I have to wonder if certain authorities aren't severely over-reacting. In general, amateurs will use fairly readily available components, many available at your local hardware store or Walmart. They aren't sensitive or all that dangerous until they are combined and processed to make an explosive. The dangerous chemicals are of course harder to get, and not at all necessary to make explosives.
The report doesn't say what was in the apartment, but odds of are the components aren't really the dangerous at all. After being combined and processed, you of course end up with an explosive, which is dangerous. I wouldn't expect that to be made into a powder and sprinkled around, though - the more dangerous explosives would be contained. The explosion that killed him would also be expected to set off any nearby high explosives. That's how high explosives are set off - by a smaller explosion, not by burning. Generally only low explosives such as black powder are set off by burning. Low explosives have to be in a container to explode, so residue isn't really a problem. (A LOT of residue built up somewhere is a fire hazard, though.) Black powder isn't quite as safe as something like table salt, but a little residue isn't really dangerous and even humidity will render it non-flammable.
In short, a good cleaning with soap and water probably would have rendered it perfectly safe as far as explosive residue. If the explosion did structural damage to the building that's another issue entirely.
That's a good point. My first thought is that using Linux you can do all those things without paying for crashes and getting hacked. That doesn't make a great promo video, though.
Open source definitely needs better marketing. Right now at work we're dealing with an issue where we need to switch vendors for certain software, but we can't get our data out of the old system and in to the new system. So we're a bit stuck; stuck with software that doesn't fit our needs and costs too much. With open source software, we COULD easily get our data out, licensing costs would have never been an issue in the first place, and we could adjust the software to fit our needs. So everything about the situation shows three reasons open source would be better, but none of that fits well in a 30-second video.
Stewart wasn't held liable for most of the things in the SEC complaint because she was neither an officer of the company nor did she get the information from one. She basically went to prison for lying about the whole thing (obstruction of justice, etc.)
Pump and dump is covered under rule 10b-5: Employment of Manipulative and Deceptive Practices. What's illegal is to LIE about a company in order to fraudulently manipulate the stock price. Telling the truth about a company is not only okay, but encouraged. Several offenses related to investing are only offenses if you fail to reveal the truth about the issues. If a company has security risks, or any other risks, certain people are REQUIRED to publish that information. Publishing true statements not only isn't a crime, it's how you avoid being charged with other crimes. Here's the full text if Rule 10b-5, the pump and dump rule.
It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or of any facility of any national securities exchange, (a) To employ any device, scheme, or artifice to defraud, (b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading, or (c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person, in connection with the purchase or sale of any security."
Another thing that's been done regarding pump and dump is restrictions on who can trade penny stocks and how, since fraudsters often use penny stocks.
If you look at the SEC web site it says illegal insider trading is: --
buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence, --
The fiduciary duty is the duty that corporate officers, the company's lawyer, etc, have to look out for the interests of the company (stockholders) rather than their own personal gain. I have no "relationship of trust and confidence", no fiduciary duty, with Intel or AMD. Therefore, according to the SEC I can buy and sell AMD or Intel stock based on WHATEVER information I have, as long as I didn't get that information secretly from someone who has a "relationship of trust and confidence" with the company, such as a corporate officer.
I can decide to sell my Intel stock today because I haven't pooped yet, or because a groundhog saw his shadow. What's prohibited is people employed to take care of the company (corporate officers, etc) must not abrogate that responsibility for their own personal gain.
The SEC went after Mark Cuban and Cuban won. The Cuban case is an example of what is NOT insider trading.
Also if you look at the SEC web site it says illegal insider trading is: --
buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence, --
The fiduciary duty is the duty that corporate officers, the company's lawyer, etc, have to look out for the interests of the company (stockholders) rather than their own personal gain. I have no "relationship of trust and confidence", no fiduciary duty, with Intel or AMD. Therefore, according to the SEC I can buy and sell AMD or Intel stock based on WHATEVER information I have, as long as I didn't get that information secretly from someone who has a "relationship of trust and confidence" with the company, such as a corporate officer.
Wow that summary is a giant load of crap. Doesn't even indicate what the bill is about.
The Cloud act is about establishing a process which approved foreign governments may follow when requesting information about non-US persons (neither citizen nor resident) from US companies. For example, if there were a bombing in the UK, by a UK citizen, and the the UK police wanted to get the perpetrator's Apple Maps history, they could follow this process to request that data from Apple, a US company storing the data in the US.
To be eligible, the foreign government law must "afford robust substantive and procedural protections for privacy and civil liberties", as agreed to by both the Attorney General, and the Secretary of State, with Congress able to overrule approvals.
Requests must be based on "articulable and credible facts" and subject to "review or oversight by a court, judge, or magistrate or other independent authority".
Any information revealed about US persons may not be shared with the US government.
That's the general gist of the bill. You can read it for further details. You'll likely find some good and some bad in it.
> Wiki is not accepted as a scholarly or reputable source in any reputable academic institution.
You don't cite an encyclopedia for the same reason you don't cite "the library".
Encyclopedias, including Wikipedia, are secondary sources. That means they collect and summarize primary sources, such as peer-reviewed studies. (Just as libraries collect and catalog sources).
Whatever is in an encyclopedia came from somewhere else, so you cite the source. It would be dumb to cite "Encyclopedia Britannica says that a study by Harvard says that...". Just cite the study directly rather than indirectly.
This does not mean that encyclopedias are unreliable or somehow "bad", they are just an unnecessary extra step when citing where information comes from. You wouldn't cite "my roommate, John Carter, showed me a study which he got from the Texas A&M library which states..." You cite the source of the information, not the steps it took to get to you. Wikipedia is a conduit of information, like a library, not an original source.
> Nothing more ridiculous than fat, well-paid white men
The first person to make a racial comment - also you. The first person to disrepair and insult people based on their gender? You. Just put get it over with an put on your KKK hood already since you clearly have no shame about being a racist and a bigot.
Thanks for posting some counter points vs the groupthink. It's interesting to consider all sides of an issue.
On much of this, we are ALL talking to of our ass. We simply do not know. We really can't answer "is water boarding torture" for two reasons. First because we haven't experienced it and don't really know what it's like. We can only parrot what someone said on our favorite echo-chamber TV program. Secondly, the question itself is absurdly binary. Water boarding is clearly very unpleasant. It's also clearly far less severe than most of what what traditionally be considered torture. There is a continuum, a range of degree, and framing it as a yes/no question is silly.
We can't really answer the other questions brought up, for the same reasons. "Does water boarding work?". Again treating that as a yes/no is silly. Of course subjects may give untrue answers, so there is a need to think about whether their answers are logical and consistent with other information available. (And "consistent with" doesn't mean "duplicative"). Also as you point out we train our special forces how to limit the amount and importance of the information they reveal because prisoners DO reveal valuable information. A good question would be "how well does water boarding work under each of the following sets of circumstances...?". The answer will be different under different circumstances. Probably none of us here are interrogation experts, so none of us know how well it has worked under any given set of circumstances.
Lacking so much relevant information, here's my opinion:
As a general policy, the United States should stand as a beacon of freedom, liberty, and human rights. The US is not a nation created around a certain ethnic group, the country was created based on certain principles; we should exemplify those principles.
Having said the above, in the very RARE case that we capture someone who has knowledge of an ongoing plan to blow up a bunch of innocent people, our agents should stop that disastrous attack using whatever methods are necessary to get the information from the murderous terrorist we've captured. And I don't want to know what they did to the terrorist. Handle it. Those instances are very rare.
For IP KVM, I don't remember offhand who it was. No longer available, though.
For RC transmitters, Frsky. At least one Frsky transmitter is also sold as a Turnkey. For flight controllers, look at Cleanflight, betaflight, and inav. They are all interrelated, each with a different focus. They run on boards such as the AnyFC F7, which is open.
Raritan's licensing model and lack off VERY simple updates to let older models use this-century TLS encryption annoys me. I wish their was an open, or even half-open, IP KVM. There uses to be one.
I recently learned that one of the top makers of RC plane, car, and quadcopter controllers is open source, with a vibrant community, both in transmitters and flight controllers. That was good news. I can hack the heck out of my RC plane and quadcopter ("drone") now.
You know how if you enter your unlock code wrong once, have to wait a few seconds, three times and you have to wait a minute, ten times and you have to wait an hour? Yeah. That's how you stop enumeration of large sets.
That's certainly doable, and a good way of looking at it.
Also in these discussions we should keep in mind the difference between *with a proper warrant*, based on probable cause, vs random searches such as a the border. In my opinion, for someone whose *job* is to catch bad guys, mostly very bad bad guys, and get evidence of what happened, it's not unreasonable for them to say "I'd like some of the really smart technical people to think about how we investigate crime in 21st century without impacting security too much". There ARE things that can be done, such as your example. Given physical possession of a phone (via a warrant to seize it due to probable cause), it's technically / mathematically possible to allow them to see "this phone did not call this number", without any possibility of revealing which numbers it DID call.
Imagine I want to tell Travelsonic something secret. I don't have his email address or any other way to contact him other than posting here, for all to see. My desire is to post openly, where everyone can read it, but only Travelsonic can tell what it means. We have no means of agreeing on a secret password or anything.
Cryptography experts tells us that's impossible. Or was impossible, until Diffie and Hellman figured out a very clever way to do it. Diffie-Hellman key exchange is now used all the time, of course. It's a brilliant solution to a problem that seemed impossible for many years.
Therefore I don't think it's unreasonable to say "I understand we don't have any way to X, but it's possible that some clever innovation can somehow achieve this goal, something nobody had thought of yet.". In his remarks he acknowledged that there is not a solution, currently. He said he's not proposing any law or regulation, because there isn't any law that could make sense right now. He's right, most any such law that could be passed today would be bad.
In fact, I happen to know of some innovative ideas that partially solve the need. It's possible to do encryption in such a way that you can't read the message, but you can check if the message has certain strings in it. You can build a chip that, without revealing some fact , cryptographically proves that the fact is stored in the chip.
Simple salted hashing of text and call message numbers makes it impossible to know who someone called, yet still possible to answer whether they called one specific number. So the FBI could find out whether a suspect called Muhammad Atta, without being able to tell who else they called. This isn't super-advanced technology - every web site that has password login uses salted hashes, or should be using them.
I'm fact saving only the salted hash of the numbers you call and text would be MORE SECURE than what your phone does today.
This guy may, five years from now, propose something stupid. If so I'll oppose it. I don't see expressing a desire to consider what innovative solutions might solve certain needs, with a search warrant, as stupid. Such a search might have some uninformed people making dumb proposals, but he made none in this case.
The government can't search your stuff without a warrant. "The government" meaning, of course, people working for the government. It's unconstitutional for people working for the government, or on the government's behalf, to randomly search through your stuff.
Digging through YOUR stuff. They didn't find the CP by searching computers marked "this computer contains CP", they looked through everybody's pictures hoping to find something good, either CP or something that they enjoyed seeing.
Because the FBI was PAYING them, they are working on the government's behalf. The Fourth Amendment applies when the government pays people to do searches for them.
Uber knows the amount they sent to the drivers. That's only one of several important numbers. Most importantly, they don't know what the drivers' expenses were.
Since we're trying to get a "per hour" figure, the "hours worked" is critical, and Uber doesn't have that information. I can log into Uber and click for it to let me know when there are riders in the area. While I sit in my living room watching TV. That doesn't look much like working. Other people may wait at a gas station until a rider is ready. That's working. At least half the time, Uber doesn't know whether I'm working for someone else, getting paid by my boss, whether I'm playing video games with my kids, or I'm working by waiting outside a concert venue until people come out and need a ride.
Uber also doesn't know how much I made from Lyft at same time I was logged in to Uber.
I could highlight the good points you made, and those I agree with. That's boring, though.
- The purpose of war is "to kill people and break things" until the other has had enough and capitulates.
It seems to me "kill people" and "break things" are methods to (probably indirectly) achieve some purpose. Perhaps the purpose is to discourage invasions and the direct method is removing Hussein's forces from Kuwait. Perhaps the purpose is to protect your own people from further attacks by the Japanese and the direct method is remove Japan's ability and willingness to attack. There is always some goal to be achieved. Perhaps the goal is a safer hemisphere, and the direct method is the removal of Noriega from power. Failing to clearly define and communicate the goal certainly hampers one's efforts.
If the facts support a certain conclusion, you can present the facts and people can see the clear conclusion.
When you wish to advance a conclusion that is not supported by the facts, you must instead make vague, misleading references that somewhat sound like you're referencing facts, then state the conclusion you want people to draw from your misrepresentations.
You have presented vague, misleading statements which imply the opposite of the actual facts. One can only conclude that this is because you couldn't find any actual facts which support your agenda. Therefore we can conclude that your premise is unsupported by facts and is false.
The fact is, early warfare involved enslaving the men and raping the women. It was focused on the people one was attacking.
Later came wide-area bombing of industrial areas and strategic targets such as bridges, trying to destroy the enemy's ability to wage war against you.
Indiscriminate bombing ala WWII is now illegal under international law. Developed nations recently begun to wage war by sending laser-guided bombs to destroy a particular part of a building which is militarily important, perhaps targeting an single room. The US often notifies civilians ahead of time to stay clear of the area.
The new way to wage war, currently being developed as the first "cold" wars are fought this way, is to send packets to your enemy's servers and try to make their computers stop working right.
The trend line is very much AWAY from "guns/bombs into a combat area, and the killing anyone resisting". Indeed over the last 50 years military doctrine in the west has been that a long-term win requires changing the "hearts and minds" of the populace in the opposing country, "winning them over". Killing is minimized. The thinking over the last 50 years is that the more of your enemy your kill, the more they'll be seeking and getting revenge later. So better to take out their military capability, then immediately start building schools, hospitals, and other infrastructure to make them your friends.
The history of the US vs Germany and Japan indicates it may in fact be possible, and even more effective, to win by ending the war as quickly as possible by destroying their ability to fight *even at the cost of civilian lives in the short term*. Then make friends with them the best you can. Massive force which causes the enemy to quickly stop trying to fight may in the end up costing fewer lives than trying to carefully and slowly pick off military targets without hurting civilians, resulting in a decade-long war. Precision strikes are, and have been, the trend, though.
99% of WordPress sites should be set to cache the HTML produced for several minutes, so performance wise it's almost like a static site. There are multiple good ways to do thag. If you have a WordPress site and haven't done that, it's definitely something to look in to.
If you think a file is encrypted, and therefore it's safe to back it up to an open S3 bucket, it would have been much better to not make it look encrypted and make it obvious that it's not protected.
Whether weak encryption is better than none very much depends on many factors. Very often, it's "better" in the short term, but two years later someone does something that exposes the data because it looks like it's safe. They forget or never knew that the encryption isn't good encryption.
Slashdot Mirror
I have to wonder if certain authorities aren't severely over-reacting. In general, amateurs will use fairly readily available components, many available at your local hardware store or Walmart. They aren't sensitive or all that dangerous until they are combined and processed to make an explosive. The dangerous chemicals are of course harder to get, and not at all necessary to make explosives.
The report doesn't say what was in the apartment, but odds of are the components aren't really the dangerous at all. After being combined and processed, you of course end up with an explosive, which is dangerous. I wouldn't expect that to be made into a powder and sprinkled around, though - the more dangerous explosives would be contained. The explosion that killed him would also be expected to set off any nearby high explosives. That's how high explosives are set off - by a smaller explosion, not by burning. Generally only low explosives such as black powder are set off by burning. Low explosives have to be in a container to explode, so residue isn't really a problem. (A LOT of residue built up somewhere is a fire hazard, though.) Black powder isn't quite as safe as something like table salt, but a little residue isn't really dangerous and even humidity will render it non-flammable.
In short, a good cleaning with soap and water probably would have rendered it perfectly safe as far as explosive residue. If the explosion did structural damage to the building that's another issue entirely.
That's a good point. My first thought is that using Linux you can do all those things without paying for crashes and getting hacked. That doesn't make a great promo video, though.
Open source definitely needs better marketing. Right now at work we're dealing with an issue where we need to switch vendors for certain software, but we can't get our data out of the old system and in to the new system. So we're a bit stuck; stuck with software that doesn't fit our needs and costs too much. With open source software, we COULD easily get our data out, licensing costs would have never been an issue in the first place, and we could adjust the software to fit our needs. So everything about the situation shows three reasons open source would be better, but none of that fits well in a 30-second video.
Stewart wasn't held liable for most of the things in the SEC complaint because she was neither an officer of the company nor did she get the information from one. She basically went to prison for lying about the whole thing (obstruction of justice, etc.)
Pump and dump is covered under rule 10b-5: Employment of Manipulative and Deceptive Practices. What's illegal is to LIE about a company in order to fraudulently manipulate the stock price. Telling the truth about a company is not only okay, but encouraged. Several offenses related to investing are only offenses if you fail to reveal the truth about the issues. If a company has security risks, or any other risks, certain people are REQUIRED to publish that information. Publishing true statements not only isn't a crime, it's how you avoid being charged with other crimes. Here's the full text if Rule 10b-5, the pump and dump rule.
It shall be unlawful for any person, directly or indirectly, by the use of any means or instrumentality of interstate commerce, or of the mails or of any facility of any national securities exchange,
(a) To employ any device, scheme, or artifice to defraud,
(b) To make any untrue statement of a material fact or to omit to state a material fact necessary in order to make the statements made, in the light of the circumstances under which they were made, not misleading, or
(c) To engage in any act, practice, or course of business which operates or would operate as a fraud or deceit upon any person,
in connection with the purchase or sale of any security."
Another thing that's been done regarding pump and dump is restrictions on who can trade penny stocks and how, since fraudsters often use penny stocks.
The statute, and the SEC, disagree with you.
If you look at the SEC web site it says illegal insider trading is:
--
buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence,
--
The fiduciary duty is the duty that corporate officers, the company's lawyer, etc, have to look out for the interests of the company (stockholders) rather than their own personal gain. I have no "relationship of trust and confidence", no fiduciary duty, with Intel or AMD. Therefore, according to the SEC I can buy and sell AMD or Intel stock based on WHATEVER information I have, as long as I didn't get that information secretly from someone who has a "relationship of trust and confidence" with the company, such as a corporate officer.
I can decide to sell my Intel stock today because I haven't pooped yet, or because a groundhog saw his shadow. What's prohibited is people employed to take care of the company (corporate officers, etc) must not abrogate that responsibility for their own personal gain.
The SEC went after Mark Cuban and Cuban won. The Cuban case is an example of what is NOT insider trading.
Also if you look at the SEC web site it says illegal insider trading is:
--
buying or selling a security, in breach of a fiduciary duty or other relationship of trust and confidence,
--
The fiduciary duty is the duty that corporate officers, the company's lawyer, etc, have to look out for the interests of the company (stockholders) rather than their own personal gain. I have no "relationship of trust and confidence", no fiduciary duty, with Intel or AMD. Therefore, according to the SEC I can buy and sell AMD or Intel stock based on WHATEVER information I have, as long as I didn't get that information secretly from someone who has a "relationship of trust and confidence" with the company, such as a corporate officer.
Wow that summary is a giant load of crap. Doesn't even indicate what the bill is about.
The Cloud act is about establishing a process which approved foreign governments may follow when requesting information about non-US persons (neither citizen nor resident) from US companies. For example, if there were a bombing in the UK, by a UK citizen, and the the UK police wanted to get the perpetrator's Apple Maps history, they could follow this process to request that data from Apple, a US company storing the data in the US.
To be eligible, the foreign government law must "afford robust substantive and procedural protections for privacy and civil liberties", as agreed to by both the Attorney General, and the Secretary of State, with Congress able to overrule approvals.
Requests must be based on "articulable and credible facts" and subject to "review or oversight by a court, judge, or magistrate or other independent authority".
Any information revealed about US persons may not be shared with the US government.
That's the general gist of the bill. You can read it for further details. You'll likely find some good and some bad in it.
Here's one opinion piece about it:
https://www.lawfareblog.com/wh...
> Wiki is not accepted as a scholarly or reputable source in any reputable academic institution.
You don't cite an encyclopedia for the same reason you don't cite "the library".
Encyclopedias, including Wikipedia, are secondary sources. That means they collect and summarize primary sources, such as peer-reviewed studies. (Just as libraries collect and catalog sources).
Whatever is in an encyclopedia came from somewhere else, so you cite the source. It would be dumb to cite "Encyclopedia Britannica says that a study by Harvard says that ...". Just cite the study directly rather than indirectly.
This does not mean that encyclopedias are unreliable or somehow "bad", they are just an unnecessary extra step when citing where information comes from. You wouldn't cite "my roommate, John Carter, showed me a study which he got from the Texas A&M library which states ..." You cite the source of the information, not the steps it took to get to you. Wikipedia is a conduit of information, like a library, not an original source.
Last quarter Amazon's US retail operating profit was 4.5%.
Not bad for mass-produced merchandising. (Compare Walmart at 3.28%)
DogDude simply spoke without knowing what he was talking about, talking out of his ass. We all do that sometimes.
> First poster to mention SJW gets smacked
That would be you.
> Nothing more ridiculous than fat, well-paid white men
The first person to make a racial comment - also you. The first person to disrepair and insult people based on their gender? You. Just put get it over with an put on your KKK hood already since you clearly have no shame about being a racist and a bigot.
Thanks for posting some counter points vs the groupthink. It's interesting to consider all sides of an issue.
On much of this, we are ALL talking to of our ass. We simply do not know. We really can't answer "is water boarding torture" for two reasons. First because we haven't experienced it and don't really know what it's like. We can only parrot what someone said on our favorite echo-chamber TV program. Secondly, the question itself is absurdly binary. Water boarding is clearly very unpleasant. It's also clearly far less severe than most of what what traditionally be considered torture. There is a continuum, a range of degree, and framing it as a yes/no question is silly.
We can't really answer the other questions brought up, for the same reasons. "Does water boarding work?". Again treating that as a yes/no is silly. Of course subjects may give untrue answers, so there is a need to think about whether their answers are logical and consistent with other information available. (And "consistent with" doesn't mean "duplicative"). Also as you point out we train our special forces how to limit the amount and importance of the information they reveal because prisoners DO reveal valuable information. A good question would be "how well does water boarding work under each of the following sets of circumstances ...?". The answer will be different under different circumstances. Probably none of us here are interrogation experts, so none of us know how well it has worked under any given set of circumstances.
Lacking so much relevant information, here's my opinion:
As a general policy, the United States should stand as a beacon of freedom, liberty, and human rights. The US is not a nation created around a certain ethnic group, the country was created based on certain principles; we should exemplify those principles.
Having said the above, in the very RARE case that we capture someone who has knowledge of an ongoing plan to blow up a bunch of innocent people, our agents should stop that disastrous attack using whatever methods are necessary to get the information from the murderous terrorist we've captured. And I don't want to know what they did to the terrorist. Handle it. Those instances are very rare.
That should be Turnigy, not Turnkey. Darn autocorrect.
For IP KVM, I don't remember offhand who it was. No longer available, though.
For RC transmitters, Frsky. At least one Frsky transmitter is also sold as a Turnkey. For flight controllers, look at Cleanflight, betaflight, and inav. They are all interrelated, each with a different focus. They run on boards such as the AnyFC F7, which is open.
Raritan's licensing model and lack off VERY simple updates to let older models use this-century TLS encryption annoys me. I wish their was an open, or even half-open, IP KVM. There uses to be one.
I recently learned that one of the top makers of RC plane, car, and quadcopter controllers is open source, with a vibrant community, both in transmitters and flight controllers. That was good news. I can hack the heck out of my RC plane and quadcopter ("drone") now.
Is this the source code you're complaining about them not releasing?
https://www.dji.com/mobile/ope...
https://github.com/MAVProxyUse...
You know how if you enter your unlock code wrong once, have to wait a few seconds, three times and you have to wait a minute, ten times and you have to wait an hour? Yeah. That's how you stop enumeration of large sets.
That's certainly doable, and a good way of looking at it.
Also in these discussions we should keep in mind the difference between *with a proper warrant*, based on probable cause, vs random searches such as a the border. In my opinion, for someone whose *job* is to catch bad guys, mostly very bad bad guys, and get evidence of what happened, it's not unreasonable for them to say "I'd like some of the really smart technical people to think about how we investigate crime in 21st century without impacting security too much". There ARE things that can be done, such as your example. Given physical possession of a phone (via a warrant to seize it due to probable cause), it's technically / mathematically possible to allow them to see "this phone did not call this number", without any possibility of revealing which numbers it DID call.
Imagine I want to tell Travelsonic something secret. I don't have his email address or any other way to contact him other than posting here, for all to see. My desire is to post openly, where everyone can read it, but only Travelsonic can tell what it means. We have no means of agreeing on a secret password or anything.
Cryptography experts tells us that's impossible. Or was impossible, until Diffie and Hellman figured out a very clever way to do it. Diffie-Hellman key exchange is now used all the time, of course. It's a brilliant solution to a problem that seemed impossible for many years.
Therefore I don't think it's unreasonable to say "I understand we don't have any way to X, but it's possible that some clever innovation can somehow achieve this goal, something nobody had thought of yet.". In his remarks he acknowledged that there is not a solution, currently. He said he's not proposing any law or regulation, because there isn't any law that could make sense right now. He's right, most any such law that could be passed today would be bad.
In fact, I happen to know of some innovative ideas that partially solve the need. It's possible to do encryption in such a way that you can't read the message, but you can check if the message has certain strings in it. You can build a chip that, without revealing some fact , cryptographically proves that the fact is stored in the chip.
Simple salted hashing of text and call message numbers makes it impossible to know who someone called, yet still possible to answer whether they called one specific number. So the FBI could find out whether a suspect called Muhammad Atta, without being able to tell who else they called. This isn't super-advanced technology - every web site that has password login uses salted hashes, or should be using them.
I'm fact saving only the salted hash of the numbers you call and text would be MORE SECURE than what your phone does today.
This guy may, five years from now, propose something stupid. If so I'll oppose it. I don't see expressing a desire to consider what innovative solutions might solve certain needs, with a search warrant, as stupid. Such a search might have some uninformed people making dumb proposals, but he made none in this case.
The government can't search your stuff without a warrant.
"The government" meaning, of course, people working for the government. It's unconstitutional for people working for the government, or on the government's behalf, to randomly search through your stuff.
Digging through YOUR stuff. They didn't find the CP by searching computers marked "this computer contains CP", they looked through everybody's pictures hoping to find something good, either CP or something that they enjoyed seeing.
Because the FBI was PAYING them, they are working on the government's behalf. The Fourth Amendment applies when the government pays people to do searches for them.
I've done that enough times that sometimes I do something like:
debug = on if date() 2018-03-07
Or more frequently:
debug = on if REMOTE_ADDR == '36.73.26.37'
Also I'll use the "at" command to turn the firewall back on or whatever.
Uber knows the amount they sent to the drivers. That's only one of several important numbers. Most importantly, they don't know what the drivers' expenses were.
Since we're trying to get a "per hour" figure, the "hours worked" is critical, and Uber doesn't have that information. I can log into Uber and click for it to let me know when there are riders in the area. While I sit in my living room watching TV. That doesn't look much like working. Other people may wait at a gas station until a rider is ready. That's working. At least half the time, Uber doesn't know whether I'm working for someone else, getting paid by my boss, whether I'm playing video games with my kids, or I'm working by waiting outside a concert venue until people come out and need a ride.
Uber also doesn't know how much I made from Lyft at same time I was logged in to Uber.
I could highlight the good points you made, and those I agree with. That's boring, though.
- The purpose of war is "to kill people and break things" until the other has had enough and capitulates.
It seems to me "kill people" and "break things" are methods to (probably indirectly) achieve some purpose. Perhaps the purpose is to discourage invasions and the direct method is removing Hussein's forces from Kuwait. Perhaps the purpose is to protect your own people from further attacks by the Japanese and the direct method is remove Japan's ability and willingness to attack. There is always some goal to be achieved. Perhaps the goal is a safer hemisphere, and the direct method is the removal of Noriega from power. Failing to clearly define and communicate the goal certainly hampers one's efforts.
If the facts support a certain conclusion, you can present the facts and people can see the clear conclusion.
When you wish to advance a conclusion that is not supported by the facts, you must instead make vague, misleading references that somewhat sound like you're referencing facts, then state the conclusion you want people to draw from your misrepresentations.
You have presented vague, misleading statements which imply the opposite of the actual facts. One can only conclude that this is because you couldn't find any actual facts which support your agenda. Therefore we can conclude that your premise is unsupported by facts and is false.
The fact is, early warfare involved enslaving the men and raping the women. It was focused on the people one was attacking.
Later came wide-area bombing of industrial areas and strategic targets such as bridges, trying to destroy the enemy's ability to wage war against you.
Indiscriminate bombing ala WWII is now illegal under international law. Developed nations recently begun to wage war by sending laser-guided bombs to destroy a particular part of a building which is militarily important, perhaps targeting an single room. The US often notifies civilians ahead of time to stay clear of the area.
The new way to wage war, currently being developed as the first "cold" wars are fought this way, is to send packets to your enemy's servers and try to make their computers stop working right.
The trend line is very much AWAY from "guns/bombs into a combat area, and the killing anyone resisting". Indeed over the last 50 years military doctrine in the west has been that a long-term win requires changing the "hearts and minds" of the populace in the opposing country, "winning them over". Killing is minimized. The thinking over the last 50 years is that the more of your enemy your kill, the more they'll be seeking and getting revenge later. So better to take out their military capability, then immediately start building schools, hospitals, and other infrastructure to make them your friends.
The history of the US vs Germany and Japan indicates it may in fact be possible, and even more effective, to win by ending the war as quickly as possible by destroying their ability to fight *even at the cost of civilian lives in the short term*. Then make friends with them the best you can. Massive force which causes the enemy to quickly stop trying to fight may in the end up costing fewer lives than trying to carefully and slowly pick off military targets without hurting civilians, resulting in a decade-long war. Precision strikes are, and have been, the trend, though.
99% of WordPress sites should be set to cache the HTML produced for several minutes, so performance wise it's almost like a static site. There are multiple good ways to do thag. If you have a WordPress site and haven't done that, it's definitely something to look in to.
If you think a file is encrypted, and therefore it's safe to back it up to an open S3 bucket, it would have been much better to not make it look encrypted and make it obvious that it's not protected.
Whether weak encryption is better than none very much depends on many factors. Very often, it's "better" in the short term, but two years later someone does something that exposes the data because it looks like it's safe. They forget or never knew that the encryption isn't good encryption.