It's also only for the initial few weeks after launch. This is aimed at getting rid of those queues of people that just *have* to have the latest Apple iThing on launch day from cluttering up the streets around the store, which I'm sure goes over well with the city administration that needs to police the queue and deal with the aftermath - at least some of which I suspect have probably had words with Apple store managers or VPs about it. Unless it's a complete debacle I suspect we'll be seeing similar management of iPad, iPhone and other major product launches.
I suspect that's actually the underlying problem for the security & intelligence services. It's not so much the fact that regular citizens are starting to use encryption that they have a problem with so much as through the use of encryption by default they're losing the ability to find the more interesting chatter by simply looking for people that are even using encryption in the first place. When your entire haystack is made out of needles, finding the few you are actually interested in becomes that many orders of magnitude harder.
Well, screw that. What they are basically saying is "make our jobs easier for us", but what they are failing to point out is that by doing so they are also leaving people exposed to everyone else that might want to eavesdrop on random communications, and in particular all those people/organizations/countries that they are meant to be securing each other against. If *you* have access to it, then so do your opponents - so the real question, and the one that really needs to be addressed, is which is the lesser of the two evils - having your nation secure from outsiders, or making the job of securing your nation against internal threats slightly easier? Given the complete failure of the security & intelligence services to demonstrate they can achieve the latter even before encryption become a big issue I'd say that's a complete no brainer.
Were it an application for an IT security role, in the style of those challenges Google and GCHQ have used, then you might have a point and they might have a rather lame excuse. Sadly, this is an application for security of the knuckle dragging variety, and to make matters worse the application process has also been shown to be completely unfit for purpose as just about anyone can successfully apply for a license, including those who should absolutely be prevented from doing so.
When you've got a government department that can't even fulfill do the non-IT related role that it's supposed to do, why am I not surprised that it's also completely incompetent at something it's not - viz managing the procurement of what should be a simple web form process and DB backend?
I don't buy your claim of "hugely". The problem here is that while it's a substantial pile of concrete and while that concrete will generate a lot of CO2 as it solidifies, there is a vast amount of atmosphere. It's just not significant even if you do buy fully into catastrophic AGW.
It's not just the *use*, it's also the production of the concrete itself which tends to get lumped in with the end product in environmental impact calculations. Production of concrete is responsible for approximately 5% of ALL mankind's CO2 emissions of which about half comes from the chemical process itself and almost as much from the fuel burnt to provide power for process, with the bulk of the contribution coming from the cement use which produces approx 850-900kg of CO2 per 1000kg of cement.
Japan is certainly well aware of that because they've been complaining to China about the massive amounts of pollution coming from the massive levels of concrete production for use in their mega-projects for years, making this all the more surprising. Clearly it's a case of "do as I say, not as I do" and, as others have noted, a pretty good indication that Japan doesn't give a shit about the environment, especially since the prevailing winds will blow *their* pollution out over the Pacific. Still, at least the US west coast will have some even more colourful sunsets to look forwards too...
That the proposal is just bare concrete seems completely inexplicable to me; not only is concrete ugly as sin, it's also hugely unfriendly to the environment in terms of CO2 production. Maybe the concrete (and presumably rebar) is needed for structural integrity but a more natural solution based on earthworks, possibly with a re-inforced core of rock/rubble, sounds like it would be less of a blot on the landscape and thus more acceptable to those who have to see it.
Your idea of artificial lakes - perhaps some kind of double berm arrangement with a suitably voluminous (e.g. *big*) and non-residential catchment area that has rapid drainage back to the ocean in between seems like a much better solution to me as well. The berms possibly needn't even be taller than the peaks of the larger tsunami if the height and shape of the outer wall is enough to reduce the force of the wave enough to ensure that the bulk of the water volume ends up in the catchment basin and anything that sloshes over the second berm isn't likely to cause damage, although that possibly a big ask though, given the footage of ocean ships thrown into the middle of cities from the last mega-tsunami. You could still use the space in between the berms for non-residential/industrial applications like agriculture, parkland, etc., and if you designed it well enough there's no reason that repairing the damage from the inevitable flooding couldn't be quick and reasonably cost effective as well - the biggest problem is likely to be desalienating the soil.
I suspect they, and similar agencies, realised this a long time ago; the kind of big data meta analysis of blockchains necessary to establish patterns in the flow of digital currency is what GCHQ, NSA and the like should excel at doing and the use of BitCoin etc. by groups they would be interested in is well documented. Once you start identifying which wallets are regularly transferring large amounts of funds to other known wallets, you can then start looking at who else they are dealing with and building a web of interactions. Combine that with any compromised PCs or other intel that lets them tie specific wallets to specific individuals / organisations and some really useful intelligence about who is dealing with who ought to start dropping out. I'd actually be very surprised if they hadn't been doing this for some time, really.
Not at all, the parallels are pretty obvious if you think about it and as a business model it's working very well for Apple just as it has for many religions. They're not the only organization doing this, far from it, but Apple is just so much better at it than anyone else around at present. Steve Jobs wasn't some real-world parallel of Tywin Lannister who shat high-value dollar bills; those tens of billions in cash Apple is sitting on came from people who paid into the cult by buying Apple's hardware, and in many cases bought essentially the same hardware all over again just because the version number changed and a few things got slightly better... then did so again... and again. They didn't *really* need to, but they were obviously convinced that they had to, so just like a cult in other words.
I'm not faulting it; it's clearly working very well for Apple and their shareholders, but acting shocked and surprised that breaking ranks with such a setup puts you on the receiving end of a fatwa or jihad (to stick with religious parallels) from those still on the inside? Those are the people that are off their meds.
The whole Apple ecosystem is built, designed and operated like a cult. People on both sides of debate frequently refer to it as a "Church". It funnels more and more money from the fanatical congregation into the pockets of the leadership through convincing them that they absolutely, positively *need* to upgrade to the next Operating Thetan, erm, I mean "version". Seriously, Scientology could take lessons from them. WTF did you expect?
Personally, I'd say screw them, revoke the certificates in the OS/browsers, and let CNNIC figure out how to sort out the mess with their customers. Even if you were to then allow them to create a new certificate, they'll still need to go through the financial and administrative pain of having to re-issue all the certificates to their immediate customers like MCS, who will then have to re-issue all their certificates and so on... That's a huge slap on the wrist and a massive deterrant to any other CA messes with the web of trust, or a good defence they can use when their authoritarian government "requests" that they do so, which is more likely what happened here.
In the meantime, you can always delete the trust yourself. Open your Browsers Certificate List ("Options, Advanced, Certificates, View Certificates" in Firefox), find CNNIC's certs (there are two in Firefox - "CNNIC ROOT" and "China Internet Network Information Center EV Certificates Root") and either delete them altogether or edit the trust and remove the ability to sign websites. That's pretty useless as anything other than a feel good factor though because it doesn't stop you accessing any sites in that particular chain of trust; you'll just get a warning that the site uses an untrusted certificate and prompt to abort or add the site's specific certificate without any upstream CA certificates.
Given the huge volume of spam that gets sent from compromised free mail accounts such as Yahoo! et al, mostly due to people using dumb passwords or getting their PC rooted, I can see why Yahoo! might want to move to something else; in that case something you have (a phone) is vastly more secure than a password known to you and a whole bunch of blackhats. That's almost certainly the issue Yahoo! is trying to solve here, rather than the one of securing access to data which, given that it's on a free mail provider, really shouldn't be used for anything sensitive in the first place, but users will be users (even ones in senior government positions it seems).
Still, I can't help but feel that a better approach to using 2FA in frequent use situations where convenience plays a major part might be to only bring the second factor in to play when something "unusual" happens, such as a sudden change in the geographic location of the IP address that you are trying to connect from. That's still possible with Yahoo's system, only it would probably be the password that would be prompted for as the second factor rather than the SMS token as might previously have been the case when 2FA is used in this manner.
That is what I would expect too, perhaps a more accurate description of events might be "paperwork documenting MH370 beacon battery replacement may have been misplaced", but that's not going to generate the same number of page views.
I'd go with this too; defer the decision until your kids are 16, going on 18 and hopefully have a better idea what they want to do and can understand the pros and cons themselves, but you probably want to raise the point before then so they can be considering it ahead of time. There's simply no point burdening them with US taxes that they might otherwise not have had to pay unless there is a good reason for doing so - especially since they'll probably be paying taxes in the EU as well if they choose to stay there. Even if they do want to go and study/work in the US, there's always the option of applying to go as EU citizens which should be good for most things, and if their longer plans might involve the prospect of longer term residency or positions that require US nationality then they could always apply for US citizenship then.
Just because the hypothetical aliens are ahead of us in some respects (e.g. the ability to practically travel across interstellar distances) it does not necessarily follow that they would be ahead of us in all others. For instance, consider Harry Turtledove's short story The Road Not Taken which is based around a premise that humanity overlooked a blindingly simple technique for manipulating gravity that put our technological development onto a completely different track than the invaders of the story.
Might as well mention Twitter's URL shortening service, "t.co", too since that's another area of the business riddled with abuse that they just don't seem to care about. Spammers and malware pushers have been using Twitter's "t.co" links for ages to link to sites, malware and so on, yet Twitter simply doesn't care. Send an abuse report to most other link shortening services and the malicious link is usually dead within a couple of days, and more often within a few hours, yet "t.co" links seem to be inspired by De Beers and last forever so presumably the abuse reports are simply/dev/null'd. On the plus side, you can pretty much guarantee any email with a "t.co" link is spam and score it accordingly (or just reject them outright since the FP rate is so low), but it would be nice if they did something about that too.
Aside from the few hundred lives vs. a few thousand lives if the plane was actually hijacked and attempted another 9/11 style crash into a metropolitan area there is another reason you might want a chase aircraft - obtaining camera footage of the plane should the threat prove genuine and the plane is blown up. I would imagine such data might prove quite useful to the resultant investigation in terms of narrowing down where the bomb was located, how powerful it was, whether it was carried on or checked, and potentially even narrow down who might have got the bomb onboard.
Is climate change real and not a hoax?: Yes (98:1) - Sen. Roger Wicker (R-MS) voted "Yes"
Do humans contribute significantly to climate change?: No (50:49) - All the Dems plus a few Reps votes "Yes". Key to that result however is that before the vote Sen. Lisa Murkoswki (R-AK) took exception to the word "significantly", which I actually think is a reasonable point given the available data that tries to quantify our contribution to the changes.
The question that remains unanswered is how many of those 50 that voted "No" in the second vote would have voted differently if the contentious "significantly" wasn't present. That's almost certainly more than zero, so it appears that the disconnect between what US politicians and scientists believe about climate change and AGW might not be as far apart as some are portraying it, and might not even exist at all.
That sounds like it ought to be a good idea - actual peers rather than essentially random people - but I'm not sure that would actually work too well for the lawyers. Essentially one side, whether they realise it or not, is trying to "prove" something that is incorrect; at a simple level a defendant can't be both innocent and guilty of the same accusation (jokes about Schroedinger's cat aside). In situations where the prosecution's lawyers know that their case is a house of cards or the defendant's lawyers know that their clients are guilty it's in their best interests to make sure that anyone competent in technical issues to be discussed doesn't make it through jury selection in order to make it easier for them to bamboozle the rest.
From the original submission, this is the link that you are looking for. Yep, it's a industry rag reporting on Nielsen data. No way that's not going to be a victim of lies, damn lies and statistics...
It's definitely part of the solution and can definitely help in some situation, but it's not the best general approach and has the highly likely side effect of perpetuating the problem by creating more extremists as a result of the actions taken again existing ones that goes wrong. This has clearly been happening in Iraq, Afghanistan, Syria and everywhere else this approach has been used where many extremists cite past attacks against earlier extremists that have claimed the lives of friends and family (innocent or otherwise) as their motivation. As you note, it also gives the terrorists exactly what they want; forcing those they are attacking onto the backfoot and reducing the freedom of the people to the point that there's not really all that much difference between the control enforced by the state and the control the extremists want to enforce.
The wake of the attack on Charlie Hebdo has given us a look at a far more effective general solution in my opinion, and one that ought to be used far more than the usual approaches of guns, smartbombs, mass surveillance and security theatre. The use of "Je suis Charlie" has been a rallying cry by which people can stand up and be counted as being opposed to what the extremists are trying to achieve. More importantly it has done so in a way that does not offend those that the extremists probably believe they are acting on behalf of so that they can (and have) stand up and make a statement to the effect that this is not what they want - something simply reprinting the original images does not. Demonstrating to extremists that, actually, most people - including those you think you are fighting for - don't feel the same way ought to make at least some of those that are not just in it for the violence to start questioning whether they are on the right path after all, and maybe stand down without any further bloodshed - on either side.
I wouldn't think that the mechanism by which you perform your backups would make much difference to Cryptowall; how you manage and how long you retain them is far more likely to leave you with a safety net. Unless it gets caught in the act, once Cryptowall gets onto a PC, it encrypts the data first and only then makes its presence known to the victim, so if you've updated your backups in the meantime surely they're as good as useless, regardless of how they were taken? The only way backups might save you from a Cryptowall ransom seems like it would have to be that you still have a known good set that predates the initial infection and (maybe) some incrementals that were backed up before they were encrypted.
Because by forcing you to enable JavaScript to view their content they get more options for trying to serve you some ads and tracking you as well? If there's not an obvious "print view" or some other workaround I generally respond by just voting with my feet and closing the tab because I'm not going to be enabling JavaScript on a random site unless it's for content I *really* want to see. I suppose you could also get pissy about it because it's highly unlikely that such sites would comply with things like disability legislation requirements for screen reader compatibility and the like, but that's too much effort for me.
That's not too far removed from the truth though, is it? Replace "will" with "apathy" and you're pretty much dead on the money. Then again, to really be apathetic you've got to be aware of the issue in the first place, and I doubt that the vast majority of The People are even aware that this issue might even concern them, let alone understand (or take the time to understand - we're back to apathy again) the issues enough to make an informed decision.
The trouble is, it doesn't help with many modern DDoS's
On paper, no, but it might still have benefits. I implemented SPF with "-all" for several domains some years ago which, on paper, merely allows recipients checking SPF to negatively weight/discard emails falsely claiming to be from those domains - it does absolutely *nothing* to prevent spammers from spoofing the domains, yet within two weeks of the SPF records going live the domains stopped being used for joe-jobs and we never saw a single bounce, presumably because they were no longer as attractive to spammers compared to softer targets. In BCP38's case there could be a similar side benefit in that malware that knows its host is part of a BCP38 compliant network has less value than one that is not, and therefore might not participate in as many (or any) DDoS attacks. I've no idea of this is the case or not though; I certainly don't recall reading about any malware that is BCP38 aware...
If I read the GP's post correctly they were not suggesting that the backbone ISPs implement BCP38, but that they don't peer with edge ISPs that don't implement it.
The place to implement BCP38 is definitely as close the edge of the network as possible, long before it gets near the core of an ISP's network, let alone starts hitting up their BGP peers; ideally on the CPE, but failing that on the first capable router on the ISP's network. Why more So-Ho routers don't implement at least partial BCP38 by default has always baffled me; they usually have *one* network, seldom more than two, and often just a single IP on the LAN side, with the entire rest of the internet is on the other - how hard can it be to correctly block spoofed packets by default? That still leaves networks with their own IP allocation that are multi-homing with multiple upstream ISPs, but if someone is that big/technically inclined then they ought to be able to implement BCP38 themselves (I do this at my SoHo), work with their ISPs to sort out the config on their upstream routers, or just man up, do their own BGP and effectively act as an ISP.
Slashdot Mirror
It's also only for the initial few weeks after launch. This is aimed at getting rid of those queues of people that just *have* to have the latest Apple iThing on launch day from cluttering up the streets around the store, which I'm sure goes over well with the city administration that needs to police the queue and deal with the aftermath - at least some of which I suspect have probably had words with Apple store managers or VPs about it. Unless it's a complete debacle I suspect we'll be seeing similar management of iPad, iPhone and other major product launches.
I suspect that's actually the underlying problem for the security & intelligence services. It's not so much the fact that regular citizens are starting to use encryption that they have a problem with so much as through the use of encryption by default they're losing the ability to find the more interesting chatter by simply looking for people that are even using encryption in the first place. When your entire haystack is made out of needles, finding the few you are actually interested in becomes that many orders of magnitude harder.
Well, screw that. What they are basically saying is "make our jobs easier for us", but what they are failing to point out is that by doing so they are also leaving people exposed to everyone else that might want to eavesdrop on random communications, and in particular all those people/organizations/countries that they are meant to be securing each other against. If *you* have access to it, then so do your opponents - so the real question, and the one that really needs to be addressed, is which is the lesser of the two evils - having your nation secure from outsiders, or making the job of securing your nation against internal threats slightly easier? Given the complete failure of the security & intelligence services to demonstrate they can achieve the latter even before encryption become a big issue I'd say that's a complete no brainer.
Were it an application for an IT security role, in the style of those challenges Google and GCHQ have used, then you might have a point and they might have a rather lame excuse. Sadly, this is an application for security of the knuckle dragging variety, and to make matters worse the application process has also been shown to be completely unfit for purpose as just about anyone can successfully apply for a license, including those who should absolutely be prevented from doing so.
When you've got a government department that can't even fulfill do the non-IT related role that it's supposed to do, why am I not surprised that it's also completely incompetent at something it's not - viz managing the procurement of what should be a simple web form process and DB backend?
I don't buy your claim of "hugely". The problem here is that while it's a substantial pile of concrete and while that concrete will generate a lot of CO2 as it solidifies, there is a vast amount of atmosphere. It's just not significant even if you do buy fully into catastrophic AGW.
It's not just the *use*, it's also the production of the concrete itself which tends to get lumped in with the end product in environmental impact calculations. Production of concrete is responsible for approximately 5% of ALL mankind's CO2 emissions of which about half comes from the chemical process itself and almost as much from the fuel burnt to provide power for process, with the bulk of the contribution coming from the cement use which produces approx 850-900kg of CO2 per 1000kg of cement.
Japan is certainly well aware of that because they've been complaining to China about the massive amounts of pollution coming from the massive levels of concrete production for use in their mega-projects for years, making this all the more surprising. Clearly it's a case of "do as I say, not as I do" and, as others have noted, a pretty good indication that Japan doesn't give a shit about the environment, especially since the prevailing winds will blow *their* pollution out over the Pacific. Still, at least the US west coast will have some even more colourful sunsets to look forwards too...
That the proposal is just bare concrete seems completely inexplicable to me; not only is concrete ugly as sin, it's also hugely unfriendly to the environment in terms of CO2 production. Maybe the concrete (and presumably rebar) is needed for structural integrity but a more natural solution based on earthworks, possibly with a re-inforced core of rock/rubble, sounds like it would be less of a blot on the landscape and thus more acceptable to those who have to see it.
Your idea of artificial lakes - perhaps some kind of double berm arrangement with a suitably voluminous (e.g. *big*) and non-residential catchment area that has rapid drainage back to the ocean in between seems like a much better solution to me as well. The berms possibly needn't even be taller than the peaks of the larger tsunami if the height and shape of the outer wall is enough to reduce the force of the wave enough to ensure that the bulk of the water volume ends up in the catchment basin and anything that sloshes over the second berm isn't likely to cause damage, although that possibly a big ask though, given the footage of ocean ships thrown into the middle of cities from the last mega-tsunami. You could still use the space in between the berms for non-residential/industrial applications like agriculture, parkland, etc., and if you designed it well enough there's no reason that repairing the damage from the inevitable flooding couldn't be quick and reasonably cost effective as well - the biggest problem is likely to be desalienating the soil.
I suspect they, and similar agencies, realised this a long time ago; the kind of big data meta analysis of blockchains necessary to establish patterns in the flow of digital currency is what GCHQ, NSA and the like should excel at doing and the use of BitCoin etc. by groups they would be interested in is well documented. Once you start identifying which wallets are regularly transferring large amounts of funds to other known wallets, you can then start looking at who else they are dealing with and building a web of interactions. Combine that with any compromised PCs or other intel that lets them tie specific wallets to specific individuals / organisations and some really useful intelligence about who is dealing with who ought to start dropping out. I'd actually be very surprised if they hadn't been doing this for some time, really.
Not at all, the parallels are pretty obvious if you think about it and as a business model it's working very well for Apple just as it has for many religions. They're not the only organization doing this, far from it, but Apple is just so much better at it than anyone else around at present. Steve Jobs wasn't some real-world parallel of Tywin Lannister who shat high-value dollar bills; those tens of billions in cash Apple is sitting on came from people who paid into the cult by buying Apple's hardware, and in many cases bought essentially the same hardware all over again just because the version number changed and a few things got slightly better... then did so again... and again. They didn't *really* need to, but they were obviously convinced that they had to, so just like a cult in other words.
I'm not faulting it; it's clearly working very well for Apple and their shareholders, but acting shocked and surprised that breaking ranks with such a setup puts you on the receiving end of a fatwa or jihad (to stick with religious parallels) from those still on the inside? Those are the people that are off their meds.
The whole Apple ecosystem is built, designed and operated like a cult. People on both sides of debate frequently refer to it as a "Church". It funnels more and more money from the fanatical congregation into the pockets of the leadership through convincing them that they absolutely, positively *need* to upgrade to the next Operating Thetan, erm, I mean "version". Seriously, Scientology could take lessons from them. WTF did you expect?
Personally, I'd say screw them, revoke the certificates in the OS/browsers, and let CNNIC figure out how to sort out the mess with their customers. Even if you were to then allow them to create a new certificate, they'll still need to go through the financial and administrative pain of having to re-issue all the certificates to their immediate customers like MCS, who will then have to re-issue all their certificates and so on... That's a huge slap on the wrist and a massive deterrant to any other CA messes with the web of trust, or a good defence they can use when their authoritarian government "requests" that they do so, which is more likely what happened here.
In the meantime, you can always delete the trust yourself. Open your Browsers Certificate List ("Options, Advanced, Certificates, View Certificates" in Firefox), find CNNIC's certs (there are two in Firefox - "CNNIC ROOT" and "China Internet Network Information Center EV Certificates Root") and either delete them altogether or edit the trust and remove the ability to sign websites. That's pretty useless as anything other than a feel good factor though because it doesn't stop you accessing any sites in that particular chain of trust; you'll just get a warning that the site uses an untrusted certificate and prompt to abort or add the site's specific certificate without any upstream CA certificates.
Given the huge volume of spam that gets sent from compromised free mail accounts such as Yahoo! et al, mostly due to people using dumb passwords or getting their PC rooted, I can see why Yahoo! might want to move to something else; in that case something you have (a phone) is vastly more secure than a password known to you and a whole bunch of blackhats. That's almost certainly the issue Yahoo! is trying to solve here, rather than the one of securing access to data which, given that it's on a free mail provider, really shouldn't be used for anything sensitive in the first place, but users will be users (even ones in senior government positions it seems).
Still, I can't help but feel that a better approach to using 2FA in frequent use situations where convenience plays a major part might be to only bring the second factor in to play when something "unusual" happens, such as a sudden change in the geographic location of the IP address that you are trying to connect from. That's still possible with Yahoo's system, only it would probably be the password that would be prompted for as the second factor rather than the SMS token as might previously have been the case when 2FA is used in this manner.
That is what I would expect too, perhaps a more accurate description of events might be "paperwork documenting MH370 beacon battery replacement may have been misplaced", but that's not going to generate the same number of page views.
I'd go with this too; defer the decision until your kids are 16, going on 18 and hopefully have a better idea what they want to do and can understand the pros and cons themselves, but you probably want to raise the point before then so they can be considering it ahead of time. There's simply no point burdening them with US taxes that they might otherwise not have had to pay unless there is a good reason for doing so - especially since they'll probably be paying taxes in the EU as well if they choose to stay there. Even if they do want to go and study/work in the US, there's always the option of applying to go as EU citizens which should be good for most things, and if their longer plans might involve the prospect of longer term residency or positions that require US nationality then they could always apply for US citizenship then.
Just because the hypothetical aliens are ahead of us in some respects (e.g. the ability to practically travel across interstellar distances) it does not necessarily follow that they would be ahead of us in all others. For instance, consider Harry Turtledove's short story The Road Not Taken which is based around a premise that humanity overlooked a blindingly simple technique for manipulating gravity that put our technological development onto a completely different track than the invaders of the story.
Might as well mention Twitter's URL shortening service, "t.co", too since that's another area of the business riddled with abuse that they just don't seem to care about. Spammers and malware pushers have been using Twitter's "t.co" links for ages to link to sites, malware and so on, yet Twitter simply doesn't care. Send an abuse report to most other link shortening services and the malicious link is usually dead within a couple of days, and more often within a few hours, yet "t.co" links seem to be inspired by De Beers and last forever so presumably the abuse reports are simply /dev/null'd. On the plus side, you can pretty much guarantee any email with a "t.co" link is spam and score it accordingly (or just reject them outright since the FP rate is so low), but it would be nice if they did something about that too.
I'm sure it's just a matter if time, and after that the only thing left to do will be to embed a decent text editor.
Aside from the few hundred lives vs. a few thousand lives if the plane was actually hijacked and attempted another 9/11 style crash into a metropolitan area there is another reason you might want a chase aircraft - obtaining camera footage of the plane should the threat prove genuine and the plane is blown up. I would imagine such data might prove quite useful to the resultant investigation in terms of narrowing down where the bomb was located, how powerful it was, whether it was carried on or checked, and potentially even narrow down who might have got the bomb onboard.
Is climate change real and not a hoax?: Yes (98:1) - Sen. Roger Wicker (R-MS) voted "Yes"
Do humans contribute significantly to climate change?: No (50:49) - All the Dems plus a few Reps votes "Yes". Key to that result however is that before the vote Sen. Lisa Murkoswki (R-AK) took exception to the word "significantly", which I actually think is a reasonable point given the available data that tries to quantify our contribution to the changes.
The question that remains unanswered is how many of those 50 that voted "No" in the second vote would have voted differently if the contentious "significantly" wasn't present. That's almost certainly more than zero, so it appears that the disconnect between what US politicians and scientists believe about climate change and AGW might not be as far apart as some are portraying it, and might not even exist at all.
That sounds like it ought to be a good idea - actual peers rather than essentially random people - but I'm not sure that would actually work too well for the lawyers. Essentially one side, whether they realise it or not, is trying to "prove" something that is incorrect; at a simple level a defendant can't be both innocent and guilty of the same accusation (jokes about Schroedinger's cat aside). In situations where the prosecution's lawyers know that their case is a house of cards or the defendant's lawyers know that their clients are guilty it's in their best interests to make sure that anyone competent in technical issues to be discussed doesn't make it through jury selection in order to make it easier for them to bamboozle the rest.
From the original submission, this is the link that you are looking for. Yep, it's a industry rag reporting on Nielsen data. No way that's not going to be a victim of lies, damn lies and statistics...
It's definitely part of the solution and can definitely help in some situation, but it's not the best general approach and has the highly likely side effect of perpetuating the problem by creating more extremists as a result of the actions taken again existing ones that goes wrong. This has clearly been happening in Iraq, Afghanistan, Syria and everywhere else this approach has been used where many extremists cite past attacks against earlier extremists that have claimed the lives of friends and family (innocent or otherwise) as their motivation. As you note, it also gives the terrorists exactly what they want; forcing those they are attacking onto the backfoot and reducing the freedom of the people to the point that there's not really all that much difference between the control enforced by the state and the control the extremists want to enforce.
The wake of the attack on Charlie Hebdo has given us a look at a far more effective general solution in my opinion, and one that ought to be used far more than the usual approaches of guns, smartbombs, mass surveillance and security theatre. The use of "Je suis Charlie" has been a rallying cry by which people can stand up and be counted as being opposed to what the extremists are trying to achieve. More importantly it has done so in a way that does not offend those that the extremists probably believe they are acting on behalf of so that they can (and have) stand up and make a statement to the effect that this is not what they want - something simply reprinting the original images does not. Demonstrating to extremists that, actually, most people - including those you think you are fighting for - don't feel the same way ought to make at least some of those that are not just in it for the violence to start questioning whether they are on the right path after all, and maybe stand down without any further bloodshed - on either side.
I wouldn't think that the mechanism by which you perform your backups would make much difference to Cryptowall; how you manage and how long you retain them is far more likely to leave you with a safety net. Unless it gets caught in the act, once Cryptowall gets onto a PC, it encrypts the data first and only then makes its presence known to the victim, so if you've updated your backups in the meantime surely they're as good as useless, regardless of how they were taken? The only way backups might save you from a Cryptowall ransom seems like it would have to be that you still have a known good set that predates the initial infection and (maybe) some incrementals that were backed up before they were encrypted.
Because by forcing you to enable JavaScript to view their content they get more options for trying to serve you some ads and tracking you as well? If there's not an obvious "print view" or some other workaround I generally respond by just voting with my feet and closing the tab because I'm not going to be enabling JavaScript on a random site unless it's for content I *really* want to see. I suppose you could also get pissy about it because it's highly unlikely that such sites would comply with things like disability legislation requirements for screen reader compatibility and the like, but that's too much effort for me.
That's not too far removed from the truth though, is it? Replace "will" with "apathy" and you're pretty much dead on the money. Then again, to really be apathetic you've got to be aware of the issue in the first place, and I doubt that the vast majority of The People are even aware that this issue might even concern them, let alone understand (or take the time to understand - we're back to apathy again) the issues enough to make an informed decision.
On paper, no, but it might still have benefits. I implemented SPF with "-all" for several domains some years ago which, on paper, merely allows recipients checking SPF to negatively weight/discard emails falsely claiming to be from those domains - it does absolutely *nothing* to prevent spammers from spoofing the domains, yet within two weeks of the SPF records going live the domains stopped being used for joe-jobs and we never saw a single bounce, presumably because they were no longer as attractive to spammers compared to softer targets. In BCP38's case there could be a similar side benefit in that malware that knows its host is part of a BCP38 compliant network has less value than one that is not, and therefore might not participate in as many (or any) DDoS attacks. I've no idea of this is the case or not though; I certainly don't recall reading about any malware that is BCP38 aware...
If I read the GP's post correctly they were not suggesting that the backbone ISPs implement BCP38, but that they don't peer with edge ISPs that don't implement it.
The place to implement BCP38 is definitely as close the edge of the network as possible, long before it gets near the core of an ISP's network, let alone starts hitting up their BGP peers; ideally on the CPE, but failing that on the first capable router on the ISP's network. Why more So-Ho routers don't implement at least partial BCP38 by default has always baffled me; they usually have *one* network, seldom more than two, and often just a single IP on the LAN side, with the entire rest of the internet is on the other - how hard can it be to correctly block spoofed packets by default? That still leaves networks with their own IP allocation that are multi-homing with multiple upstream ISPs, but if someone is that big/technically inclined then they ought to be able to implement BCP38 themselves (I do this at my SoHo), work with their ISPs to sort out the config on their upstream routers, or just man up, do their own BGP and effectively act as an ISP.