My brother's windows 7 box started running slow two weeks ago, but other than that there was no sign of a problem.... Within 24 hours the ISP called him and told him he had a serious malware infection.
I got a call a few years ago from my ISP, telling me that there was a "virus" in my machine. The person calling described it, and I told him the name of the malware. He was a bit surprised by this, and I asked when they'd first seen it. It turned out that it was six months earlier, but they'd just got around to handling it. I asked him if they'd seen any evidence of it in the past few months. After a bit of a pause, he said they hadn't. I told him that I'd found it myself about six months ago, and it was no longer running. He thanked me, and hung up.
So I'm not too impressed by the idea that ISPs should do this sort of job. I can think of a number of much better ways to do it.
As others have said, an ISP is most useful if they just do one job: provide Internet connectivity. They should have experts on maintaining the wiring, running routers, etc. Traffic analysis is much better handled by people who understand that job. Looking for malware is better handled by people who understand that, on the specific OSs that are in use. Few ISPs are likely to be competent at this on anything but MS Windows, and rarely even then. It's not their job, and if they're ordered to do it, they'll do a half-assed job and we won't like the results (though we'll pay for them).
Most ISPs also provide things like DNS and email, and in my experience, they are usually the worst sources for these services. To make the routine automotive analogy, asking them to provide such services is about as sensible as asking your local highway construction and maintenance companies to also be a package delivery service.
Not that I'd expect anyone in a legislative body to understand any of this. Writing such things into law is just insane. That's why standards (and other regulatory) agencies were invented.
If a connection is spewing 500 pings a minute for 10 minutes, it's pretty unlikely it's for a legitimate reason.
Lets see MTR to a destination with 20 hops default refresh rate of 1 second. After a minute you just spewed 1200 pings. OMFG call the police!!
Yeah, and this reminds me that in several discussions on this topic, I've commented (or seen others comment) that various so-called "security experts" like to classify pings as attacks. This almost always gets pooh-poohed by other readers. But we just saw a/. reader claim that 500 pings per minute (about 8/sec) qualifies as an attack.
I've often found that it puts things into perspective to mention that many of the claims of "attacks" that you read about are in fact counting ICMP packets. This is a good way to inflate your numbers in your scare story. But, as with the above suggestion, any numbers you read from someone trying to make things look bad are highly likely to be counting things that aren't attacks at all, but are just part of the normal traffic on the internet.
In particular, I've worked on a number of projects to develop network-management software, and it's fun to point out occasionally that nearly everything we're developing would be classified as "attack" malware by most of the network-security folks. On a number of occasions, various management-type people have made it clear that they consider me a dangerous "hacker" simply because I've worked on such things, and seem to know a lot about them.
We can expect that any laws like this will be used to block not just legitimate traffic, but also network-management traffic. Flagging 500 pings a minute for 10 minutes as illegitimate is as clear an example of this as you can get. I routinely run tools that ping a list of sites scattered around the network, typically at 10-second intervals, as a "light" way of measuring network speed. They would almost all be considered illegitimate under this scheme.
... maybe you should have a single message at the top about why the person's account is broken and who they have to call to get it fixed.
I already get lots of notifications that my computer is infected. But they don't make me waste time talking about it to some drone off in India or Malaysia who's just following a script. They give me a direct link to where I can download a tool to clean up my machine.
And most of them don't even want to charge me for this service.;-)
It's tough for geeks with their exclusive-or thinking to wrap their minds around that,...
Oh, c'mon; any true geek would default "or" to inclusive-or. It's only in common speech that "or" usually means exclusive-or. In mathematics and most technical fields, inclusive-or is the default interpretation of "or". Any true geek would understand this.
Actually, there are a fair number of geek jokes based on the difference between the two ors, generally based on a misunderstanding that uses inclusive-or when exclusive-or was correct. Probably the simplest family of such jokes is about a geek who answers a question of the form "Would you like X or Y?" with a plain "Yes."
The government doesn't even need to prove that you (or your users) did anything wrong before they punish you. Look at the Jotform crap for proof of that. That business is more than likely ruined now; who's gonna trust a cloud storage site that could get nuked off the face of the internet again because some random asshole posted something that violates IP somewhere on it?
Yup. And what we should be doing is figure out how to get the message across to American businesses in general. They need to understand that they're not immune. What has happened to JotForm and a few thousand other small companies can happen just as easily to any other company trying to do business in the US. They can be shut down on a whim, with no explanation, at any time. There is no defense against this, other than to publicize it and get people to understand what it'll do to their businesses if they don't act.
Saying how awful it was for one company doesn't do much. Understanding that you may be next is what it'll probably take to get people to fix the growing problem.
The problem is that most companies doesn't like the US law, so they are leaving. Wasn't that the entire point of this article?
No, the point is that in the US's treatment of Internet sites, the law is now clearly irrelevant. The current poster child is JotForm, whose domain name was shut down for no stated reason, without a court warrant, and there's not even a suggestion that JotForm was violating any law. In fact, the jotform.com name was eventually restored, but the authorities involved haven't stated why the action was taken.
The general understanding is that it was probably a "mistake", i.e., the agencies involved didn't know or care about the law or finding any evidence; they just sent GoDaddy the takedown request without bothering with a court order, and GoDaddy accepted it without question. The silence from officialdom is because they knew they blew it, and don't want to admit their mistake. But this isn't consolation to the businesses that have been silenced by such random, unexplained takedowns. JotForm wasn't an isolated incident; there have been thousands of them in recent months.
Any businesses using a hosting or domain-name service in the US has to now be aware that their online presence can disappear instantly, with no explanation and no recourse. It doesn't matter whether you are following US law or not. It all just depends on the whims and misunderstandings of a flock of agencies that you don't know about and who won't talk to you.
It simply doesn't make sense to do business under such conditions. Sensible businessmen would be looking around for Internet hosting and domain-name services that are stable and reliable. Such services no longer exist in the US, and can't exist as long as the authorities act outside the law, so you should be moving your Internet business elsewhere.
thing is in order to expand and grow you need new ideas. tougher IP laws actually restrict new ideas and slow down development.
Why do people have to keep saying this, as if it were some exciting new idea?
Fact is, the "IP" laws' only function has always been to limit our (re)use of others' ideas. And, as Isaac Newton famously put it in his "standing on the shoulders of giants" remark, building on others' ideas is how we have always progressed. Nobody has ever started with a "blank slate", and invented new things from first principles. Advances have always come from studying what others have done, and finding better ways to do things. Patent and copyright were developed explicitly to block this building process, and that's all that they've ever been used for.
"We're pretty sure that there are some safe ways of doing it, but we haven't bothered to teach our workers to do it that way, because it's too expensive."
We in the computer biz are pretty familiar with this sort of euphemistic safety claim. But if the "users" can't get it right, it mostly says a lot about the UI that you've handed them. If the users can't figure out how to do it right, either it's been made too difficult, or they don't have good training/documentation -- or they're being "encouraged" to do it wrong by their bosses. Usually all of the above.
The amount of misinterpretation/spin in your reply is astounding.
Yeah, but admit it: It was funny. I think that's what 19thNervousBreakdown (768619) was going for. I've already posted, so I'll just have to hope that someone with mod points will give him (her?) one or more.
Except for the fact that the "graphical trickery" makes things like graphic design, non-linear video editing, and numerous other tasks far easier than a CLI would be?
Well, maybe, but I think the pseudo-dispute arises more from things like all the time I find myself wasting with GUI tools that make me wade through several windows, each of which needs to be laboriously guided down through the directory tree, to do what could be done in 1/10 the time with a simple cp or mv or... command. I've wasted a lot of my life on idiotic simple-minded tasks like that, which are fast and easy with a CLI, but achingly time-consuming in a GUI.
Not that I couldn't think of a quick and easy way to do such things in a GUI. But the people who write GUI tools don't ever consult with me (presumably because I have no "experience" designing modern GUi tools;-), so they continue to present me with windows positioned at my home (or the root) directory, and I have to once again guide them down to the directories that I want them to use, at each level scrolling slowly through the contents of a directory, clicking on a subdirectory, scrolling through that directory, etc. Then I click on something that does the job, the window disappears, and the directory is forgotten, so I have to do it all over again for the next task.
Granted, there are some thing that a GUI tool does a lot better than a CLI tool. But this is undercut by all the things that take orders of magnitude more time with the GUI. They haven't even figured out a convenient way to include wildcards in file names (or if they have, the implementers have never heard of it).
In my experience, the biggest UI improvement in history was when they came out with the "make" command. Of course, most GUI users have no idea what that is, or if they do, they're horrified by the complex-looking text files that they don't understand. But it's a really effective way of packing up a lot of repeated actions, giving them a name, and invoking them via a brief mnemonic command. Sorta like scripting, but with automatic checking to see whether each step actually needs to be done.
OTOH, pretty pictures can be fun and entertaining.
article is assuming we shouldn't have been boycotting Sony already.
Well, my first thought was that I can't boycott Sony over this, because I haven't bought anything of theirs since back when they were caught including rootkits on their CDs.
I don't know if it's possible to do two boycotts against the same company simultaneously. If so, you would one do it?
Anonymous. They keep using this word, but I do not think it means what they think it means.... When you refer to them, you're referring to everybody and nobody in particular, so quit throwing around 'Anonymous' as if they were Al Qaeda or the New York Mets.
Yeah, that sounds about right. In all three cases, we have a name, and maybe a few names that we'd never heard before that supposedly refer to their leaders. But nobody has bothered to show that there was an actual organization behind the names.
For all we know, you and I and that guy over there could all be "members" of Anonymous (and Al Qaeda and the Mets;-). After all, if they came and arrested you, for some appropriate value of they, how would you prove in court that you weren't a member? I for one don't know how I'd prove my non-membership.
It's also sorta like back in the day of J. Edgar Hoover's campaign against the Red Menace that was threatening the US. I occasionally thought about how I would prove that I wasn't a Communist, if I were dragged before one of those Committees. I probably couldn't, and I'd read a lot about all the people whose lives had been ruined by such accusations, based on no evidence at all.
So what's your defense against being Anonymous? Or Al Qaeda? Or a Met?
Note that, if you visited cia.gov after reading this story, they have evidence that you were part of the "attack".
Haw! And we can hope that none of Rick Santorum's supporters are reading this. They're the sort of folks who're likely to hunt Father Mulcahey down and interfere with his promotion.
OTOH, that's a crowd that isn't overly literate, and is unlikely to follow a site that describes itself as "for nerds", so the good Father's history is probably safe with us.
I'd rather that my 12-year-old daughter doesn't have to ask me how Rick ImpoliteWord became President.
You should also try to make sure that she doesn't go digging around into political contests from earlier US history. Going not too far back, you're likely to find yourself explaining to her the meaning of the slogan from the 1970s: "Lick Dick!". and more recently, there were slogans during the campaigns for both of the Bushes that were double-entendres based on the common use of their family name to refer to the female pubic region.
There's also the mocking of American speech that abbreviates the country's name to "merkin". That's a somewhat archaic word, but enough people know its meaning to make jokes about the pronunciation.
This sort of "outrageous" obscene insult is a constant in US history, and in the history of most of the democratic countries. If you can't handle it, maybe you should move to some place that doesn't have democratic elections.
Either that, or you might try your hand at making similar obscene jokes based on the names of a few politicians that you don't like. Maybe you can come up with one that'll be popular enough to reach the first page in google hits.
Your recipe for making santorum is wrong. Blood is not an ingredient at all.
It is if you're doing it right. You make santorum your way, and I'll make it my way.
Nah; you're the one who's wrong here. It's sorta like how you sometimes see recipes for a margarita that use lemon juice. Sorry; that's just wrong; a margarita is made with lime juice. Replacing it with lemon juice might make a drink that's just as good, but it's not a margarita. I'm not sure what it's called, and maybe we need to make up a proper name for it, but that's for another discussion.
Similarly, if you like your personal frothy sexual mixture, you should find another politician to name it after. Maybe you can help Dan start a more general Internet meme, of naming obscenely-produced material after politicians. There's gotta be a politician that you don't like, who is deserving of an obscene namesake. Let us know when you've chosen him (or her); I'm sure some people here would enjoy helping you spread it around.
I guess Wikipedia are in on it too, as their site ranks higher than Santorum's own, too.
Though we might note that if you give wikipedia the search term "santorum", you get the senator's wikipedia page. There is a comment at the top pointing to a disambiguation page, and it in turn has a link to "Santorum (neologism)" page. So, while the senator's web page is one click away from the wikipedia.org page, it takes three clicks to reach the "frothy mixture" definition. (And www.ricksantorum.com is two clicks away.)
I'd say that wikipedia is treating the "issue" properly, and Rick Santorum probably shouldn't attack them for the way they handle it. But I won't try to predict what he and his people will do.
Or, google could offer a cluster of keywords at the very top of a search that could drastically alter the search to better help people of any searches.
Or, more generally, google could work on providing help for all the searches in which several unrelated topics are intermingled because they use similar keywords. This isn't just a problem for politicians, and it's not just about obscenities. It's an ongoing frustration when the appropriate keywords have the information you want, but buried in orders of magnitude more info that you aren't looking for. (It's especially bad when those "irrelevant" sites look interesting.;-)
The problem has gotten worse in the past couple of years, partly because google now tries to include mispellings in its search. I noticed this when I was looking for a few traditional "fiddle tunes", and since the titles used common words, I included "reel" as one of the search terms. Google returned every page containing "reel" or "real", with both words highlighted to show what it was doing. Adding "-real" didn't help. This buried what I was looking for in millions of totally irrelevant hits. Google has backed off on this a bit recently, but it's still a serious problem when you're part of the tiny minority that actually plays music.
There's also the more general problem for musicians that when you search for music, none of the search sites distinguish music that you listen to from music that you put on your music stand and read. Not even "sheet music" works as a google keyword; what you want is still buried in a hundred times as many hits that want to sell you a recording. Also, "sheet music" isn't common online, so using it excludes some of the sites that have readable music in some form.
When the concept of the "semantic Web" first started to get bandied about, I had hopes that it would help solve this sort of problem. So far, I've been disappointed, but maybe years from now it'll help.
In the meantime, searching could be vastly improved by a few effective tools for choosing among multiple possible meanings of a search term. Santorum's problem could be helped by this, but many millions of people could be helped to waste fewer hours of digging through piles of unrelated pages to find the ones actually talking about what they're looking for.
(Yeah; I've worked on the problem myself. But I don't have any good solutions -- or the resources to do massive testing.;-)
Itâ(TM)s not that people donâ(TM)t understand the implications of this. Itâ(TM)s made fairly clear.. âoeevery site you visit will be known to usâ.
Well, I was surprised by this story, because I've always just assumed that Chrome sends a log of what I do back to the Mother Ship at Google. I don't have the source code, so that's what I'd suspect. And even with this story out, I still suspect that it's reporting my surfing to someone I don't know of. It'd be easy enough for them to hide this among all the auto-refresh traffic, and so on.
I don't use Chrome for online banking, mostly for this reason. There are several open-source browsers available that are much more trustworthy (though they're worth keeping an eye on;-).
So why would any sensible person think that their browser isn't sending their surfing history out to someone back home?
I don't use Chrome for online banking for this reason.
ceng2
chang2 means "habitually" (at least in my topolect)
So where's your topolect from?
I did a bit of dictionary work, and found both of the words. And it's annoying that slashdot won't allow Chinese characters. Anyway, I found a couple of comments that the Unicode chars 5C1D/5617 are listed as "chang2", but a few list "ceng2" as an alternate, and the different character 66FE is also "ceng2". Both have a list of possible meanings, and both include "past [tense]", along with meanings like "already", "formerly", etc. So it sounds like yet another example of something that varies within the many Mandarin dialects. Nothing unusual there.
I'd guess that people who use chang2 would probably recognize ceng2 as "dialectal", and vice-versa. Also, I'd guess that the chang2 is probably the Beijing-area pronunciation. The sounds are close enough that many people might not even notice that they're different. English is full of words with pronunciation more varied than this, and people usually hear the word that makes sense in context, so it doesn't much matter.
I also discovered a wang3chang2 word with yet another "chang2" character (5E38), with "habitually", "formerly", and "as it used to be" in the list of translations.
As you might guess, I'm not at all fluent in Mandarin. I've studied it for a while, mixed in with studying a lot of other languages. Mostly I've done a lot of work on "internationalization", which gives me a good excuse to dig into the interesting problems in lots of languages. Mandarin (and Chinese in general) is one of the more interesting cases, partly because of its extreme writing system (about as messed up as English, though not as much as Japanese;-). Mandarin is also interesting because of the problems caused by all the homophones produced by the loss of final sounds over the centuries, leading to interesting solutions to the problem it causes for vocal communication.
Of course, one of the more fun aspects of the Chinese languages is the lack of inflections, which makes for useful examples in cases like the current topic. Westerners tend to think that inflectional systems such as verb tenses, singular/plural forms of nouns, etc., are necessary for understanding. Chinese gives a clear counterexample for this, and most. Those concepts can be handled quite well with adjectives and adverbs. Thus, the German example using "Morgen" and the similar English examples using "tomorrow" show that this also happens in German and English. The Morgen/tomorrow adverbs provide the "future" idea, so it's not necessary to use the future form of the verb. You can add werden/will to the verb, and the result is correct, too. But both languages allow dropping the future marker, since it's redundant.
I like to toss out the Chinese time adverbs into discussions like this, because it's a clear example where no true verb tense markers exist; it's all done with adverbs that have a "future" meaning that's part of their basic meaning. German and English have gone partly down the path of expressing time in the Chinese manner, but they also still have an explicit future verb form.
Slightly different forms of the adverbs is also interesting, though it's useful in a different sort of discussion. It's often pointed out that Mandarin isn't so much a language as a range of closely-related dialects that are close enough that the speakers can communicate. But dialect (topolect, sociolect, etc.) differences pop up all over in things like adverbs, and sometimes cause communication problems. English has some of the same problems. Thus, some dialects have plurals for the pronoun "you", and they're not always understood as such by speakers of other dialects. They also don't have standard spellings, so they can be misunderstood in writing.
Dealing with dialect differences in computer settings can be fun...
There _is_ a tendency to melt present and future in German, and maybe that does re-program everyone's synapses accordingly, maybe not.
And, of course, we regularly do the same thing in English. Probably not with that example, but if I were to say "Tomorrow I'm taking the car in for an oil change", any native speaker would understand that as the future, though it's grammatically present tense. I could say "... I'll take...", and it'd be equally correct as future tense. But there probably aren't many native speakers of English who would even notice the difference. The word "tomorrow" puts it in the future, so the grammatical tense is an unneeded redundancy.
I wonder what the writer would think of languages like Chinese (all 10 or 12 or however many there are this week;-), which don't use inflections at all, and don't explicitly mark nouns for plural or verbs for tense, etc. Of course, there are lots of adjectives and adverbs available to do the job, but they're separate words, not inflection. Thus, in Mandarin you might use hui4 to indicate the future, zai4 for the present, or chang2 for the past, but they're adverbs, not required by any grammatical rules, and would normally only be used if the time relative to the present is important. If you use them, the verb remains unchanged. There are lots of languages like this, and their speakers generally have little trouble understanding time concepts.
The idea that such things somehow "control" your thoughts is an old one, popular in some circles, but isn't much founded on any linguistic facts.
If you can show you are unable to comply you don't have to.
But the whole point to my scenario was as a followup to the people observing that judge can just say "I don't believe you; give us the keys." Why would a judge treat me any differently than those others who don't have the key. E.g., how is my case different from the guy who constructed a random key from a bunch of random-number generators, and didn't keep it, because all he wanted was an encrypted file for a honeypot? If the judge won't accept that "excuse", why would the judge accept my excuse? Given the fact that I've been dragged before the judge, and the prosecution's lawyers say that I'm hiding evidence, why wouldn't the judge treat my oh-so-innocent excuse as prima-facie evidence of knowingly hiding my files' contents?
Actually, I also have a couple of honeypots on several web sites that I'm responsible for. That is, the files in certain directories are supposed to be "hidden" from anyone but authorized clients, and part of setting up a honeypot includes creating files that intruders will likely want to take advantage of. Some contain what looks like valid-looking plain-text data such as bank login credentials whose use will trigger an alarm and recording of the session information. Some of these are encrypted as the earlier poster suggested, and since we don't ever decrypt them ourselves (but may recreate them with a different key occasionally), we don't bother keeping the keys.
Why shouldn't we be concerned about the prospect of these files being used against us, as has been described in this discussion?
I'm not too confident of my ability to educate a judge or prosecution lawyers about the nature of honeypots (or puzzle solving). And I sorta doubt any judge would believe me if I claimed that I didn't have an encryption key to my own files, even though we both know several situations where this would be true.
(Several of those web sites also contain files that were encrypted by a client, and decodable only by them. This is not unusual for many kinds of web hosting. The current story should be a cause for concern to anyone involved in web hosting, since your most valuable customers are likely to be those with reasons to encrypt their data. You don't want your IT people hauled off to jail and subject to torture because some customer uploaded an encrypted file. You could lose some good employees that way.;-)
Of course gravity is a theory. All scientific generalizations are theory.
Nah; that's only true for the "common speech" usage of the term "theory". In scientific terminology, most generalization and/or explanations are called "conjectures" or "hypotheses". The term "theory" is usually reserved for conjectures and hypotheses that have been fairly well tested (and have passed all the tests;-).
This is just one of many cases where the common speech uses words very differently than various technical specialties use the same words. Sometimes this comes about because the specialists restrict the usage of a word; other times it's because the general population picked up a technical term but didn't understand its meaning, so it got used for meanings very different than the original.
One of the main tipoffs that someone is using the common-speech meaning of "theory" rather than the scientific is that they'll use phrases like "only a theory" or "just a theory". Such phrasing implies that they think "theory" is a synonym for "guess", which is accurate in the common speech but not in scientific speech. They may also show a "Huh?" reaction when you present them with words like "hypothesis", which hasn't much been picked up by the general population yet.
Another tipoff is that someone talks about proof of a theory, or mentions "scientific proof". Many scientific theorists (notably Karl Popper, but many others have chimed in) have pointed out that scientific methods rarely if ever involved proving anything. That's what mathematicians do, and mathematicians aren't scientists. Scientific methods typically only disprove things, and the things (hypotheses) left standing after many attempts to disprove them are promoted to "theory".
So the real reason that things like "there is a force that attracts masses together" can't be proved is that science doesn't even try to do that. Science tries to disprove the statement. After large numbers of attempts to do this all failed, the "theory of universal gravitation" was finally accepted as a theory. But this theory only said that there is such a force and it implements a specific equation. As others here have pointed out, there are a number of hypothetical explanations of the mechanism for how gravity works, and testing them has turned out to be rather tricky. So they're pretty much all in limbo, not considered theories, until people can come up with tests that disprove some of them. The front runner still seems to be Einstein's geometric model, but that just bounces the puzzle over to the equivalent question of why the universe's distance measure behaves in such a peculiar non-Euclidean fashion.
Your premise is ridiculous, as the court can reasonably assume that you intended to use said encrypted file,...
Hmmm... Under this reasoning, I could potentially be in a lot of legal trouble, because my disk does contain encrypted files for which I don't know the keys. This is fairly common among those of us that like to do puzzles. There are lots of "Can you decode this?" puzzles published every week. They range from the simple newspaper substitution-cipher puzzles to the famous puzzles that have been around for decades without anyone publishing a solution. I have some of them on my disk right now, and I have friends who also have similar puzzle files.
Under the above reasoning, these (openly published) puzzles could "reasonably" be considered proof that I'm hiding encrypted information that I intend to use. I suppose this is true in an obvious sense: If I can solve them, I can get a few "puzzle geek" points in the puzzle forums. But I couldn't give a judge the keys, no matter how long they lock me up or how badly they beat me. I could only do that if left alone with the puzzles for however long it takes me to solve them. Or they could give me access to the forums, where someone will probably post the solution given enough time, and I can calculate the key info from the solution.;-)
Maybe we should be informing all UK puzzle solvers that these files on their disk can get them indeterminate jail detention, possibly with serious beatings.
Or MI5 could hire a few people who are good at solving such puzzles.
Not believing in God, and spewing *misinformed* hate against any such being or belief is the new cool.
Hmmm... I don't recall ever hearing any admitted atheist spewing hate (or even dislike) against any God. I'd expect this would be rather rare, because you don't have to be a genius to understand how silly it is to hate something that doesn't even exist.;-)
The vocal atheists mentioned about have made their reputations by spewing their hatred against religious people, in particular, those who think it's their duty to impose parts of their beliefs on other people. Considering all the evils that religious people have perpetrated throughout history, this is quite understandable. Many religious people like to list off such evils themselves. With members of other religions as the perps, of course.
(I had a few examples here, but I decided to not bother, since anyone with any knowledge of history can rattle off the horror stories.)
(And, to pre-empt the usual reply to the above, I'll point out that, yes, some of humanity's evils were done without a religious motive. That doesn't excuse the religious gangs for their actions on behalf of their god(s).)
Slashdot Mirror
My brother's windows 7 box started running slow two weeks ago, but other than that there was no sign of a problem. ... Within 24 hours the ISP called him and told him he had a serious malware infection.
I got a call a few years ago from my ISP, telling me that there was a "virus" in my machine. The person calling described it, and I told him the name of the malware. He was a bit surprised by this, and I asked when they'd first seen it. It turned out that it was six months earlier, but they'd just got around to handling it. I asked him if they'd seen any evidence of it in the past few months. After a bit of a pause, he said they hadn't. I told him that I'd found it myself about six months ago, and it was no longer running. He thanked me, and hung up.
So I'm not too impressed by the idea that ISPs should do this sort of job. I can think of a number of much better ways to do it.
As others have said, an ISP is most useful if they just do one job: provide Internet connectivity. They should have experts on maintaining the wiring, running routers, etc. Traffic analysis is much better handled by people who understand that job. Looking for malware is better handled by people who understand that, on the specific OSs that are in use. Few ISPs are likely to be competent at this on anything but MS Windows, and rarely even then. It's not their job, and if they're ordered to do it, they'll do a half-assed job and we won't like the results (though we'll pay for them).
Most ISPs also provide things like DNS and email, and in my experience, they are usually the worst sources for these services. To make the routine automotive analogy, asking them to provide such services is about as sensible as asking your local highway construction and maintenance companies to also be a package delivery service.
Not that I'd expect anyone in a legislative body to understand any of this. Writing such things into law is just insane. That's why standards (and other regulatory) agencies were invented.
If a connection is spewing 500 pings a minute for 10 minutes, it's pretty unlikely it's for a legitimate reason.
Lets see MTR to a destination with 20 hops default refresh rate of 1 second. After a minute you just spewed 1200 pings. OMFG call the police!!
Yeah, and this reminds me that in several discussions on this topic, I've commented (or seen others comment) that various so-called "security experts" like to classify pings as attacks. This almost always gets pooh-poohed by other readers. But we just saw a /. reader claim that 500 pings per minute (about 8/sec) qualifies as an attack.
I've often found that it puts things into perspective to mention that many of the claims of "attacks" that you read about are in fact counting ICMP packets. This is a good way to inflate your numbers in your scare story. But, as with the above suggestion, any numbers you read from someone trying to make things look bad are highly likely to be counting things that aren't attacks at all, but are just part of the normal traffic on the internet.
In particular, I've worked on a number of projects to develop network-management software, and it's fun to point out occasionally that nearly everything we're developing would be classified as "attack" malware by most of the network-security folks. On a number of occasions, various management-type people have made it clear that they consider me a dangerous "hacker" simply because I've worked on such things, and seem to know a lot about them.
We can expect that any laws like this will be used to block not just legitimate traffic, but also network-management traffic. Flagging 500 pings a minute for 10 minutes as illegitimate is as clear an example of this as you can get. I routinely run tools that ping a list of sites scattered around the network, typically at 10-second intervals, as a "light" way of measuring network speed. They would almost all be considered illegitimate under this scheme.
... maybe you should have a single message at the top about why the person's account is broken and who they have to call to get it fixed.
I already get lots of notifications that my computer is infected. But they don't make me waste time talking about it to some drone off in India or Malaysia who's just following a script. They give me a direct link to where I can download a tool to clean up my machine.
And most of them don't even want to charge me for this service. ;-)
It's tough for geeks with their exclusive-or thinking to wrap their minds around that, ...
Oh, c'mon; any true geek would default "or" to inclusive-or. It's only in common speech that "or" usually means exclusive-or. In mathematics and most technical fields, inclusive-or is the default interpretation of "or". Any true geek would understand this.
Actually, there are a fair number of geek jokes based on the difference between the two ors, generally based on a misunderstanding that uses inclusive-or when exclusive-or was correct. Probably the simplest family of such jokes is about a geek who answers a question of the form "Would you like X or Y?" with a plain "Yes."
The government doesn't even need to prove that you (or your users) did anything wrong before they punish you. Look at the Jotform crap for proof of that. That business is more than likely ruined now; who's gonna trust a cloud storage site that could get nuked off the face of the internet again because some random asshole posted something that violates IP somewhere on it?
Yup. And what we should be doing is figure out how to get the message across to American businesses in general. They need to understand that they're not immune. What has happened to JotForm and a few thousand other small companies can happen just as easily to any other company trying to do business in the US. They can be shut down on a whim, with no explanation, at any time. There is no defense against this, other than to publicize it and get people to understand what it'll do to their businesses if they don't act.
Saying how awful it was for one company doesn't do much. Understanding that you may be next is what it'll probably take to get people to fix the growing problem.
The problem is that most companies doesn't like the US law, so they are leaving. Wasn't that the entire point of this article?
No, the point is that in the US's treatment of Internet sites, the law is now clearly irrelevant. The current poster child is JotForm, whose domain name was shut down for no stated reason, without a court warrant, and there's not even a suggestion that JotForm was violating any law. In fact, the jotform.com name was eventually restored, but the authorities involved haven't stated why the action was taken.
The general understanding is that it was probably a "mistake", i.e., the agencies involved didn't know or care about the law or finding any evidence; they just sent GoDaddy the takedown request without bothering with a court order, and GoDaddy accepted it without question. The silence from officialdom is because they knew they blew it, and don't want to admit their mistake. But this isn't consolation to the businesses that have been silenced by such random, unexplained takedowns. JotForm wasn't an isolated incident; there have been thousands of them in recent months.
Any businesses using a hosting or domain-name service in the US has to now be aware that their online presence can disappear instantly, with no explanation and no recourse. It doesn't matter whether you are following US law or not. It all just depends on the whims and misunderstandings of a flock of agencies that you don't know about and who won't talk to you.
It simply doesn't make sense to do business under such conditions. Sensible businessmen would be looking around for Internet hosting and domain-name services that are stable and reliable. Such services no longer exist in the US, and can't exist as long as the authorities act outside the law, so you should be moving your Internet business elsewhere.
thing is in order to expand and grow you need new ideas. tougher IP laws actually restrict new ideas and slow down development.
Why do people have to keep saying this, as if it were some exciting new idea?
Fact is, the "IP" laws' only function has always been to limit our (re)use of others' ideas. And, as Isaac Newton famously put it in his "standing on the shoulders of giants" remark, building on others' ideas is how we have always progressed. Nobody has ever started with a "blank slate", and invented new things from first principles. Advances have always come from studying what others have done, and finding better ways to do things. Patent and copyright were developed explicitly to block this building process, and that's all that they've ever been used for.
"We're pretty sure that there are some safe ways of doing it, but we haven't bothered to teach our workers to do it that way, because it's too expensive."
We in the computer biz are pretty familiar with this sort of euphemistic safety claim. But if the "users" can't get it right, it mostly says a lot about the UI that you've handed them. If the users can't figure out how to do it right, either it's been made too difficult, or they don't have good training/documentation -- or they're being "encouraged" to do it wrong by their bosses. Usually all of the above.
The amount of misinterpretation/spin in your reply is astounding.
Yeah, but admit it: It was funny. I think that's what 19thNervousBreakdown (768619) was going for. I've already posted, so I'll just have to hope that someone with mod points will give him (her?) one or more.
Except for the fact that the "graphical trickery" makes things like graphic design, non-linear video editing, and numerous other tasks far easier than a CLI would be?
Well, maybe, but I think the pseudo-dispute arises more from things like all the time I find myself wasting with GUI tools that make me wade through several windows, each of which needs to be laboriously guided down through the directory tree, to do what could be done in 1/10 the time with a simple cp or mv or ... command. I've wasted a lot of my life on idiotic simple-minded tasks like that, which are fast and easy with a CLI, but achingly time-consuming in a GUI.
Not that I couldn't think of a quick and easy way to do such things in a GUI. But the people who write GUI tools don't ever consult with me (presumably because I have no "experience" designing modern GUi tools ;-), so they continue to present me with windows positioned at my home (or the root) directory, and I have to once again guide them down to the directories that I want them to use, at each level scrolling slowly through the contents of a directory, clicking on a subdirectory, scrolling through that directory, etc. Then I click on something that does the job, the window disappears, and the directory is forgotten, so I have to do it all over again for the next task.
Granted, there are some thing that a GUI tool does a lot better than a CLI tool. But this is undercut by all the things that take orders of magnitude more time with the GUI. They haven't even figured out a convenient way to include wildcards in file names (or if they have, the implementers have never heard of it).
In my experience, the biggest UI improvement in history was when they came out with the "make" command. Of course, most GUI users have no idea what that is, or if they do, they're horrified by the complex-looking text files that they don't understand. But it's a really effective way of packing up a lot of repeated actions, giving them a name, and invoking them via a brief mnemonic command. Sorta like scripting, but with automatic checking to see whether each step actually needs to be done.
OTOH, pretty pictures can be fun and entertaining.
article is assuming we shouldn't have been boycotting Sony already.
Well, my first thought was that I can't boycott Sony over this, because I haven't bought anything of theirs since back when they were caught including rootkits on their CDs.
I don't know if it's possible to do two boycotts against the same company simultaneously. If so, you would one do it?
Well, then, it's good that you didn't call Fr Mulcahey a raping pedophile, because I'd hate to have to re-classify you as someone not to be believed.
Anonymous. They keep using this word, but I do not think it means what they think it means. ... When you refer to them, you're referring to everybody and nobody in particular, so quit throwing around 'Anonymous' as if they were Al Qaeda or the New York Mets.
Yeah, that sounds about right. In all three cases, we have a name, and maybe a few names that we'd never heard before that supposedly refer to their leaders. But nobody has bothered to show that there was an actual organization behind the names.
For all we know, you and I and that guy over there could all be "members" of Anonymous (and Al Qaeda and the Mets ;-). After all, if they came and arrested you, for some appropriate value of they, how would you prove in court that you weren't a member? I for one don't know how I'd prove my non-membership.
It's also sorta like back in the day of J. Edgar Hoover's campaign against the Red Menace that was threatening the US. I occasionally thought about how I would prove that I wasn't a Communist, if I were dragged before one of those Committees. I probably couldn't, and I'd read a lot about all the people whose lives had been ruined by such accusations, based on no evidence at all.
So what's your defense against being Anonymous? Or Al Qaeda? Or a Met?
Note that, if you visited cia.gov after reading this story, they have evidence that you were part of the "attack".
Haw! And we can hope that none of Rick Santorum's supporters are reading this. They're the sort of folks who're likely to hunt Father Mulcahey down and interfere with his promotion.
OTOH, that's a crowd that isn't overly literate, and is unlikely to follow a site that describes itself as "for nerds", so the good Father's history is probably safe with us.
I do sorta wish I had a mod point ...
I'd rather that my 12-year-old daughter doesn't have to ask me how Rick ImpoliteWord became President.
You should also try to make sure that she doesn't go digging around into political contests from earlier US history. Going not too far back, you're likely to find yourself explaining to her the meaning of the slogan from the 1970s: "Lick Dick!". and more recently, there were slogans during the campaigns for both of the Bushes that were double-entendres based on the common use of their family name to refer to the female pubic region.
There's also the mocking of American speech that abbreviates the country's name to "merkin". That's a somewhat archaic word, but enough people know its meaning to make jokes about the pronunciation.
This sort of "outrageous" obscene insult is a constant in US history, and in the history of most of the democratic countries. If you can't handle it, maybe you should move to some place that doesn't have democratic elections.
Either that, or you might try your hand at making similar obscene jokes based on the names of a few politicians that you don't like. Maybe you can come up with one that'll be popular enough to reach the first page in google hits.
Your recipe for making santorum is wrong. Blood is not an ingredient at all.
It is if you're doing it right. You make santorum your way, and I'll make it my way.
Nah; you're the one who's wrong here. It's sorta like how you sometimes see recipes for a margarita that use lemon juice. Sorry; that's just wrong; a margarita is made with lime juice. Replacing it with lemon juice might make a drink that's just as good, but it's not a margarita. I'm not sure what it's called, and maybe we need to make up a proper name for it, but that's for another discussion.
Similarly, if you like your personal frothy sexual mixture, you should find another politician to name it after. Maybe you can help Dan start a more general Internet meme, of naming obscenely-produced material after politicians. There's gotta be a politician that you don't like, who is deserving of an obscene namesake. Let us know when you've chosen him (or her); I'm sure some people here would enjoy helping you spread it around.
I guess Wikipedia are in on it too, as their site ranks higher than Santorum's own, too.
Though we might note that if you give wikipedia the search term "santorum", you get the senator's wikipedia page. There is a comment at the top pointing to a disambiguation page, and it in turn has a link to "Santorum (neologism)" page. So, while the senator's web page is one click away from the wikipedia.org page, it takes three clicks to reach the "frothy mixture" definition. (And www.ricksantorum.com is two clicks away.)
I'd say that wikipedia is treating the "issue" properly, and Rick Santorum probably shouldn't attack them for the way they handle it. But I won't try to predict what he and his people will do.
Or, google could offer a cluster of keywords at the very top of a search that could drastically alter the search to better help people of any searches.
Or, more generally, google could work on providing help for all the searches in which several unrelated topics are intermingled because they use similar keywords. This isn't just a problem for politicians, and it's not just about obscenities. It's an ongoing frustration when the appropriate keywords have the information you want, but buried in orders of magnitude more info that you aren't looking for. (It's especially bad when those "irrelevant" sites look interesting. ;-)
The problem has gotten worse in the past couple of years, partly because google now tries to include mispellings in its search. I noticed this when I was looking for a few traditional "fiddle tunes", and since the titles used common words, I included "reel" as one of the search terms. Google returned every page containing "reel" or "real", with both words highlighted to show what it was doing. Adding "-real" didn't help. This buried what I was looking for in millions of totally irrelevant hits. Google has backed off on this a bit recently, but it's still a serious problem when you're part of the tiny minority that actually plays music.
There's also the more general problem for musicians that when you search for music, none of the search sites distinguish music that you listen to from music that you put on your music stand and read. Not even "sheet music" works as a google keyword; what you want is still buried in a hundred times as many hits that want to sell you a recording. Also, "sheet music" isn't common online, so using it excludes some of the sites that have readable music in some form.
When the concept of the "semantic Web" first started to get bandied about, I had hopes that it would help solve this sort of problem. So far, I've been disappointed, but maybe years from now it'll help.
In the meantime, searching could be vastly improved by a few effective tools for choosing among multiple possible meanings of a search term. Santorum's problem could be helped by this, but many millions of people could be helped to waste fewer hours of digging through piles of unrelated pages to find the ones actually talking about what they're looking for.
(Yeah; I've worked on the problem myself. But I don't have any good solutions -- or the resources to do massive testing. ;-)
Itâ(TM)s not that people donâ(TM)t understand the implications of this. Itâ(TM)s made fairly clear.. âoeevery site you visit will be known to usâ.
Well, I was surprised by this story, because I've always just assumed that Chrome sends a log of what I do back to the Mother Ship at Google. I don't have the source code, so that's what I'd suspect. And even with this story out, I still suspect that it's reporting my surfing to someone I don't know of. It'd be easy enough for them to hide this among all the auto-refresh traffic, and so on.
I don't use Chrome for online banking, mostly for this reason. There are several open-source browsers available that are much more trustworthy (though they're worth keeping an eye on ;-).
So why would any sensible person think that their browser isn't sending their surfing history out to someone back home?
I don't use Chrome for online banking for this reason.
ceng2 chang2 means "habitually" (at least in my topolect)
So where's your topolect from?
I did a bit of dictionary work, and found both of the words. And it's annoying that slashdot won't allow Chinese characters. Anyway, I found a couple of comments that the Unicode chars 5C1D/5617 are listed as "chang2", but a few list "ceng2" as an alternate, and the different character 66FE is also "ceng2". Both have a list of possible meanings, and both include "past [tense]", along with meanings like "already", "formerly", etc. So it sounds like yet another example of something that varies within the many Mandarin dialects. Nothing unusual there.
I'd guess that people who use chang2 would probably recognize ceng2 as "dialectal", and vice-versa. Also, I'd guess that the chang2 is probably the Beijing-area pronunciation. The sounds are close enough that many people might not even notice that they're different. English is full of words with pronunciation more varied than this, and people usually hear the word that makes sense in context, so it doesn't much matter.
I also discovered a wang3chang2 word with yet another "chang2" character (5E38), with "habitually", "formerly", and "as it used to be" in the list of translations.
As you might guess, I'm not at all fluent in Mandarin. I've studied it for a while, mixed in with studying a lot of other languages. Mostly I've done a lot of work on "internationalization", which gives me a good excuse to dig into the interesting problems in lots of languages. Mandarin (and Chinese in general) is one of the more interesting cases, partly because of its extreme writing system (about as messed up as English, though not as much as Japanese ;-). Mandarin is also interesting because of the problems caused by all the homophones produced by the loss of final sounds over the centuries, leading to interesting solutions to the problem it causes for vocal communication.
Of course, one of the more fun aspects of the Chinese languages is the lack of inflections, which makes for useful examples in cases like the current topic. Westerners tend to think that inflectional systems such as verb tenses, singular/plural forms of nouns, etc., are necessary for understanding. Chinese gives a clear counterexample for this, and most. Those concepts can be handled quite well with adjectives and adverbs. Thus, the German example using "Morgen" and the similar English examples using "tomorrow" show that this also happens in German and English. The Morgen/tomorrow adverbs provide the "future" idea, so it's not necessary to use the future form of the verb. You can add werden/will to the verb, and the result is correct, too. But both languages allow dropping the future marker, since it's redundant.
I like to toss out the Chinese time adverbs into discussions like this, because it's a clear example where no true verb tense markers exist; it's all done with adverbs that have a "future" meaning that's part of their basic meaning. German and English have gone partly down the path of expressing time in the Chinese manner, but they also still have an explicit future verb form.
Slightly different forms of the adverbs is also interesting, though it's useful in a different sort of discussion. It's often pointed out that Mandarin isn't so much a language as a range of closely-related dialects that are close enough that the speakers can communicate. But dialect (topolect, sociolect, etc.) differences pop up all over in things like adverbs, and sometimes cause communication problems. English has some of the same problems. Thus, some dialects have plurals for the pronoun "you", and they're not always understood as such by speakers of other dialects. They also don't have standard spellings, so they can be misunderstood in writing.
Dealing with dialect differences in computer settings can be fun ...
There _is_ a tendency to melt present and future in German, and maybe that does re-program everyone's synapses accordingly, maybe not.
And, of course, we regularly do the same thing in English. Probably not with that example, but if I were to say "Tomorrow I'm taking the car in for an oil change", any native speaker would understand that as the future, though it's grammatically present tense. I could say "... I'll take ...", and it'd be equally correct as future tense. But there probably aren't many native speakers of English who would even notice the difference. The word "tomorrow" puts it in the future, so the grammatical tense is an unneeded redundancy.
I wonder what the writer would think of languages like Chinese (all 10 or 12 or however many there are this week ;-), which don't use inflections at all, and don't explicitly mark nouns for plural or verbs for tense, etc. Of course, there are lots of adjectives and adverbs available to do the job, but they're separate words, not inflection. Thus, in Mandarin you might use hui4 to indicate the future, zai4 for the present, or chang2 for the past, but they're adverbs, not required by any grammatical rules, and would normally only be used if the time relative to the present is important. If you use them, the verb remains unchanged. There are lots of languages like this, and their speakers generally have little trouble understanding time concepts.
The idea that such things somehow "control" your thoughts is an old one, popular in some circles, but isn't much founded on any linguistic facts.
If you can show you are unable to comply you don't have to.
But the whole point to my scenario was as a followup to the people observing that judge can just say "I don't believe you; give us the keys." Why would a judge treat me any differently than those others who don't have the key. E.g., how is my case different from the guy who constructed a random key from a bunch of random-number generators, and didn't keep it, because all he wanted was an encrypted file for a honeypot? If the judge won't accept that "excuse", why would the judge accept my excuse? Given the fact that I've been dragged before the judge, and the prosecution's lawyers say that I'm hiding evidence, why wouldn't the judge treat my oh-so-innocent excuse as prima-facie evidence of knowingly hiding my files' contents?
Actually, I also have a couple of honeypots on several web sites that I'm responsible for. That is, the files in certain directories are supposed to be "hidden" from anyone but authorized clients, and part of setting up a honeypot includes creating files that intruders will likely want to take advantage of. Some contain what looks like valid-looking plain-text data such as bank login credentials whose use will trigger an alarm and recording of the session information. Some of these are encrypted as the earlier poster suggested, and since we don't ever decrypt them ourselves (but may recreate them with a different key occasionally), we don't bother keeping the keys.
Why shouldn't we be concerned about the prospect of these files being used against us, as has been described in this discussion?
I'm not too confident of my ability to educate a judge or prosecution lawyers about the nature of honeypots (or puzzle solving). And I sorta doubt any judge would believe me if I claimed that I didn't have an encryption key to my own files, even though we both know several situations where this would be true.
(Several of those web sites also contain files that were encrypted by a client, and decodable only by them. This is not unusual for many kinds of web hosting. The current story should be a cause for concern to anyone involved in web hosting, since your most valuable customers are likely to be those with reasons to encrypt their data. You don't want your IT people hauled off to jail and subject to torture because some customer uploaded an encrypted file. You could lose some good employees that way. ;-)
Of course gravity is a theory. All scientific generalizations are theory.
Nah; that's only true for the "common speech" usage of the term "theory". In scientific terminology, most generalization and/or explanations are called "conjectures" or "hypotheses". The term "theory" is usually reserved for conjectures and hypotheses that have been fairly well tested (and have passed all the tests ;-).
This is just one of many cases where the common speech uses words very differently than various technical specialties use the same words. Sometimes this comes about because the specialists restrict the usage of a word; other times it's because the general population picked up a technical term but didn't understand its meaning, so it got used for meanings very different than the original.
One of the main tipoffs that someone is using the common-speech meaning of "theory" rather than the scientific is that they'll use phrases like "only a theory" or "just a theory". Such phrasing implies that they think "theory" is a synonym for "guess", which is accurate in the common speech but not in scientific speech. They may also show a "Huh?" reaction when you present them with words like "hypothesis", which hasn't much been picked up by the general population yet.
Another tipoff is that someone talks about proof of a theory, or mentions "scientific proof". Many scientific theorists (notably Karl Popper, but many others have chimed in) have pointed out that scientific methods rarely if ever involved proving anything. That's what mathematicians do, and mathematicians aren't scientists. Scientific methods typically only disprove things, and the things (hypotheses) left standing after many attempts to disprove them are promoted to "theory".
So the real reason that things like "there is a force that attracts masses together" can't be proved is that science doesn't even try to do that. Science tries to disprove the statement. After large numbers of attempts to do this all failed, the "theory of universal gravitation" was finally accepted as a theory. But this theory only said that there is such a force and it implements a specific equation. As others here have pointed out, there are a number of hypothetical explanations of the mechanism for how gravity works, and testing them has turned out to be rather tricky. So they're pretty much all in limbo, not considered theories, until people can come up with tests that disprove some of them. The front runner still seems to be Einstein's geometric model, but that just bounces the puzzle over to the equivalent question of why the universe's distance measure behaves in such a peculiar non-Euclidean fashion.
Your premise is ridiculous, as the court can reasonably assume that you intended to use said encrypted file, ...
Hmmm ... Under this reasoning, I could potentially be in a lot of legal trouble, because my disk does contain encrypted files for which I don't know the keys. This is fairly common among those of us that like to do puzzles. There are lots of "Can you decode this?" puzzles published every week. They range from the simple newspaper substitution-cipher puzzles to the famous puzzles that have been around for decades without anyone publishing a solution. I have some of them on my disk right now, and I have friends who also have similar puzzle files.
Under the above reasoning, these (openly published) puzzles could "reasonably" be considered proof that I'm hiding encrypted information that I intend to use. I suppose this is true in an obvious sense: If I can solve them, I can get a few "puzzle geek" points in the puzzle forums. But I couldn't give a judge the keys, no matter how long they lock me up or how badly they beat me. I could only do that if left alone with the puzzles for however long it takes me to solve them. Or they could give me access to the forums, where someone will probably post the solution given enough time, and I can calculate the key info from the solution. ;-)
Maybe we should be informing all UK puzzle solvers that these files on their disk can get them indeterminate jail detention, possibly with serious beatings.
Or MI5 could hire a few people who are good at solving such puzzles.
Not believing in God, and spewing *misinformed* hate against any such being or belief is the new cool.
Hmmm ... I don't recall ever hearing any admitted atheist spewing hate (or even dislike) against any God. I'd expect this would be rather rare, because you don't have to be a genius to understand how silly it is to hate something that doesn't even exist. ;-)
The vocal atheists mentioned about have made their reputations by spewing their hatred against religious people, in particular, those who think it's their duty to impose parts of their beliefs on other people. Considering all the evils that religious people have perpetrated throughout history, this is quite understandable. Many religious people like to list off such evils themselves. With members of other religions as the perps, of course.
(I had a few examples here, but I decided to not bother, since anyone with any knowledge of history can rattle off the horror stories.)
(And, to pre-empt the usual reply to the above, I'll point out that, yes, some of humanity's evils were done without a religious motive. That doesn't excuse the religious gangs for their actions on behalf of their god(s).)