_Unlocking the Clubhouse_ talks about the experience of CS undergrads at CMU. They conclude it was a "death of a thousand cuts" phenomenon. No one thing drove talented hard-working women out of the field, it was the steady drip of one problem after another. The culture was only one of the problems, but a real one. A lot of the women looked at it and figured that they'd given up parties and sleep to get into CMU, but no way were they giving up showers to become a "real" geek.
I've seen reports of ball lightning seen from airplanes, and some witnesses claim to have seen it move through solid objects. A theory of ball lightning either has to propose a different mechanism from the silicon hypothesis or else dismiss the reports as mistaken.
Notice the destinations are never squeaky-clean places like Finland. It's always some place where it's easier for the crooks to have an under$tanding with law enforcement.
>Anyway, how many people do you know who have had their money stolen from their bank accoount online. I guess very few.
It can't be that many, given that the highest estimate I've seen is USD 500 million annual phishing losses. That's couch cushion change compared to credit card fraud.
>If they want to do better than that, they'll have to use biometrics
You can improve on passwords without breaking a sweat. What they've done is switch from a brittle login protocol to one that is closer to the random challenge/signed response that you'd want if there were a computer instead of a human on the other end.
Not only does it block offline phishing, notice that it's even safe from a keylogger.
Still vulnerable at several points to several attacks but a real improvement nonetheless.
>If someone has the capacity to log into your online banking account, it would seem an email account would be equally subject to access.
Only if they phished your email password at the same time as your online banking password, sorted through your old email, found your Matrix chart still there and not yet deleted, and downloaded it for their use.
Not your average phishing scam at all, and it's probably easier for a phisher to set up a real-time man in the middle attack where they relay your bank's challenge to your browser and feed the bank your reply (and then transfer your balance to Elbonia). Which script kiddies can do now, since there's a published toolkit for setting up realtime phishing.
*and* in the case of Ni-Cds you can't just throw them in the household trash, not if you're at all responsible. You get the joys of finding where to recycle hazmat.
>low drain and occasional use devices like remotes, alarm clock backup, flashlights, portable test equipment, etc.
Rechargeables are the wrong choice for those. They self-discharge while the unit is on the shelf. Rechargeables are less annoying, and better able to pay for themselves, in regular heavy usage.
All SSL really knows is what public key it's communicating with.
It will download a data structure in which the public key and some character strings are authenticated with yet another party's private key.
The rest is hope and trust that the signer does due diligence and hasn't been compromised.
If the "certificate" does prove who you're communicating with, SSL doesn't tell you that until you click on the padlock and look up certificate properties. Until then, all it's told you is that the domain name matches. If West African Phish and Game buys a certificate for "paypal-reverify.com", SSL will not warn you about them. This isn't hypothetical.
>...because you're supposed to trust internet explorer.
And continue trusting after it's been installed for a while. Bruce Schneier once asked the obvious question of how hard it was to add a new trusted root. It's trivial, and there's a "web accelerator" on the market that installs itself as a new trusted CA so that it can proxy SSL traffic.
>using it for porn is worse as the risk of malware is higher
There's a reasonable doubt that she used it for porn, if we can go by the newspaper article.
How many people here have had to clear off a relative's machine that was infested with unclosable unwanted popups? Is there anyone here who doesn't know about stealth-installed adware that inflates traffic figures by visiting a zillion sites in short order?
If you try to make the case "_An Inconvenient Truth_ should be shown in schools because its opponent is an ignorant bigot", that's ad hominem.
If you try to make the case "It's wrong for a school board responsible for the next generation's ability to work in a technological culture to roll over for this one guy, because he's an ignorant bigot", then you're talking cause and effect.
>Any time your retort's subject matter is your opponent in the debate, that is ad hominem.
If someone argues "you should hire me" and your reply is "you're not qualified", then no, that's not ad hominem.
>We need to be careful to distinguish direct temperature measurements of the last 125 years versus indirect measurements.
Some of the measurements of the last 125 years have been indirect, and others have to be corrected before use. The satellite measurements of tropospheric temperatures depend on a calibration curve. The actual thermometer readings are corrected downward before use to allow for the urban heat island effect. Borehole measurements going back more than 125 years, on the other hand, are pretty direct measures of what the temperature used to be.
The important difference, which may be exactly what you meant, is that we need to distinguish between measurements with high margins of error and those that are more accurate. I've never seen it in the popular press, but there are such things as temperature graphs with error bars.
>The earth is getting warmer because we are leaving both a mini and a big ice age.
It is possible for something to have more than one cause, for example if I step on the gas while driving downhill. The trend, to the extent it can be extracted from the noise, accelerated with industrial CO2 release.
From a policy point of view, if there's any human influence then we have to figure out how to apply that influence. If there's no human influence, we still have to extrapolate and adapt.
>3) Skeptics must be heard and not shouted down and ridiculed.
Within the actual scientific community, skeptics say things to the effect of "you got your principal components analysis wrong" and get answers like "hmm, maybe, but there's independent evidence". But the actual scientific discussions aren't getting much attention, which leads to a couple of other points you made:
>we need every news story about climate, weather, geography, evolution, extinction, and health to have some shifty-eyed reference to "global warming". and >I'm so disappointed at how the "global warming" thing has been completely misappropriated. Both sides of the political spectrum need to be ashamed at how science is twisted to make their case.
YES. News stories about global warming that mention a local heat wave are contemptible, and the politicians fail to distinguish between science and policy. There's no such thing as a political position on the fraction of CO2 from human sources or on the sensitivity of climate to CO2. That would be like having a libertarian position on string theory or a Green Party platform about microwave background anisotropy. Move to the question of what to do and then there are libertarian approaches, Green approaches, greedy short-sighted approaches and many others which should get a *political* debate.
>Debating the issues only works after people have been taught to think critically
Which is a vital skill for a healthy society and indispensable for a democracy. To some extent it's teachable.
Who benefits and who loses if the population sees through propaganda? Who has more influence over school curricula, the potential winners or the potential losers?
It's not "market forces" when the CEO names the board that sets his compensation package. That's a big part of the problem. Not many people resent Tiger Wood's wealth, precisely because it was earned.
Anyone who thinks that climbing out of a minimum wage job is just a matter of working hard should read Nickel and Dimed, written by someone who actually worked bottom-tier jobs for her research.
He's looked at the state of storage devices and now suspects the idea of a data haven is obsolete. Which is better: a single bombable server farm (and look up how good "penetrating munitions" are), or a zillion loose-knit eccentrics hiding tiny nerdsticks under drywall joint compound, in plain sight, or hidden in bales of marijuana?
The US Supreme Court disagrees with you: 473 U.S. 207 (1985)
Lawyers debate legal decisions all the time, including those of the Supreme Court. Any law professor, and any dissenting Supreme Court justice, can offer sound reasons to disagree with many of their rulings. But you should definitely tell us where you got your degree, how long and in what field you have practiced, and what law review articles you have published. The problem with Internet discussions is that there's no way, without an introduction, to tell qualified professionals such as yourself from loudmouth ignoramuses.
The aviation industry began making real safety improvements when they stopped regarding "pilot error" as the end of the story and began to fix ergonomics so that pilots weren't led into error.
>But my 4-year old Pocket PC phone can do everything they claim, and much more.
Can it run OS X?
Unless Apple has crippled the design somehow, this isn't an iPod phone -- it's a Mac Mini that fits into your pocket and makes phone calls. And has wide-area wireless networking, admittedly at ISDN speeds and telco prices.
Slashdot Mirror
_Unlocking the Clubhouse_ talks about the experience of CS undergrads at CMU. They conclude it was a "death of a thousand cuts" phenomenon. No one thing drove talented hard-working women out of the field, it was the steady drip of one problem after another. The culture was only one of the problems, but a real one. A lot of the women looked at it and figured that they'd given up parties and sleep to get into CMU, but no way were they giving up showers to become a "real" geek.
I've seen reports of ball lightning seen from airplanes, and some witnesses claim to have seen it move through solid objects. A theory of ball lightning either has to propose a different mechanism from the silicon hypothesis or else dismiss the reports as mistaken.
>The cleverest thing to do though, is to probably make it harder to do international transfers of cash using accounts, or impossible online.
But then all the bad guy has to do is pay a cut to local recipients of phishing proceeds who will pass along the funds. No need for the online transaction to go straight to Elbonia in one step.
>some countries may not cooperate.
Notice the destinations are never squeaky-clean places like Finland. It's always some place where it's easier for the crooks to have an under$tanding with law enforcement.
>Anyway, how many people do you know who have had their money stolen from their bank accoount online. I guess very few.
It can't be that many, given that the highest estimate I've seen is USD 500 million annual phishing losses. That's couch cushion change compared to credit card fraud.
It's what client-side certificates were for in the first place, but the idea seems to been forgotten.
I'd hate to the be the first organization trying to exercise the client-side certificate code...
You'd have to completely and permanently disable non-certificate logins or phishers would would still be in business.
>If they want to do better than that, they'll have to use biometrics
You can improve on passwords without breaking a sweat. What they've done is switch from a brittle login protocol to one that is closer to the random challenge/signed response that you'd want if there were a computer instead of a human on the other end.
Not only does it block offline phishing, notice that it's even safe from a keylogger.
Still vulnerable at several points to several attacks but a real improvement nonetheless.
Isn't drift correction part of the magic you're paying for on the back end?
Are they really fragile? I'd been hearing anecdotes about people running them through washing machines without breaking them.
>It has ALWAYS used Word to render the HTML.
"Microsoft Office applications, including Outlook, use Internet Explorer to render HTML in various parts of the applications. Microsoft Outlook does not contain any core code designed to render HTML. Instead, when HTML needs to be rendered, Outlook can use Internet Explorer in one of two ways:..."
>if the JS were activated that geeks are getting up in arms about
Nobody sane advocates JS in email. The complaint is about not having CSS.
>If someone has the capacity to log into your online banking account, it would seem an email account would be equally subject to access.
Only if they phished your email password at the same time as your online banking password, sorted through your old email, found your Matrix chart still there and not yet deleted, and downloaded it for their use.
Not your average phishing scam at all, and it's probably easier for a phisher to set up a real-time man in the middle attack where they relay your bank's challenge to your browser and feed the bank your reply (and then transfer your balance to Elbonia). Which script kiddies can do now, since there's a published toolkit for setting up realtime phishing.
*and* in the case of Ni-Cds you can't just throw them in the household trash, not if you're at all responsible. You get the joys of finding where to recycle hazmat.
>low drain and occasional use devices like remotes, alarm clock backup, flashlights, portable test equipment, etc.
Rechargeables are the wrong choice for those. They self-discharge while the unit is on the shelf. Rechargeables are less annoying, and better able to pay for themselves, in regular heavy usage.
Cheap chargers, by the way, are destructive.
All SSL really knows is what public key it's communicating with.
:-) More than 450 Phishing Attacks Used SSL in 2005
It will download a data structure in which the public key and some character strings are authenticated with yet another party's private key.
The rest is hope and trust that the signer does due diligence and hasn't been compromised.
If the "certificate" does prove who you're communicating with, SSL doesn't tell you that until you click on the padlock and look up certificate properties. Until then, all it's told you is that the domain name matches. If West African Phish and Game buys a certificate for "paypal-reverify.com", SSL will not warn you about them. This isn't hypothetical.
Netcraft confirms it
>...because you're supposed to trust internet explorer.
And continue trusting after it's been installed for a while. Bruce Schneier once asked the obvious question of how hard it was to add a new trusted root. It's trivial, and there's a "web accelerator" on the market that installs itself as a new trusted CA so that it can proxy SSL traffic.
>using it for porn is worse as the risk of malware is higher
There's a reasonable doubt that she used it for porn, if we can go by the newspaper article.
How many people here have had to clear off a relative's machine that was infested with unclosable unwanted popups? Is there anyone here who doesn't know about stealth-installed adware that inflates traffic figures by visiting a zillion sites in short order?
Anyone who doesn't know about that phenomenon should view the Watchguard video about drive-by downloads
>If this teacher gets convicted,
Where does the "if" come from here? Her sentencing hearing is set for March 2.
Depends on what you're arguing.
If you try to make the case "_An Inconvenient Truth_ should be shown in schools because its opponent is an ignorant bigot", that's ad hominem.
If you try to make the case "It's wrong for a school board responsible for the next generation's ability to work in a technological culture to roll over for this one guy, because he's an ignorant bigot", then you're talking cause and effect.
>Any time your retort's subject matter is your opponent in the debate, that is ad hominem.
If someone argues "you should hire me" and your reply is "you're not qualified", then no, that's not ad hominem.
Answering only a couple of points:
>We need to be careful to distinguish direct temperature measurements of the last 125 years versus indirect measurements.
Some of the measurements of the last 125 years have been indirect, and others have to be corrected before use. The satellite measurements of tropospheric temperatures depend on a calibration curve. The actual thermometer readings are corrected downward before use to allow for the urban heat island effect. Borehole measurements going back more than 125 years, on the other hand, are pretty direct measures of what the temperature used to be.
The important difference, which may be exactly what you meant, is that we need to distinguish between measurements with high margins of error and those that are more accurate. I've never seen it in the popular press, but there are such things as temperature graphs with error bars.
>The earth is getting warmer because we are leaving both a mini and a big ice age.
It is possible for something to have more than one cause, for example if I step on the gas while driving downhill. The trend, to the extent it can be extracted from the noise, accelerated with industrial CO2 release.
From a policy point of view, if there's any human influence then we have to figure out how to apply that influence. If there's no human influence, we still have to extrapolate and adapt.
>3) Skeptics must be heard and not shouted down and ridiculed.
Within the actual scientific community, skeptics say things to the effect of "you got your principal components analysis wrong" and get answers like "hmm, maybe, but there's independent evidence". But the actual scientific discussions aren't getting much attention, which leads to a couple of other points you made:
>we need every news story about climate, weather, geography, evolution, extinction, and health to have some shifty-eyed reference to "global warming".
and
>I'm so disappointed at how the "global warming" thing has been completely misappropriated. Both sides of the political spectrum need to be ashamed at how science is twisted to make their case.
YES. News stories about global warming that mention a local heat wave are contemptible, and the politicians fail to distinguish between science and policy. There's no such thing as a political position on the fraction of CO2 from human sources or on the sensitivity of climate to CO2. That would be like having a libertarian position on string theory or a Green Party platform about microwave background anisotropy. Move to the question of what to do and then there are libertarian approaches, Green approaches, greedy short-sighted approaches and many others which should get a *political* debate.
>Debating the issues only works after people have been taught to think critically
Which is a vital skill for a healthy society and indispensable for a democracy. To some extent it's teachable.
Who benefits and who loses if the population sees through propaganda? Who has more influence over school curricula, the potential winners or the potential losers?
>market forces determine how much you make
It's not "market forces" when the CEO names the board that sets his compensation package. That's a big part of the problem. Not many people resent Tiger Wood's wealth, precisely because it was earned.
Anyone who thinks that climbing out of a minimum wage job is just a matter of working hard should read Nickel and Dimed, written by someone who actually worked bottom-tier jobs for her research.
>The first levied inheritance taxes were used as financing during the Civil War circa 1860.
"This species of tax has again and again been imposed, although only temporarily, by the National Government. It was first imposed by the act of July 6, 1797"
He's looked at the state of storage devices and now suspects the idea of a data haven is obsolete. Which is better: a single bombable server farm (and look up how good "penetrating munitions" are), or a zillion loose-knit eccentrics hiding tiny nerdsticks under drywall joint compound, in plain sight, or hidden in bales of marijuana?
>The most obvious and conspicuous difference is that the former is civil and the latter criminal law.
Both are both.
You can pursue a theft case through the civil system, where it's called "conversion".
Copyright violations can also be criminal in some circumstances.
The US Supreme Court disagrees with you: 473 U.S. 207 (1985)
Lawyers debate legal decisions all the time, including those of the Supreme Court. Any law professor, and any dissenting Supreme Court justice, can offer sound reasons to disagree with many of their rulings. But you should definitely tell us where you got your degree, how long and in what field you have practiced, and what law review articles you have published. The problem with Internet discussions is that there's no way, without an introduction, to tell qualified professionals such as yourself from loudmouth ignoramuses.
The aviation industry began making real safety improvements when they stopped regarding "pilot error" as the end of the story and began to fix ergonomics so that pilots weren't led into error.
The battery's failure mode matters. If it has an internal short, nothing will help.
>But my 4-year old Pocket PC phone can do everything they claim, and much more.
Can it run OS X?
Unless Apple has crippled the design somehow, this isn't an iPod phone -- it's a Mac Mini that fits into your pocket and makes phone calls. And has wide-area wireless networking, admittedly at ISDN speeds and telco prices.