Maybe use their whatever-it's-an-option encryption as added layer and call it a day.
I thought I remember reading that encrypting an encrypted file can actually make it less secure than either encryption step alone.
Sort-of. If you make a mistake in your crypto, you can make things substantially less secure. A mistake, such as using the same key for both encryption steps. Also, encryption is not necessarily additive. Encrypting something multiple times with different keys may not improve the security, or may improve the security less than the cumulative total number of key bits indicate.
As an example, let's take the caesar cipher. If you encrypt twice with a key of 13, you end up with no encryption at all. If you encrypt once with a key of 15 and a second time with a key of 12, you end up with exactly the same security as encryption once with a key of 1.
"Just following orders" is wrong not because someone higher up gave the order. It's wrong because despite the government condoning the action, the person doing it should know better. Therefore "everyone does it" is pretty much the same thing as "just following orders".
No hard feelings, I was just struck by the visual of all the bangs.
I don't know what it says about me, but I wasn't. It's a bit frightening that I read and grokked it without a second thought. It didn't register until I reread it a couple of times.
If you hired somebody to remodel your house, check his references, chose him as the best candidate based on his experience and quality of work, and came home one day and saw him watching TV and some body else actually doing the work, would you say, my I applaud your idea, great job? Probably not.
Oddly enough, this is pretty much exactly what a general contractor does. Although they tend to do other things rather than watching TV.
Specifically, the site argues that the scriptures say that foreign substances should not be injected into the body and also that that the human body is perfect and shouldn't be altered in any way. (A few other things are thrown in for good measure, but this is the crux of it.)
Personally, I think their interpretation has so many holes it would be laughable if the idea wasn't so dangerous and widely accepted. It also falls under the "If your religion requires human sacrifice, is murder protected by the Constitution?" heading.
This is a solved problem. Specifically, the problem of choosing which companies can legitimately provide proof of identity.
Allow the use of OpenID, but only by identity providers that put up a bond or have insurance. For example, states that require auto-insurance typically allow self-insurance by putting up a sufficiently large bond. Allow cases of compromised ID to make a claim against the bond/insurance if there is negligence by the identity provider. You can also look at how the the public notary system works.
Finally, there are already laws in place against using a false ID, ID theft, and against lying on government forms. Those can easily be extended to cover the use of OpenID on.gov websites.
Much of it comes from the frustration of purchasing an app only to find out within the first few seconds of using it that it was a waste of money. (I was thinking specifically about business and productivity apps, but it applies to games and entertainment as well.)
There has always been this much Dotcom-dislike on/. There isn't really any ill-will, just a general dislike of his character; "arrogant douche" sums it up nicely.
With that said, we still want him to win, because there are so many things wrong with the whole affair, such as shutting down a multi-million dollar business without a trial.
The frightening aspect of this is that population may expand its genetic diversity to fill the 'fit enough" gene pool. Then it will overflow the "fit enough" gene pool by creating mutations that can't survive even with health care, bringing survival back down, albeit with increased genetic variety such that many can't survive without constant medical treatment.
That is to say, we will evolve to require medical treatment.
I prefer a razor knife instead of a utility knife, but YMMV.
Also, a tone generator can be quite handy. If you're only responsible for the 50 servers in the server room, it's probably overkill, but it can sort out a complex cabling situation in seconds. Fluke has one that can be used on live ethernet. (Although it would take a big chunk out of your budget.) http://www.flukenetworks.com/datacom-cabling/copper-testing/IntelliTone-Pro-Toner-and-Probe
I've heard that one of the more difficult aspects of working in a level 4 lab is learning not to catch things that are falling, such as scalpels, and that when the scientists go home after work, they don't catch tableware and glasses and such, leading to much domestic strife.
(I don't know how true it is, but it seems to make sense.)
There is a VOIP aspect to it. It isn't intended to be a telephone service, but can be used as one (which I think is against the tos). It is intended that you can call a Google voice number and hit someone's IM app.
The distance from NZ to the USA is about 12500 km (7800 miles). (12 500 kilometers) / the speed of light = 41.6955119 milliseconds
So, about 42 ms. is your lower bound on latency. If you add the routers and such into the mix, you're probably looking at about 100 ms. Not bad, but not great.
(Ballpark figures -- not rigorous, but enough for discussion.)
In an attempt to lock in the 2.25% at a lower price.
For example, let's say Apple were to create a company named Apple Phone Sales Inc., and then Apple would sell phones to Apple Phone Sales Inc. for $100 each, to which Apple Phone Sales Inc. turns around and sells them to distributors and the retail market for their current ~$500ish prices. Apple could then argue that they were only required to pay $2.25 on the $100 sale price. I'm sure there are other principles at work, but the short version is that is doesn't work like that.
Regardless of terminology, a massive attack on the virtual infrastructure is a different class of attack and requires a different class of defense. The term 'cyber Pearl Harbor' is ridiculous and disrespectful to those who were at the real Pearl Harbor. Also, DHS is probably the worst department to be in charge of, well, pretty much anything. The NSA would be a much better choice.
With that said, I think it's not too bad of an idea once you realize what the proper response is to a massive attack on the entire Internet. Technical support. Calling up (or visiting in person) millions of users and sysadmins and walking them through the process of securing their systems. A phone call might not do it, because you can't flash a badge over the phone, so (rightfully) nobody would trust you.
OTOH, targeted attacks such as "break into a wastewater treatment plant, use the SCADA controls to prematurely dump a tank of sewage into the clean water intake" mentioned by the AC, are yet another class of attack, and you don't need the extra manpower of a reserve force in order to deal with the technical fallout of such an action.
And, of course, if someone were to find something a new class of bug similar to SQL injection, wherein the only solution would be to update huge amounts of code all over the Internet, well, even a reserve force might not be enough to fix that kind of problem. Look at how long it took to resolve Y2K.
Personally, I would consider signing up for this type of "cyber-reserve", but I would hesitate doing so under the DHS. Also, I wouldn't sign up unless I knew ahead of time what was expected of me, and that there would be no bait and switch.
As Apple would be the one licensing the patent, it would be 2.25% of the price Apple charges. And following the principle of patent exhaustion, whoever buys it from Apple can resell it without needing to re-license the patents. And to jump further ahead, reselling to yourself may be fine if judges were computers, but they aren't, so they tend to see through that sort of thing.
Actually, Silicon Valley is one of the places where this is *least* true. After the Google IPO, an increasing number of tech companies have gone public with voting structures that deliberately deprive the shareholders of any say in the operation of the company, and with binding IPO statements that specifically warn shareholders that the company does not intend to focus on continuous growth and year on year profit if it conflicts with long-term growth and with the good of their users.
That is very interesting. Can you provide some references? I had difficulty Googling it up and a starting point would help me figure out what kind of search fodder it requires.
Coincidentally this apparently unrelated issue was posted in response to my "hospitality/politeness/gentleman-liness" post
I'm sorry. I did not intend it as an insult, and I was worried that it would be taken as such. Hence my qualifications in the rest of the paragraph. I guess the better way to phrase it would have been that if I had said that we have different definitions of the words, which leads to misunderstandings on both sides.
Well OK but try this somewhat more pragmatic idea on. Unfortunately the problem might be an active dislike, not merely a lack of understanding. And thats OK, as long as we try not to aggressively convert each other, especially by negative means but also by sorta-positive means, I think we'll get along all politely with great hospitality on all sides. The alternative is not so pleasant.
Yeah, it wasn't a very practical solution. I only posted it because I couldn't think of any other way to resolve the issue other than the default of just not talking about it. I also agree that attempting to aggressively convert someone is the quickest way to get them to dislike you.
As for the problem being an active dislike, I would like to know why. I like to solve problems, and unsolvable problems can be fun to think about as well. I would think that the reason for theists actively disliking atheists may be that it seems all atheists look down upon theists as being irrational and mentally inferior. That they have no respect for theists. That theism is a mental problem that needs to be corrected because it's unhealthy.
I'm having trouble understanding why an atheist would actively dislike someone solely for being theist. I'm not saying that there is no reason for it, just that I'm having difficulty empathizing with the atheist's viewpoint and I would like to better understand it. Is any of the above stereotype about how atheists feel true? Is there a stereotype among atheists about theists?
I also apologize if any of this or my previous post came across as preachy. It was not my intention. I realize that nobody will ever convert from an argument on the Internet.
I'm a theist, and I think you make an excellent point. Even among rational people, there seems to be some kind of communication gap. It doesn't help that the loudest voices on both sides are the extremists. Teaching faith as science is one example, and another is the prohibition of state funding for religious charities that are there to help the less fortunate, and not to convert anyone.
I guess my question is, what do you, dear reader, think the reason is for the communication gap, and how do you think it can be resolved?
This idea isn't fully formed in my head yet, so please bear with me. I think it may be that atheists don't understand faith, while those they argue with don't understand science. By science, I mean the whole process of the scientific method, of publication, of winnowing out the incorrect hypothesis to find the truth of the matter. By faith, I mean the existence of a higher power as a postulate.
Maybe the resolution would be for atheists to prove that the existence of a higher power excludes other postulates that the theist can't discard. The other solution, would be to show overwhelming evidence of the existence of a higher power that the atheist can accept as valid. The typical method of confirming a postulate, that is, failing to disprove it, doesn't seem to work.
Slashdot Mirror
Maybe use their whatever-it's-an-option encryption as added layer and call it a day.
I thought I remember reading that encrypting an encrypted file can actually make it less secure than either encryption step alone.
Sort-of. If you make a mistake in your crypto, you can make things substantially less secure. A mistake, such as using the same key for both encryption steps. Also, encryption is not necessarily additive. Encrypting something multiple times with different keys may not improve the security, or may improve the security less than the cumulative total number of key bits indicate.
As an example, let's take the caesar cipher. If you encrypt twice with a key of 13, you end up with no encryption at all. If you encrypt once with a key of 15 and a second time with a key of 12, you end up with exactly the same security as encryption once with a key of 1.
"Just following orders" is wrong not because someone higher up gave the order. It's wrong because despite the government condoning the action, the person doing it should know better. Therefore "everyone does it" is pretty much the same thing as "just following orders".
ITYM assault weapon.
!growing != !aging
[...]
No hard feelings, I was just struck by the visual of all the bangs.
I don't know what it says about me, but I wasn't. It's a bit frightening that I read and grokked it without a second thought. It didn't register until I reread it a couple of times.
If you hired somebody to remodel your house, check his references, chose him as the best candidate based on his experience and quality of work, and came home one day and saw him watching TV and some body else actually doing the work, would you say, my I applaud your idea, great job? Probably not.
Oddly enough, this is pretty much exactly what a general contractor does. Although they tend to do other things rather than watching TV.
I agree. My first thought on reading the headline and summary was that Cisco claimed it was fixed, so DefenseCode released it into the wild.
Specifically, the site argues that the scriptures say that foreign substances should not be injected into the body and also that that the human body is perfect and shouldn't be altered in any way. (A few other things are thrown in for good measure, but this is the crux of it.)
Personally, I think their interpretation has so many holes it would be laughable if the idea wasn't so dangerous and widely accepted. It also falls under the "If your religion requires human sacrifice, is murder protected by the Constitution?" heading.
This is a solved problem. Specifically, the problem of choosing which companies can legitimately provide proof of identity.
Allow the use of OpenID, but only by identity providers that put up a bond or have insurance. For example, states that require auto-insurance typically allow self-insurance by putting up a sufficiently large bond. Allow cases of compromised ID to make a claim against the bond/insurance if there is negligence by the identity provider. You can also look at how the the public notary system works.
Finally, there are already laws in place against using a false ID, ID theft, and against lying on government forms. Those can easily be extended to cover the use of OpenID on .gov websites.
If only they had tried rocket jumping, all of this could have been avoided.
Much of it comes from the frustration of purchasing an app only to find out within the first few seconds of using it that it was a waste of money. (I was thinking specifically about business and productivity apps, but it applies to games and entertainment as well.)
To expand on that a bit, take a look at http://ask.slashdot.org/story/12/07/14/0058200/ask-slashdot-building-a-personal-foss-cloud
There has always been this much Dotcom-dislike on /. There isn't really any ill-will, just a general dislike of his character; "arrogant douche" sums it up nicely.
With that said, we still want him to win, because there are so many things wrong with the whole affair, such as shutting down a multi-million dollar business without a trial.
The frightening aspect of this is that population may expand its genetic diversity to fill the 'fit enough" gene pool. Then it will overflow the "fit enough" gene pool by creating mutations that can't survive even with health care, bringing survival back down, albeit with increased genetic variety such that many can't survive without constant medical treatment.
That is to say, we will evolve to require medical treatment.
He's lucky he is getting a case at all. Traitors should be subject to summary execution during wartime.
"Congress shall have power to ... declare War"
- http://www.usconstitution.net/xconst_A1Sec8.html
I don't recall seeing any Congressional declaration of war.
I prefer a razor knife instead of a utility knife, but YMMV.
Also, a tone generator can be quite handy. If you're only responsible for the 50 servers in the server room, it's probably overkill, but it can sort out a complex cabling situation in seconds. Fluke has one that can be used on live ethernet. (Although it would take a big chunk out of your budget.)
http://www.flukenetworks.com/datacom-cabling/copper-testing/IntelliTone-Pro-Toner-and-Probe
I've heard that one of the more difficult aspects of working in a level 4 lab is learning not to catch things that are falling, such as scalpels, and that when the scientists go home after work, they don't catch tableware and glasses and such, leading to much domestic strife.
(I don't know how true it is, but it seems to make sense.)
At the risk of getting off-topic, what laptops do you like?
There is a VOIP aspect to it. It isn't intended to be a telephone service, but can be used as one (which I think is against the tos). It is intended that you can call a Google voice number and hit someone's IM app.
The distance from NZ to the USA is about 12500 km (7800 miles).
(12 500 kilometers) / the speed of light = 41.6955119 milliseconds
So, about 42 ms. is your lower bound on latency. If you add the routers and such into the mix, you're probably looking at about 100 ms. Not bad, but not great.
(Ballpark figures -- not rigorous, but enough for discussion.)
In an attempt to lock in the 2.25% at a lower price.
For example, let's say Apple were to create a company named Apple Phone Sales Inc., and then Apple would sell phones to Apple Phone Sales Inc. for $100 each, to which Apple Phone Sales Inc. turns around and sells them to distributors and the retail market for their current ~$500ish prices. Apple could then argue that they were only required to pay $2.25 on the $100 sale price. I'm sure there are other principles at work, but the short version is that is doesn't work like that.
Regardless of terminology, a massive attack on the virtual infrastructure is a different class of attack and requires a different class of defense. The term 'cyber Pearl Harbor' is ridiculous and disrespectful to those who were at the real Pearl Harbor. Also, DHS is probably the worst department to be in charge of, well, pretty much anything. The NSA would be a much better choice.
With that said, I think it's not too bad of an idea once you realize what the proper response is to a massive attack on the entire Internet. Technical support. Calling up (or visiting in person) millions of users and sysadmins and walking them through the process of securing their systems. A phone call might not do it, because you can't flash a badge over the phone, so (rightfully) nobody would trust you.
OTOH, targeted attacks such as "break into a wastewater treatment plant, use the SCADA controls to prematurely dump a tank of sewage into the clean water intake" mentioned by the AC, are yet another class of attack, and you don't need the extra manpower of a reserve force in order to deal with the technical fallout of such an action.
And, of course, if someone were to find something a new class of bug similar to SQL injection, wherein the only solution would be to update huge amounts of code all over the Internet, well, even a reserve force might not be enough to fix that kind of problem. Look at how long it took to resolve Y2K.
Personally, I would consider signing up for this type of "cyber-reserve", but I would hesitate doing so under the DHS. Also, I wouldn't sign up unless I knew ahead of time what was expected of me, and that there would be no bait and switch.
As Apple would be the one licensing the patent, it would be 2.25% of the price Apple charges. And following the principle of patent exhaustion, whoever buys it from Apple can resell it without needing to re-license the patents. And to jump further ahead, reselling to yourself may be fine if judges were computers, but they aren't, so they tend to see through that sort of thing.
Actually, Silicon Valley is one of the places where this is *least* true. After the Google IPO, an increasing number of tech companies have gone public with voting structures that deliberately deprive the shareholders of any say in the operation of the company, and with binding IPO statements that specifically warn shareholders that the company does not intend to focus on continuous growth and year on year profit if it conflicts with long-term growth and with the good of their users.
That is very interesting. Can you provide some references? I had difficulty Googling it up and a starting point would help me figure out what kind of search fodder it requires.
Pleased to meet you
Likewise.
Coincidentally this apparently unrelated issue was posted in response to my "hospitality/politeness/gentleman-liness" post
I'm sorry. I did not intend it as an insult, and I was worried that it would be taken as such. Hence my qualifications in the rest of the paragraph. I guess the better way to phrase it would have been that if I had said that we have different definitions of the words, which leads to misunderstandings on both sides.
Well OK but try this somewhat more pragmatic idea on. Unfortunately the problem might be an active dislike, not merely a lack of understanding. And thats OK, as long as we try not to aggressively convert each other, especially by negative means but also by sorta-positive means, I think we'll get along all politely with great hospitality on all sides. The alternative is not so pleasant.
Yeah, it wasn't a very practical solution. I only posted it because I couldn't think of any other way to resolve the issue other than the default of just not talking about it. I also agree that attempting to aggressively convert someone is the quickest way to get them to dislike you.
As for the problem being an active dislike, I would like to know why. I like to solve problems, and unsolvable problems can be fun to think about as well. I would think that the reason for theists actively disliking atheists may be that it seems all atheists look down upon theists as being irrational and mentally inferior. That they have no respect for theists. That theism is a mental problem that needs to be corrected because it's unhealthy.
I'm having trouble understanding why an atheist would actively dislike someone solely for being theist. I'm not saying that there is no reason for it, just that I'm having difficulty empathizing with the atheist's viewpoint and I would like to better understand it. Is any of the above stereotype about how atheists feel true? Is there a stereotype among atheists about theists?
I also apologize if any of this or my previous post came across as preachy. It was not my intention. I realize that nobody will ever convert from an argument on the Internet.
I'm a theist, and I think you make an excellent point. Even among rational people, there seems to be some kind of communication gap. It doesn't help that the loudest voices on both sides are the extremists. Teaching faith as science is one example, and another is the prohibition of state funding for religious charities that are there to help the less fortunate, and not to convert anyone.
I guess my question is, what do you, dear reader, think the reason is for the communication gap, and how do you think it can be resolved?
This idea isn't fully formed in my head yet, so please bear with me. I think it may be that atheists don't understand faith, while those they argue with don't understand science. By science, I mean the whole process of the scientific method, of publication, of winnowing out the incorrect hypothesis to find the truth of the matter. By faith, I mean the existence of a higher power as a postulate.
Maybe the resolution would be for atheists to prove that the existence of a higher power excludes other postulates that the theist can't discard. The other solution, would be to show overwhelming evidence of the existence of a higher power that the atheist can accept as valid. The typical method of confirming a postulate, that is, failing to disprove it, doesn't seem to work.