The chemical detectors false-positive on new electronics smell (they picked up a new GPS unit i bought) and don't detect PETN carried on the person (we know because the underwear bomber didn't get a second look). They have more accurate swab tests, but they only use them to let people who false-positive fly, not in a way that would catch anything. They're less a fundamentally bad idea than the nude-scanners, but still trivially defeatable.
We have an easier time studying airport security collectively than individually: The TSA has a 0% success rate at enormous cost. It is quite possibly the least effective security system in history.
This seems pretty reasonable; when you search for the name of a popular movie (for example), " torrent" is almost always one of the top autocomplete hits, and the results you get from that are usually garbage or worse. There's probably a ton of people getting trojans and viruses, or scammed, by these sites by mis-clicking. They're not making it any harder to access this stuff intentionally, they're not being filtered from the actual search results.
You're right, there is no objective way to say which is the "correct" google.com, you have to have some trusted body giving out monopolies on individual names. But that's not the problem that needs to be solved: the problem here is the body revoking names afterwards.
I think that it *is* possible to create a system where names are assigned permanently and can't be taken back. It might look something like this:
1. You buy example.com in the traditional manner from an untrusted legacy registrar. 2. You generate yourself a public/private keypair, and with it claim ".hash" or somesuch. These domain names won't collide and you can prove your ownership with a digital signature. 3. Any of several partly-trusted CAs signs a non-expiring DNS record pointing example.com to.hash. 4. Said CA retires their certs rapidly, say weekly, and publishes the entire list of signed DNS records somewhere publicly accessible. Each signature links to the next in a manner that proves they have signed no other records with that cert. (*) 5. You upload your signed example.com record to both the legacy DNS and a secure hash-based p2p network. (**) 5. You upload a regular, updatable/expiring DNS record for.hash into said network as well. 6. Upon doing DNS lookup, DNS servers ask the p2p network for valid, signed records; if they exist they are cached and the legacy DNS is not consulted. If not (or more likely in parallel), legacy DNS is asked and if a valid, signed *.hash redirect is found it's cached and reinserted into the p2p network (hopefully forever). Only if no signed records at all are found is the old, vulnerable record used.
If ICANN/the department of louis vitton/whoever tries to hijack the domain name, they'll only do so for users not on the new system. Upgraded users will ignore the change. If the CA tries to make forged records to redirect your permanent redirect it will be invalid (if done after the fact) or publicly detectable (if done in advance). If you're running a security-aware DNS client and your middle-tier DNS server is up to shenanigans the certs won't verify.
The best part is this could be done from the middle-out without the consent of ICANN or need to reconfigure client devices--you just need one upgraded DNS server anywhere in the hierarchy above you.
There is no possible after-the-fact ambiguity over who owns the name so long as all the CAs get together and promise not to re-assign an already used name (which would be detectable and should result in them being banned from making further assignments)
(*) I think this is a solved crypto problem and a workable solution is described in the 1996 version of Bruce Schneier's Applied Cryptography but I don't remember where I put it (**) This is a theoretically a solved problem and mostly solved in practice
Given the state of Afghanistan infrastructure, it would probably cost more than that to excavate whatever pile of rocks fell on him circa December 2001.
If the parent post is correct that only IE7 and earlier are vulnerable in their default configurations, the fair comparison would be to update support for browsers a year and a half out of date--are firefox 2.0 or 3.0 still getting timely security patches?
Radio stations, at least in the US, don't pay anything to recording companies. They only pay a relatively small fee to songwriters. Money from commercials supports the station itself, not performers.
We're not going to run out of iron. Ever. And the steel in a car is a tiny fraction of the environmental impact of the car over it's lifetime, so it's not like re-using enough wire hangers to equal the weight of steel in a car offsets the vehicle.
If you're going to look at the environmental impact of dry-cleaning, the washing process itself and the car trip to deliver a few shirts and the employees of the store dwarf a few coat-hangers. And the form the better part of the expenses of the company, and are where they try to seek savings, rather than a few hangers (aside from putting out a recycling box to make people like you feel better).
The market is creating incentives to conserve scarce goods. It's not infallible, but neither are the people who would substitute their judgement for that of people with skin in the game.
In what way have they been proven wrong? There's been a good number of conflicts since the cold war started, but little to no dogfighting since the early 70s. It won't be long before the post-dogfighting era is the longer part of the entire history of air warfare.
So, If we'd only thought to use stealth bombers in Iraq, we wouldn't have needed six years of using pretty much all of our military to occupy a country the size of California with a smaller population?
1. Get rid of the "presumption of validity". Patents, once issued, are assumed to be valid unless proved otherwise, but actually doing the legwork on every single patent to make sure it's good before approving just isn't feasable, so lots of bogus patents get passed.
But courts still defer to the patent office unless the case is unambiguously bogus.
Move to something more like the copyright system, where having a copyright issued only proves that you had a claim as of a certain date and that your paperwork was in order.
The burden of proof would then be shifted to the patent holder to prove that their patent was valid as part of an infringement lawsuit, back where it belongs.
2. Get rid of or at least weaken submarine patents. The obvious way to do this is to make it so that no damages can be collected for actions before the patent holder files an infringement lawsuit.
... Symantec and McAffee to get their shit together and make an antivirus that doesn't suck.
I'm not sure such a thing is even possible anymore. The usefulness of AV software has always been pretty questionable, and they never seem to have gotten over the threat model of months or years-old viruses being passed from floppy to floppy. Most threats are one-off now, like social engineering spam, one-day long trojan horse attacks, adware, and exploiting OS vulnerabilities to run spam zombies. As far as I can tell, my resource-hogging, system-destabilizing virus scanner does effectively nothing against any of those and there's no reason to believe it can be changed to do so.
Firstly, the randomly scattered bold text is a pretty big hint that this article is advertising copy designed to impress the very, very stupid.
Cutting through the "let's promote lame advertising models" rah-rah, it looks like the idea here is to assume people typing a random keyword into their address bar are searching for a forum and/or wiki on a topic. So these folks want to create some sort of ur-forum (that is, they want to reinvent a modern usenet) and figure buying up a bunch of idle domain names to advertise it is a good starting point.
This would pretty much be the "death of domain parking" at least in the form of a sell-off-the-assets exit strategy. I have no idea why they would buy any domain that wasn't an obvious word or term, though, so if you're holding on to that hot "ilemonstore2003.cx" property you're probably out of luck.
That's a really blatant one, They can be (and often are) much better done. If they're subtle enough onscreen they can be left on over multiple frames and pan with the background so as to be near impossible to detect without multiple copies to compare.
He has prisoners dress in pink underwear and live in tents on the prison grounds
BTW, if you're thinking "so what? They're criminals!", one point that article fails to mention is that most of the people in Arpaio's custody aren't convicted criminals, but being detained awaiting trial (because they can't make bail or are considered a flight risk). They're supposed to be presumed innocent; even if you support the humiliation/punishment of criminals you should be disgusted at this nutjob.
This spec sounds like a bloated monster, but the criticism the FA is making is entirely unfair. If OOXML is going to be a useful one-size-fits-all document format, it'll need to be a superset of all existing things word processors can do, even the weird old bits that don't make much sense. There's two ways to do this: Either spec out the broken behavior into the already-bloated specification, or add a flag that says "old broken spacing" and let implementors decide how faithfully to represent it.
If they take the first option, then writing a tool that converted to and from OOXML would be a nightmare, you'd have to work out all those broken options into something that looked right, even if the end application supported it natively, since the converter app would be the last chance to attempt this obscure conversion. Making the old format->OOXML->old format loop actually end with a document that rendered anything like the starting document would be pretty much impossible.
The way they did it, a converter app that reads in those standards can just set the appropriate flag, and let the downstream renderer deal with it. If the user actually needs these crazy old features they can go get a patch to their wordprocessor to support it; or they can find a special-purpose converter that modifys the document to not need the flag anymore; or they can convert the doc back to the original obsolete format and open it in the ancient app itself. If the document had already been mangled by a half-baked conversion/export tool, the user couldn't have done any of these.
Tools that don't care about legacy support are unaffected by this; they can just pick the closest modern option to whatever the legacy flag calls for on input, and not output documents that use them.
Copyright doesn't prevent someone from competing with Microsoft by reimplementing windows themselves and selling it. This wouldn't be very practical as a business matter, but that makes it a natural barriers-to-entry monopoly and not a government-grant monopoly.
It's not representative at all; that's Pfizer, who hit the lifestyle-drug goldmine with Viagra and also sells bestselling drug Lipitor. Unless they're running the next Viagra through testing right now and not telling anyone about it, when those drugs go out of patent around 2011, their lucky streak will end and their numbers will go back to something resembling sanity.
Assuming the numbers on that page are even true, which given the recent track record of American companies, they probably aren't.
It doesn't matter how much they spend on advertising. It's not an alternative to paying for research. There isn't some fixed pile of money in the industry being divided up between research and advertisment. The investment world will dump as much money on pharma companies as the investors are guessing can be spent and return a profit.
If advertising the hell out of a product during a drug's short patent life increases the total profit, that means more return for investors, which means the whole industry can support that many more billions of dollars a year in investment before the profits get diluted back to the same return rate everything else gets. Some of this money will be spent on research, research that wouldn't happen otherwise.
If they cut back on advertisements (which net a profit for the company or they wouldn't be doing them), they wouldn't have more money for research, they'd have less money period, as the investors would just go elsewhere.
The bulbs last 10 times as long and cost 8 times as much. $8 now for certain is better than a possible $1 a year for 10 years. The savings are all in the electricty bill, and Wal-mart doesn't sell utility power.
Slashdot Mirror
It would have automatically died yesterday along with everything else that didn't pass before the ending of the 111th Congress.
The chemical detectors false-positive on new electronics smell (they picked up a new GPS unit i bought) and don't detect PETN carried on the person (we know because the underwear bomber didn't get a second look). They have more accurate swab tests, but they only use them to let people who false-positive fly, not in a way that would catch anything. They're less a fundamentally bad idea than the nude-scanners, but still trivially defeatable.
We have an easier time studying airport security collectively than individually: The TSA has a 0% success rate at enormous cost. It is quite possibly the least effective security system in history.
This seems pretty reasonable; when you search for the name of a popular movie (for example), " torrent" is almost always one of the top autocomplete hits, and the results you get from that are usually garbage or worse. There's probably a ton of people getting trojans and viruses, or scammed, by these sites by mis-clicking. They're not making it any harder to access this stuff intentionally, they're not being filtered from the actual search results.
You're right, there is no objective way to say which is the "correct" google.com, you have to have some trusted body giving out monopolies on individual names. But that's not the problem that needs to be solved: the problem here is the body revoking names afterwards.
I think that it *is* possible to create a system where names are assigned permanently and can't be taken back. It might look something like this:
1. You buy example.com in the traditional manner from an untrusted legacy registrar. .hash. .hash into said network as well.
2. You generate yourself a public/private keypair, and with it claim ".hash" or somesuch. These domain names won't collide and you can prove your ownership with a digital signature.
3. Any of several partly-trusted CAs signs a non-expiring DNS record pointing example.com to
4. Said CA retires their certs rapidly, say weekly, and publishes the entire list of signed DNS records somewhere publicly accessible. Each signature links to the next in a manner that proves they have signed no other records with that cert. (*)
5. You upload your signed example.com record to both the legacy DNS and a secure hash-based p2p network. (**)
5. You upload a regular, updatable/expiring DNS record for
6. Upon doing DNS lookup, DNS servers ask the p2p network for valid, signed records; if they exist they are cached and the legacy DNS is not consulted. If not (or more likely in parallel), legacy DNS is asked and if a valid, signed *.hash redirect is found it's cached and reinserted into the p2p network (hopefully forever). Only if no signed records at all are found is the old, vulnerable record used.
If ICANN/the department of louis vitton/whoever tries to hijack the domain name, they'll only do so for users not on the new system. Upgraded users will ignore the change.
If the CA tries to make forged records to redirect your permanent redirect it will be invalid (if done after the fact) or publicly detectable (if done in advance).
If you're running a security-aware DNS client and your middle-tier DNS server is up to shenanigans the certs won't verify.
The best part is this could be done from the middle-out without the consent of ICANN or need to reconfigure client devices--you just need one upgraded DNS server anywhere in the hierarchy above you.
There is no possible after-the-fact ambiguity over who owns the name so long as all the CAs get together and promise not to re-assign an already used name (which would be detectable and should result in them being banned from making further assignments)
(*) I think this is a solved crypto problem and a workable solution is described in the 1996 version of Bruce Schneier's Applied Cryptography but I don't remember where I put it
(**) This is a theoretically a solved problem and mostly solved in practice
Given the state of Afghanistan infrastructure, it would probably cost more than that to excavate whatever pile of rocks fell on him circa December 2001.
If the parent post is correct that only IE7 and earlier are vulnerable in their default configurations, the fair comparison would be to update support for browsers a year and a half out of date--are firefox 2.0 or 3.0 still getting timely security patches?
Radio stations, at least in the US, don't pay anything to recording companies. They only pay a relatively small fee to songwriters. Money from commercials supports the station itself, not performers.
I haven't seen the movie, but isn't it set on another planet? GPS doesn't do much without all those satellites.
Care to quote one of the 'lies'? I don't see any in the article.
We're not going to run out of iron. Ever. And the steel in a car is a tiny fraction of the environmental impact of the car over it's lifetime, so it's not like re-using enough wire hangers to equal the weight of steel in a car offsets the vehicle.
If you're going to look at the environmental impact of dry-cleaning, the washing process itself and the car trip to deliver a few shirts and the employees of the store dwarf a few coat-hangers. And the form the better part of the expenses of the company, and are where they try to seek savings, rather than a few hangers (aside from putting out a recycling box to make people like you feel better).
The market is creating incentives to conserve scarce goods. It's not infallible, but neither are the people who would substitute their judgement for that of people with skin in the game.
In what way have they been proven wrong? There's been a good number of conflicts since the cold war started, but little to no dogfighting since the early 70s. It won't be long before the post-dogfighting era is the longer part of the entire history of air warfare.
So, If we'd only thought to use stealth bombers in Iraq, we wouldn't have needed six years of using pretty much all of our military to occupy a country the size of California with a smaller population?
1. Get rid of the "presumption of validity". Patents, once issued, are assumed to be valid unless proved otherwise, but actually doing the legwork on every single patent to make sure it's good before approving just isn't feasable, so lots of bogus patents get passed.
But courts still defer to the patent office unless the case is unambiguously bogus.
Move to something more like the copyright system, where having a copyright issued only proves that you had a claim as of a certain date and that your paperwork was in order.
The burden of proof would then be shifted to the patent holder to prove that their patent was valid as part of an infringement lawsuit, back where it belongs.
2. Get rid of or at least weaken submarine patents. The obvious way to do this is to make it so that no damages can be collected for actions before the patent holder files an infringement lawsuit.
... Symantec and McAffee to get their shit together and make an antivirus that doesn't suck.
I'm not sure such a thing is even possible anymore. The usefulness of AV software has always been pretty questionable, and they never seem to have gotten over the threat model of months or years-old viruses being passed from floppy to floppy. Most threats are one-off now, like social engineering spam, one-day long trojan horse attacks, adware, and exploiting OS vulnerabilities to run spam zombies. As far as I can tell, my resource-hogging, system-destabilizing virus scanner does effectively nothing against any of those and there's no reason to believe it can be changed to do so.
Name one.
Preemptive multitasking.
Free bonus: Memory protection
Firstly, the randomly scattered bold text is a pretty big hint that this article is advertising copy designed to impress the very, very stupid.
Cutting through the "let's promote lame advertising models" rah-rah, it looks like the idea here is to assume people typing a random keyword into their address bar are searching for a forum and/or wiki on a topic. So these folks want to create some sort of ur-forum (that is, they want to reinvent a modern usenet) and figure buying up a bunch of idle domain names to advertise it is a good starting point.
This would pretty much be the "death of domain parking" at least in the form of a sell-off-the-assets exit strategy. I have no idea why they would buy any domain that wasn't an obvious word or term, though, so if you're holding on to that hot "ilemonstore2003.cx" property you're probably out of luck.
That's a really blatant one, They can be (and often are) much better done. If they're subtle enough onscreen they can be left on over multiple frames and pan with the background so as to be near impossible to detect without multiple copies to compare.
He has prisoners dress in pink underwear and live in tents on the prison grounds
BTW, if you're thinking "so what? They're criminals!", one point that article fails to mention is that most of the people in Arpaio's custody aren't convicted criminals, but being detained awaiting trial (because they can't make bail or are considered a flight risk). They're supposed to be presumed innocent; even if you support the humiliation/punishment of criminals you should be disgusted at this nutjob.
This spec sounds like a bloated monster, but the criticism the FA is making is entirely unfair. If OOXML is going to be a useful one-size-fits-all document format, it'll need to be a superset of all existing things word processors can do, even the weird old bits that don't make much sense. There's two ways to do this: Either spec out the broken behavior into the already-bloated specification, or add a flag that says "old broken spacing" and let implementors decide how faithfully to represent it.
If they take the first option, then writing a tool that converted to and from OOXML would be a nightmare, you'd have to work out all those broken options into something that looked right, even if the end application supported it natively, since the converter app would be the last chance to attempt this obscure conversion. Making the old format->OOXML->old format loop actually end with a document that rendered anything like the starting document would be pretty much impossible.
The way they did it, a converter app that reads in those standards can just set the appropriate flag, and let the downstream renderer deal with it. If the user actually needs these crazy old features they can go get a patch to their wordprocessor to support it; or they can find a special-purpose converter that modifys the document to not need the flag anymore; or they can convert the doc back to the original obsolete format and open it in the ancient app itself. If the document had already been mangled by a half-baked conversion/export tool, the user couldn't have done any of these.
Tools that don't care about legacy support are unaffected by this; they can just pick the closest modern option to whatever the legacy flag calls for on input, and not output documents that use them.
Copyright doesn't prevent someone from competing with Microsoft by reimplementing windows themselves and selling it. This wouldn't be very practical as a business matter, but that makes it a natural barriers-to-entry monopoly and not a government-grant monopoly.
It's not representative at all; that's Pfizer, who hit the lifestyle-drug goldmine with Viagra and also sells bestselling drug Lipitor. Unless they're running the next Viagra through testing right now and not telling anyone about it, when those drugs go out of patent around 2011, their lucky streak will end and their numbers will go back to something resembling sanity.
Assuming the numbers on that page are even true, which given the recent track record of American companies, they probably aren't.
Claiming "medical patents spur innovation" isn't the same as claiming that "there would be no research at all without medical patents".
It doesn't matter how much they spend on advertising. It's not an alternative to paying for research. There isn't some fixed pile of money in the industry being divided up between research and advertisment. The investment world will dump as much money on pharma companies as the investors are guessing can be spent and return a profit.
If advertising the hell out of a product during a drug's short patent life increases the total profit, that means more return for investors, which means the whole industry can support that many more billions of dollars a year in investment before the profits get diluted back to the same return rate everything else gets. Some of this money will be spent on research, research that wouldn't happen otherwise.
If they cut back on advertisements (which net a profit for the company or they wouldn't be doing them), they wouldn't have more money for research, they'd have less money period, as the investors would just go elsewhere.
The bulbs last 10 times as long and cost 8 times as much. $8 now for certain is better than a possible $1 a year for 10 years. The savings are all in the electricty bill, and Wal-mart doesn't sell utility power.