"To make this ambitious plan possible, the company this week said it had begun its initial fundraising campaign via a company called RocketHub which defines itself as a crowdfunding outfit that helps raise money for a variety of entrepreneurial pursuits."
If every human on Earth gave them a dollar, they wouldn't have enough to do this. We're talking about settling the moon AND having steady traffic back and forth AND manufacturing using lunar materials...a trifecta of things that have never been done, and all within the space of 8 years? Oh, and by the way...where are the rockets that stop at the moon for fuel heading off to? We don't have half the challenges of interplanetary travel (even if we had so much as a couch to sleep on once we got there) solved, and by the time something is in LEO or higher, the majority of fuel consumption is over with, so refueling is kind of a waste of time.
So, to review...it looks to me like they're asking everyone to give them some money so they can do this incredibly hard thing on a very short timeline that will get them up and running with a lunar gas station that nobody will need yet. I say they're pulling a Moller/Phantom.
The theory is that the more countries and NGO that have nuclear weapons, then the more likely they are to be used.
Strange theory... last I know of, the only time a nuclear weapon was used in a war was at a time only one nation has had the technology.And they used it twice. And I heard/read some arguing that their use was gratuitous, just for showing some muscles.
Actually, there's another theory...that the more countries (and in particular, the more unstable countries) have nuclear weapons, the more likely they are to fall into the hands of an actor where deterrence does not come into play. The best current example of this is Libya, who fortunately gave up their nuclear program before the recent rebellion and subsequent chaos. It isn't at all difficult to imagine that if weapons-grade material or even a nuclear weapon itself were somewhere in Libya during the uprising that there wouldn't be forces trying to locate and seize it that would be far more likely to use a nuke than a nation-state (which can be nuked in return). This is the real nightmare scenario, these days. As you've accurately pointed out, deterrence is remarkably effective at keeping nation-states from using nuclear weapons on each other, but when you put a weapon into the hands of a group that many countries are trying to hunt to extinction anyways, there isn't much to deter them.
I think you're missing the real point. These aren't random bloggers on the Internet, the sort that would say "oh wow, those Mexican criminals are bad," these are people who are local to the region, commenting on facts...in effect, acting as journalists. Reporters have already been murdered and threatened; it just follows that bloggers would get the same treatment.
And if you think that "the complexity of the Internet" is much help, let me break down this situation to you:
Bloggers: "Dear Mexican crime syndicates: we will tell other people what you are doing, that you are killing, kidnapping, extorting and selling drugs."
Mexican crime syndicates: "Dear bloggers: we will torture you to death, and then dump your body in a public place as a message."
That doesn't seem like a very symmetric exchange to me.
2 very different games, I don't understand why people compare them in the first place.
EA seems to act like the BF and COD franchises compete in a zero-sum world, like it is for many durable goods; if you like Company X's dishwasher a little better than Company Y's dishwasher, you'll only buy Company X's dishwasher because it makes no sense to have more than one such object in your kitchen. But that's not really how it goes with this market. If I like MW3 slightly better than BF3, it doesn't mean that I don't want to play (and own) them both...in fact, I do. If you ask me, it almost seems like EA has some kind of inferiority complex over the whole thing, and is overcompensating...
Actually, no. Being compliant with PCI is tremendously expensive, and I can't imagine many business cases that would give cause for a customer to need it. So it would be incredibly stupid to spend all of that money on PCI compliance for very little return. Furthermore, you're using the word "compliant" like it means "secure," which it absolutely does not. Hannaford was compliant, and still suffered a major breach. As far as they knew, TJX was compliant; they didn't know that many of the products sold to them for POS processing cached the information in the clear, nor could they have. And in terms of other forms of compliance, there's DIACAP in the military, but nonetheless those systems get hacked fairly regularly anyways.
And, given your argument, where do you draw the line? Why stop at PCI, HIPAA, and SOX? Why not include NERC CIP? BASEL II? FIPS? NEI? FISMA? FOIPPA? You seem to think that it's easy or cheap to just "be compliant" with each standard...it is not. It's a massive undertaking, and if you decide you want to be compliant with all of them, guess what? You're basically hamstrung as to your architecture, personnel and business model...and it sure as hell can't be hosted in a cloud by Amazon.
So I guess they have an astroturfing (http://en.wikipedia.org/wiki/Astroturfing) department, as well. They spread positive stuff on America's actions in foreign social networks.
So I hope that the mining folks don't pick up something spread by their own astroturfing folks. Gee, wouldn't that be a major failure of intelligence gathering.?
So, first off, before it was called "astroturfing" it was already an old practice in the realm of geopolitics...it was called "propoganda," and everyone does it like crazy. It's not rocket science that you guessed at that, by the way...this is far, far, far from being either a news or secret.
If you read the article, you'll see that what they're doing is not just absorbing the messages, but looking at the information in the context of the sources providing them. And they aren't just looking at opinions, but at facts as well. In fact, I'd be shocked if they weren't fully aware of what other efforts were underway to improve the viewpoint on American activities, and cross-referencing to validate the effectiveness of those efforts. As well they should; that's part of what an intelligence organization is supposed to do, after all. Why do some people get so upset when the CIA does what the CIA is meant to do? If you want to live in a country that has no such apparatus, your options are extremely limited...I recommend Costa Rica or Luxembourg. At least what we're talking about here is nothing more than listening to what the rest of the world is saying, and paying attention to it...this is not waterboarding, extraordinary rendition, or reaper drone strikes. It's reading Twitter and Facebook.
Support for the OS is one thing, but what about support from other vendors? For example, I'm involved in a project where a client has used CentOS throughout their solution. Now, they want patch management, backup/restore, etc...and have found out that none of the commercial solutions (and they need enterprise-grade commercial solutions) support CentOS, even when they have support for RedHat. So now they are pretty much screwed.
The idea of a secured system designed for the sole purpose of allowing executives and board members of the corporations to communicate in secret is profoundly disturbing on so many levels...
Actually, it makes an enormous amount of sense. Keep in mind that things like IPOs, discussion around delisting, and other decisions that involve both a stock exchange and a public-traded company don't just happen. There's a good bit of communication that has to happen first, and even a rumor about some events can have impact on that company's stock price. So just as it is with company-internal information about financials during a quiet period just before an official announcement, it makes sense for there to be a channel of communications whereby things can be kept quiet until they are deliberately (rather than accidentally) disclosed.
What Fred's family really gets out of this though is that their protests bring condemnation. I suspect they sell this to the congregation that they are being good Christians being persecuted like the early Christians who were tortured and executed by various means. By ostracizing his followers from everybody else in town, they reinforce their members' dependance upon one another like any cult, and the family probably sees pretty good revenue in the collection basket.
Well, heck...let's help them out, and go all in. I say we give the nice reverend a promotion all the way to the top rung of Christian persecution...let's nail him to a big cross!
It's not an operating system, it's called command and control. And Katia Moskovitch (who wrote that article) has her head up her ass; several cities are doing this already, exactly as described. Anaheim, for example, has an extremely sophisticated system, especially when it comes to monitoring activity and helping first responders deal with things like car accidents, fires and hazardous material incidents. I've seen it, from the control center, and it frankly blew me away...very cool stuff. The real interesting part isn't about the data from the sensors, however; that's almost useless by itself. The real value comes from fusing that data with information that is kept about the nature of things. For example, when a fire breaks out at X place, there's information on hand about what is normally found there. Let's say it's a warehouse...does that warehouse keep anything particularly dangerous in storage, and if so, what kinds of dangers does it pose? That information is there, and can be relayed to the police and firefighters on scene so that they know what they're dealing with.
Okay, so here's the deal. The power grid has to be built to support peak load, not average. If there are three days out of an entire year where the customers of a power company use more power than the whole rest of the year, then that power company has to build out their infrastructure to support the demand of those three days. There are some exceptions to this, based on energy trading from neighboring sections of the grid, but since peak demand is usually driven by time of day and current weather, you can't count on the exceptions to save you. (If it's a heat wave where you are in San Antonio at 3 PM and everyone is cranking their AC, it's probably also a heat wave in Houston, where it is also 3PM and everyone is cranking their AC as well...so if you're at peak capacity, so are they in all likelihood.) Additionally, many sources of "load" (aka power consumption) come on without warning, like factories with large units like smelters, furnaces, and so on. Power generation plants have a degree of inertia; they don't just instantly go from operating at 50% of capacity to a higher level...it takes time for them to get there. Think of it as being like throttle response in a car, only a bit slower. Some plants spin up faster than others, but the faster ones are smaller (on-demand gas turbine generators are a perfect example), and more expensive in terms of cost per KWh. And finally, if you look at the distribution of load over the course of a 24-hour day, you'll see that the load is OVERWHELMINGLY concentrated during daylight hours...which makes the "build for peak" challenge all the harder on the power companies.
So, what is being talked about here is one of many technologies intended to help with "demand response," which is the term for the methods by which a power company can deal with sudden increases in load, or alternatively ways to help smooth out the 24-hour cycle of load/demand, so that they don't have to spend quite so much on generation capacity that goes unused 50% or more of the time. People aren't looking at these cars as a fundamental power source to run the grid; it's more like a shock absorber for the grid, so that when that plant with the furnace turns the damned thing on at 3PM on an August afternoon in Texas when it's already 105 degrees in the shade, it won't result in a brownout...or require that the power company spend half a billion dollars on another demand generator just in case.
They should have done a little Googling before they decided on a name...there's already a commercial product (albeit a very different one) that uses the name "AirShark":
I remember when the online community castigated Yahoo for cooperating with the Chinese, a couple of years ago. People talked about it like it was a choice between giving the Chinese the information they wanted, or not giving it to them; nobody considered that the Chinese could get the information by threatening the Chinese employees of Yahoo who had access to the information, or by alternate (and even less friendly) methods. What nobody seemed to realize is that when you're dealing with certain kinds of things (like criminal organizations and repressive governments), things don't stay in online. There are kinetic repurcussions to actions, and if the 'bad people' are more comfortable in the real world than the online one, they're going to show up on your doorstep, not in your inbox.
Section 1. Sony will not install spyware on any of my systems. Ever. No rootkits, either.
Section 2. Sony will not store private data that relates to me insecurely, nor will Sony delay disclosure of any security events that affect private data.
Section 3. Sony will not seek to restrain me from using due process in the event that Sony breaches any other terms of this agreement.
Section 4. In the event that Sony fails to honor one or more...ah, who am I kidding? (Goes and buys a Samsung TV instead)
The revocation of certain certificates hasn't been as comprehensive as originally stated, before this point. SANS did a good write-up of this, where they dug into the details of the CRL updates and update history to try and figure out exactly what happened when with revocation, and they couldn't find evidence of a lot of the claimed revocations. In my opinion, this demonstrates an underlying problem with the architecture of PKI as it exists today, and how revocation of trust works...in the name of reliability, the trend is for trust to continue, and any certificates from a trusted root provider are "innocent until proven guilty." This is a terrible model to employ if you have even one untrustworthy (either by choice, or by failure to implement effective security) root provider. Thus, any failure by a root provider that takes place on this scale, particularly where unknown numbers of intermediate certificates have been fraudulently issued without any real ability to track which ones they are, should result in a PKI death penalty. The only way to be sure that the damage is contained and stopped is to terminate trust of the entire root of that CA authority.
Haven't you heard? The Chinese have mandated a new industry standard for "meters"; companies that fail to establish interoperability with the new standard will be barred from doing business in China:)
And anyways, it seems to me that the record shouldn't be for how deep you dive...but from how deep you manage to make it back up...anyone can get to the bottom of the Marianas Trench...it's easy! {straps on weights and jumps over the side of the boat to prove his point}
Please post a link to a recording of a phone call where you talk your grandmother or parents through that command you just described, on their computer. Maybe after you go through that, you'll understand:)
Okay, we get it now. Being a leading browser is a huge deal, and it's a massive thing just to keep up with the bug reports, much less the bugs themselves.
Slashdot Mirror
The "l" in "clock" didn't register with my eyes as the title of this post moved down my screen...wow...
"To make this ambitious plan possible, the company this week said it had begun its initial fundraising campaign via a company called RocketHub which defines itself as a crowdfunding outfit that helps raise money for a variety of entrepreneurial pursuits."
If every human on Earth gave them a dollar, they wouldn't have enough to do this. We're talking about settling the moon AND having steady traffic back and forth AND manufacturing using lunar materials...a trifecta of things that have never been done, and all within the space of 8 years? Oh, and by the way...where are the rockets that stop at the moon for fuel heading off to? We don't have half the challenges of interplanetary travel (even if we had so much as a couch to sleep on once we got there) solved, and by the time something is in LEO or higher, the majority of fuel consumption is over with, so refueling is kind of a waste of time.
So, to review...it looks to me like they're asking everyone to give them some money so they can do this incredibly hard thing on a very short timeline that will get them up and running with a lunar gas station that nobody will need yet. I say they're pulling a Moller/Phantom.
The theory is that the more countries and NGO that have nuclear weapons, then the more likely they are to be used.
Strange theory... last I know of, the only time a nuclear weapon was used in a war was at a time only one nation has had the technology.And they used it twice. And I heard/read some arguing that their use was gratuitous, just for showing some muscles.
Actually, there's another theory...that the more countries (and in particular, the more unstable countries) have nuclear weapons, the more likely they are to fall into the hands of an actor where deterrence does not come into play. The best current example of this is Libya, who fortunately gave up their nuclear program before the recent rebellion and subsequent chaos. It isn't at all difficult to imagine that if weapons-grade material or even a nuclear weapon itself were somewhere in Libya during the uprising that there wouldn't be forces trying to locate and seize it that would be far more likely to use a nuke than a nation-state (which can be nuked in return). This is the real nightmare scenario, these days. As you've accurately pointed out, deterrence is remarkably effective at keeping nation-states from using nuclear weapons on each other, but when you put a weapon into the hands of a group that many countries are trying to hunt to extinction anyways, there isn't much to deter them.
I think you're missing the real point. These aren't random bloggers on the Internet, the sort that would say "oh wow, those Mexican criminals are bad," these are people who are local to the region, commenting on facts...in effect, acting as journalists. Reporters have already been murdered and threatened; it just follows that bloggers would get the same treatment.
And if you think that "the complexity of the Internet" is much help, let me break down this situation to you:
Bloggers: "Dear Mexican crime syndicates: we will tell other people what you are doing, that you are killing, kidnapping, extorting and selling drugs."
Mexican crime syndicates: "Dear bloggers: we will torture you to death, and then dump your body in a public place as a message."
That doesn't seem like a very symmetric exchange to me.
2 very different games, I don't understand why people compare them in the first place.
EA seems to act like the BF and COD franchises compete in a zero-sum world, like it is for many durable goods; if you like Company X's dishwasher a little better than Company Y's dishwasher, you'll only buy Company X's dishwasher because it makes no sense to have more than one such object in your kitchen. But that's not really how it goes with this market. If I like MW3 slightly better than BF3, it doesn't mean that I don't want to play (and own) them both...in fact, I do. If you ask me, it almost seems like EA has some kind of inferiority complex over the whole thing, and is overcompensating...
Actually, no. Being compliant with PCI is tremendously expensive, and I can't imagine many business cases that would give cause for a customer to need it. So it would be incredibly stupid to spend all of that money on PCI compliance for very little return. Furthermore, you're using the word "compliant" like it means "secure," which it absolutely does not. Hannaford was compliant, and still suffered a major breach. As far as they knew, TJX was compliant; they didn't know that many of the products sold to them for POS processing cached the information in the clear, nor could they have. And in terms of other forms of compliance, there's DIACAP in the military, but nonetheless those systems get hacked fairly regularly anyways.
And, given your argument, where do you draw the line? Why stop at PCI, HIPAA, and SOX? Why not include NERC CIP? BASEL II? FIPS? NEI? FISMA? FOIPPA? You seem to think that it's easy or cheap to just "be compliant" with each standard...it is not. It's a massive undertaking, and if you decide you want to be compliant with all of them, guess what? You're basically hamstrung as to your architecture, personnel and business model...and it sure as hell can't be hosted in a cloud by Amazon.
This is the way it will happen, someone you trust will ask you to get in the car with them. DON'T DO IT!!
And if they will use words like "safe" and "secure," especially in repetition, then it means they mean to kill you!
So I guess they have an astroturfing (http://en.wikipedia.org/wiki/Astroturfing) department, as well. They spread positive stuff on America's actions in foreign social networks.
So I hope that the mining folks don't pick up something spread by their own astroturfing folks. Gee, wouldn't that be a major failure of intelligence gathering.?
So, first off, before it was called "astroturfing" it was already an old practice in the realm of geopolitics...it was called "propoganda," and everyone does it like crazy. It's not rocket science that you guessed at that, by the way...this is far, far, far from being either a news or secret.
If you read the article, you'll see that what they're doing is not just absorbing the messages, but looking at the information in the context of the sources providing them. And they aren't just looking at opinions, but at facts as well. In fact, I'd be shocked if they weren't fully aware of what other efforts were underway to improve the viewpoint on American activities, and cross-referencing to validate the effectiveness of those efforts. As well they should; that's part of what an intelligence organization is supposed to do, after all. Why do some people get so upset when the CIA does what the CIA is meant to do? If you want to live in a country that has no such apparatus, your options are extremely limited...I recommend Costa Rica or Luxembourg. At least what we're talking about here is nothing more than listening to what the rest of the world is saying, and paying attention to it...this is not waterboarding, extraordinary rendition, or reaper drone strikes. It's reading Twitter and Facebook.
Support for the OS is one thing, but what about support from other vendors? For example, I'm involved in a project where a client has used CentOS throughout their solution. Now, they want patch management, backup/restore, etc...and have found out that none of the commercial solutions (and they need enterprise-grade commercial solutions) support CentOS, even when they have support for RedHat. So now they are pretty much screwed.
The idea of a secured system designed for the sole purpose of allowing executives and board members of the corporations to communicate in secret is profoundly disturbing on so many levels...
Actually, it makes an enormous amount of sense. Keep in mind that things like IPOs, discussion around delisting, and other decisions that involve both a stock exchange and a public-traded company don't just happen. There's a good bit of communication that has to happen first, and even a rumor about some events can have impact on that company's stock price. So just as it is with company-internal information about financials during a quiet period just before an official announcement, it makes sense for there to be a channel of communications whereby things can be kept quiet until they are deliberately (rather than accidentally) disclosed.
Well, heck...let's help them out, and go all in. I say we give the nice reverend a promotion all the way to the top rung of Christian persecution...let's nail him to a big cross!
It's not an operating system, it's called command and control. And Katia Moskovitch (who wrote that article) has her head up her ass; several cities are doing this already, exactly as described. Anaheim, for example, has an extremely sophisticated system, especially when it comes to monitoring activity and helping first responders deal with things like car accidents, fires and hazardous material incidents. I've seen it, from the control center, and it frankly blew me away...very cool stuff. The real interesting part isn't about the data from the sensors, however; that's almost useless by itself. The real value comes from fusing that data with information that is kept about the nature of things. For example, when a fire breaks out at X place, there's information on hand about what is normally found there. Let's say it's a warehouse...does that warehouse keep anything particularly dangerous in storage, and if so, what kinds of dangers does it pose? That information is there, and can be relayed to the police and firefighters on scene so that they know what they're dealing with.
Okay, so here's the deal. The power grid has to be built to support peak load, not average. If there are three days out of an entire year where the customers of a power company use more power than the whole rest of the year, then that power company has to build out their infrastructure to support the demand of those three days. There are some exceptions to this, based on energy trading from neighboring sections of the grid, but since peak demand is usually driven by time of day and current weather, you can't count on the exceptions to save you. (If it's a heat wave where you are in San Antonio at 3 PM and everyone is cranking their AC, it's probably also a heat wave in Houston, where it is also 3PM and everyone is cranking their AC as well...so if you're at peak capacity, so are they in all likelihood.) Additionally, many sources of "load" (aka power consumption) come on without warning, like factories with large units like smelters, furnaces, and so on. Power generation plants have a degree of inertia; they don't just instantly go from operating at 50% of capacity to a higher level...it takes time for them to get there. Think of it as being like throttle response in a car, only a bit slower. Some plants spin up faster than others, but the faster ones are smaller (on-demand gas turbine generators are a perfect example), and more expensive in terms of cost per KWh. And finally, if you look at the distribution of load over the course of a 24-hour day, you'll see that the load is OVERWHELMINGLY concentrated during daylight hours...which makes the "build for peak" challenge all the harder on the power companies.
So, what is being talked about here is one of many technologies intended to help with "demand response," which is the term for the methods by which a power company can deal with sudden increases in load, or alternatively ways to help smooth out the 24-hour cycle of load/demand, so that they don't have to spend quite so much on generation capacity that goes unused 50% or more of the time. People aren't looking at these cars as a fundamental power source to run the grid; it's more like a shock absorber for the grid, so that when that plant with the furnace turns the damned thing on at 3PM on an August afternoon in Texas when it's already 105 degrees in the shade, it won't result in a brownout...or require that the power company spend half a billion dollars on another demand generator just in case.
They should have done a little Googling before they decided on a name...there's already a commercial product (albeit a very different one) that uses the name "AirShark":
http://www.itrbo.com/airshark/airshark.html
Tell you what...let's make a deal...
I'll drink the pigeon milk, if I can milk the pigeons by kicking the hell out of them. Deal?
Dude, that's seriously fucked up.
I'm just picturing Godzilla, sitting at a computer in a basement somewhere...
I remember when the online community castigated Yahoo for cooperating with the Chinese, a couple of years ago. People talked about it like it was a choice between giving the Chinese the information they wanted, or not giving it to them; nobody considered that the Chinese could get the information by threatening the Chinese employees of Yahoo who had access to the information, or by alternate (and even less friendly) methods. What nobody seemed to realize is that when you're dealing with certain kinds of things (like criminal organizations and repressive governments), things don't stay in online. There are kinetic repurcussions to actions, and if the 'bad people' are more comfortable in the real world than the online one, they're going to show up on your doorstep, not in your inbox.
Section 1.
Sony will not install spyware on any of my systems. Ever. No rootkits, either.
Section 2.
Sony will not store private data that relates to me insecurely, nor will Sony delay disclosure of any security events that affect private data.
Section 3.
Sony will not seek to restrain me from using due process in the event that Sony breaches any other terms of this agreement.
Section 4.
In the event that Sony fails to honor one or more...ah, who am I kidding? (Goes and buys a Samsung TV instead)
I hear that astronomers are planning to name the planet "Federline".
The revocation of certain certificates hasn't been as comprehensive as originally stated, before this point. SANS did a good write-up of this, where they dug into the details of the CRL updates and update history to try and figure out exactly what happened when with revocation, and they couldn't find evidence of a lot of the claimed revocations. In my opinion, this demonstrates an underlying problem with the architecture of PKI as it exists today, and how revocation of trust works...in the name of reliability, the trend is for trust to continue, and any certificates from a trusted root provider are "innocent until proven guilty." This is a terrible model to employ if you have even one untrustworthy (either by choice, or by failure to implement effective security) root provider. Thus, any failure by a root provider that takes place on this scale, particularly where unknown numbers of intermediate certificates have been fraudulently issued without any real ability to track which ones they are, should result in a PKI death penalty. The only way to be sure that the damage is contained and stopped is to terminate trust of the entire root of that CA authority.
Haven't you heard? The Chinese have mandated a new industry standard for "meters"; companies that fail to establish interoperability with the new standard will be barred from doing business in China :)
And anyways, it seems to me that the record shouldn't be for how deep you dive...but from how deep you manage to make it back up...anyone can get to the bottom of the Marianas Trench...it's easy! {straps on weights and jumps over the side of the boat to prove his point}
Please post a link to a recording of a phone call where you talk your grandmother or parents through that command you just described, on their computer. Maybe after you go through that, you'll understand :)
I thought Matthew Broderick already took care of these guys years ago? Did they get out of prison?
Okay, we get it now. Being a leading browser is a huge deal, and it's a massive thing just to keep up with the bug reports, much less the bugs themselves.