Actually the average rent for a 2 bedroom within 10 miles of SF (not even within SF) is $4,385 a month! SF has laws restricting campers now because so many people tried that -- most places good to park a camper have signs that say "No vehicles over 8" tall or 20" long." I owned a converted shuttle bus.:)
As someone who lives in San Francisco and is around these type of people, yes, they are doing far better financially. Many of them even lose touch with folks earning average amounts. They ask me why I still live in a one bedroom apartment, and then I inform them the average of $50k/year in rent is well more than half most engineers' post-tax income; and they still don't seem to understand.
The culture of Silicon Valley and California in general is to sound positive all the time and avoid the negative -- people would much rather say nothing or offer platitudes than say "no". This forms part of the problem leading to depression -- everyone is "fake" and say things for political reasons, constantly on social networking talking up their accomplishments and that of their company. Of course, most of it is smoke and mirrors. Also the tech scene can be very pretentious and it takes a lot to "keep up with the Joneses" and stay in the social circles they prize. It becomes too much for many and they become depressed and fade away, replaced at their companies by the VC board. And some willing 20-something then comes and tries to fill their shoes and the cycle repeats.
No one wants to hire a depressed person. No one wants to go on dates with a depressed person (well, at least not many people -- negative/depressed dating site profiles don't get many replies). So, they conceal it until they break with full knowledge that when they break, they'll simply be replaced or their company will simply fail.
Thank you Brian for taking the time to reply to my question. Perhaps including the "social engineering" language was a bit strong for the work you do, but "doxxing" is still very much something you do; and I didn't get much of a response on the ethics of doxxing. Let's use your Rescator doxx for example -- what makes these people OK to dox? Is it different when you dox them as opposed to a witch-hunt on Reddit, etc? Does having poor operational security make it OK to dox someone?
Hey Brian,
I'm wondering what side of the fence you think you are on. Your readership and affilitations seem to be the mainstream "white-hat" security community; but many of your tactics can be described as grey-hat at best -- e.g. doxxing hackers/malware authors/spammers, using social engineering to obtain information, etc. It seems as though this is justified because it is used against targets you perceive as being immoral, unethical, and/or worthy of such intrusion. My question is: do you feel you are a white-hat hacker, or do you think your use of black-hat tactics against black hats makes you something different?
It's kind of silly to call the two major parties in the United States either left-wing or right-wing. Political Scientists have studied the "party cleavages" of the Republicans and Democrats in great detail. In comparison to other states' party cleavages, an ordinal scale is created: 1 being a statist, far-far-right government (Nazis), and 10 being a communist, totalitarian state (far left, Stalin).
Due to the nature of the two party system, in order to gain the most votes the parties in the United States gravitate towards the center. How much so? The democrats are rated at a 4.8 (just slightly below centrist, hardly enough to describe as left-leaning), and Republicans at a 5.5 (just slightly above centrist) -- meaning both parties are quite similar and have only minor differences. In the end, they are both centrist parties.
In the United States, there are authentic left-leaning parties like the Green Party, and right leaning ones like the Conservative Party; but these never get enough votes to pass thresholds for campaign financing nor seats in a federal body like Congress.
In conclusion, the major parties of the United States are both centrist, and while their rhetoric might illustrate contrasts between them, in reality they are very close to each other in the political spectrum.
I've reported serious vulnerabilities to a number of companies in the past. Generally, they acknowledge receipt of the information but do nothing to fix the problem -- e.g. a race condition, a SQL injection vulnerability, etc etc. However, when I've posted information on reddit or other internet forums, the bugs tend to get fixed rather quickly.
Full disclosure may well be a necessary evil -- sure, it allows anyone for some period of time to exploit the vulnerability; but it sure ends up getting fixed. Companies will wait months and years to fix security bugs if there is no clear and present danger.
Any time I disclose a bug to a vendor, I now tell them in the e-mail they have five days to fix it; after that it will be publicly disclosed. And I always make good on the disclosure.
Taking some time to google this, many others have the same question. The internet's working theory: It was suicide.
While this is pure speculation, it makes a lot of sense in the context of how shady the revelation of his death has been. Had it really been suicide, it completely discredits Sheryl Sandberg's "Lean In" book and much of her preaching. In addition, it shows a lot of the propaganda about him being such a nice guy and caring for the kids wasn't on point...no loving father offs himself for selfish reasons before his children are of age.
There's also a deleted tweet that seems to indicate the couple was in DC, not in some undisclosed location "abroad," at the time of death. It makes sense to lie about this so people don't go getting records from DC about cause of death, autopsy, etc.
I've been asking this question since seeing his death announcement -- coverage in the NYTimes and elsewhere has been nothing short of propaganda for him with zero mention of the reason for his death. Honestly, SurveyMonkey needs to go away..consumers are over-surveyed already; and it is the poster child for annoying, spammy messages for surveys that require a lot of time; I don't think this guy needs a state funeral.
So what happened? Extremely mega-rich (we're talking top percentile of the 1% here) people don't tend to just die suddenly in their mid-40s for no reason. Drugs? Murder? No one is saying anything; and I find this quite strange.
They repeatedly mention "Conde Nast" more often than the VR technology the article is ostensibly about; give shout outs to corporate partners and even include their stock ticker (CNE) immediately -- does anyone on slashdot write Microsoft (MSFT)? This summary should be rewritten!
When I read this, I immediately thought "Has Google Indexed the Contents of your Google Drive?", in the context of those automatic backups you might have enabled for photos, etc on your Android device. In fact, you're only at risk here if you have configured some type of FTP server or WebDAV (like a QNAP, etc) to have a public IP and have no security whatsoever. So that means having enough technical prowess to accomplish that much, only to leave all your stuff open on the internet for "ease"?!?
I think much of Slashdot might agree with me that if you're silly enough to deploy a public-facing server with no or default authentication, yeah, you'll probably deserved get indexed by Google.
Can you support your claims about the French "6th Republic" with any sources citing movements for creating a new constitution or dissolving the French state in favor of a new republic? Really, the DeGaulle Constitution is a staple of comparative politics and is the foundation of much of what Samuel Huntington terms the "Third Wave of Democratization."
The subject as to whether the U.S. is a democracy has also been beaten to death in every university in the nation, however, it tends to be more of a bar conversation than a serious conversation in political theory.
Sure, U.S. democracy became more democratic over the time, starting with the expansion of the franchise to non-land owning males under Andrew Jackson. However, to say it was never a "democracy" is really a semantic question where you redefine democracy to be "direct democracy;" or have to include institutions which are uncommonly present in the world's democracies.
This redefinition of democracy really falls apart when you look at literature using democracy in a scientific sense, e.g. Democratic Peace Theory, "the closest thing we have to a law in political science."
Your sentiment has already been beaten to death in pretty much every collegiate Comparative Politics class in the USA. Of course, we can blame folks like Andrew Jackson, Abraham Lincoln, FDR, Bush/Cheney for expanding the powers of the presidency; but really the system in and of itself is flawed.
There is a school of thought in comparative politics called "American Exceptionalism" -- in this case, meaning that the U.S. Constitution is exceptional in that it only works in the US -- other places that have tried using the American model, with the strong executive; end up devolving into dictatorships. See Dahl, Robert Polyarchy .
Believe it or not, is it actually the 5th Republic French Constitution (the DeGaulle constitution) that has proven the most successful in bringing democracy to democratizing nations.
Reforms like proportional representation, abolishment of the electoral college, and institutions to do away with the two-party system have been long in coming to the American political system to keep it in line with the modern conception of democracy. Instead, it keeps slipping into this vaguely democratic polyarchy.
Good luck with that. You can block all IPs assigned to ARIN in the US, but thanks to IP address shortages, you'll find many of those sites with ARIN-allocated IPs are actually located geographically in Europe...and some APNIC IPs are located in the US...etc etc
Limit of 20 years in the United States -- notably, Chinese patents are issued for 13 years (apparently, 13 is a "Lucky number" in Chinese culture). Patents are usually filed with WIPO with priority dates (meaning, date the clock started ticking) dating to the original patent application in the U.S. (or the provisional patent application). This gives them 7 years of a headstart to legally, under Chinese law, start making knockoffs and selling them in states where either the patent hasn't been registered through WIPO, or within China.
How is this different/superior than crypto.cat for web-based ease? Of course, Pidgin/Adium with OTR is already available and likely superior, and can run on top of almost any existing IM infrastructure.
I find it more than ironic that this article was posted on Slashdot, which in 2014..still doesn't support SSL. It'll even redirect HTTPS to plaintext HTTP!
...and no one cares. I think we should however appeal to some sort of internet tribunal as to whether wasting so much space on this, on such a high traffic website like Slashdot, warrants a sentence of an electronic gag device.
Hadn't heard about this, but my model is a 2010 (I got it new in 2010), and has had zero problems at 40k miles. Still haven't had to even get a brake job done. Worst I've had to do is plug a couple tires -- but really can't blame the car for placing nails in the road:)
I'm biased here because I drive one, but, Subarus are known for being "lego cars." They are ridiculously easy to take apart and put parts in, everything is setup very logically, and parts are interchangeable within a few years of the model. Also, there's a huge community at NASIOC that will give you lots of information and people to ask about whatever you'd like to do.
So far, I have (previously having no experience doing work on cars):
Installed Pioneer head unit w/ DVD player + ebrake bypass (no I do not watch DVDs while driving, it's just easier to bypass than connect the ebrake:) )
Replaced speakers with SEAS Lotus
Replaced battery with an optima yellowtop for the soundsystem (stock 90A alternator works great though)
Installed subwoofer in custom enclosure (easy to find custom fiberglass for these cars)
Installed remote starter
Disabled the blasted beeping when a passenger doesn't put on their seatbelt
I'm sure you could do a lot more with one of these, but that's just what I've been able to do in a year or two of playing around with it. I am no longer at all intimidated by opening my car up and doing work on it, if you can put together a PC and do legos, you can work on a Subaru.
If you'e seen videos of him doing the supposed "riding bike down the street," he only gets a handful of meters, slowly, and it is a very painstaking bike ride. They even edit his video to show the more successful parts. I looked into this after seeing his TED talk -- while echolocation seemed pretty neat, it definitely seems like his foundation is exaggerating its efficacy. It definitely does something, his bike riding is awkward at best but I think it's talked up in an effort to encourage others to learn it as well.
I'm pretty sure I'm not the "asshole" here...in that, well, you chime in on a conversation just to call someone an expletive, or insult them..without even bothering to google OTP first. Notice in all my posts in my post history I don't resort to name calling like you have done here -- it's a clear sign logic has failed, and all you have is nonsense rhetoric and insult to offer.
Clearly I should've spelt out OTP to avoid confusion in this context..except, yes, I do PCI compliance audits for a living, and this acronym seems very second-nature at this point. However though, I wasn't the one confusing OTP..it was the readers applying their own cognitive bias to apply the "one time pad" meaning here, even though the context clearly pointed away from that.
Slashdot Mirror
Actually the average rent for a 2 bedroom within 10 miles of SF (not even within SF) is $4,385 a month! SF has laws restricting campers now because so many people tried that -- most places good to park a camper have signs that say "No vehicles over 8" tall or 20" long." I owned a converted shuttle bus. :)
The culture of Silicon Valley and California in general is to sound positive all the time and avoid the negative -- people would much rather say nothing or offer platitudes than say "no". This forms part of the problem leading to depression -- everyone is "fake" and say things for political reasons, constantly on social networking talking up their accomplishments and that of their company. Of course, most of it is smoke and mirrors. Also the tech scene can be very pretentious and it takes a lot to "keep up with the Joneses" and stay in the social circles they prize. It becomes too much for many and they become depressed and fade away, replaced at their companies by the VC board. And some willing 20-something then comes and tries to fill their shoes and the cycle repeats.
No one wants to hire a depressed person. No one wants to go on dates with a depressed person (well, at least not many people -- negative/depressed dating site profiles don't get many replies). So, they conceal it until they break with full knowledge that when they break, they'll simply be replaced or their company will simply fail.
Thank you Brian for taking the time to reply to my question. Perhaps including the "social engineering" language was a bit strong for the work you do, but "doxxing" is still very much something you do; and I didn't get much of a response on the ethics of doxxing. Let's use your Rescator doxx for example -- what makes these people OK to dox? Is it different when you dox them as opposed to a witch-hunt on Reddit, etc? Does having poor operational security make it OK to dox someone?
Hey Brian,
I'm wondering what side of the fence you think you are on. Your readership and affilitations seem to be the mainstream "white-hat" security community; but many of your tactics can be described as grey-hat at best -- e.g. doxxing hackers/malware authors/spammers, using social engineering to obtain information, etc. It seems as though this is justified because it is used against targets you perceive as being immoral, unethical, and/or worthy of such intrusion. My question is: do you feel you are a white-hat hacker, or do you think your use of black-hat tactics against black hats makes you something different?
Due to the nature of the two party system, in order to gain the most votes the parties in the United States gravitate towards the center. How much so? The democrats are rated at a 4.8 (just slightly below centrist, hardly enough to describe as left-leaning), and Republicans at a 5.5 (just slightly above centrist) -- meaning both parties are quite similar and have only minor differences. In the end, they are both centrist parties.
In the United States, there are authentic left-leaning parties like the Green Party, and right leaning ones like the Conservative Party; but these never get enough votes to pass thresholds for campaign financing nor seats in a federal body like Congress.
In conclusion, the major parties of the United States are both centrist, and while their rhetoric might illustrate contrasts between them, in reality they are very close to each other in the political spectrum.
Full disclosure may well be a necessary evil -- sure, it allows anyone for some period of time to exploit the vulnerability; but it sure ends up getting fixed. Companies will wait months and years to fix security bugs if there is no clear and present danger.
Any time I disclose a bug to a vendor, I now tell them in the e-mail they have five days to fix it; after that it will be publicly disclosed. And I always make good on the disclosure.
While this is pure speculation, it makes a lot of sense in the context of how shady the revelation of his death has been. Had it really been suicide, it completely discredits Sheryl Sandberg's "Lean In" book and much of her preaching. In addition, it shows a lot of the propaganda about him being such a nice guy and caring for the kids wasn't on point...no loving father offs himself for selfish reasons before his children are of age.
There's also a deleted tweet that seems to indicate the couple was in DC, not in some undisclosed location "abroad," at the time of death. It makes sense to lie about this so people don't go getting records from DC about cause of death, autopsy, etc.
So what happened? Extremely mega-rich (we're talking top percentile of the 1% here) people don't tend to just die suddenly in their mid-40s for no reason. Drugs? Murder? No one is saying anything; and I find this quite strange.
They repeatedly mention "Conde Nast" more often than the VR technology the article is ostensibly about; give shout outs to corporate partners and even include their stock ticker (CNE) immediately -- does anyone on slashdot write Microsoft (MSFT)? This summary should be rewritten!
To decimate his soldiers to discipline them, meaning eliminating 10% of them; rather than get rid of 20% of them!
s/you'll/you/g :)
I think much of Slashdot might agree with me that if you're silly enough to deploy a public-facing server with no or default authentication, yeah, you'll probably deserved get indexed by Google.
Can you support your claims about the French "6th Republic" with any sources citing movements for creating a new constitution or dissolving the French state in favor of a new republic? Really, the DeGaulle Constitution is a staple of comparative politics and is the foundation of much of what Samuel Huntington terms the "Third Wave of Democratization."
Sure, U.S. democracy became more democratic over the time, starting with the expansion of the franchise to non-land owning males under Andrew Jackson. However, to say it was never a "democracy" is really a semantic question where you redefine democracy to be "direct democracy;" or have to include institutions which are uncommonly present in the world's democracies.
This redefinition of democracy really falls apart when you look at literature using democracy in a scientific sense, e.g. Democratic Peace Theory, "the closest thing we have to a law in political science."
There is a school of thought in comparative politics called "American Exceptionalism" -- in this case, meaning that the U.S. Constitution is exceptional in that it only works in the US -- other places that have tried using the American model, with the strong executive; end up devolving into dictatorships. See Dahl, Robert Polyarchy .
Believe it or not, is it actually the 5th Republic French Constitution (the DeGaulle constitution) that has proven the most successful in bringing democracy to democratizing nations.
Reforms like proportional representation, abolishment of the electoral college, and institutions to do away with the two-party system have been long in coming to the American political system to keep it in line with the modern conception of democracy. Instead, it keeps slipping into this vaguely democratic polyarchy.
Good luck with that. You can block all IPs assigned to ARIN in the US, but thanks to IP address shortages, you'll find many of those sites with ARIN-allocated IPs are actually located geographically in Europe...and some APNIC IPs are located in the US...etc etc
Limit of 20 years in the United States -- notably, Chinese patents are issued for 13 years (apparently, 13 is a "Lucky number" in Chinese culture). Patents are usually filed with WIPO with priority dates (meaning, date the clock started ticking) dating to the original patent application in the U.S. (or the provisional patent application). This gives them 7 years of a headstart to legally, under Chinese law, start making knockoffs and selling them in states where either the patent hasn't been registered through WIPO, or within China.
How is this different/superior than crypto.cat for web-based ease? Of course, Pidgin/Adium with OTR is already available and likely superior, and can run on top of almost any existing IM infrastructure.
I find it more than ironic that this article was posted on Slashdot, which in 2014..still doesn't support SSL. It'll even redirect HTTPS to plaintext HTTP!
...and no one cares. I think we should however appeal to some sort of internet tribunal as to whether wasting so much space on this, on such a high traffic website like Slashdot, warrants a sentence of an electronic gag device.
Hadn't heard about this, but my model is a 2010 (I got it new in 2010), and has had zero problems at 40k miles. Still haven't had to even get a brake job done. Worst I've had to do is plug a couple tires -- but really can't blame the car for placing nails in the road :)
So far, I have (previously having no experience doing work on cars): :) )
Installed Pioneer head unit w/ DVD player + ebrake bypass (no I do not watch DVDs while driving, it's just easier to bypass than connect the ebrake
Replaced speakers with SEAS Lotus
Replaced battery with an optima yellowtop for the soundsystem (stock 90A alternator works great though)
Installed subwoofer in custom enclosure (easy to find custom fiberglass for these cars)
Installed remote starter
Disabled the blasted beeping when a passenger doesn't put on their seatbelt
I'm sure you could do a lot more with one of these, but that's just what I've been able to do in a year or two of playing around with it. I am no longer at all intimidated by opening my car up and doing work on it, if you can put together a PC and do legos, you can work on a Subaru.
If you'e seen videos of him doing the supposed "riding bike down the street," he only gets a handful of meters, slowly, and it is a very painstaking bike ride. They even edit his video to show the more successful parts. I looked into this after seeing his TED talk -- while echolocation seemed pretty neat, it definitely seems like his foundation is exaggerating its efficacy. It definitely does something, his bike riding is awkward at best but I think it's talked up in an effort to encourage others to learn it as well.
I'm pretty sure I'm not the "asshole" here...in that, well, you chime in on a conversation just to call someone an expletive, or insult them..without even bothering to google OTP first. Notice in all my posts in my post history I don't resort to name calling like you have done here -- it's a clear sign logic has failed, and all you have is nonsense rhetoric and insult to offer.
Clearly I should've spelt out OTP to avoid confusion in this context..except, yes, I do PCI compliance audits for a living, and this acronym seems very second-nature at this point. However though, I wasn't the one confusing OTP..it was the readers applying their own cognitive bias to apply the "one time pad" meaning here, even though the context clearly pointed away from that.