As a guy who did his EMT training in '92, let me give you a giant fuck you, buddy.
It has never been an EMT's job to put themselves in harm's way for a patient, and in fact, we were specifically trained to not do that. Job number one is to ensure the safety of the area before going in, otherwise we're at grave risk of being taken out by whatever's already critically injured at least one person. Adding one more to the casualty count solves nothing: it just means you need another ambulance.
If there's a downed power line draped over your car and you're unconscious behind the wheel, well, sorry, but you're going to be waiting there until either the power company or the firefighters tell me the scene's electrically safe.
"Emergency medical personnel used to be expected to put themselves in harm's way to protect people." You've clearly been watching way too much Hollywood.
Within the event horizon, there is literally no path 'outside'. It isn't that getting there involves an infinite redshift: it's that there is literally no geodesic leading out. Within the event horizon space twists in on itself such that all directions lead deeper inwards towards the singularity.
You have tremendous freedom to move about in time, but your freedom to move about in space gets sharply curtailed. It's exactly the reverse of the spacetime situation outside the event horizon, where we have tremendous freedom to move in space but are only allowed to move forwards into the future.
In 1999 I was hired by a Midwestern telco -- in the interests of not getting sued I won't say which: I'll just say their market cap used to be in the billions and now you could buy them with the lint in your pocket -- to do security remediation on their billing system. I spent weeks poring over architectural diagrams, going through source code, examining protocols. After a while I realized I had some really scary information, so I asked my manager for a safe.
"Just put it all in a binder," she said. "We trust you to keep an eye on it."
The Binder of Doom was a nondescript black binder about three inches thick. It had no cover page and no markings: I didn't want anyone to realize the secrets that were in it. I carried it around with me everywhere. I slept with it in bed with me. That's how terrified I was these secrets would come out.
Then the Binder of Doom got worse. Having completed my survey, I now devised attacks on the system. I found ways enterprising individuals could fleece the company out of truly mind-boggling sums, and how difficult it would be to detect these attacks with the then-current security infrastructure. By the end of six months the Binder of Doom was stuffed to bursting and I was giving serious thought to filing for a concealed-carry permit. I wondered if the sheriff's department would understand if I told them I was routinely carrying around a binder with a *conservative* worth to a criminal syndicate of $100 million.
I went back to my manager. I told her I was done. It was time to remediate the risks. "Oh, excellent," she told me, "because we just ran out of money for the remediation."
Uh. What?
"Management has decided the main risk is in unsecured communications links, so just ensure we're using PGP on everything and we'll call it good."
I asked if she wanted the Binder of Doom.
"No, you hold onto it for a while."
So I became increasingly disgruntled, bitter, and sarcastic. I told everyone I worked with that I'd been retasked to "secure" our network using PGP -- and even old-school PGP 2.6, not GnuPG (which had just reached 1.0), either -- and oh God this is awful and if this company lasts another year it'll be a miracle and...
I was shortly thereafter cashiered for having a toxic attitude towards work. I walked into the parking lot, got into my car, and tossed the Binder of Doom into the passenger seat. As I drove away I realized something was horribly wrong, but didn't realize what until I was pulling out of the lot:
I HAD THE BINDER OF DOOM IN MY PASSENGER SEAT.
I returned to the office and tried to walk inside, but was met by an HR rep at the door who told me if I didn't leave they'd call the police and file a trespass charge. I held up the Binder of Doom to the HR rep. "Do you want this back?" I asked.
"No," she told me clearly. "Keep it. We just want you to leave."
I turned around, gobsmacked, and left the company holding detailed plans for how to embezzle $100 million or more... which the company had just thoughtfully delivered into the hands of a disgruntled former employee.
(And if you're wondering what I did with the Binder of Doom, it sat on my bookshelf for a few days tempting me before I threw it into an incinerator and threw the ashes into a strong wind.)
More to the point: refusing to prosecute unless A or B is met is genuinely good for national security. If people know their mistakes are forgivable they're going to be much more inclined to cooperate with investigators to help seal the breach. If people think they're looking at 10-to-20 for their carelessness, they're far more likely to lawyer up.
Go read that opinion again. (It's another Scalia one.)
In that case, the officer was (a) in a home and (b) did not have the homeowner's permission to take hold of anything. The home is what ramped the protections up to the max; the fact the homeowner did not consent to anything kept those protections in force.
It's much different from the driver of a car giving evidence directly to a cop. The protections were lesser, and the driver waived them.
Please, go read the opinion again. Particularly read Scalia's opinion, where he lays out the reasons why an infrared camera is an illegal search of a home. It has to do with the fact the home is the bastion of the Fourth Amendment. There is literally nowhere that receives more Fourth Amendment protections than the home.
A set of blank cards, which someone voluntarily gives to the police, receives far less protection. If a cop asks me for a birthday card I'm holding, and I voluntarily hand it over, and the cop opens it up and finds I've tucked a baggie containing bump of cocaine inside, has the cop committed an illegal search? Under your logic, yes, since the bump wasn't in plain sight.
But the plain sight exception does not apply when the police have lawful possession of the evidence!
Good grief, man. This is high-school civics class stuff.
Alice and Bob are driving down the road when they're pulled over by cops. Alice is driving. Bob gets arrested on an outstanding warrant. As Bob's getting out of the car, the cops see a black plastic bag underneath Bob's seat. They ask Alice about the bag. She says, "This? Oh, it's just oregano, officers. A lot of oregano. No, we don't have receipts for it, and, uh, we bought it at... err, from some guy. But it's just oregano. See?", and gives it to the cop. The cop, upon opening the baggie, sees what looks like oregano. But the volume of the oregano is much more than you'd need for a pizza, so the cop figures it might be marijuana and decides to run a field test on it. Ultimately this field test is turned over to the State Police, which are able to conclusively say it's marijuana. Bob is now facing marijuana possession charges and complains his Fourth Amendment rights were violated.
That's exactly what happened here. The defendant was arrested on an outstanding warrant, the arresting officer asked what was in the bag, the driver gave the bag over and said he and the defendant bought 143 gift cards from "someone", but couldn't identify whom, nor provide any receipts, and their business plan was to "resell" these cards for a profit. Put all that together and it's on the same level as telling the cop your weed is oregano -- it's a lie that's completely transparent.
Since the cops were given the evidence, they did not seize it illegally. Since the cops had an incriminating statement from one of the participants, they had probable cause to check for illegality. Legal seizure plus probable cause equals go directly to jail, do not collect a $200 gift card.
This Slashdot headline is misleading to the point of being journalistic malpractice.
A BA in a science is a BS with the math and other difficult parts removed.
I said that was true for institutions which offered both. And even then, it's not that math is removed -- it's that a couple of upper-level courses covering esoteria are removed to make room for a better grounding in the humanities.
My friends with BAs in math did the full gamut of differential and integral calculus, number theory, differential equations, analysis, linear algebra, statistics, and more. Even as a CompSci major I took differential and integral calculus, differential equations, and statistics.
I hold a B.A. in computer science from a fairly good private college. One of my best friends graduated with a triple-major B.A. in physics, mathematics, and computer science, from the same institution. Other close friends from undergrad received B.A. degrees in chemistry, biology, geology, environmental science, and botany.
In fact, my undergrad alma mater doesn't offer the B.Sc. degree at all.
In 20 years in the software industry, not once has anyone ever asked whether I hold a B.A. or a B.Sc. It's a total nonissue. Some institutions offer the B.A., some offer the B.Sc., some offer both but differentiate them on how many differential calculus classes you've taken.
I started programming in C++ in '89. Templates were still new, but most of the language was stable. C++ code I wrote in '89 is still readable and compilable today. I know people who started with C++ in 1981, when it was still Bjarne's skunkworks project. The first public release was '83, making C++ 33 years old -- closer to 40 years old than 25.
(I'm the AC who originally posted; I wasn't logged in then.)
But it's nice to know they somewhat cater for the Liberians, the USAmericans and the rest of the world.
Oddly enough, a.30-06 is only called 7.62x63mm. That's the metricified name for it... but not the actual dimensions of the round: the bullet diameter is 7.8mm, not 7.62mm.
Cartridge names look like they're dimensional quantities, but they're not, and really never have been. The.38 Special and the.357 Magnum fire the same size of bullet. (In fact, you can fire.38 Special from.357 Magnum revolvers.) The German-designed 7.65mm Parabellum cartridge actually fires bullets 7.85mm in size. The Russian 9mm Makarov is actually 9.2mm. The 9mm Parabellum and 9mm Short fire different sizes of bullets, too; one is true 9mm and the other is smidge larger.
Moral of the story: the name is just a name -- it doesn't actually reflect the size of the cartridge, and for that reason there's no reason to prefer metricified names.
Tell that to Chief Justice Rutledge, who was appointed in a recess only to have it yanked away from him when Congress returned to session and said "no".
Justice John Rutledge (September 26, 1789 – March 4, 1791) was succeeded by Justice Thomas Johnson (August 5, 1792 – January 16, 1793). That's a 17-month gap. IIRC there are other, longer gaps.
Not true: SCOTUS has had two-year gaps before. The longest delay from the time a new justice is nominated is 125 days, but sometimes the USG has taken a damned long time nominating a replacement...
Clickbait, no: there's actual, real, high-quality content to what he writes.
Self-promotion: so what? If someone writes something interesting and informative, I want it to be brought to my attention -- even if they're the ones to bring it to my attention.
One, the spec is positively Byzantine. It makes OpenPGP look like a marvel of clarity. It's a very hard spec to implement correctly, and for that reason I distrust most of the S/MIME out there.
Two, S/MIME has some hardwired dependencies on SHA-1. (So does OpenPGP; S/MIME has more of them.) SHA-1 isn't looking very healthy right now. OpenPGP is migrating away from SHA-1 and the working group is actively developing a new spec. The S/MIME community isn't.
The biggest problem with OpenPGP is that it doesn't protect the metadata.
It's about to.:)
Daniel Kahn Gillmor had a novel idea for how to use PGP/MIME in a creative way to extend protection to virtually all the email header information. Enigmail is implementing this, as are a few other groups. Metadata protection is coming to OpenPGP -- and very soon!
And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!"
You're one of those idiots: I get it. But so long as you're saying "improve everything!" I'm going to ignore you, because some of these things are incompatible.
Yes and no, but mostly no. (ObDisclosure: I help out with Enigmail.)
Could we do better? Maybe. Probably. But first you'll have to define what "better" means. Some people say it means stronger crypto. Some say it means a simpler RFC. Some say it means a better user interface/user experience. And some people -- idiots who don't understand that optimizing one of these may necessarily mean pessimizing another -- smile and say, "Yes!" Honestly, when it comes to "we can do better" style criticism, my response is simple: I know we can do better -- but first you have to tell me what 'better' means.
But that doesn't matter. When it comes to communications security the world is divided into two camps. The first one doesn't need it right now and the second one does. If you don't need communications security right now, that gives you a great amount of luxury to sit on the sidelines and wait for something better to come along. If you do, though... then GnuPG and Enigmail are pretty much the best thing going right now, at least when it comes to email.
Alternatives? What alternatives? The only alternative right now for email security is S/MIME, and that's far worse than OpenPGP. If you want to communicate using Silent Circle, go for it. Want to use OTR, be my guest. But if you need email security... "it's probably time to look into alternatives" is the kind of advice that sounds good only until you realize just how few alternatives there are, or how lousy they are.
I'll be the first to agree that GnuPG is a usability nightmare. Absolutely. If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad. But when people start talking about alternatives, I want to know which alternatives they're suggesting; when people start talking about doing it better, I want to know what better means.
I didn't say it was proven. I said it was a result. We don't have a formal proof that P != NP, but find me a single practitioner who thinks we'll find a proof of P = NP.
At some level math works on the basis of consensus. Consensus determines whether we accept a proof or reject it for omitting an important step; consensus determines which axioms we accept to be true. And so far, the consensus seems to be "BQP != NP, just like P != NP."
But yes, we're going to keep looking for the proofs.:)
Depends on what you mean by proven. It's believed about as strongly as people believe P != NP. There's zero evidence BQP can address NP-Complete (or, for that matter, even interesting parts of NP), and a lot of good reasons to believe it can't. However, a proof has been as elusive as the P != NP proof -- another thing which pretty much every CS nerd agrees to be true, but it hasn't been rigorously proven yet.
Slashdot Mirror
Name the country, and show me a nationally-recognized EMT training course from it which tells EMTs to be heroes.
I know the UK, Canada, Australia, France, and Germany teach their EMTs the "no heroes" rule.
As a guy who did his EMT training in '92, let me give you a giant fuck you, buddy.
It has never been an EMT's job to put themselves in harm's way for a patient, and in fact, we were specifically trained to not do that. Job number one is to ensure the safety of the area before going in, otherwise we're at grave risk of being taken out by whatever's already critically injured at least one person. Adding one more to the casualty count solves nothing: it just means you need another ambulance.
If there's a downed power line draped over your car and you're unconscious behind the wheel, well, sorry, but you're going to be waiting there until either the power company or the firefighters tell me the scene's electrically safe.
"Emergency medical personnel used to be expected to put themselves in harm's way to protect people." You've clearly been watching way too much Hollywood.
In a word, "no".
Within the event horizon, there is literally no path 'outside'. It isn't that getting there involves an infinite redshift: it's that there is literally no geodesic leading out. Within the event horizon space twists in on itself such that all directions lead deeper inwards towards the singularity.
You have tremendous freedom to move about in time, but your freedom to move about in space gets sharply curtailed. It's exactly the reverse of the spacetime situation outside the event horizon, where we have tremendous freedom to move in space but are only allowed to move forwards into the future.
In 1999 I was hired by a Midwestern telco -- in the interests of not getting sued I won't say which: I'll just say their market cap used to be in the billions and now you could buy them with the lint in your pocket -- to do security remediation on their billing system. I spent weeks poring over architectural diagrams, going through source code, examining protocols. After a while I realized I had some really scary information, so I asked my manager for a safe.
"Just put it all in a binder," she said. "We trust you to keep an eye on it."
The Binder of Doom was a nondescript black binder about three inches thick. It had no cover page and no markings: I didn't want anyone to realize the secrets that were in it. I carried it around with me everywhere. I slept with it in bed with me. That's how terrified I was these secrets would come out.
Then the Binder of Doom got worse. Having completed my survey, I now devised attacks on the system. I found ways enterprising individuals could fleece the company out of truly mind-boggling sums, and how difficult it would be to detect these attacks with the then-current security infrastructure. By the end of six months the Binder of Doom was stuffed to bursting and I was giving serious thought to filing for a concealed-carry permit. I wondered if the sheriff's department would understand if I told them I was routinely carrying around a binder with a *conservative* worth to a criminal syndicate of $100 million.
I went back to my manager. I told her I was done. It was time to remediate the risks. "Oh, excellent," she told me, "because we just ran out of money for the remediation."
Uh. What?
"Management has decided the main risk is in unsecured communications links, so just ensure we're using PGP on everything and we'll call it good."
I asked if she wanted the Binder of Doom.
"No, you hold onto it for a while."
So I became increasingly disgruntled, bitter, and sarcastic. I told everyone I worked with that I'd been retasked to "secure" our network using PGP -- and even old-school PGP 2.6, not GnuPG (which had just reached 1.0), either -- and oh God this is awful and if this company lasts another year it'll be a miracle and...
I was shortly thereafter cashiered for having a toxic attitude towards work. I walked into the parking lot, got into my car, and tossed the Binder of Doom into the passenger seat. As I drove away I realized something was horribly wrong, but didn't realize what until I was pulling out of the lot:
I HAD THE BINDER OF DOOM IN MY PASSENGER SEAT.
I returned to the office and tried to walk inside, but was met by an HR rep at the door who told me if I didn't leave they'd call the police and file a trespass charge. I held up the Binder of Doom to the HR rep. "Do you want this back?" I asked.
"No," she told me clearly. "Keep it. We just want you to leave."
I turned around, gobsmacked, and left the company holding detailed plans for how to embezzle $100 million or more... which the company had just thoughtfully delivered into the hands of a disgruntled former employee.
(And if you're wondering what I did with the Binder of Doom, it sat on my bookshelf for a few days tempting me before I threw it into an incinerator and threw the ashes into a strong wind.)
More to the point: refusing to prosecute unless A or B is met is genuinely good for national security. If people know their mistakes are forgivable they're going to be much more inclined to cooperate with investigators to help seal the breach. If people think they're looking at 10-to-20 for their carelessness, they're far more likely to lawyer up.
Go read that opinion again. (It's another Scalia one.)
In that case, the officer was (a) in a home and (b) did not have the homeowner's permission to take hold of anything. The home is what ramped the protections up to the max; the fact the homeowner did not consent to anything kept those protections in force.
It's much different from the driver of a car giving evidence directly to a cop. The protections were lesser, and the driver waived them.
Please, go read the opinion again. Particularly read Scalia's opinion, where he lays out the reasons why an infrared camera is an illegal search of a home. It has to do with the fact the home is the bastion of the Fourth Amendment. There is literally nowhere that receives more Fourth Amendment protections than the home.
A set of blank cards, which someone voluntarily gives to the police, receives far less protection. If a cop asks me for a birthday card I'm holding, and I voluntarily hand it over, and the cop opens it up and finds I've tucked a baggie containing bump of cocaine inside, has the cop committed an illegal search? Under your logic, yes, since the bump wasn't in plain sight.
But the plain sight exception does not apply when the police have lawful possession of the evidence!
Good grief, man. This is high-school civics class stuff.
But seriously, read Scalia's opinion.
Alice and Bob are driving down the road when they're pulled over by cops. Alice is driving. Bob gets arrested on an outstanding warrant. As Bob's getting out of the car, the cops see a black plastic bag underneath Bob's seat. They ask Alice about the bag. She says, "This? Oh, it's just oregano, officers. A lot of oregano. No, we don't have receipts for it, and, uh, we bought it at ... err, from some guy. But it's just oregano. See?", and gives it to the cop. The cop, upon opening the baggie, sees what looks like oregano. But the volume of the oregano is much more than you'd need for a pizza, so the cop figures it might be marijuana and decides to run a field test on it. Ultimately this field test is turned over to the State Police, which are able to conclusively say it's marijuana. Bob is now facing marijuana possession charges and complains his Fourth Amendment rights were violated.
That's exactly what happened here. The defendant was arrested on an outstanding warrant, the arresting officer asked what was in the bag, the driver gave the bag over and said he and the defendant bought 143 gift cards from "someone", but couldn't identify whom, nor provide any receipts, and their business plan was to "resell" these cards for a profit. Put all that together and it's on the same level as telling the cop your weed is oregano -- it's a lie that's completely transparent.
Since the cops were given the evidence, they did not seize it illegally. Since the cops had an incriminating statement from one of the participants, they had probable cause to check for illegality. Legal seizure plus probable cause equals go directly to jail, do not collect a $200 gift card.
This Slashdot headline is misleading to the point of being journalistic malpractice.
I said that was true for institutions which offered both. And even then, it's not that math is removed -- it's that a couple of upper-level courses covering esoteria are removed to make room for a better grounding in the humanities.
My friends with BAs in math did the full gamut of differential and integral calculus, number theory, differential equations, analysis, linear algebra, statistics, and more. Even as a CompSci major I took differential and integral calculus, differential equations, and statistics.
I hold a B.A. in computer science from a fairly good private college. One of my best friends graduated with a triple-major B.A. in physics, mathematics, and computer science, from the same institution. Other close friends from undergrad received B.A. degrees in chemistry, biology, geology, environmental science, and botany.
In fact, my undergrad alma mater doesn't offer the B.Sc. degree at all.
In 20 years in the software industry, not once has anyone ever asked whether I hold a B.A. or a B.Sc. It's a total nonissue. Some institutions offer the B.A., some offer the B.Sc., some offer both but differentiate them on how many differential calculus classes you've taken.
Computer Network Exploitation.
CNO = Computer Network Operations, an umbrella term which covers offense and defense. CNE is offensive CNO.
I started programming in C++ in '89. Templates were still new, but most of the language was stable. C++ code I wrote in '89 is still readable and compilable today. I know people who started with C++ in 1981, when it was still Bjarne's skunkworks project. The first public release was '83, making C++ 33 years old -- closer to 40 years old than 25.
(I'm the AC who originally posted; I wasn't logged in then.)
Oddly enough, a .30-06 is only called 7.62x63mm. That's the metricified name for it... but not the actual dimensions of the round: the bullet diameter is 7.8mm, not 7.62mm.
Cartridge names look like they're dimensional quantities, but they're not, and really never have been. The .38 Special and the .357 Magnum fire the same size of bullet. (In fact, you can fire .38 Special from .357 Magnum revolvers.) The German-designed 7.65mm Parabellum cartridge actually fires bullets 7.85mm in size. The Russian 9mm Makarov is actually 9.2mm. The 9mm Parabellum and 9mm Short fire different sizes of bullets, too; one is true 9mm and the other is smidge larger.
Moral of the story: the name is just a name -- it doesn't actually reflect the size of the cartridge, and for that reason there's no reason to prefer metricified names.
Tell that to Chief Justice Rutledge, who was appointed in a recess only to have it yanked away from him when Congress returned to session and said "no".
And in fact, we've had Chief Justices named by recess appointments. Chief Justice Rutledge comes to mind...
Justice John Rutledge (September 26, 1789 – March 4, 1791) was succeeded by Justice Thomas Johnson (August 5, 1792 – January 16, 1793). That's a 17-month gap. IIRC there are other, longer gaps.
Not true: SCOTUS has had two-year gaps before. The longest delay from the time a new justice is nominated is 125 days, but sometimes the USG has taken a damned long time nominating a replacement...
Clickbait, no: there's actual, real, high-quality content to what he writes.
Self-promotion: so what? If someone writes something interesting and informative, I want it to be brought to my attention -- even if they're the ones to bring it to my attention.
One, the spec is positively Byzantine. It makes OpenPGP look like a marvel of clarity. It's a very hard spec to implement correctly, and for that reason I distrust most of the S/MIME out there.
Two, S/MIME has some hardwired dependencies on SHA-1. (So does OpenPGP; S/MIME has more of them.) SHA-1 isn't looking very healthy right now. OpenPGP is migrating away from SHA-1 and the working group is actively developing a new spec. The S/MIME community isn't.
It's about to. :)
Daniel Kahn Gillmor had a novel idea for how to use PGP/MIME in a creative way to extend protection to virtually all the email header information. Enigmail is implementing this, as are a few other groups. Metadata protection is coming to OpenPGP -- and very soon!
Enjoy!
Quoting myself:
You're one of those idiots: I get it. But so long as you're saying "improve everything!" I'm going to ignore you, because some of these things are incompatible.
Yes and no, but mostly no. (ObDisclosure: I help out with Enigmail.)
But that doesn't matter. When it comes to communications security the world is divided into two camps. The first one doesn't need it right now and the second one does. If you don't need communications security right now, that gives you a great amount of luxury to sit on the sidelines and wait for something better to come along. If you do, though ... then GnuPG and Enigmail are pretty much the best thing going right now, at least when it comes to email.
I'll be the first to agree that GnuPG is a usability nightmare. Absolutely. If you like I'll point you towards several references in the peer-reviewed literature that show why it's so bad. But when people start talking about alternatives, I want to know which alternatives they're suggesting; when people start talking about doing it better, I want to know what better means.
I didn't say it was proven. I said it was a result. We don't have a formal proof that P != NP, but find me a single practitioner who thinks we'll find a proof of P = NP.
At some level math works on the basis of consensus. Consensus determines whether we accept a proof or reject it for omitting an important step; consensus determines which axioms we accept to be true. And so far, the consensus seems to be "BQP != NP, just like P != NP."
But yes, we're going to keep looking for the proofs. :)
Depends on what you mean by proven. It's believed about as strongly as people believe P != NP. There's zero evidence BQP can address NP-Complete (or, for that matter, even interesting parts of NP), and a lot of good reasons to believe it can't. However, a proof has been as elusive as the P != NP proof -- another thing which pretty much every CS nerd agrees to be true, but it hasn't been rigorously proven yet.