The Nazis were socialist. The rise of the Nazi party was in large part due to Germany's situation after WWI and the rejection of international socialism (proto-Marxism, the step before the abolition of the state) and capitalism. The goal was to create a "national socialism", that tied the ownership of the means of production to a nationalistic state. It's basically fascism, except with the corporations subordinate to the state instead of the state subordinate to, or on equal footing with, the corporations.
I know you're thinking that "Nazi == bad; socialism == good; therefore Nazis weren't socialist". If you stop assigning intrinsic value judgements to economic and political systems, you'll have a much easier time making sense of the world around you.
The capuchin monkey on Friends was played by a monkey named Katie. I don't remember the show well enough, but a scene that contained three monkeys (at a zoo?) could be credited as "monkey, Katie, and monkey" (with the other monkey actors being unnamed).
This is really bugging me now, too! Obscure references are the bane of my existence.
I used a Windows phone for a while and Cortana, while absolutely useless for almost everything else, was surprisingly good at dictation. Even with context-dependent phrasing, there were no eel-filled hovercrafts anywhere.
This isn't one of Trump's ideas, though. This has been pitched by the airlines multiple times in the last few decades and you can be sure the specifics are already all drafted out and ready for Congress to vote on without reading.
Also, image how much nicer and more productive your workplace would be without all of the people who would be happy sitting on their butts watching TV all day. I don't imagine there's even be a significant drop in overall productivity.
As the other reply pointed out, this is only true if the card bears the name of somebody that isn't you. The law also doesn't let the policeman "assume you intended to use it for illegal purposes". It's a strict liability law (which is part of a fucked-up, but increasingly common trend with laws), which doesn't require any criminal intent at all to prosecute. There's no mind reading involved at all; if you possess the card, you're violating the law.
The amount of maintenance, both scheduled and unscheduled, that a home requires has proven to be a lot more than I expected or budgeted for. I'm a pretty handy DIYer, and even at that I get overwhelmed sometimes with deferred tasks. It eats your time if you DIY, or your money if you hire it out. I'm quite certain that I am not financially ahead, compared to if I had been renting, and I'd certainly have a LOT more free time.
As a homeowner who also owns rental properties, I can tell you that the cost of maintenance is also folded into whatever you would pay to rent a house. My renters pay the sum of the mortgage on the property, the estimated cost of repairs and maintenance, plus a little more (which will be profit if nothing goes wrong; or a buffer if maintenance is unexpectedly expensive or the renters misbehave). Some property owners skimp on maintenance to take more profit, but they pay for it in the long run with a deteriorating property and the renters pay for it by having to deal with shitty half-assed repairs (actually, they don't pay for it for long before they leave and you end up with tenants who see no problem with trashing the place. I mean, the owner clearly doesn't care about it...).
As long as your interest rate is reasonable and you live there long enough to diffuse the transactional costs, you're financially better off owning your house instead of renting.
That setup would make Rube Goldberg proud. You can get subsecond time syncing in the clock directly from NIST, too, without all of the intermediate steps. (I have a setup similar to yours, too, with a GPSDO.)
I don't agree that the GP is right about malice vs incompetence here, but simply allowing a discovered attack to happen wouldn't require a vast and unsustainable conspiracy.
A single, or very few, higher-ups could allow such an attack to proceed by using the expected incompetence and unresponsive nature of bureaucracy. They can dismiss the credibility of the reports a few times and ask for resources to be dedicated to more credible threats. If the threat becomes grave, they can ask for more detailed analysis of the situation and a time-consuming network of known contacts to be built. And if they don't prevent it in time, then the bureaucracy was either incompetent (which is expected and excused) or they didn't have the tools they needed. Nobody would suspect that the slow movements of a large bureaucracy were made to be deliberately slow.
Again, I'm not saying that this is the case here. I'm just pointing out that this scenario wouldn't require a vast conspiracy of low-level mooks orchestrating an attack against fellow citizens.
It sounds like that's a job that's ripe for automation, then. You say that the requirements are even highly generalized and not domain specific. If you could only just remove the propensity of executives to put their own interests above the interests of the company, you've already got a winner. If the executive program (maybe a machine learning implementation, but probably just ceo.pl) makes fewer irrational decisions, then all the better.
And without the need to pay the CEO and upper management, you've got a working budget that's larger than many entire departments in the company!
I've found early code where I reimplemented standard library functions (though not as generalized), with accompanying comments that said, "I can't believe that this isn't a standard function!"
It was pretty decent code and I was impressed with the logic, but what a huge time sink all of that was!
If anything, that demonstrates to me that we are NOT done with needing coders. We have such a need for them that people who aren't very good can still get work. If you have a profession where you can get more people than you need, you get to pick and choose and get only those that are really good. When you have to take poor performers, it means you need more than you can get.
I don't disagree with your conclusion, but I think that your reasoning is wrong. Management at companies take poor performers because they don't understand their own requirements or the details of their workers' competency well enough to be able to tell a good performer from a poor one or to properly value a good performer. Management thinks that all coders (or generally, all workers) are interchangeable and so they optimize only for low costs (if they optimize at all).
$0.05 * 500,000 units is $25,000, not $2.5 million. I hope you never get before me in an interview!
I agree with cost saving when appropriate, but I agree even more with checking the results of your calculations before believing them and calling other people stupid asses.
see plenty of people driving their sport/luxury sport cars in the general area i'm in, and 99% of them do quite alright. Worst most of them do is go 10-15 MPH over the speed limit...
Where do you live?! Everywhere I've lived, the general rule is that the faster a car is capable of going, the slower it will actually be going. Often, they don't even reach the speed limit, even though they appear to be incapable of driving in any lane besides the passing lane.
people are buying these purely for vanity reasons.
Which adequately describes many, many car purchases. Worldwide.
Your point? There is, or needs to be, for many people, a different criteria for purchasing a car?
Yes. I think the mindset is that decisions that don't line up with their particular values or uses should be expressly illegal. They value fuel economy, so that should be the sole design goal of cars and the sole criteria for purchasing a car.
You see that a lot from rule-heads and busybodies: "I don't have any use for a xxx, so they should be illegal for anybody to own."
Voting on a law is a binary decision, but drafting and discussing the laws that are to be voted on isn't. In a functioning political system, much more time is spent on the latter than the former. It even happens that way in the US, too.
Yeah, let's complain about customary units and then go ahead and convert through logical SI into more goofy customary units! It's 6.1 megagrams (Mg) or 6100 kilograms.
Beats me; I'm not a lawyer. That distinction sounds like a matter for the courts, as well as the matter of proving that the page was incapable of storing passwords. If you look at some of those laws I linked to, even attempts at solicitation of credentials are listed as offenses, so your competence at carrying out the crime might not be all that important.
18 U.S.C. 1029 (access device fraud) 18 U.S.C. 1028 (fraud in connection with identification documents and authentication features) 18 U.S.C. 1028A (aggravated identity theft) 18 U.S.C. 1343 (wire fraud) 18 U.S.C. 1030(a)(4) (accessing a computer to defraud and obtain something of value) 18 U.S.C. 1001 (making false statements in any matter within the jurisdiction of the government)
There are a number of state laws that handle it, too.
The law mostly used to prosecute phishing seems to be 18 U.S.C. 1029(e)(1). "Penalties for violations of section 1029 range from a maximum of 10 or 15 years of imprisonment depending on the subsection violated."
Phishing is not legal and it was not a great idea to publicly confess to attempting a phishing campaign against the US government.
Ha! The NSA is directly responsible for weaponizing and attempting to bury a security flaw that just caused a massive worldwide crisis this weekend and there appears to be no hell to pay for that. I'm pretty sure it's been established that they'll not be held accountable for anything they do.
If Teen Vogue is the best source you can find that's covering the formation of a group of "Nuclear Experts", there's a fair chance that it's not news and near certainty that it's not news for nerds.
Fair enough, but those examples only apply to poorly-considered naming schemes (and the accompanying human assumptions) or improperly implemented mail systems. Per RFC 5321, "the local-part of a mailbox MUST BE treated as case sensitive." These could lead to multiple identifiers that all map to a single email address (in the case of a case insensitive local-part), but not a single identifier mapping to multiple email addresses (the birthday paradox manifestation).
The fuzzy matching was more about the fact that every time you "read" a biometric property, you have a good chance of getting a slightly different reading. A biometric property is not a static property that can be read with 100% fidelity. The standard approach to handling this is to pick a number of the (assumed or measured to be) most invariant features use those as the reading, tossing out the rest. This process is not very robust, though, and you determine acceptable matches by whether the matched features to total features ratio exceeds a threshold (fuzzy matching). Barring shitty programming or improper assumptions, email addresses can be read with 100% fidelity and either match or don't match an entry in your database. Any fuzziness is deliberately imposed on an inherently non-fuzzy system.
His arguments against using biometrics as identifiers were the birthday paradox and fuzzy matching, which absolutely don't apply at all to email addresses. Aside from very deliberate email account sharing between family members, no two people have any chance at all of having the same email address. Secondly, matching an email address is not fuzzy at all.
Slashdot Mirror
The Nazis were socialist. The rise of the Nazi party was in large part due to Germany's situation after WWI and the rejection of international socialism (proto-Marxism, the step before the abolition of the state) and capitalism. The goal was to create a "national socialism", that tied the ownership of the means of production to a nationalistic state. It's basically fascism, except with the corporations subordinate to the state instead of the state subordinate to, or on equal footing with, the corporations.
I know you're thinking that "Nazi == bad; socialism == good; therefore Nazis weren't socialist".
If you stop assigning intrinsic value judgements to economic and political systems, you'll have a much easier time making sense of the world around you.
The capuchin monkey on Friends was played by a monkey named Katie. I don't remember the show well enough, but a scene that contained three monkeys (at a zoo?) could be credited as "monkey, Katie, and monkey" (with the other monkey actors being unnamed).
This is really bugging me now, too! Obscure references are the bane of my existence.
I used a Windows phone for a while and Cortana, while absolutely useless for almost everything else, was surprisingly good at dictation. Even with context-dependent phrasing, there were no eel-filled hovercrafts anywhere.
This isn't one of Trump's ideas, though. This has been pitched by the airlines multiple times in the last few decades and you can be sure the specifics are already all drafted out and ready for Congress to vote on without reading.
Also, image how much nicer and more productive your workplace would be without all of the people who would be happy sitting on their butts watching TV all day. I don't imagine there's even be a significant drop in overall productivity.
As the other reply pointed out, this is only true if the card bears the name of somebody that isn't you. The law also doesn't let the policeman "assume you intended to use it for illegal purposes". It's a strict liability law (which is part of a fucked-up, but increasingly common trend with laws), which doesn't require any criminal intent at all to prosecute. There's no mind reading involved at all; if you possess the card, you're violating the law.
The amount of maintenance, both scheduled and unscheduled, that a home requires has proven to be a lot more than I expected or budgeted for. I'm a pretty handy DIYer, and even at that I get overwhelmed sometimes with deferred tasks. It eats your time if you DIY, or your money if you hire it out. I'm quite certain that I am not financially ahead, compared to if I had been renting, and I'd certainly have a LOT more free time.
As a homeowner who also owns rental properties, I can tell you that the cost of maintenance is also folded into whatever you would pay to rent a house. My renters pay the sum of the mortgage on the property, the estimated cost of repairs and maintenance, plus a little more (which will be profit if nothing goes wrong; or a buffer if maintenance is unexpectedly expensive or the renters misbehave). Some property owners skimp on maintenance to take more profit, but they pay for it in the long run with a deteriorating property and the renters pay for it by having to deal with shitty half-assed repairs (actually, they don't pay for it for long before they leave and you end up with tenants who see no problem with trashing the place. I mean, the owner clearly doesn't care about it...).
As long as your interest rate is reasonable and you live there long enough to diffuse the transactional costs, you're financially better off owning your house instead of renting.
That setup would make Rube Goldberg proud. You can get subsecond time syncing in the clock directly from NIST, too, without all of the intermediate steps. (I have a setup similar to yours, too, with a GPSDO.)
I don't agree that the GP is right about malice vs incompetence here, but simply allowing a discovered attack to happen wouldn't require a vast and unsustainable conspiracy.
A single, or very few, higher-ups could allow such an attack to proceed by using the expected incompetence and unresponsive nature of bureaucracy. They can dismiss the credibility of the reports a few times and ask for resources to be dedicated to more credible threats. If the threat becomes grave, they can ask for more detailed analysis of the situation and a time-consuming network of known contacts to be built. And if they don't prevent it in time, then the bureaucracy was either incompetent (which is expected and excused) or they didn't have the tools they needed. Nobody would suspect that the slow movements of a large bureaucracy were made to be deliberately slow.
Again, I'm not saying that this is the case here. I'm just pointing out that this scenario wouldn't require a vast conspiracy of low-level mooks orchestrating an attack against fellow citizens.
It sounds like that's a job that's ripe for automation, then. You say that the requirements are even highly generalized and not domain specific. If you could only just remove the propensity of executives to put their own interests above the interests of the company, you've already got a winner. If the executive program (maybe a machine learning implementation, but probably just ceo.pl) makes fewer irrational decisions, then all the better.
And without the need to pay the CEO and upper management, you've got a working budget that's larger than many entire departments in the company!
I've found early code where I reimplemented standard library functions (though not as generalized), with accompanying comments that said, "I can't believe that this isn't a standard function!"
It was pretty decent code and I was impressed with the logic, but what a huge time sink all of that was!
If anything, that demonstrates to me that we are NOT done with needing coders. We have such a need for them that people who aren't very good can still get work. If you have a profession where you can get more people than you need, you get to pick and choose and get only those that are really good. When you have to take poor performers, it means you need more than you can get.
I don't disagree with your conclusion, but I think that your reasoning is wrong. Management at companies take poor performers because they don't understand their own requirements or the details of their workers' competency well enough to be able to tell a good performer from a poor one or to properly value a good performer. Management thinks that all coders (or generally, all workers) are interchangeable and so they optimize only for low costs (if they optimize at all).
$0.05 * 500,000 units is $25,000, not $2.5 million. I hope you never get before me in an interview!
I agree with cost saving when appropriate, but I agree even more with checking the results of your calculations before believing them and calling other people stupid asses.
see plenty of people driving their sport/luxury sport cars in the general area i'm in, and 99% of them do quite alright. Worst most of them do is go 10-15 MPH over the speed limit...
Where do you live?! Everywhere I've lived, the general rule is that the faster a car is capable of going, the slower it will actually be going. Often, they don't even reach the speed limit, even though they appear to be incapable of driving in any lane besides the passing lane.
people are buying these purely for vanity reasons.
Which adequately describes many, many car purchases. Worldwide.
Your point? There is, or needs to be, for many people, a different criteria for purchasing a car?
Yes. I think the mindset is that decisions that don't line up with their particular values or uses should be expressly illegal. They value fuel economy, so that should be the sole design goal of cars and the sole criteria for purchasing a car.
You see that a lot from rule-heads and busybodies: "I don't have any use for a xxx, so they should be illegal for anybody to own."
Voting on a law is a binary decision, but drafting and discussing the laws that are to be voted on isn't. In a functioning political system, much more time is spent on the latter than the former. It even happens that way in the US, too.
Yeah, let's complain about customary units and then go ahead and convert through logical SI into more goofy customary units! It's 6.1 megagrams (Mg) or 6100 kilograms.
Beats me; I'm not a lawyer. That distinction sounds like a matter for the courts, as well as the matter of proving that the page was incapable of storing passwords. If you look at some of those laws I linked to, even attempts at solicitation of credentials are listed as offenses, so your competence at carrying out the crime might not be all that important.
It looks like the laws used to prosecute phishing at the federal level are:
18 U.S.C. 1029 (access device fraud)
18 U.S.C. 1028 (fraud in connection with identification documents and authentication features)
18 U.S.C. 1028A (aggravated identity theft)
18 U.S.C. 1343 (wire fraud)
18 U.S.C. 1030(a)(4) (accessing a computer to defraud and obtain something of value)
18 U.S.C. 1001 (making false statements in any matter within the jurisdiction of the government)
There are a number of state laws that handle it, too.
Not a wise move on their part.
Are you claiming that phishing isn't illegal?
On a federal level it seems to be prosecuted mostly under wire fraud and identity theft laws, but there are other laws that also apply. There are also various state laws that deal with it. Here is a little information on the state laws that apply. Here is a Justice Dept discussion of federal computer crimes that mentions phishing.
The law mostly used to prosecute phishing seems to be 18 U.S.C. 1029(e)(1). "Penalties for violations of section 1029 range from a maximum of 10 or 15 years of imprisonment depending on the subsection violated."
Phishing is not legal and it was not a great idea to publicly confess to attempting a phishing campaign against the US government.
Ha! The NSA is directly responsible for weaponizing and attempting to bury a security flaw that just caused a massive worldwide crisis this weekend and there appears to be no hell to pay for that. I'm pretty sure it's been established that they'll not be held accountable for anything they do.
If Teen Vogue is the best source you can find that's covering the formation of a group of "Nuclear Experts", there's a fair chance that it's not news and near certainty that it's not news for nerds.
All the more reason to make sure that the flaw is patched instead of weaponizing it with the naive idea that nobody else will discover it.
Fair enough, but those examples only apply to poorly-considered naming schemes (and the accompanying human assumptions) or improperly implemented mail systems. Per RFC 5321, "the local-part of a mailbox MUST BE treated as case sensitive." These could lead to multiple identifiers that all map to a single email address (in the case of a case insensitive local-part), but not a single identifier mapping to multiple email addresses (the birthday paradox manifestation).
The fuzzy matching was more about the fact that every time you "read" a biometric property, you have a good chance of getting a slightly different reading. A biometric property is not a static property that can be read with 100% fidelity. The standard approach to handling this is to pick a number of the (assumed or measured to be) most invariant features use those as the reading, tossing out the rest. This process is not very robust, though, and you determine acceptable matches by whether the matched features to total features ratio exceeds a threshold (fuzzy matching). Barring shitty programming or improper assumptions, email addresses can be read with 100% fidelity and either match or don't match an entry in your database. Any fuzziness is deliberately imposed on an inherently non-fuzzy system.
His arguments against using biometrics as identifiers were the birthday paradox and fuzzy matching, which absolutely don't apply at all to email addresses. Aside from very deliberate email account sharing between family members, no two people have any chance at all of having the same email address. Secondly, matching an email address is not fuzzy at all.