It costs millions, not to *kill* each of the ISIS soldiers, but simply to confront them at all.
Do the math: about 20,000 ISIS. And the US military complex, which is already getting about $1T from the taxpayers every year (when you add all defense-related costs), was asked to attack them. They explained that for one thousand billion dollars per year, all they can do is sit at home, eat, and train. No fighting is affordable.
The additional bill for attacking ISIS is about $100B per year. For 20,000 men. That's $5M per ISIS member attacked for one year. With luck, a good many of them will be killed but probably barely 10% of them, and having spent $50M each to kill a few thousand...at least 2000 young boys will turn 17 or 18 and sign up with them during the year, leaving you in about the same strategic position.
Probably ISIS can be beaten - they are so little and weak and have so many enemies in the area besides the West. But that's why nothing ever got better in Afghanistan - it cost $100B a year to kill a few thousand Taliban who were easily replaced.
The cost to the taxpayer will be there whether or not there is Daesh to fight as this is just the US military baseline and most of that is spread around the world, not engaged in the middle east. The additional cost to actually fight the war there is relatively negligible.
The actual cost that the west isn't willing to pay is the political cost of the casualties involved in sending soldiers in to actually end the war - imagining for a moment that our leadership actually had a viable endgame in mind, which they don't because Assad is not politically acceptable and there just isn't anyone else to step up at this point - so the war will continue to be half fought until Assad wins without too much actual help from us (excepting the Russians who don't care if he's politically acceptable or not).
We may need a criminal background check done before authorizing a phone/SIM card sale.
Which would not be effective against terrorists and their supporters who haven't shown up on the radar yet, nor would it help when stolen phones are involved.
Too easy to work around. What we need is properly staffed security services. Enough workforce that the investigations can be efficient without throwing due process down the drain. You can't do that with mass surveillance. Almost all attackers in France had been on the radar of French services at some point. They went off the radar because they were considered less threatening, and France didn't have enough people to keep an eye on them while other individuals seemed more dangerous at the time.
What we 'need' to do is to wrap up the war in the middle east and build an infrastructure that gives the kids growing up there some hope for a future that compares favorably to blowing one's self up.
And as far as more security...there's plenty of security already in the airports in Europe - including Brussels - and it didn't do jack to stop the attack today.
We need a long term plan not just "more security forces" that aren't effective against people willing to blow themselves up to make a point.
They proved that by their collaboration with the FBI while attacking the TOR network... which they created in collaboration with the Department of Defense. https://yro.slashdot.org/story...
If Uber wants a partner to secretly develop 'jealously-guarded corporate secrets' Carnegie Mellon is where it's at. A student looking for an education might best look elsewhere as CMU priorities have changed.
I'd say that a CMU student is learning very well how the world works.
Relatively small penalties paid by the city/state, etc. because these people should get something but at the end of the day it's not the people making the false arrest and imprisonment who pay - it's you and I the taxpayers, when we also haven't done anything wrong.
Sure we've done something wrong. We've voted time and again for politicians who support repressive policing, long jail sentences and bought into the idea that too many criminals were "getting away with it" in trials. Politicians (and prosecutors, who are often elected officials themselves) have seen this as a green light for aggressive prosecution and the use of tactics like leveling multiple charges against people with poor legal defense in the hopes that they will take a plea bargain on one charge and skip a trial.
It'd be nice to blame this solely on rogue individuals, but in reality these people are just responding to the incentives they've been given -- lock up lots of people and you get elected again or can move on to higher office.
I wish the punishment for wrongful conviction was personal financial liability, disbarment, removal from the judiciary and possibly criminal sanction, but mostly it isn't and of course the system is stacked against this, as nobody in the criminal justice system is willing to inflict these kinds of punishments lest they be subject to them as well.
So in the end, the only people "we" can hold responsible for wrongful conviction are ourselves. If the taxpayer hates paying people off for having their lives wrongly thrown away for two decades, maybe they should consider it the price of supporting an aggressive criminal justice system.
There will never be a perfect system.
If we were to try and achieve, with 100% certainty, that only those who go to prison (or are arrested in the first place) are actually guilty, then no one would ever be sent to prison because in reality we are imperfect creatures and are thus unable to know the 'truth' other than imperfectly even at the best of times and therefore could never take the risk of being wrong in our judgement that 'this person is guilty.'
Beyond a shadow of a doubt is a great ideal to have but is impossible to achieve.
I think these amounts awarded to Hogan and Erin Andrews (TV reporter secretly video recorded nude in her hotel room) are excessive when people who are wrongfully convicted of crimes they didn't commit get fractions of that amount after serving many years in prison.
It's not a question of who is receiving but of who is paying.
Big penalties paid by corporations to hurt their balance sheet (anything less is ineffective).
Relatively small penalties paid by the city/state, etc. because these people should get something but at the end of the day it's not the people making the false arrest and imprisonment who pay - it's you and I the taxpayers, when we also haven't done anything wrong.
It's not just women. I find that developers who lack the passion to continuously learn and play with technology (not necessarily directly related to their day job....just technology in general) tend to be the ones that are middle of the pack in large companies. They aren't necessarily bad at their job, but they are never the ones that leap ahead of the pack. For them it's just a "job".
The question becomes: how many "average" developers can you get away with and still be a successful company? The "rock stars" are expensive, so you want to have as few of them as you can and have them cover for the rest of the team......and they'll do it willingly because they love what they do. It's the reason that I left my last job......I was tired of covering for everyone else.
It's even worse when the "average" developers are in a different country.
Does 'average' = not willing to sacrifice their personal lives for the job?
My passion is what makes me better at what I do. The fact that I don't stop should mean I get paid more than someone else "who only does it as a job". That's the black and white issue at play here.
Depends on if you're supposed to be working it and are thus being paid overtime or if you are volunteering your time above and beyond.
Let's say that has a value of X. If you work above and beyond that amount by an amount of Y you should get X + Y but that doesn't mean that the X part should be less for either you or a coworker (of either sex) who doesn't work more than X.
Of course people who enjoy being wage slaves - or people who have no life (no offense) and nothing that they prefer to do other than their job will work more than they should without complaining about it but that's not a normal or healthy situation.
Anyone who sacrifices their life for their job has their priorities completely backwards - especially if they don't own the company.
From @SFBART: BART was built to transport far fewer people, and much of our system has reached the end of its useful life. This is our reality.
BART has been continually expanding while deferring maintenance on the rest of the system, and that policy has finally come home to roost -- much of their infrastructure is over 40 years old and they can't defer maintenance forever. But by continually expanding, they've made themselves too big to fail (and they've gotten more counties on the hook to keep the service running), so they'll get bailed out one way or another.
That's a political answer to justify asking for more money - it is not a technical answer that should be accepted on/.
And this is why I don't have Windows running anywhere in my house - with multiple computers, I could see Microsoft totally raping the bandwidth caps on my rural Satellite Internet connection... and rural 3G/4G Internet users likely wouldn't get any relief from it either.:/
Speaking of which, I wonder if Microsoft could be found liable for any extra expenses incurred as a result of such a use case?
There's probably something in a previous EULA that says one assumes the cost of all downloads, upgrades, etc, etc blah blah blah
I mean President Obama's administration studied the keystone pipeline for 7 years before deciding that it is more environmentally friendly to haul crude oil in trucks and rail. I say the senate should do him the same favor and consider this appointment for at least a couple years before deciding he was not qualified.
I mean let's not be mean spirited about it. The Senate should consider him, and consider him some more. Then after that is all done why not consider him again. Let's consider the fuck out of him. Make him the most considered appointment never to get appointed.
It is after all the Senate's constitutional duty.
Always amusing to see people cutting off the proverbial nose.
"Let's break the highest court in the nation for a few years just to make the point that we don't like Obama"
Wage trends in China indicate the "race to the bottom" is actually a race to the middle.
It's a race to the lowest common denominator which is higher than the very poorest have but way, way, way lower than we want our children to have to compete with.
Low labor cost countries tend to have no labor protection, unsafe working conditions, borderline (or outright) slavery working conditions, zero benefits whatsoever and get paid jack shit anyway it's a losing proposition for anyone but the richest who benefit from globally lower resource rates and arguably the very poorest who had nothing to start with.
Agreed... while I think the court is correct (Android is a de facto monopoly in many countries and Google isn't shy about leveraging it to push their other services), this decision falls in the "even a stopped clock" category.
Of course, I'm sure the bribe..err..fine will be low enough that Google won't actually have to change anything.
Depends on who owns the Russian-based search engine that opened the charges against Google in the first place.
If it's a Putin crony, for example, then google might be SOL
Just from a rational point of view, shutting down political speech is never a good thing, no matter what that speech is. Because if they can do it to one candidate, it can be done to others.
Indeed. A fascist approach does not become any better because some "good" guys use it or because the goal is "noble".
What about opening up instead of shutting down?
I'm very curious about the emails of both Trump and Clinton.
First off telcos remember are utilities and make heavy use of government they are thus much more regulated. How would you write a law given the keys are for the client. The clients are the ones encrypting. Facebook is just letting them know how to get in touch. You are basically arguing for a system that would require Facebook to ensure that no encrypted traffic exists that references their system. That's a pretty high bar. Moreover that connection service can easily migrate off Facebook.
There are greatly shrinking differences between telcos and internet providers today and most of the regulation is to protect companies against each other, not to protect people from companies (which is sadly very weak in the US).
In communication, you have a the following layers (simplified): User Application Network Transport
Legacy: Application POTS - now almost completely converted to VoIP where the client is perhaps a fixed line phone into a dsl model Network IPoX Transport Copper/Fiber/4G/etc
New: Application 'some client' (whatsapp in this example but could be anything including normal legacy telephones into a dsl modem) Network IPoX Transport Copper/Fiber/4G/etc
In the legacy model, there is already legal intercept requirement by law. This can be done at any layer below user and is generally done by the telco at the transport layer.
In the New model, there is nothing stopping the legal establishment from requiring this same functionality at, again, any layer below user.
With regard to who holds the keys - this becomes irrelevant if the legislation is that no product shall be marketed that does not contain a legal intercept mechanism. This blocks the sale of products that do not enable legal intercept and the "we don't have the keys" reason is no longer applicable. If the product is marketed anyway it becomes 'contraband' with fines, penalties, prison time.
Will this hurt the US (and western powers) software industries (and much more)? Yes, sure. Do those in power care? No.
Being somewhat cynical, if the fear of those in power is not of the terrorists but rather of the reasonably educated western populations who are starting to realize that their governments are becoming too oppressive and are not actually acting in the people's best interests but rather the interests of those in power, then those in power will not want the vast majority of the population to have access to strong encryption.
Terrorism is just a bullshit excuse to try and take strong encryption away from law abiding (today) citizens.
And in that case do you really think that your modified AR15 is going to be of any use against whatever the government chooses to throw at you?
If society breaks down to the point that one truly needs to walk around armed, then you probably won't be facing government forces. You will most likely be dealing with looters, opportunistic criminals, etc.
Well the people on here espousing guns guns guns seem to be under the impression that they would be fighting an oppressive government which is where my question was directed.
If government breaks down and we're fighting one another then sure any weapon will be a good thing to have - but I don't think that's the actual situation being proposed on here really.
The app maker can intercept things all day, but if the messages are encrypted on the client, and the keys are not stored on the app maker's servers, then you will have no way of decrypting them. It's the same thing as if I used an encrypting handset over a POTS line: the phone company may be required to intercept it, but they won't be able to do anything with the results without the keys off the handset.
You're missing the point which is that the legislation can move up that layer to the provider of the encrypted handset (physical or virtual) being required to enable lawful intercept.
Of 25 firearm laws, nine were associated with reduced firearm mortality, nine were associated with increased firearm mortality, and seven had an inconclusive association....Very few of the existing state-specific firearm laws are associated with reduced firearm mortality
Not enough information in the Lancet summary to draw any conclusions, but expecting a drop of 90% doesn't sound realistic.
You may note the use of the word 'could' before each contributing factor: "...could reduce the national gun death rate by 57%" "...could lower the rate by 81% to 1.99 per 100,000" "...could reduce it by 83% to 1.81 per 100,000."
Which is about as useful as saving 'up to' 90% would be when buying a used car.
Slashdot Mirror
If only it were that cheap.
It costs millions, not to *kill* each of the ISIS soldiers, but simply to confront them at all.
Do the math: about 20,000 ISIS. And the US military complex, which is already getting about $1T from the taxpayers every year (when you add all defense-related costs), was asked to attack them. They explained that for one thousand billion dollars per year, all they can do is sit at home, eat, and train. No fighting is affordable.
The additional bill for attacking ISIS is about $100B per year. For 20,000 men. That's $5M per ISIS member attacked for one year. With luck, a good many of them will be killed but probably barely 10% of them, and having spent $50M each to kill a few thousand...at least 2000 young boys will turn 17 or 18 and sign up with them during the year, leaving you in about the same strategic position.
Probably ISIS can be beaten - they are so little and weak and have so many enemies in the area besides the West. But that's why nothing ever got better in Afghanistan - it cost $100B a year to kill a few thousand Taliban who were easily replaced.
The cost to the taxpayer will be there whether or not there is Daesh to fight as this is just the US military baseline and most of that is spread around the world, not engaged in the middle east. The additional cost to actually fight the war there is relatively negligible.
The actual cost that the west isn't willing to pay is the political cost of the casualties involved in sending soldiers in to actually end the war - imagining for a moment that our leadership actually had a viable endgame in mind, which they don't because Assad is not politically acceptable and there just isn't anyone else to step up at this point - so the war will continue to be half fought until Assad wins without too much actual help from us (excepting the Russians who don't care if he's politically acceptable or not).
They are ignorant savages.
Yeah they're actually often not at all ignorant :
http://www.economist.com/node/...
http://www.slate.com/articles/...
We may need a criminal background check done before authorizing a phone/SIM card sale.
Which would not be effective against terrorists and their supporters who haven't shown up on the radar yet, nor would it help when stolen phones are involved.
Too easy to work around. What we need is properly staffed security services. Enough workforce that the investigations can be efficient without throwing due process down the drain. You can't do that with mass surveillance. Almost all attackers in France had been on the radar of French services at some point. They went off the radar because they were considered less threatening, and France didn't have enough people to keep an eye on them while other individuals seemed more dangerous at the time.
What we 'need' to do is to wrap up the war in the middle east and build an infrastructure that gives the kids growing up there some hope for a future that compares favorably to blowing one's self up.
And as far as more security...there's plenty of security already in the airports in Europe - including Brussels - and it didn't do jack to stop the attack today.
We need a long term plan not just "more security forces" that aren't effective against people willing to blow themselves up to make a point.
They proved that by their collaboration with the FBI while attacking the TOR network ... which they created in collaboration with the Department of Defense.
https://yro.slashdot.org/story...
If Uber wants a partner to secretly develop 'jealously-guarded corporate secrets' Carnegie Mellon is where it's at. A student looking for an education might best look elsewhere as CMU priorities have changed.
I'd say that a CMU student is learning very well how the world works.
Relatively small penalties paid by the city/state, etc. because these people should get something but at the end of the day it's not the people making the false arrest and imprisonment who pay - it's you and I the taxpayers, when we also haven't done anything wrong.
Sure we've done something wrong. We've voted time and again for politicians who support repressive policing, long jail sentences and bought into the idea that too many criminals were "getting away with it" in trials. Politicians (and prosecutors, who are often elected officials themselves) have seen this as a green light for aggressive prosecution and the use of tactics like leveling multiple charges against people with poor legal defense in the hopes that they will take a plea bargain on one charge and skip a trial.
It'd be nice to blame this solely on rogue individuals, but in reality these people are just responding to the incentives they've been given -- lock up lots of people and you get elected again or can move on to higher office.
I wish the punishment for wrongful conviction was personal financial liability, disbarment, removal from the judiciary and possibly criminal sanction, but mostly it isn't and of course the system is stacked against this, as nobody in the criminal justice system is willing to inflict these kinds of punishments lest they be subject to them as well.
So in the end, the only people "we" can hold responsible for wrongful conviction are ourselves. If the taxpayer hates paying people off for having their lives wrongly thrown away for two decades, maybe they should consider it the price of supporting an aggressive criminal justice system.
There will never be a perfect system.
If we were to try and achieve, with 100% certainty, that only those who go to prison (or are arrested in the first place) are actually guilty, then no one would ever be sent to prison because in reality we are imperfect creatures and are thus unable to know the 'truth' other than imperfectly even at the best of times and therefore could never take the risk of being wrong in our judgement that 'this person is guilty.'
Beyond a shadow of a doubt is a great ideal to have but is impossible to achieve.
I think these amounts awarded to Hogan and Erin Andrews (TV reporter secretly video recorded nude in her hotel room) are excessive when people who are wrongfully convicted of crimes they didn't commit get fractions of that amount after serving many years in prison.
It's not a question of who is receiving but of who is paying.
Big penalties paid by corporations to hurt their balance sheet (anything less is ineffective).
Relatively small penalties paid by the city/state, etc. because these people should get something but at the end of the day it's not the people making the false arrest and imprisonment who pay - it's you and I the taxpayers, when we also haven't done anything wrong.
Given his age I'd already be surprised if he could do the leg drop anymore, let alone kick it up a notch.
Not so old as to keep him from pile driving his friend's wife...
It's not just women. I find that developers who lack the passion to continuously learn and play with technology (not necessarily directly related to their day job....just technology in general) tend to be the ones that are middle of the pack in large companies. They aren't necessarily bad at their job, but they are never the ones that leap ahead of the pack. For them it's just a "job".
The question becomes: how many "average" developers can you get away with and still be a successful company? The "rock stars" are expensive, so you want to have as few of them as you can and have them cover for the rest of the team......and they'll do it willingly because they love what they do. It's the reason that I left my last job......I was tired of covering for everyone else.
It's even worse when the "average" developers are in a different country.
Does 'average' = not willing to sacrifice their personal lives for the job?
My passion is what makes me better at what I do. The fact that I don't stop should mean I get paid more than someone else "who only does it as a job". That's the black and white issue at play here.
Depends on if you're supposed to be working it and are thus being paid overtime or if you are volunteering your time above and beyond.
Let's say that has a value of X. If you work above and beyond that amount by an amount of Y you should get X + Y but that doesn't mean that the X part should be less for either you or a coworker (of either sex) who doesn't work more than X.
Of course people who enjoy being wage slaves - or people who have no life (no offense) and nothing that they prefer to do other than their job will work more than they should without complaining about it but that's not a normal or healthy situation.
Anyone who sacrifices their life for their job has their priorities completely backwards - especially if they don't own the company.
BART already tweeted the reason behind the breakdowns:
From @SFBART:
BART was built to transport far fewer people, and much of our system has reached the end of its useful life. This is our reality.
BART has been continually expanding while deferring maintenance on the rest of the system, and that policy has finally come home to roost -- much of their infrastructure is over 40 years old and they can't defer maintenance forever. But by continually expanding, they've made themselves too big to fail (and they've gotten more counties on the hook to keep the service running), so they'll get bailed out one way or another.
That's a political answer to justify asking for more money - it is not a technical answer that should be accepted on /.
Inside job?
And this is why I don't have Windows running anywhere in my house - with multiple computers, I could see Microsoft totally raping the bandwidth caps on my rural Satellite Internet connection... and rural 3G/4G Internet users likely wouldn't get any relief from it either. :/
Speaking of which, I wonder if Microsoft could be found liable for any extra expenses incurred as a result of such a use case?
There's probably something in a previous EULA that says one assumes the cost of all downloads, upgrades, etc, etc blah blah blah
I mean President Obama's administration studied the keystone pipeline for 7 years before deciding that it is more environmentally friendly to haul crude oil in trucks and rail. I say the senate should do him the same favor and consider this appointment for at least a couple years before deciding he was not qualified.
I mean let's not be mean spirited about it. The Senate should consider him, and consider him some more. Then after that is all done why not consider him again. Let's consider the fuck out of him. Make him the most considered appointment never to get appointed.
It is after all the Senate's constitutional duty.
Always amusing to see people cutting off the proverbial nose.
"Let's break the highest court in the nation for a few years just to make the point that we don't like Obama"
Brilliant.
Catching speeders.... since vehicle radar detectors won't work for attempting to detect the the encrypted radar signal.
Probably irrelevant due to deployment of average speed cameras anyway...
I know you're just trying to be funny, but when the shit hits the fan the military and law enforcement will be on our side, not the government's.
Which is probably driving interest in the development of automated weaponry:
http://www.bbc.com/future/stor...
https://en.wikipedia.org/wiki/...
http://www.theguardian.com/tec...
I, for one, do not welcome our robotic overlords....
Wage trends in China indicate the "race to the bottom" is actually a race to the middle.
It's a race to the lowest common denominator which is higher than the very poorest have but way, way, way lower than we want our children to have to compete with.
Low labor cost countries tend to have no labor protection, unsafe working conditions, borderline (or outright) slavery working conditions, zero benefits whatsoever and get paid jack shit anyway it's a losing proposition for anyone but the richest who benefit from globally lower resource rates and arguably the very poorest who had nothing to start with.
Agreed... while I think the court is correct (Android is a de facto monopoly in many countries and Google isn't shy about leveraging it to push their other services), this decision falls in the "even a stopped clock" category.
Of course, I'm sure the bribe..err..fine will be low enough that Google won't actually have to change anything.
Depends on who owns the Russian-based search engine that opened the charges against Google in the first place.
If it's a Putin crony, for example, then google might be SOL
I thought you had to be at least 18 to vote ;).
Nah with these new electronic voting machines anyone who can hack in can vote.
Just from a rational point of view, shutting down political speech is never a good thing, no matter what that speech is. Because if they can do it to one candidate, it can be done to others.
Indeed. A fascist approach does not become any better because some "good" guys use it or because the goal is "noble".
What about opening up instead of shutting down?
I'm very curious about the emails of both Trump and Clinton.
First off telcos remember are utilities and make heavy use of government they are thus much more regulated. How would you write a law given the keys are for the client. The clients are the ones encrypting. Facebook is just letting them know how to get in touch. You are basically arguing for a system that would require Facebook to ensure that no encrypted traffic exists that references their system. That's a pretty high bar. Moreover that connection service can easily migrate off Facebook.
There are greatly shrinking differences between telcos and internet providers today and most of the regulation is to protect companies against each other, not to protect people from companies (which is sadly very weak in the US).
In communication, you have a the following layers (simplified):
User
Application
Network
Transport
Legacy:
Application POTS - now almost completely converted to VoIP where the client is perhaps a fixed line phone into a dsl model
Network IPoX
Transport Copper/Fiber/4G/etc
New:
Application 'some client' (whatsapp in this example but could be anything including normal legacy telephones into a dsl modem)
Network IPoX
Transport Copper/Fiber/4G/etc
In the legacy model, there is already legal intercept requirement by law. This can be done at any layer below user and is generally done by the telco at the transport layer.
In the New model, there is nothing stopping the legal establishment from requiring this same functionality at, again, any layer below user.
With regard to who holds the keys - this becomes irrelevant if the legislation is that no product shall be marketed that does not contain a legal intercept mechanism. This blocks the sale of products that do not enable legal intercept and the "we don't have the keys" reason is no longer applicable. If the product is marketed anyway it becomes 'contraband' with fines, penalties, prison time.
Will this hurt the US (and western powers) software industries (and much more)? Yes, sure. Do those in power care? No.
Being somewhat cynical, if the fear of those in power is not of the terrorists but rather of the reasonably educated western populations who are starting to realize that their governments are becoming too oppressive and are not actually acting in the people's best interests but rather the interests of those in power, then those in power will not want the vast majority of the population to have access to strong encryption.
Terrorism is just a bullshit excuse to try and take strong encryption away from law abiding (today) citizens.
"...subsidies "are aimed at occupying more market share within the short term and is competitively unfair for the taxi industry"
But it's okay when The Chinese decide to subsidize Chinese industries to give that same unfairness against non-Chinese Industry:
http://www.bloomberg.com/news/...
http://www.economist.com/news/...
And in that case do you really think that your modified AR15 is going to be of any use against whatever the government chooses to throw at you?
If society breaks down to the point that one truly needs to walk around armed, then you probably won't be facing government forces. You will most likely be dealing with looters, opportunistic criminals, etc.
Well the people on here espousing guns guns guns seem to be under the impression that they would be fighting an oppressive government which is where my question was directed.
If government breaks down and we're fighting one another then sure any weapon will be a good thing to have - but I don't think that's the actual situation being proposed on here really.
The app maker can intercept things all day, but if the messages are encrypted on the client, and the keys are not stored on the app maker's servers, then you will have no way of decrypting them. It's the same thing as if I used an encrypting handset over a POTS line: the phone company may be required to intercept it, but they won't be able to do anything with the results without the keys off the handset.
You're missing the point which is that the legislation can move up that layer to the provider of the encrypted handset (physical or virtual) being required to enable lawful intercept.
Of 25 firearm laws, nine were associated with reduced firearm mortality, nine were associated with increased firearm mortality, and seven had an inconclusive association....Very few of the existing state-specific firearm laws are associated with reduced firearm mortality
Not enough information in the Lancet summary to draw any conclusions, but expecting a drop of 90% doesn't sound realistic.
You may note the use of the word 'could' before each contributing factor:
"...could reduce the national gun death rate by 57%"
"...could lower the rate by 81% to 1.99 per 100,000"
"...could reduce it by 83% to 1.81 per 100,000."
Which is about as useful as saving 'up to' 90% would be when buying a used car.