the problem is that 'stamping out trolls' also ends up stamping out minority opinions as well as unpopular truth.
The real problem is that most of the dumbasses who think they're holding a minority opinion and telling the world about an unpopular truth are actually idiots promulgating flamebait without any evidence to back it up. They've so convinced themselves that what they think is right that they don't bother with providing a good, convincing argument or solid facts.
If you want to be thought of as a non-kook, get better at doing good arguments and at providing access to facts that back you up. Most people are not swayed by mere claims of intestinal truthiness sensations; they could just be your breakfast.
Try getting anywhere that's not in New York City, San Diego, or Chicago without a car
The Chicago 'burbs suck without a car. (OTOH, quite a bit of Boston is reachable by public transit, but I don't know whether enough of it is; only done conferences there...)
Quick tip: when you attend a technical interview, answering the questions correctly doesn't get you the job. Being amazed at how much the interviewer knows does.
What's always worked for me (i.e., 100% success rate so far) is asking one or two focused questions that the interviewer can only just answer. Shows that I've given some thought to what they're doing and how my skill set could fit in, and if they couldn't have answered them, I wouldn't have wanted to work there anyway.
They'd be better off going to 240v 60Hz (currently used in some parts of Asia, IIRC) as that allows older devices to work with only a simple passive converter transformer; high-power applications such as motors are much more likely to need to be frequency matched than low-power applications such as electronics.
Yes, I can run a Java-based botnet client (it may be one of the first) but I have to get it to run on a computer without user interaction or demands for passwords or administrative rights - Windows excels in that part of the attack vector.
Or you can have a program that causes mischief while just running as a normal user. For example, it could participate in DDoS attacks or distributed hack attempts on a third party, or it could act as a file server for various types of nefarious data, or be part of a C&C network, or... There's a lot of things these systems can do without attacking the host per se, and for which running without significant privileges isn't a problem. (If it claimed to be a bittorrent client, it would even be awkward for most users to spot what it was really up to.)
The only thing of note is that Windows has typically (for a variety of reasons, not all of which are technical) made it easier than most other platforms for an attack to lodge itself somewhere where it is hard to remove. If the nefarious types don't rely on the host remaining infected, there's no big advantage to Windows other than the cultural differences (i.e., more trusting users) and a few poor apps that make drive-by installation easier.
If the maximum length of Hamiltonian path is polynomial in the number of cities, and you have a polynomial "get a path shorter than k", then you can can apply that polynomial algorithm a polynomial number of times (i.e., a polynomial operation) to get a series of approximations to the best path. The proof is easier with integral distances.
No. The halting problem is wholly insoluble since if a solution existed, we could trivially construct code that only halted if it didn't halt and vice versa: a complete contradiction in terms. NP-hard problems can all be solved with sufficient application of computing power; you might have to wait a long time, but they are still properly algorithmic. (The "P=NP?" question is about whether efficient algorithms exist for solving a very large class of problems, or whether they just have to be brute-forced.)
The best you can say is that the potential of the capacitors in the ram is too low to be measured with the equipment you're using to do it. Are you willing to bet that the NSA doesn't have better equipment?
Yes. If there was better equipment (that didn't require a laborious remounting of the RAM in some kind of special rig, all while keeping it powered; that whole process would be very easy to screw up) then it would be being used by RAM manufacturers already in order to speed up and/or reduce the power consumption of their products. Seriously, DRAM is run close to the edge of what's possible because that gives it the best performance characteristics. (I used to know someone who worked on DRAM circuitry; they were using some really hairy tricks to boost speed and cut power. The best way to describe how hairy is to note that RAM is really an analog device, not a digital one; it just pretends to be digital...)
I'm surprised that there hasn't been a more high profile virus or malware outbreak on OS X before now
The answer has got to be that it (and its users) have better overall security practices than is the norm on Windows. It's not just a matter of getting APIs right and strong, but also of ensuring that users are supported by the system in making normal activity secure. There's also a possibility that the users are more savvy by default due to selection effects: Mac users are more likely to better off because they usually pay for their own machines, and general intelligence is one of the things that tends to lead to earning more. Both are probabilistic effects. (I'd expect non-OSX unix users to be even more naturally resistant to malware tricks, independent of whether the system they're using is better or not.)
I suspect that the other key is that most Macs don't have many services running that listen to outside connections, and that the parts that are security-exposed are correct. That's vital, as it ensures that attacks can't auto-propagate. (Linux systems are also good that way, but are also more likely to be running externally accessible services, which inevitably increases the potential attack surface. Them's the breaks.)
The morals is that Universities are there for teaching, and students are at the very center of their mission. Research and whatnot is indeed nice, but it is there to attract funding and top-level researcher, ensuring the quality of the teaching because beginner teachers want to join their teams and so work hard to get tenure.
I'd prefer to say that a university is there for learning. An important part of that is through teaching, but learning doesn't stop with graduation; that's just where it becomes impractical to teach any more and those seeking to learn must find things out for themselves (i.e., do research). All the financial side of a university is just there to support that core goal of allowing people to learn things (and help others to learn them) for their whole lives.
It would be kind of scary if two parties could enter an agreement that only one part knew they had entered.
It's possible in limited circumstances in English law (I believe it's where one party makes a public statement that "if anyone does X, then I promise to do Y" and someone else then does X, knowing about that general promise). Those wouldn't apply (AIUI) here as the parties are in proper communication (mediated by HTTP).
But your browser does automatically download a lot (images, icons, style sheets, scripts, video, etc.) any and all of which could involve some cookie processing. To say that a user should have to have detailed technical knowledge of which to permit and which not, that's just wholly unreasonable.
There are ways to work around this, and part of the solution must be legal. There can even be cases where cookies are deemed to be acceptable, requiring no notification to the user to use (e.g., if the information contained in and coupled to the cookie is never conveyed to third parties). The use of the law for this is important for another reason too: trials can consider intent and not just technical facts.
We have X different packages because they do what they were written to do very well.
But a significant fraction of that X are programs written to work on one version of one specific dataset. There can even be sane reasons for this; some datasets change format between versions. Genetics data is uniformly terrible this way. I worked on a project last year to take one of these hyper-specific packages and turn it into something that another person (i.e., anyone other than the PhD candidate who wrote it) would consider using at all; it was a huge amount of work from a talented team of about 15 software engineers (plus me!) to mash that code into shape. In the process, the code became much faster, safer, more correct (we found some scientific errors; luckily for the original author, he'd had his viva by then), more useful, and more usable.
What works best is when you've got scientists doing the scientific side and software engineers taking the scientific work and turning it into products (whether OSS or not). The scientists are the domain experts, the SEs are the people who can transform a vision into reality; a scientist says what relationships need to be present in the results, a SE turns that into a database schema with appropriate FK constraints and indices. (Sure, each could learn the other's craft, but that's not as useful as having specialists working together.)
by the time I explain a cutting edge algorithm idea to a (BS level) programmer and teach them enough math to implement it correctly
There are two things wrong with that statement. Firstly, you're trying to get rapid results out of a BS level programmer (i.e., a total greenhorn with no real experience) and secondly, they probably don't understand that much math to begin with either (i.e., did you specify that when hiring them?) If you'd done your hiring more sanely, you'd have someone who could actually support you properly. Yes, they'd cost more than just a tyro but that'd be money well spent. Remember, you're not getting someone who's taking part of their pay in training to be a researcher; you're getting someone who's doing a specialized job that they can do in many other places too.
Read the Charter of Fundamental Rights of the European Union to get an idea of the political importance of EU membership, and then consider what Romania, Bulgaria, Slovakia, Belarus, etc could easily have become without it.
Belarus is exactly the example of what would have happened without it. They've got the looniest tinpot dictatorship on the whole continent.
Calling people stupid for failing to foresee something is rarely true, and even more rarely profitable.
But selling them shit because they're stupid and can't foresee something, that's very profitable. Just don't tell them they're stupid to their faces; spoils the sale.
These same laws make using a US-based host a tricky legal proposition for a lot of EU-based companies, although a lot seem to do it anyway and just wait to be sued if anyone notices...
And many other EU-based companies will only use EU-based cloud providers for the same reason.
Did you know that Amazon's EU-based cloud offerings are run through an EU-based company? There's a number of reasons for that, including ugly tax-based ones, but one of the key reasons is that this increases the amount of isolation from the US-based parent and helps to ensure that privacy laws are respected, and a great many organizations really do do their due diligence in this area.
how do you reliably communicate the password to legitimate guests
They write it on a piece of paper which they hand out, or they have a login page that must be passed before they'll route packets more widely. Seriously, this is a solved problem for businesses.
You've conflated plausible deniability with flat refusal. The whole point of PLAUSIBLE deniability is that people will most likely BELIEVE you when you say you have nothing to hide. In other words, you're hoping they won't see a reason to use the wrench.
But if the questioners think you've got a truecrypt volume, they'll just keep on destroying parts of you body until either you give them multiple passwords that work and give them the data they're looking for, or you're dead (and buried in an unmarked grave). Using truecrypt is itself suspicious, and anyone dumb enough to think that a technical solution will get you out of this is totally missing what would happen in reality. Or are you one of these idiots that thinks their data is more important than their life and health?
All my websites are fine, which is what my high profile clients expect.
That's because we use Microsoft Windows Servers and Sql Databases. Amazon can't take us down.
I can't imagine why someone would outsource or cloudsource stuff that is this mission critical.
Either you're at an organization that has multiple geographically-distributed datacenters and you've replicated everything so that losing any single datacenter will not cripple things (difficult, but should be possible with any OS exposed to the application level) or you're critically vulnerable to the Backhoe Effect. If someone drills through the only fiber to your servers, they will be taken offline from your client's perspective. (Power is often an issue too, as it takes a lot of electrical energy to run a whole datacenter for 24 hours.) The sanest way to deal with this is for the services to be geographically replicated, which costs. (It's a bit like buying insurance, except that instead of compensating you after disaster strikes, it instead allows you to keep going through disaster.) Since not many organizations have multiple geographically distributed datacenters, most folks handle this by outsourcing some (or even all) of the hosting.
Another analogy: sewage handling is almost certainly mission critical to most organizations, as without it, it's hard to have productive employees. Yet very few organizations own their own sewage treatment plant; instead, they outsource that critical non-core service to a specialist. Guess what? A lot businesses (especially SMEs) feel the same way about servers; it's not their core business but they need it support their core business, so they outsource to a specialist. The fine details are different, but the business perspective is the same.
"Cloudsource" is just a buzzwordification of outsource (taking into account the interesting shorter timescales involved).
Net metering only works until home solar becomes popular, electricity is not practical to transmit over long distance and cloudy weather patterns are often regional events, not to mention there is that whole night time thing.
Except that solar produces peak power when there is peak demand (for AC) so local production is a good thing anyway. Moreover, solar panels still produce power on cloudy days (though not as much as when it's sunny of course) so you're still getting a benefit. Maybe they make less sense up in Seattle, but they should be fine in San Diego. You don't have to have the same solution everywhere.
Slashdot Mirror
Actually, it wouldn't be that hard to implement a new set of root domain servers.
It's already been tried. Multiple times. For some reason, people by-and-large prefer what we've got now.
the problem is that 'stamping out trolls' also ends up stamping out minority opinions as well as unpopular truth.
The real problem is that most of the dumbasses who think they're holding a minority opinion and telling the world about an unpopular truth are actually idiots promulgating flamebait without any evidence to back it up. They've so convinced themselves that what they think is right that they don't bother with providing a good, convincing argument or solid facts.
If you want to be thought of as a non-kook, get better at doing good arguments and at providing access to facts that back you up. Most people are not swayed by mere claims of intestinal truthiness sensations; they could just be your breakfast.
Try getting anywhere that's not in New York City, San Diego, or Chicago without a car
The Chicago 'burbs suck without a car. (OTOH, quite a bit of Boston is reachable by public transit, but I don't know whether enough of it is; only done conferences there...)
Quick tip: when you attend a technical interview, answering the questions correctly doesn't get you the job. Being amazed at how much the interviewer knows does.
What's always worked for me (i.e., 100% success rate so far) is asking one or two focused questions that the interviewer can only just answer. Shows that I've given some thought to what they're doing and how my skill set could fit in, and if they couldn't have answered them, I wouldn't have wanted to work there anyway.
240v 50Hz.
They'd be better off going to 240v 60Hz (currently used in some parts of Asia, IIRC) as that allows older devices to work with only a simple passive converter transformer; high-power applications such as motors are much more likely to need to be frequency matched than low-power applications such as electronics.
Yes, I can run a Java-based botnet client (it may be one of the first) but I have to get it to run on a computer without user interaction or demands for passwords or administrative rights - Windows excels in that part of the attack vector.
Or you can have a program that causes mischief while just running as a normal user. For example, it could participate in DDoS attacks or distributed hack attempts on a third party, or it could act as a file server for various types of nefarious data, or be part of a C&C network, or... There's a lot of things these systems can do without attacking the host per se, and for which running without significant privileges isn't a problem. (If it claimed to be a bittorrent client, it would even be awkward for most users to spot what it was really up to.)
The only thing of note is that Windows has typically (for a variety of reasons, not all of which are technical) made it easier than most other platforms for an attack to lodge itself somewhere where it is hard to remove. If the nefarious types don't rely on the host remaining infected, there's no big advantage to Windows other than the cultural differences (i.e., more trusting users) and a few poor apps that make drive-by installation easier.
If the maximum length of Hamiltonian path is polynomial in the number of cities, and you have a polynomial "get a path shorter than k", then you can can apply that polynomial algorithm a polynomial number of times (i.e., a polynomial operation) to get a series of approximations to the best path. The proof is easier with integral distances.
I believe the halting problem is NP-hard
No. The halting problem is wholly insoluble since if a solution existed, we could trivially construct code that only halted if it didn't halt and vice versa: a complete contradiction in terms. NP-hard problems can all be solved with sufficient application of computing power; you might have to wait a long time, but they are still properly algorithmic. (The "P=NP?" question is about whether efficient algorithms exist for solving a very large class of problems, or whether they just have to be brute-forced.)
The best you can say is that the potential of the capacitors in the ram is too low to be measured with the equipment you're using to do it. Are you willing to bet that the NSA doesn't have better equipment?
Yes. If there was better equipment (that didn't require a laborious remounting of the RAM in some kind of special rig, all while keeping it powered; that whole process would be very easy to screw up) then it would be being used by RAM manufacturers already in order to speed up and/or reduce the power consumption of their products. Seriously, DRAM is run close to the edge of what's possible because that gives it the best performance characteristics. (I used to know someone who worked on DRAM circuitry; they were using some really hairy tricks to boost speed and cut power. The best way to describe how hairy is to note that RAM is really an analog device, not a digital one; it just pretends to be digital...)
I'm surprised that there hasn't been a more high profile virus or malware outbreak on OS X before now
The answer has got to be that it (and its users) have better overall security practices than is the norm on Windows. It's not just a matter of getting APIs right and strong, but also of ensuring that users are supported by the system in making normal activity secure. There's also a possibility that the users are more savvy by default due to selection effects: Mac users are more likely to better off because they usually pay for their own machines, and general intelligence is one of the things that tends to lead to earning more. Both are probabilistic effects. (I'd expect non-OSX unix users to be even more naturally resistant to malware tricks, independent of whether the system they're using is better or not.)
I suspect that the other key is that most Macs don't have many services running that listen to outside connections, and that the parts that are security-exposed are correct. That's vital, as it ensures that attacks can't auto-propagate. (Linux systems are also good that way, but are also more likely to be running externally accessible services, which inevitably increases the potential attack surface. Them's the breaks.)
The morals is that Universities are there for teaching, and students are at the very center of their mission. Research and whatnot is indeed nice, but it is there to attract funding and top-level researcher, ensuring the quality of the teaching because beginner teachers want to join their teams and so work hard to get tenure.
I'd prefer to say that a university is there for learning. An important part of that is through teaching, but learning doesn't stop with graduation; that's just where it becomes impractical to teach any more and those seeking to learn must find things out for themselves (i.e., do research). All the financial side of a university is just there to support that core goal of allowing people to learn things (and help others to learn them) for their whole lives.
It would be kind of scary if two parties could enter an agreement that only one part knew they had entered.
It's possible in limited circumstances in English law (I believe it's where one party makes a public statement that "if anyone does X, then I promise to do Y" and someone else then does X, knowing about that general promise). Those wouldn't apply (AIUI) here as the parties are in proper communication (mediated by HTTP).
But your browser does automatically download a lot (images, icons, style sheets, scripts, video, etc.) any and all of which could involve some cookie processing. To say that a user should have to have detailed technical knowledge of which to permit and which not, that's just wholly unreasonable.
There are ways to work around this, and part of the solution must be legal. There can even be cases where cookies are deemed to be acceptable, requiring no notification to the user to use (e.g., if the information contained in and coupled to the cookie is never conveyed to third parties). The use of the law for this is important for another reason too: trials can consider intent and not just technical facts.
The ping is audible (with the right equipment) through thousands of feet of muddy water.
Which is OK until the battery powering the ping runs flat. In water that deep, that's just what you've got to put up with (unless you use something like a RTG, which isn't something I'm too happy with putting in planes as a matter of course, even if it is in a part that's supposed to survive any crash...)
Actually finding the data recorder is impressive stuff, however you cut it. Here's hoping they manage to locate the voice recorder too.
We have X different packages because they do what they were written to do very well.
But a significant fraction of that X are programs written to work on one version of one specific dataset. There can even be sane reasons for this; some datasets change format between versions. Genetics data is uniformly terrible this way. I worked on a project last year to take one of these hyper-specific packages and turn it into something that another person (i.e., anyone other than the PhD candidate who wrote it) would consider using at all; it was a huge amount of work from a talented team of about 15 software engineers (plus me!) to mash that code into shape. In the process, the code became much faster, safer, more correct (we found some scientific errors; luckily for the original author, he'd had his viva by then), more useful, and more usable.
What works best is when you've got scientists doing the scientific side and software engineers taking the scientific work and turning it into products (whether OSS or not). The scientists are the domain experts, the SEs are the people who can transform a vision into reality; a scientist says what relationships need to be present in the results, a SE turns that into a database schema with appropriate FK constraints and indices. (Sure, each could learn the other's craft, but that's not as useful as having specialists working together.)
by the time I explain a cutting edge algorithm idea to a (BS level) programmer and teach them enough math to implement it correctly
There are two things wrong with that statement. Firstly, you're trying to get rapid results out of a BS level programmer (i.e., a total greenhorn with no real experience) and secondly, they probably don't understand that much math to begin with either (i.e., did you specify that when hiring them?) If you'd done your hiring more sanely, you'd have someone who could actually support you properly. Yes, they'd cost more than just a tyro but that'd be money well spent. Remember, you're not getting someone who's taking part of their pay in training to be a researcher; you're getting someone who's doing a specialized job that they can do in many other places too.
Read the Charter of Fundamental Rights of the European Union to get an idea of the political importance of EU membership, and then consider what Romania, Bulgaria, Slovakia, Belarus, etc could easily have become without it.
Belarus is exactly the example of what would have happened without it. They've got the looniest tinpot dictatorship on the whole continent.
Calling people stupid for failing to foresee something is rarely true, and even more rarely profitable.
But selling them shit because they're stupid and can't foresee something, that's very profitable. Just don't tell them they're stupid to their faces; spoils the sale.
These same laws make using a US-based host a tricky legal proposition for a lot of EU-based companies, although a lot seem to do it anyway and just wait to be sued if anyone notices...
And many other EU-based companies will only use EU-based cloud providers for the same reason.
Did you know that Amazon's EU-based cloud offerings are run through an EU-based company? There's a number of reasons for that, including ugly tax-based ones, but one of the key reasons is that this increases the amount of isolation from the US-based parent and helps to ensure that privacy laws are respected, and a great many organizations really do do their due diligence in this area.
Taylor is a professor of religion
Is that applied or theoretical religion? Have they even tried to split the theon yet?
how do you reliably communicate the password to legitimate guests
They write it on a piece of paper which they hand out, or they have a login page that must be passed before they'll route packets more widely. Seriously, this is a solved problem for businesses.
You've conflated plausible deniability with flat refusal. The whole point of PLAUSIBLE deniability is that people will most likely BELIEVE you when you say you have nothing to hide. In other words, you're hoping they won't see a reason to use the wrench.
But if the questioners think you've got a truecrypt volume, they'll just keep on destroying parts of you body until either you give them multiple passwords that work and give them the data they're looking for, or you're dead (and buried in an unmarked grave). Using truecrypt is itself suspicious, and anyone dumb enough to think that a technical solution will get you out of this is totally missing what would happen in reality. Or are you one of these idiots that thinks their data is more important than their life and health?
All my websites are fine, which is what my high profile clients expect.
That's because we use Microsoft Windows Servers and Sql Databases. Amazon can't take us down.
I can't imagine why someone would outsource or cloudsource stuff that is this mission critical.
Either you're at an organization that has multiple geographically-distributed datacenters and you've replicated everything so that losing any single datacenter will not cripple things (difficult, but should be possible with any OS exposed to the application level) or you're critically vulnerable to the Backhoe Effect. If someone drills through the only fiber to your servers, they will be taken offline from your client's perspective. (Power is often an issue too, as it takes a lot of electrical energy to run a whole datacenter for 24 hours.) The sanest way to deal with this is for the services to be geographically replicated, which costs. (It's a bit like buying insurance, except that instead of compensating you after disaster strikes, it instead allows you to keep going through disaster.) Since not many organizations have multiple geographically distributed datacenters, most folks handle this by outsourcing some (or even all) of the hosting.
Another analogy: sewage handling is almost certainly mission critical to most organizations, as without it, it's hard to have productive employees. Yet very few organizations own their own sewage treatment plant; instead, they outsource that critical non-core service to a specialist. Guess what? A lot businesses (especially SMEs) feel the same way about servers; it's not their core business but they need it support their core business, so they outsource to a specialist. The fine details are different, but the business perspective is the same.
"Cloudsource" is just a buzzwordification of outsource (taking into account the interesting shorter timescales involved).
Net metering only works until home solar becomes popular, electricity is not practical to transmit over long distance and cloudy weather patterns are often regional events, not to mention there is that whole night time thing.
Except that solar produces peak power when there is peak demand (for AC) so local production is a good thing anyway. Moreover, solar panels still produce power on cloudy days (though not as much as when it's sunny of course) so you're still getting a benefit. Maybe they make less sense up in Seattle, but they should be fine in San Diego. You don't have to have the same solution everywhere.
It takes a lot of $billions to make a $trillion.
A whole thousand of them.