fashion" isn't relevant -- if the radiation passes through your body, it has its effect. The only way spatial or temporal concentration matters if you push past the linear "causes cancer, rarely" regime into the "fatal to cells" regime (like what happens with a UV-caused sunburn, or with radiation poisoning). Even five minutes (see below) in a scanner where all the energy is deposited near the skin doesn't meet that.
...when they make someone stand in the scanner for a few minutes with it running, the person is getting massive amounts of harmful radiation exposure, way beyond what is safe or indicated.
It's only emitting X-rays while it's making the scan, not while you're standing in it. But, let's try some numbers. If you stood in the machine for 5 minutes of continuous scanning instead of 2 seconds, you'd receive as much as 1.5 millirem of radiation, which is equivalent to a 5-hour airplane flight. So, if that fits your definition of "masssive amounts of harmful radiation", I suggest avoiding airplanes altogether.
They're quite comparable. That's the usefulness of measuring radiation exposure in units that are adjusted for the radiation's impact on humans, like Sieverts or rem.
If you prefer, though, there are useful comparisons that involve X-ray sources.
Having a backscatter body scan done once a year is safer than having a single transmission X-ray taken.
Of course, the resolution that the TSA uses is insufficient for proper medical imaging. A higher-resolution image would require a higher beam intensity.
Well, your odds of dying from cancer induced from sitting in the airplane are substantially higher than your odds of dying from cancer induced by the screening.
Not at all. The characteristics for higher-energy radiation is better-known than the characteristics for lower-energy radiation, but that doesn't make approaching the problem intractable.
People often make the mistake of claiming that there's a safe level of ionizing radiation. For reasonably low intensities, ionizing radiation damages linearly: damage done is directly proportional to how much radiation you're exposed to.
It's reasonably straightforward to make good estimates of where the energy from the radiation is deposited in the body. If I recall correctly, it's likely that backscatter radiation intensity is ~2 orders of magnitude higher in the skin than the body-averaged dose. A two-order-of-magnitude increase still puts it on the same level as incidental occupational exposure (e.g., 3 flight-hours of exposure due to flying), well within the linear regime.
I'm not sure why you think an X-ray source has to look like a penis. Regardless, the reason they're not used for dental or medical X-rays is that they don't uncover much that can't be seen visually. You can see the surface of teeth just fine as it is. (Backscatter X-rays can measure density much better than humans, though.) The function of dental and medical X-rays is to look inside objects (e.g., cavities obscured from view), which backscatter won't do.
If you assume linearity and have a large enough pool of people, the statistics are fine. If you increase the chance of one person dying by k and apply this to N people, then *on average*, kN more people will die as a result. (The standard deviation for the number of additional people dying is sqrt(kN).)
Studied suggest that treating radiation exposure as linear at low exposure levels is reasonably accurate. This is the "there is no safe level of ionizing radiation" claim.
Dental X-rays are transmission X-ray images. The airport scanners are backscatter X-ray imaging machines, which use the Compton backscattering effect. Backscatter X-ray imaging is a newer technique that lets you use a very low X-ray intensity, but it can only image close to the surface of an object.
First (and least important), if you can distort the images, you can undistort them.
That's only true if the distortion is reversible and doesn't result in the loss of information. Distortions that result in information loss can't be un-distorted.
One flight-hour of added radiation is about 30 times higher than than radiation from a backscatter X-ray, and the radiation from flight exposure is already below occupational exposure limits. It doesn't really make the health risk to crew any more substantial.
An interesting analysis, but why does it assume a dose for backscatter X-rays? These should be well-known.
Numbers I can easily find say 5-10 microrem. Dental X-ray is 2 millirem. So, that figure is off by a factor of 2 to 4. For every billion passengers screened, 4-8 will die from cancer as a result.
Of course, the same background-radiation argument applies here as well, but in an interesting fashion. Added radiation exposure due to flying is something 0.3 mrem / hr. I have no data on hand for average flight time, but even if it's only an hour (which is a short flight), then for every billion airline passengers, 240 will die of cancer as a result of the added radiation. So, just getting on an airplane where nothing goes wrong is more deadly than the terrorists. Nature wins this round!
The code to be interpreted is data. So an attack capable of injecting non-executable data can inject to-be-interpreted code. An interpreter is a Turing-complete system controlled by non-executable data.
In addition, one problem with interpreters is that they often compile and execute code, all in memory, meaning that they execute code (the compiled code) stored in memory pages that are both writable and executable. (You can read more about this in papers where people implement systems that actively enforce the W^X restriction.)
The stack is of course data. So the trivial stack overflow, where executable code is placed on the stack, is defeated by NX. But any modern program has an enormous pool of functions accessible to it through libraries (like the C standard library). The systems don't enforce only jumping to the beginning of a function, you can jump to a place near the end. The address to jump to when you return from a function is conveniently stored on the stack. There's nothing enforcing that that's really the place in code you came from. So you have a ton of code to work with that does some work and then executes a return, and you conveniently are able to specify any address you want as the place to "return" to. It turns out you can make a Turing-complete system by putting only "nonexecutable" data on the stack because of this, so setting NX on the stack gets you nothing (except making it more inconvenient for hackers).
It's PRTK. It's not useful if you use TrueCrypt full-volume encryption.
I personally don't think it's very beneficial, from a resilience-to-search standpoint, to bother having an inner hidden TrueCrypt volume. The outer volume will have a good chance of seeming suspicious. Use full-disk encryption and refuse to give up the password.
Interpreted languages. Return pointers on the stack (see: return-oriented programming). Intermixing code and control flow with data as modern machines do makes separating them for security reasons difficult.
They did, but it's a stopgap measure to prevent certain kinds of common attacks. A section of memory that's heavily used for data also happens to contain critical pieces of information used for control flow -- the stack. By bashing pointers on the stack, it turns out to be possible to execute arbitrary code even on an NX-protected stack (that is, the bits in the stack cannot be directly executed). (That's return-oriented programming. Big topic recently in security.) This sort of falls out naturally from the von Neumann architecture of intermixing code (and program control flow) and data. There are other fine ways of doing this too -- interpreted languages, for example, turn non-executable data into Turing-complete programs. An NX bit won't save you there, either.
Right, that's an aspect of the highly general nature of our von Neumann machines. Not only is code a kind of data, but our program flow control is mixed up with our other data and is barely constrained (that is, you're not limited to, say, returning to where you came from or jumping to the beginning of a function).
Ever since von Neumann came up with this crazy idea of program and data being the same, guaranteeing that something that just manipulates data doesn't also execute code has been nontrivial.
Slashdot Mirror
That's actually been recently studied. The main question is really at the very low end of the spectrum -- is there some low rate at which the body is able to "heal" as a reaction to the exposure. As far as I've read, it seems that carcinogenic effect and total exposure are linear throughout the low-intensity regime.
I don't think it's effective, either, but that doesn't stop me from being annoyed when everyone and their dog brings up the canard of "they're causing cancer with their mysterious radiations".
As long as I'm allowed to use the work of others as published in peer-reviewed scientific studies, then yes.
One backscatter X-ray is a 10 microrem dose. Background radiation on the ground is 28 microrem per hour.
You'd have to undergo one backscatter X-ray per 20 minutes to receive exposure to radiation equal to standing on the ground doing nothing.
Radiation intensity doesn't matter for carcinogenic and mutagenic effects; it only becomes relevant at much higher intensities, when it becomes sufficient to cause cell death.
Distribution of the dosage only matters if you get a high enough concentration of radiation that it becomes fatal to cells rather than simply carcinogenic. The carcinogenic effect of radiation is linear in the radiation dose and appears to have no "safe" level. (That is, there's no quantity of radiation so small that it has zero effect.) Estimates say that the skin receives a 2-orders-of-magnitude higher dose per volume than the trivial body average. That still puts it at a very low radiation dose to the skin.
Now, it might mean that you end up with skin cancer instead of lung cancer, but the frequency of causing cancer should be the same, since the total dosage is constant; only the distribution is wrong.
No, because the magnitude of background radiation is much much lower, disorganized, diffused by the Earth's atmosphere and electromagnetic field, non-directional, and not pointed in an organized fashion directly at your body, and doesn't reach nearly the energy levels of the backscatter machine.
I'm not convinced you didn't just mix random, scientific-sounding words together. "Magnitude" here means "quantity", a measure of "how much". Quantity cannot be disorganized, diffuse, nondirectional, or "not pointed in an organized fashion". However, those four adjectives (well, one phrase) all mean the same thing. Regardless, you measure background radiation exposure to humans with a dosimeter attached to the human. That makes it easy to correct for the influence of the atmosphere, Earth's magnetic field, standing inside buildings, and other protective effects. (Also, a lot of the radiation doesn't come from the Sun, but rather from terrestrial sources like rocks.) The "organized fashion" isn't relevant -- if the radiation passes through your body, it has its effect. The only way spatial or temporal concentration matters if you push past the linear "causes cancer, rarely" regime into the "fatal to cells" regime (like what happens with a UV-caused sunburn, or with radiation poisoning). Even five minutes (see below) in a scanner where all the energy is deposited near the skin doesn't meet that.
...when they make someone stand in the scanner for a few minutes with it running, the person is getting massive amounts of harmful radiation exposure, way beyond what is safe or indicated.
It's only emitting X-rays while it's making the scan, not while you're standing in it. But, let's try some numbers. If you stood in the machine for 5 minutes of continuous scanning instead of 2 seconds, you'd receive as much as 1.5 millirem of radiation, which is equivalent to a 5-hour airplane flight. So, if that fits your definition of "masssive amounts of harmful radiation", I suggest avoiding airplanes altogether.
That's going to happen if you don't look for it.
They're quite comparable. That's the usefulness of measuring radiation exposure in units that are adjusted for the radiation's impact on humans, like Sieverts or rem.
If you prefer, though, there are useful comparisons that involve X-ray sources.
Having a backscatter body scan done once a year is safer than having a single transmission X-ray taken.
Of course, the resolution that the TSA uses is insufficient for proper medical imaging. A higher-resolution image would require a higher beam intensity.
Well, your odds of dying from cancer induced from sitting in the airplane are substantially higher than your odds of dying from cancer induced by the screening.
If X-ray backscatter machines could sterilize you, you'd be sterile ten times over already from background radiation.
Not at all. The characteristics for higher-energy radiation is better-known than the characteristics for lower-energy radiation, but that doesn't make approaching the problem intractable.
People often make the mistake of claiming that there's a safe level of ionizing radiation. For reasonably low intensities, ionizing radiation damages linearly: damage done is directly proportional to how much radiation you're exposed to.
It's reasonably straightforward to make good estimates of where the energy from the radiation is deposited in the body. If I recall correctly, it's likely that backscatter radiation intensity is ~2 orders of magnitude higher in the skin than the body-averaged dose. A two-order-of-magnitude increase still puts it on the same level as incidental occupational exposure (e.g., 3 flight-hours of exposure due to flying), well within the linear regime.
I said what the standard deviation would be. You'd see 16 +/- 4.
I'm not sure why you think an X-ray source has to look like a penis. Regardless, the reason they're not used for dental or medical X-rays is that they don't uncover much that can't be seen visually. You can see the surface of teeth just fine as it is. (Backscatter X-rays can measure density much better than humans, though.) The function of dental and medical X-rays is to look inside objects (e.g., cavities obscured from view), which backscatter won't do.
If you assume linearity and have a large enough pool of people, the statistics are fine. If you increase the chance of one person dying by k and apply this to N people, then *on average*, kN more people will die as a result. (The standard deviation for the number of additional people dying is sqrt(kN).)
Studied suggest that treating radiation exposure as linear at low exposure levels is reasonably accurate. This is the "there is no safe level of ionizing radiation" claim.
Dental X-rays are transmission X-ray images. The airport scanners are backscatter X-ray imaging machines, which use the Compton backscattering effect. Backscatter X-ray imaging is a newer technique that lets you use a very low X-ray intensity, but it can only image close to the surface of an object.
First (and least important), if you can distort the images, you can undistort them.
That's only true if the distortion is reversible and doesn't result in the loss of information. Distortions that result in information loss can't be un-distorted.
One flight-hour of added radiation is about 30 times higher than than radiation from a backscatter X-ray, and the radiation from flight exposure is already below occupational exposure limits. It doesn't really make the health risk to crew any more substantial.
An interesting analysis, but why does it assume a dose for backscatter X-rays? These should be well-known.
Numbers I can easily find say 5-10 microrem. Dental X-ray is 2 millirem. So, that figure is off by a factor of 2 to 4. For every billion passengers screened, 4-8 will die from cancer as a result.
Of course, the same background-radiation argument applies here as well, but in an interesting fashion. Added radiation exposure due to flying is something 0.3 mrem / hr. I have no data on hand for average flight time, but even if it's only an hour (which is a short flight), then for every billion airline passengers, 240 will die of cancer as a result of the added radiation. So, just getting on an airplane where nothing goes wrong is more deadly than the terrorists. Nature wins this round!
Last I checked, C puts return pointers, function parameters, and automatic variables on a single stack.
Reader doesn't have to compile interpreted code. It's sufficient to have support for interpreted code. Which in Reader is JavaScript.
Never mind that PDF is based on PostScript, which is a Turing-complete programming language.
The code to be interpreted is data. So an attack capable of injecting non-executable data can inject to-be-interpreted code. An interpreter is a Turing-complete system controlled by non-executable data.
In addition, one problem with interpreters is that they often compile and execute code, all in memory, meaning that they execute code (the compiled code) stored in memory pages that are both writable and executable. (You can read more about this in papers where people implement systems that actively enforce the W^X restriction.)
The stack is of course data. So the trivial stack overflow, where executable code is placed on the stack, is defeated by NX. But any modern program has an enormous pool of functions accessible to it through libraries (like the C standard library). The systems don't enforce only jumping to the beginning of a function, you can jump to a place near the end. The address to jump to when you return from a function is conveniently stored on the stack. There's nothing enforcing that that's really the place in code you came from. So you have a ton of code to work with that does some work and then executes a return, and you conveniently are able to specify any address you want as the place to "return" to. It turns out you can make a Turing-complete system by putting only "nonexecutable" data on the stack because of this, so setting NX on the stack gets you nothing (except making it more inconvenient for hackers).
It's PRTK. It's not useful if you use TrueCrypt full-volume encryption.
I personally don't think it's very beneficial, from a resilience-to-search standpoint, to bother having an inner hidden TrueCrypt volume. The outer volume will have a good chance of seeming suspicious. Use full-disk encryption and refuse to give up the password.
Interpreted languages. Return pointers on the stack (see: return-oriented programming). Intermixing code and control flow with data as modern machines do makes separating them for security reasons difficult.
They did, but it's a stopgap measure to prevent certain kinds of common attacks. A section of memory that's heavily used for data also happens to contain critical pieces of information used for control flow -- the stack. By bashing pointers on the stack, it turns out to be possible to execute arbitrary code even on an NX-protected stack (that is, the bits in the stack cannot be directly executed). (That's return-oriented programming. Big topic recently in security.) This sort of falls out naturally from the von Neumann architecture of intermixing code (and program control flow) and data. There are other fine ways of doing this too -- interpreted languages, for example, turn non-executable data into Turing-complete programs. An NX bit won't save you there, either.
Right, that's an aspect of the highly general nature of our von Neumann machines. Not only is code a kind of data, but our program flow control is mixed up with our other data and is barely constrained (that is, you're not limited to, say, returning to where you came from or jumping to the beginning of a function).
Ever since von Neumann came up with this crazy idea of program and data being the same, guaranteeing that something that just manipulates data doesn't also execute code has been nontrivial.