In a phone, the GSM modem has its own CPU (and its own memory).
Most phones are based on SoCs (Systems on a Chip); everything's interconnected on the same silicon. Usually the GSM modem processor has access to the memory and I/O busses of the main processor (but not the other way around), can reset the main processor, and often boots before the main processor and must explicitly turn on the main processor before it runs. I believe that in some designs the modem processor actually sets up the boot loader for the main processor as well. The modem processor can definitely rewrite the flash where the main processor's operating system is stored.
The result of this is that the modem has total control of the phone. It can do anything it wants to any data on the phone, including the internals of the main OS, and there's basically nothing the main processor can do about it other than maybe be too obscure and complicated to manipulate easily.
The firmware in the modem is invariably closed source and secret. The modem will only boot firmware that's crypto-signed by the manufacturer, and anyway the hardware is totally undocumented.
The modems have "over the air" command sets that let the carrier manipulate the phone remotely without going through the main OS. Those command sets can be very rich... and can include the ability to reflash the main OS, or even to peek and poke its memory while it's running.
So on most (all?) phones, it basically doesn't matter what your OS is. The carrier (possibly together with the SoC manufacturer) can do whatever it wants if it's willing to figure out the complexity of doing so. And of course governments lean on carriers and SoC manufacturers to get access to that capability, and commercial "partners" also have influence.
So call them a "cheater", "liar", whatever? And before you do even that, you should probably think about whether doing so is going to do anybody any good or just add to the world's unhappiness.
Even if you feel the person needs to be called out, "slut" is a bad choice of name for the case you describe, because it fundamentally means "person who has more sex than I think they should", or maybe "person who has sex with more people than I think they should", not "person who breaks promises".
I see where you're going with the "choice" thing, but I still agree with the GP. The bottom line with name calling is that you're trying to make somebody feel miserable for something that's none of your business. Whether they chose it or not is secondary.
I assume you can list all the undefined behaviors in the C standard off the top of your head, yes? And you've never actually written a line of code with an error in it, right?
I've spent a lot of time cleaning up after security bugs written by people with that attitude. None of them could make mistakes either. Maybe you guys should form a club, so the rest of us can identify the special beings walking among us.
In security, you're trying to change the behavior of corporate drones, idiots, and people who are invested in the status quo. People use these papers as ammunition for that.
The drones will call your attack "theoretical" and "impractical" unless you spell out exactly how to do it, step by step. If they hadn't detailed exactly how to do it, the attitude would basically have been that nobody could possibly figure out the impossible complexity of weakening a REAL RNG. I mean, look at the self tests! Nobody could get around that! In fact, even people who weren't complete idiots might have guessed, at first glance, that the self tests would be hard to defeat, or that you couldn't do this hack without screwing up the chip.
Even with a detailed paper, they will probably be ignored until somebody actually does it in the field. If you wrote a one-pager that said "Warning! Somebody could alter the behavior of gates by tweaking the dopants", they would 1000 percent ignore it.
As for the verbose background information, it's standard in the field (although they went a bit heavy on it). It has zero cost, and readers in the field who don't need it simply skip it. So I don't know why you're getting so upset about it.
Please don't trash people's work in fields you don't even slightly understand.
I've been following this stuff since the 1990s, thanks. Let's just say that I have strong enough credentials on Tor and related systems that detailing them would out me.
If you want to see exactly how irrelevant encryption is to deanonymization by a global adversary, start around the year 2001 or 2002 in this bibliography:
Once again, layering TLS over Tor will not do a damned thing to protect you from widespread traffic analysis. It protect the content of your communication, but it will do no more than bare Tor to protect the fact of the communication itself. Even the content protection is very limited; the attacker can make a lot of very firm inferences, especially if she can learn the content of the same Web site you're hitting.
And, as far as we can tell, yes, there are approximately global adversaries out there.
This is dangerously wrong. I am going to correct it for the archives, in case somebody acts on it.
It doesn't matter what the content is, only that something was communicated. Crypto isn't magic.
The point of anonymity systems is to avoid being an interesting enough target that you get other kinds of attention. Tor fails in that if the enemy has a wide enough view of the network and some kind of interest in detecting some particular activity.
If you routinely connect to Jim-Bob's Bait and Terror shop, you are going to become a person of interest. And if you also connect to Aunt Sue's Needlepoint and Terror Shop, and Chef Ernesto's Cooking and Terror shop, what's the common element? Once you're a person of enough interest, they will find a way to find out whatever they want about you, up to and including physically breaking into your house, assuming they can't hack your computer. So your goal is to prevent them from getting that much specific interest in you.
For that matter, if during your many connections your traffic pattern looks like you downloaded a file exactly the size of "Bombing with Night Crawlers", they may in fact know exactly what you did. Especially when that night crawler bomb goes off in your town.
And you don't need ALL the traffic, by the way. You just need enough that the signal starts to rise out of the noise.
the police make up some alternative explanation of how they got the evidence
So, they did two things: in phase one, they identified the guy running Freedom Hosting. In phase two, they identified the people connecting to it.
We don't really know how they did phase one. Speculation is that they hacked in over the Tor channel, using a software exploit against the Web server. If you have a giant database of exploits and a nice framework for using them, that's not really much harder than traffic analysis, even if you do have the data to do traffic analysis too. And, if you're going to do the hack ANYWAY to cover up your ability to do traffic analysis, you might as well just start with the hack.
Also, if it was the NSA who did it, maybe they did it that way so they wouldn't have to explain traffic analysis to certain investigators in the FBI. Or maybe they just did the hack because it was easier. None of those means the NSA couldn't have done it with traffic analysis if the hack hadn't been available.
Or maybe they really did identify Freedom Hosting using traffic analysis, and then use a hack as a cover story.
Or maybe the NSA wasn't in on this one and the FBI just did its own hacking.
For phase two, if you want to get ALL the users, quickly, the hack is really probably better than the traffic analysis. But again they could be using it as a cover story, or they could have done it for the same sorts of reasons they might have done it in phase one.
Also, the hack was somewhat sophisticated. If not the NSA then who?
Anybody with enough money to hire a sophisticated hacker? We're talking about basic exploitation, not Stuxnet.
In phase one, if Freedom Hosting was taken using, say, an SQL injection vulnerability in some Web forum software or something, that's not very hard. You don't have to be the NSA to do that. Freelancers do that.
And didn't they start phase two after they'd physically grabbed the Freedom Hosting servers? That means their phase one exploit didn't even have to give total control; it just had to be enough to give them an IP address for Freedom Hosting so they could go grab it by force.
Once you have control of Freedom Hosting, then it's not very hard to plant a browser exploit on it to collect the users for phase two. As I recall, it wasn't even some kind of uber-magical zero-day multi-browser exploit; I seem to remember it being relatively mundane.
I'm pretty sure I could personally have done all the necessary hacking, for both phases, and I'm not an exploitation specialist. Surely the FBI can hire one or two people that good.
... or because they don't think those targets have enough value to make it worth bringing what they can do with traffic analysis out in open court. They give some things to LE. That doesn't mean they give LE everything they have.
But it's true that Tor is the best available for a lot of applications. And I do personally doubt that the NSA can reliably deanonymize Tor for low volumes of non-repeating traffic. I wouldn't bet on it, though. And I wouldn't bet on it lasting if it's true today.
I don't remember which program PRISM is, specifically, but Tor is very weak against an attacker that can watch all network traffic over time. Or even very much of the traffic. This is what the specialists call a "global passive attack", and it's very hard to beat.
Think of the whole Tor network as a single entity, ignoring what goes on inside. Imagine you can watch its inputs and outputs. If every time Jane Smith connects to Tor, an outgoing connection is made to Joe Jones, then it becomes pretty obvious who Jane talks to. The network could make it a little harder by mixing up the order of Jane's traffic with other people's traffic, but to get any real gain out of that the relays to wait so long and mix so much traffic that the network is unusable for Jane. Even then, the gain is basically only linear in the amount of delay the network adds.
It only gets worse if you can watch the traffic between individual Tor relays (which you can in reality). And it gets even worse if you can mess with the traffic in any way. Just by using the network yourself, for example, you can load up the path you think Jane is using and look at the results, or you can even play games to cause Jane to use a path you can observe.
You don't need to be completely global to do any of this stuff, especially because Jane chooses new paths from time to time. If she uses the network very much, she's eventually going to choose a path you can observe. And generally you only have to see the input and output points to do timing correlation; the middle isn't so important.
The only countermeasure to a lot of this is to send dummy traffic all the time. But for real resistance over the long term, the traffic has to never vary, which means that the amount of dummy data you need to send goes as the square of the number of possible real sources/destinations (times the maximum bandwidth of any connection). If you send less dummy data than that, you'll end up having to adjust what you send in response to the real traffic. If the enemy can watch you for long enough, they can use statistics to figure out which traffic is real. You might get away with doing something once, but not with doing it very many times.
AND if the attacker actually puts up her own Tor node, she can mostly detect dummy data.
If you want secure email, don't put it in the cloud. People who try to set up new cloud services to get attacked aren't helping, and can't deliver on what they want to make people believe they can.
Webmail can never be secure even if the decryption is done in the browser, because the decrypting JavaScript comes from the provider, who can change it at any time.
If your email comes to your cloud provider in the clear, it doesn't matter if they then encrypt it, because they can be forced to start keeping the plaintext.
Even if the crypto works, if everybody uses the same few providers, it's easier to do traffic analysis. Which was already uncomfortably easy. "Metadata", anyone?
If your cloud provider is honest and doesn't want to get subverted, they may have to shut down at any instant, leaving you unable to communicate. As we've seen twice just this freaking week.
It's not hard to set up a mail server. It's not hard to use PGP. Be at least a little harder target.
The proposed devices record constantly, but they throw away the video after 30 seconds unless the officer triggers them to keep it. That's not "recording at all times"; it's "recording when the officer chooses to record".
The police have the same incentives as the public for selective recording. They also "aren't recording for the sake of having a complete and accurate record of events". They're recording to have something to justify their actions and preserve their jobs. They're not going to record if their actions aren't in fact justified, at least not except by mistake.
If they're recording selectively, then there'd better be others recording to take up the slack. If both "sides" have the ability to record, then you have a chance that at least one recording will get out when there's a matter of public interest. One might hope that both recordings would get out.
The alternative would be continuous recording even when neither side thinks it's a good idea. I'm not sure I want to live in that world.
The fact that I can't easily run an arbitrary program without giving it the ability to screw up random data on my computer, let alone install a rootkit, is a gaping security hole. In fact, it's a gaping hole that programs are not restricted by default.
All of the popular general purpose operating systems have hideously weak security architectures that amount to gaping holes, and the phone operating systems are only a little better.
The actual science is clearly delineated from the magic. The mindset it's trying to inculcate is a really useful one to be able to enter.
Just don't make 'em think it resembles Harry Potter, because I don't think it does.
No sex, but it's not likely to be endearing to people who don't believe in questioning authority. And it is unabashedly propaganda for a certain way of thinking.
I agree with the parent on the Heinlein juveniles. There's actual science in there, particularly bits of Newtonian physics. Somebody mentioned "Have Space Suit, Will Travel", which would be a good choice.
I'd have no problem with my kid reading "Accelerando", but I'm not sure a middle school teacher could get away with assigning it. There's the whole BDSM rape scene and all.
I'd say Greg Egan, but he'd definitely be for advanced middle schoolers only. The problem with him is that he tends to either throw you into a world so weird that an inexperienced science fiction reader may be completely lost, or assume that you already know "real science" at a university level and build from there. Maybe Vernor Vinge?
Don't forget popular nonfiction. Some of it can be entertaining.
"Ender's Game" has zero science, and "Hitchhiker's Guide" has negative science.
All of which are limited by "any restrictions placed on the sharing of such information by the protected entity or self-protected entity authorizing such sharing". If that entity does not place such restrictions, then the minimization procedures, however defined, do not apply.
It says they CAN clean it if they WANT to... to whatever degree the sharing entity considers to be "appropriate". So if some "protected entity" or "self-protected entity" hands something over, it can restrict downstream sharing. It can require whatever anonymization it wants, including no anonymization if it decides that no anonymization at all is "appropriate".
Who's a "protected entity"? Hint: not you. "an entity, other than an individual, that contracts with a cybersecurity provider for goods or services to be used for cybersecurity purposes.".
Excuse me if I don't believe that every "protected entity" or "self-protected entity" has my best interests at heart.
Yes, the practice's security affects the hospital's. Your security affects mine, too, and in fact the security of everybody on the Internet affects the security of everybody else.
Nonetheless, it is not legal, ethical, or appropriate to go around attacking somebody else's systems without their explicit permission. It doesn't matter if you provide them with network service. It doesn't matter if you have (perhaps unwisely) given them access that makes them a potential threat to you. It doesn't matter if you're the "big" network, or if you have more to lose than they do. It doesn't matter if you feel you're "responsible for the whole network". It doesn't matter if they're completely incompetent and overrun with malware.
If you don't have advance permission, and you attack somebody else's system. you're in CFAA violation territory. And if you didn't get that permission in writing, you're an incompetent idiot.
This isn't the wild, wild west. Your motives do not matter. The effect on your own security does not matter. End of story.
They're not auditing their security. They're auditing somebody else's security. "Independent private medical practice" means a separate corporation that happens to have a network link. Not "within their rights", and not legal, either.
Well, my primary point is that the study does in fact mean something and the sample is reasonable. I don't have a lot of investment in the "why" part.
But you can continue your reasoning as long as you want, and end up never being able to say "why". Even if you have video of postal workers throwing away packages selectively, you never know why they did it.
Personally, I'm comfortable saying that this is a strong indication that some human beings somewhere mistreated packages because of the labels.
By the way, that does not mean that I think Christians (or any religious group) are more likely to do things like that than atheists.
I actually suspect (with the full understanding that these data do not say anything about this suspicion) that any package with a visible and potentially controversial label is more likely to get lost or delayed than a package without one. I would expect packages with tape with crosses, or stars of David, or "yay Obama", to get lost more than packages with no tape, because they will attract attention from random people who might dislike their messages. The control packages here had no tape at all.
I will admit that I would expect "atheist" packages to get lost more than "cross" packages, but that's just because there are more non-atheists than atheists, and therefore more chances for an "atheist" package to be handled by an anti-atheist person. If you equalized the numbers of atheists and Christians, you might get similar amounts of lossage for "cross" packages.
Oh, one more point. The study is NOT based on the assumption "that packages sent on the same day will arrive at the same time". It's based on the assumption that any variation in delay should not preferentially affect packages with "atheist" tape if nothing fishy is going on. The issue isn't that all the packages didn't arrive at the same time; it's that the "atheist" packages systematically arrived later... if they arrived at all.
And another source of bias is that we wouldn't have heard about this if they hadn't found something spectacular. So if it'd been tried 100 times before and nothing had come of it, we wouldn't know (this is also true for much of the scientific literature, by the way...).
Nonetheless, they found a giant effect. And the packages appear to have been delayed by very different times, and some were lost entirely while others were only delayed. Which makes it a lot harder to come up with one or two common mishaps that would preferentially affect the "atheist" packages. It leaves you with alternative hypotheses of very low probability. I mean, I guess the white tape could gum up the sorting machinery, but I wouldn't bet on it.
No single medical study is ever taken as proof of anything even if it HAS been peer reviewed, especially since they accept p up to 0.05. I'm not sure I believe in absolute proof at all. And if I were going to, I don't know, risk my life or something on an anti-atheist-package bias, I'd require more proof, too. I actually suspect that the size of the effect they found is a fluke. Nonetheless, if you had to bet $10, which way would you bet?
But the attitude I was responding to was "that doesn't mean anything at all, because [well, that's not really explained; apparently it's not a "statistical sample"].
Slashdot Mirror
It hasn't been enough of a problem in practice for anybody to bother to write the code to shrink the storage.
You do realize that Bitcoin is an actual deployed system that carries a huge transaction volume, right? That's the practice.
In a phone, the GSM modem has its own CPU (and its own memory).
Most phones are based on SoCs (Systems on a Chip); everything's interconnected on the same silicon. Usually the GSM modem processor has access to the memory and I/O busses of the main processor (but not the other way around), can reset the main processor, and often boots before the main processor and must explicitly turn on the main processor before it runs. I believe that in some designs the modem processor actually sets up the boot loader for the main processor as well. The modem processor can definitely rewrite the flash where the main processor's operating system is stored.
The result of this is that the modem has total control of the phone. It can do anything it wants to any data on the phone, including the internals of the main OS, and there's basically nothing the main processor can do about it other than maybe be too obscure and complicated to manipulate easily.
The firmware in the modem is invariably closed source and secret. The modem will only boot firmware that's crypto-signed by the manufacturer, and anyway the hardware is totally undocumented.
The modems have "over the air" command sets that let the carrier manipulate the phone remotely without going through the main OS. Those command sets can be very rich... and can include the ability to reflash the main OS, or even to peek and poke its memory while it's running.
So on most (all?) phones, it basically doesn't matter what your OS is. The carrier (possibly together with the SoC manufacturer) can do whatever it wants if it's willing to figure out the complexity of doing so. And of course governments lean on carriers and SoC manufacturers to get access to that capability, and commercial "partners" also have influence.
So call them a "cheater", "liar", whatever? And before you do even that, you should probably think about whether doing so is going to do anybody any good or just add to the world's unhappiness.
Even if you feel the person needs to be called out, "slut" is a bad choice of name for the case you describe, because it fundamentally means "person who has more sex than I think they should", or maybe "person who has sex with more people than I think they should", not "person who breaks promises".
I see where you're going with the "choice" thing, but I still agree with the GP. The bottom line with name calling is that you're trying to make somebody feel miserable for something that's none of your business. Whether they chose it or not is secondary.
I assume you can list all the undefined behaviors in the C standard off the top of your head, yes? And you've never actually written a line of code with an error in it, right?
I've spent a lot of time cleaning up after security bugs written by people with that attitude. None of them could make mistakes either. Maybe you guys should form a club, so the rest of us can identify the special beings walking among us.
You mean other than the part where the guy directly says that it's flying autonomously with nothing but a compass direction?
Maybe it needs a radio because they sometimes fly it remotely?
Yes, yes it is.
In security, you're trying to change the behavior of corporate drones, idiots, and people who are invested in the status quo. People use these papers as ammunition for that.
The drones will call your attack "theoretical" and "impractical" unless you spell out exactly how to do it, step by step. If they hadn't detailed exactly how to do it, the attitude would basically have been that nobody could possibly figure out the impossible complexity of weakening a REAL RNG. I mean, look at the self tests! Nobody could get around that! In fact, even people who weren't complete idiots might have guessed, at first glance, that the self tests would be hard to defeat, or that you couldn't do this hack without screwing up the chip.
Even with a detailed paper, they will probably be ignored until somebody actually does it in the field. If you wrote a one-pager that said "Warning! Somebody could alter the behavior of gates by tweaking the dopants", they would 1000 percent ignore it.
As for the verbose background information, it's standard in the field (although they went a bit heavy on it). It has zero cost, and readers in the field who don't need it simply skip it. So I don't know why you're getting so upset about it.
Please don't trash people's work in fields you don't even slightly understand.
I've been following this stuff since the 1990s, thanks. Let's just say that I have strong enough credentials on Tor and related systems that detailing them would out me.
If you want to see exactly how irrelevant encryption is to deanonymization by a global adversary, start around the year 2001 or 2002 in this bibliography:
http://freehaven.net/anonbib/#2001
Once again, layering TLS over Tor will not do a damned thing to protect you from widespread traffic analysis. It protect the content of your communication, but it will do no more than bare Tor to protect the fact of the communication itself. Even the content protection is very limited; the attacker can make a lot of very firm inferences, especially if she can learn the content of the same Web site you're hitting.
And, as far as we can tell, yes, there are approximately global adversaries out there.
This is dangerously wrong. I am going to correct it for the archives, in case somebody acts on it.
It doesn't matter what the content is, only that something was communicated. Crypto isn't magic.
The point of anonymity systems is to avoid being an interesting enough target that you get other kinds of attention. Tor fails in that if the enemy has a wide enough view of the network and some kind of interest in detecting some particular activity.
If you routinely connect to Jim-Bob's Bait and Terror shop, you are going to become a person of interest. And if you also connect to Aunt Sue's Needlepoint and Terror Shop, and Chef Ernesto's Cooking and Terror shop, what's the common element? Once you're a person of enough interest, they will find a way to find out whatever they want about you, up to and including physically breaking into your house, assuming they can't hack your computer. So your goal is to prevent them from getting that much specific interest in you.
For that matter, if during your many connections your traffic pattern looks like you downloaded a file exactly the size of "Bombing with Night Crawlers", they may in fact know exactly what you did. Especially when that night crawler bomb goes off in your town.
And you don't need ALL the traffic, by the way. You just need enough that the signal starts to rise out of the noise.
So, they did two things: in phase one, they identified the guy running Freedom Hosting. In phase two, they identified the people connecting to it.
We don't really know how they did phase one. Speculation is that they hacked in over the Tor channel, using a software exploit against the Web server. If you have a giant database of exploits and a nice framework for using them, that's not really much harder than traffic analysis, even if you do have the data to do traffic analysis too. And, if you're going to do the hack ANYWAY to cover up your ability to do traffic analysis, you might as well just start with the hack.
Also, if it was the NSA who did it, maybe they did it that way so they wouldn't have to explain traffic analysis to certain investigators in the FBI. Or maybe they just did the hack because it was easier. None of those means the NSA couldn't have done it with traffic analysis if the hack hadn't been available.
Or maybe they really did identify Freedom Hosting using traffic analysis, and then use a hack as a cover story.
Or maybe the NSA wasn't in on this one and the FBI just did its own hacking.
For phase two, if you want to get ALL the users, quickly, the hack is really probably better than the traffic analysis. But again they could be using it as a cover story, or they could have done it for the same sorts of reasons they might have done it in phase one.
Anybody with enough money to hire a sophisticated hacker? We're talking about basic exploitation, not Stuxnet.
In phase one, if Freedom Hosting was taken using, say, an SQL injection vulnerability in some Web forum software or something, that's not very hard. You don't have to be the NSA to do that. Freelancers do that.
And didn't they start phase two after they'd physically grabbed the Freedom Hosting servers? That means their phase one exploit didn't even have to give total control; it just had to be enough to give them an IP address for Freedom Hosting so they could go grab it by force.
Once you have control of Freedom Hosting, then it's not very hard to plant a browser exploit on it to collect the users for phase two. As I recall, it wasn't even some kind of uber-magical zero-day multi-browser exploit; I seem to remember it being relatively mundane.
I'm pretty sure I could personally have done all the necessary hacking, for both phases, and I'm not an exploitation specialist. Surely the FBI can hire one or two people that good.
... or because they don't think those targets have enough value to make it worth bringing what they can do with traffic analysis out in open court. They give some things to LE. That doesn't mean they give LE everything they have.
But it's true that Tor is the best available for a lot of applications. And I do personally doubt that the NSA can reliably deanonymize Tor for low volumes of non-repeating traffic. I wouldn't bet on it, though. And I wouldn't bet on it lasting if it's true today.
I don't remember which program PRISM is, specifically, but Tor is very weak against an attacker that can watch all network traffic over time. Or even very much of the traffic. This is what the specialists call a "global passive attack", and it's very hard to beat.
Think of the whole Tor network as a single entity, ignoring what goes on inside. Imagine you can watch its inputs and outputs. If every time Jane Smith connects to Tor, an outgoing connection is made to Joe Jones, then it becomes pretty obvious who Jane talks to. The network could make it a little harder by mixing up the order of Jane's traffic with other people's traffic, but to get any real gain out of that the relays to wait so long and mix so much traffic that the network is unusable for Jane. Even then, the gain is basically only linear in the amount of delay the network adds.
It only gets worse if you can watch the traffic between individual Tor relays (which you can in reality). And it gets even worse if you can mess with the traffic in any way. Just by using the network yourself, for example, you can load up the path you think Jane is using and look at the results, or you can even play games to cause Jane to use a path you can observe.
You don't need to be completely global to do any of this stuff, especially because Jane chooses new paths from time to time. If she uses the network very much, she's eventually going to choose a path you can observe. And generally you only have to see the input and output points to do timing correlation; the middle isn't so important.
The only countermeasure to a lot of this is to send dummy traffic all the time. But for real resistance over the long term, the traffic has to never vary, which means that the amount of dummy data you need to send goes as the square of the number of possible real sources/destinations (times the maximum bandwidth of any connection). If you send less dummy data than that, you'll end up having to adjust what you send in response to the real traffic. If the enemy can watch you for long enough, they can use statistics to figure out which traffic is real. You might get away with doing something once, but not with doing it very many times.
AND if the attacker actually puts up her own Tor node, she can mostly detect dummy data.
If you want secure email, don't put it in the cloud. People who try to set up new cloud services to get attacked aren't helping, and can't deliver on what they want to make people believe they can.
It's not hard to set up a mail server. It's not hard to use PGP. Be at least a little harder target.
Just say no to the goddamn cloud, already.
The proposed devices record constantly, but they throw away the video after 30 seconds unless the officer triggers them to keep it. That's not "recording at all times"; it's "recording when the officer chooses to record".
The police have the same incentives as the public for selective recording. They also "aren't recording for the sake of having a complete and accurate record of events". They're recording to have something to justify their actions and preserve their jobs. They're not going to record if their actions aren't in fact justified, at least not except by mistake.
If they're recording selectively, then there'd better be others recording to take up the slack. If both "sides" have the ability to record, then you have a chance that at least one recording will get out when there's a matter of public interest. One might hope that both recordings would get out.
The alternative would be continuous recording even when neither side thinks it's a good idea. I'm not sure I want to live in that world.
The fact that I can't easily run an arbitrary program without giving it the ability to screw up random data on my computer, let alone install a rootkit, is a gaping security hole. In fact, it's a gaping hole that programs are not restricted by default.
All of the popular general purpose operating systems have hideously weak security architectures that amount to gaping holes, and the phone operating systems are only a little better.
Since when are the IWF "IT staff"?
Orgasm guns. Just a warning.
I think it may be hard to find much that nobody can get teed off about. It must be pretty annoying to be a teacher sometimes.
Kind of a dark horse, but how about Harry Potter and the Methods of Rationality?
The actual science is clearly delineated from the magic. The mindset it's trying to inculcate is a really useful one to be able to enter.
Just don't make 'em think it resembles Harry Potter, because I don't think it does.
No sex, but it's not likely to be endearing to people who don't believe in questioning authority. And it is unabashedly propaganda for a certain way of thinking.
I agree with the parent on the Heinlein juveniles. There's actual science in there, particularly bits of Newtonian physics. Somebody mentioned "Have Space Suit, Will Travel", which would be a good choice.
I'd have no problem with my kid reading "Accelerando", but I'm not sure a middle school teacher could get away with assigning it. There's the whole BDSM rape scene and all.
I'd say Greg Egan, but he'd definitely be for advanced middle schoolers only. The problem with him is that he tends to either throw you into a world so weird that an inexperienced science fiction reader may be completely lost, or assume that you already know "real science" at a university level and build from there. Maybe Vernor Vinge?
Don't forget popular nonfiction. Some of it can be entertaining.
"Ender's Game" has zero science, and "Hitchhiker's Guide" has negative science.
All of which are limited by "any restrictions placed on the sharing of such information by the protected entity or self-protected entity authorizing such sharing". If that entity does not place such restrictions, then the minimization procedures, however defined, do not apply.
It says they CAN clean it if they WANT to... to whatever degree the sharing entity considers to be "appropriate". So if some "protected entity" or "self-protected entity" hands something over, it can restrict downstream sharing. It can require whatever anonymization it wants, including no anonymization if it decides that no anonymization at all is "appropriate".
Who's a "protected entity"? Hint: not you. "an entity, other than an individual, that contracts with a cybersecurity provider for goods or services to be used for cybersecurity purposes.".
Excuse me if I don't believe that every "protected entity" or "self-protected entity" has my best interests at heart.
Yes, the practice's security affects the hospital's. Your security affects mine, too, and in fact the security of everybody on the Internet affects the security of everybody else.
Nonetheless, it is not legal, ethical, or appropriate to go around attacking somebody else's systems without their explicit permission. It doesn't matter if you provide them with network service. It doesn't matter if you have (perhaps unwisely) given them access that makes them a potential threat to you. It doesn't matter if you're the "big" network, or if you have more to lose than they do. It doesn't matter if you feel you're "responsible for the whole network". It doesn't matter if they're completely incompetent and overrun with malware.
If you don't have advance permission, and you attack somebody else's system. you're in CFAA violation territory. And if you didn't get that permission in writing, you're an incompetent idiot.
This isn't the wild, wild west. Your motives do not matter. The effect on your own security does not matter. End of story.
They're not auditing their security. They're auditing somebody else's security. "Independent private medical practice" means a separate corporation that happens to have a network link. Not "within their rights", and not legal, either.
Well, my primary point is that the study does in fact mean something and the sample is reasonable. I don't have a lot of investment in the "why" part.
But you can continue your reasoning as long as you want, and end up never being able to say "why". Even if you have video of postal workers throwing away packages selectively, you never know why they did it.
Personally, I'm comfortable saying that this is a strong indication that some human beings somewhere mistreated packages because of the labels.
By the way, that does not mean that I think Christians (or any religious group) are more likely to do things like that than atheists.
I actually suspect (with the full understanding that these data do not say anything about this suspicion) that any package with a visible and potentially controversial label is more likely to get lost or delayed than a package without one. I would expect packages with tape with crosses, or stars of David, or "yay Obama", to get lost more than packages with no tape, because they will attract attention from random people who might dislike their messages. The control packages here had no tape at all.
I will admit that I would expect "atheist" packages to get lost more than "cross" packages, but that's just because there are more non-atheists than atheists, and therefore more chances for an "atheist" package to be handled by an anti-atheist person. If you equalized the numbers of atheists and Christians, you might get similar amounts of lossage for "cross" packages.
Oh, one more point. The study is NOT based on the assumption "that packages sent on the same day will arrive at the same time". It's based on the assumption that any variation in delay should not preferentially affect packages with "atheist" tape if nothing fishy is going on. The issue isn't that all the packages didn't arrive at the same time; it's that the "atheist" packages systematically arrived later... if they arrived at all.
Good point about possibly hidden small N.
And another source of bias is that we wouldn't have heard about this if they hadn't found something spectacular. So if it'd been tried 100 times before and nothing had come of it, we wouldn't know (this is also true for much of the scientific literature, by the way...).
Nonetheless, they found a giant effect. And the packages appear to have been delayed by very different times, and some were lost entirely while others were only delayed. Which makes it a lot harder to come up with one or two common mishaps that would preferentially affect the "atheist" packages. It leaves you with alternative hypotheses of very low probability. I mean, I guess the white tape could gum up the sorting machinery, but I wouldn't bet on it.
No single medical study is ever taken as proof of anything even if it HAS been peer reviewed, especially since they accept p up to 0.05. I'm not sure I believe in absolute proof at all. And if I were going to, I don't know, risk my life or something on an anti-atheist-package bias, I'd require more proof, too. I actually suspect that the size of the effect they found is a fluke. Nonetheless, if you had to bet $10, which way would you bet?
But the attitude I was responding to was "that doesn't mean anything at all, because [well, that's not really explained; apparently it's not a "statistical sample"].