That doesn't make much sense to me - a law enforcement agency could certainly afford to transfer $500 to the market if that's all it takes to earn trust.
They earn trust in the sense that if they don't deliver the $200 worth of goods they promised, or violate the site's rules in some other way, part or all of that $500 deposit held in escrow will be forfeit. The deposit is a "hostage" to guard against fraud and minor infractions of the rules by normal members of the community; it says nothing about whether they're acting on behalf of law enforcement. For protection from law enforcement the site relies on the anonymity of its operators and members and encrypted, onion-routed communications, not deposits.
Blocking a public walkway so that others cannot use it seems like a justifiable reason to me.
The relevant question is whether they were preventing anyone from reaching their destination, not whether they were blocking one particular walkway. From the sound of it, no one was prevented from getting to where they wanted to go. Slightly inconvenienced, perhaps, but other perfectly reasonable routes were available.
If this were a private walkway then they could be charged with trespassing if they refused to leave when asked, but by definition they cannot trespass on a public walkway. They had just as much right to be there as anyone else. Even if they were charged with trespassing, that would not justify the use of force to evict them unless their presence constituted an imminent threat of irreversible harm. The proportional response would be at most the loss of some of their own property, i.e. a fine.
How about a student in a wheelchair that needs to get to a class to take a test? I guess they don't count.
If that case actually came up in real life, and the protesters were blocking the only reasonable route navigable by wheelchair and refused to move aside so the wheelchair could pass through, then you might have a point. Mere hypothetical scenarios, however, count for nothing.
You are free to pursue any kind of health care you want - or none at all if you so choose - as a medicare patient. You just know that medicare will cover some things and not others. It is no different from private health insurance, and I have not heard anyone raise a stink about health insurance "controlling" health care.
The differences you're glossing over are voluntary participation and competition among providers, which are exactly the aspects a single-payer system would eliminate by definition. In the single-payer system you are forced to pay for coverage for a set of services selected by the government, whether you personally value them or not. Sure, you can pay out-of-pocket for services which are not in this set—but the funds you would need for those services have already been earmarked for other services you don't want, so this only works if you're wealthy enough to pay for both the services you use and the unwanted ones the government selected.
Moreover, while private insurance companies do play a similar role in selecting which services will be covered under their insurance plans and which will not, you are free to choose your own insurer. Competition among insurers, and the ability for new insurers to enter the market to address any unfilled demand, ensures that premiums are linked to the costs of the treatments people actually want, not just the ones preferred by the politicians and bureaucrats.
You're trying to be sarcastic, but that actually sounds like an excellent deal for the company. Private 24-hour security guards and firefighters would cost them significantly less than the taxes they currently pay, while providing better service. However, I'm not sure why you think you ought to send the worker's ambulance bill to the office; their home address would be a more reasonable and customary choice, unless the company has some special arrangement with the hospital on behalf of its employees.
What kind of phone contract do you have which charges more for long distance? I haven't seen that for a long time.
It's still pretty common for land-line service, actually. Even though most providers have moved to "unlimited long distance", it's a separate line-item on the bill and you pay extra for the ability to call long-distance numbers compared to local-only service. Without that long-distance plan you would have to pay by the minute, e.g. by calling collect or using a prepaid card.
The average CalPERS retiree worked for 19.93 years. By dividing the average annual pension for a CalPERS participant in 2012, $30,456, by the average years of service, 19.93. The result, $1,528, is the amount the average CalPERS retiree accrued in annual pension benefits for each year they worked during their careers.
Just for reference, this adds up to retirement benefits worth about $11,000 per year over the 20-year employment period.
Initial balance required for a 20-year annuity (from ages 50 to 70) paying out $30,456 per year at 5% (real) expected return: $368,000.
Annual investment needed at 5% (real) return over the 20-year work period to have $368,000 at retirement: $11,000.
Of course, if one did only work five years before retiring at 50, all else being equal, the equivalent annual investment needed to earn that $30k pension would be closer to $66,500. That's a significant difference in benefits, biased against the more senior employees.
The policeman ordering me move so that he can keep me in his line of sight can certainly confine me for failing to comply. Am I the slave of the policeman?
Yes. If you haven't done anything else that would justify confinement and you're being punished simply for failing to comply with his command, that would be an example of slavery—albeit a minor one.
First off, if you're paid *anything* as compensation for doing a job, it's not slavery anymore, by definition.
Your definition of "slavery" is excessively narrow, to the point of non-existence. Even the worst examples tended to offer some pay, even if it was only in the form of room and board. If offering some token compensation was all it took to avoid a charge of slavery there would be no slavery.
If you risk corporal punishment, confinement, or loss of property for failing to carry out a task assigned by someone else, that is slavery—not counting the repayment of debts you voluntarily agreed to, or contractual penalties, as you chose to give up that property of your own free will when you went into debt and/or entered the contract.
The prison case is a bit odd, of course, since the inmates are going to be confined either way, with all their basic subsistence needs met. They aren't compelled to do the work; if they receive anything for their labor it will be strictly in excess of what they would otherwise receive. One could also argue, at least in some cases, that enslavement would be a reasonable and just punishment for their offense, perhaps more so than mere confinement.
So if eris is planet 11, "Planet 9" should be Planet 12.
Make that Planet 14. Right now there are a total of five officially-recognized dwarf planets in the solar system, in addition to the eight proper planets: Ceres, Pluto, Haumea, Makemake, and Eris.
The headers do need to indicate the message's destination, unless you simply want to broadcast to everyone and leave the recipient to identify their own messages by whether or not they have the matching decryption key (which obviously doesn't scale). The destination doesn't need to be complete—for example, the full e-mail address could be encrypted so that only the destination server can see it, while everyone else only needs to know the server name. More importantly, the cleartext headers of a GPG-encrypted e-mail also include the source address, subject line, and list of which servers the message has passed through, among other data, none of which are essential to delivering the message.
Since we tax income, the implication here was that "their share" would be a fixed proportion of income.
Obviously. That is the unsupported assumption which I was highlighting. Equal amounts, or proportions, are not automatically fair just because they are equal. If you go to a restaurant with a group of friends, for example, your share of the final bill is proportional to the amount that you ordered (or the amount you ate, if you're sharing a single item). Approximations like splitting the bill evenly are only acceptable when each party's share is close to the average. The amount you earn is irrelevant.
If the point were to distribute the burden fairly, one's fair share would be determined by how much one contributes to the cost of the system, not how much one earns.
That's not known, and it's not practically knowable.
We're talking about fairness here, so the answer is inherently subjective. The only way to guarantee fairness would be to come up with an arrangement that everyone involved agrees to voluntarily, but since the subject is taxation that isn't an option. Lack of voluntary consent is built in to the definition.
That said, a system where some people are forced to pay more than the value of the goods and services they receive in order that others can receive benefits they did not pay for is not a system one could reasonable expect the former group to consent to, or consider fair.
First, you'd need to define "dependent" here.
The definition of "dependent" is obvious. The rich are already covering most of the cost of public services for society as a whole; they could easily afford to buy the same (or better) services just for themselves, assuming they even want those services in the first place.
Second, you need to realize that people contribute to the cost of the system independently of whether they depend on it.
Sure, but if they aren't dependent on it then its disappearance would not hurt them; quite the opposite, actually, since as it stands they are paying more than their fair share of the costs, which makes the system a net loss so far as they are concerned.
This seems to suggest that they pay more than "their share" of taxes, right? Well, there's not sufficient data in your post to come to that conclusion.
Indeed. To begin with, you would need to define what "their share" means. If the point were to distribute the burden fairly, one's fair share would be determined by how much one contributes to the cost of the system, not how much one earns. As a rule these factors are inversely related: the more you make, the less dependent you are on government services. One's share of the costs certainly does not scale linearly (or super-linearly) with increasing income.
"economic beneficiary" is bank-speak for "person who really is behind a given account" (rather than the straw man or shell company's officer who showed up at the branch to open the account).
That's that I thought it meant, but the Bitcoin blockchain doesn't provide that information. It only includes Bitcoin addresses, which are generally ephemeral and used only for a single transaction output.
Except of course, that this ephemeral identity is used at least twice. Indeed, before being able to spend money from a wallet, you must first put money into that wallet, and there's your second transaction. Done from another wallet, which also had at least 2 transactions.
I assume that by "wallet" you actually mean "Bitcoin address", since a "wallet" is really just a collection of addresses and there is no way to observe which addresses make up a single wallet just by observing the blockchain.
I would count that as one use, not two, since the address is associated with a single transaction output. The output does appear in two transactions, first as an output and then as an input when it is spent, so you can observe the funds being transferred between different addresses. This suggests that the source and destination addresses are related somehow (barring automatic mixing protocols like CoinJoin), but full anonymity of the participants would not preclude traffic analysis either, so I do not see this as an argument against anonymity.
Following the trail, eventually you get to a wallet having done much more than 2 transactions, and from there you can draw conclusions...
This once again assumes that someone is reusing addresses, contrary to best practices. Moreover, this "transaction nexus" probably doesn't represent the same "economic beneficiary" as the other transactions. More likely it's a merchant, exchange service, or mining pool interacting with many otherwise-unrelated accounts. Even if you identify who this entity is in the real world, they may not be willing (or able) to tell you anything about the other addresses.
However, this identity allows to see (given some amount of effort) which transactions belong together and were executed for the same "economic beneficiary".
Only if by "economic beneficiary" you mean a single Bitcoin address, and not an actual person. Reusing addresses is, of course, already considered poor security practice. If your pseudonymous identity is only attached to a single transaction, you might as well be anonymous. There is no real difference between "ephemeral identity used exactly once" and "no identity".
You almost make the TPP sound like a good idea. Almost. Unfortunately it's all-or-nothing, and there is more than enough bad in the TPP to cancel out any good this might have done. If they were willing to break it up, however, then penalities of this sort for protectionist and populist local legislation would be ones of the parts well worth adopting.
Any decision against Apple could not compel the contractor to do a particular thing that is outside of their contract terms...
You would think so, but the same logic would suggest that Apple cannot be compelled to unlock a phone that doesn't even belong to them and to which they do not have the key. It doesn't matter that this other contractor is not a party to the case; neither is Apple. If the government is willing and able to apply the All Writs Act to enforce what amounts to a writ of assistance for a non-party like Apple to aid them in their investigation by producing and signing new hacking software, they could do the same to anyone else, for any purpose, and minor annoyances like contracts are not going to stand in their way.
I do admit - and perhaps I need to clarify more - that I use a very narrow definition of wealth: goods or the ability to provide services.
That's fine so long as we both understand that we're not talking about the same thing. In any case value is all people really care about; goods, or the ability to provide services, are only a means to an end. I suppose the underlying point I really should have been responding to was the implication in the original comment that "buy low, sell high" trading just shuffles goods around and provides no benefit to anyone else:
This type of profit is notable in that it is not associated with a reduction in prices, so overall society tends not to benefit.
That isn't actually true. The side-effect of buying low and selling high is that the traded goods are put to more economically valuable uses, which reduces waste. This does have an effect on prices. Going back to the oil example, the fact that the restaurant's oil will be processed by the refinery rather than discarded results in an increase in the supply of fuel-precursors, which has the effect of lowing their price, and thus the cost of fuel production, and consequently—assuming a competitive market—the price of fuel, and of other goods which require fuel in their production and distribution. Of course, the difference is generally less dramatic than this example (because previous trade already dealt with the more obvious inefficiencies), but the effect is the same even when the differences are small and spread out over many layers of a long supply-chain. A few cents here and there really add up when you're talking about the supply of goods and services for several billion individuals.
A "trader" buying used cooking oil and selling it to a refiner is less efficient in the strictest sense, all else equal, than the refiner just buying it directly from the restaurant because the refiner has to pay more for that oil than it would if it just purchased it directly from the restaurant.... But perhaps the "trader" provides value even with the extra markup because the refiner doesn't want to deal with the logistics.
Or because the refiner didn't know that this particular restaurant had oil they were prepared to throw away, and the restaurant owner didn't know that the refinery would be happy to buy their used oil. It's a trader's job to discover these sorts of opportunities and earn a profit by correcting the imbalance. Over the long term the two parties might decide to work with each other more directly, but someone has to make that initial connection.
As an aside - I'm not sure I understand the claim about "the law of supply and demand which... prevents painful shortages and wasteful surpluses", because supply and demand says nothing about shortages and surpluses - and given the fact that we have both shortages and surpluses, I'd say that indicates something is missing from that model.
The law of supply and demand (the short version) says that the price of a good settles at the point where supply and demand are in balance. This is the point where there are no shortages (demand in excess of supply) or surpluses (supply in excess of demand). A higher price incentivizes more supply and less demand, and vice-versa for a lower price. However, the price doesn't just adjust on its own to account for all the possible sources of supply and demand; it's a result of negotiation between buyers and sellers. Without trade the price would be set by "local" conditions in the existing market, and within that context the law still holds, but there may be other places where there is an unrecognized surplus (the restaurant with its "waste" oil) or a shortage (the refinery which is willing and able to buy the oil but doesn't know it's available).
Absolute equilibrium, of course, is an ideal state which will probably never be reached, much less preserved. Supp
"Buy low sell high" types of profits fit into this category: they do not change the amount of real wealth (goods or services) in the economy, but simply allocate more wealth to a particular group or individual.
They may not change the quantity of goods or services, but they do change the amount of real wealth (economic value). The trader was able to buy low and sell high because the good was originally undervalued. As a result of that trade, the good was saved for a more valuable use instead of the less valuable use it was originally destined for.
To illustrate, suppose there is a restaurant owner with a surplus of used cooking oil. To them, this oil is just waste; they're prepared to throw it out, or more likely pay someone to remove it. A trader recognizes an opportunity here, buys up the oil at a low price, and re-sells it to a processing plant to be turned into biodiesel, earning a decent profit from the difference in the value of used-oil-as-waste vs. used-oil-as-fuel-precursor. The trader didn't change the amount of goods, just how they're perceived, and yet this has resulted in a net increase in economic value. Instead of expending additional resources disposing of waste, society gets a boost in the supply of fuel.
A trader's profit is earned through finding more efficient ways to allocate existing goods and services, an essential economic activity which brings value not only to themselves but also to others.
This would avoid penalizing producers, and encourage traders to stop trading and produce instead.
Hopefully you can see by now why discouraging a necessary economic activity like trade would impoverish society as a whole. The law of supply and demand which regulates the flow of goods and prevents painful shortages and wasteful surpluses is not something which occurs by magic; it comes about through the buying and selling of goods, i.e. through trading. Moreover, the best traders, the ones able to ensure the most optimal allocation of goods, are generally specialists in that field, rather than the original producer or the final consumer.
It seems you have some grudge against Let's Encrypt, but most of your complaints aren't actually true. To begin with, while the webroot verification you referred to is the most common method, DNS verification is also available as part of the ACME standard, with preliminary (but functional) support implemented in Let's Encrypt. For webroot verification the client software does not need to run on the web server itself; the challenge can be met by manually writing the challenge file to the expected location, or the server could simply forward the well-known URI to some other box running the ACME client software. The reference implementation provides some optional auto-configuration logic to make the setup process easier for first-time users, but you don't have to use it. If you do choose to run the client on the web server it can run as an unprivileged user with write access only to the/.well-known/acme-challenge/ directory. Finally, it doesn't matter that the challenge response is transmitted over HTTP, as the one-time-use response token is not a secret and is only used to demonstrate control over the web server currently servicing requests at the domain name listed in the certificate.
I'm going to assume you didn't read my entire post, as I actually address why that is not the case.
You assume incorrectly, and after re-reading your comment I still don't see any part which suggests a reason why the third-party's signing key would be less secure than Apple's.
it still doesn't address the issue of Apple signing dozens, if not hundreds, of binaries daily in the course of development and testing
It isn't really necessary to have such stringent authentication for in-house development and testing images, provided measures are taken to ensure that they cannot be run on devices intended for production use. For example, a mechanism could be provided to place a device in development mode ("unlocking the bootloader") with the caveats that the existing encryption keys will be wiped and that the bootloader will present the user with a message at each startup indicating that the device is in development mode. In this mode images could either be left unsigned or require an internal Apple development-only signature (to prevent "jailbreaking"). Only the production images released for general use would require the extra overhead of a third-party signature.
a knowledgeable attacker would already have access to the other key before going after the key Apple keeps locally.
I think it would be just as plausible to propose that a "knowledgeable attacker" would already have access to Apple's key—which would be even more of a problem if Apple's key were the only key. There is no particular reason to assume that the third-party key would be any less secure. It could even be split among multiple jurisdictions with a history of political and cultural rivalry using an "N of M" signature protocol, making it even less likely that any one party could easily compromise or corrupt enough third-parties to either get a coerced image signed or prevent Apple from releasing their own genuine updates.
That's easy to fix: just require signatures from both the foreign contractor and Apple. If either party is coerced, or the foreign contractor tries to sign something Apple doesn't approve of, the other party can withhold their half of the signature.
On the other hand I am sorry that a company can dictate what a country can or can not do.
Don't be. The people that make up this company have rights, and the scope of what any country (read: government) can or cannot do ought to be limited to actions which do not infringe on those rights. That is what it means to have rights, that you can legitimately dictate to anyone, governments included, that certain actions shall not be taken which would infringe on those rights. The ability to enforce that prohibition absolutely via technology is a vast improvement over dependence on physical security. The real tragedy here would be if the government could get away with doing whatever it pleased.
At this point Apple ought to simply destroy their code-signing key, or at least transfer it to a cabal of neutral third-parties beyond U.S. jurisdiction. If they can't guarantee the security of the update process due to legal threats to the secrecy of their signing key then they should eliminate the potential for updates altogether, and take steps to design future devices with a more secure update protocol.
You should read up on bit coin it is much less anonymous then using cash. There is a public electronic record for every transaction made.
It's "differently anonymous", not "less anonymous". For one thing, if you're transacting in cash then it's hard to avoid interacting with the other party in person. They probably know who you are, and your location can be monitored to reveal who you interact with. Cash isn't exactly impossible to trace in its own right, either, thanks to the need for physical handling (thus leaving DNA evidence) and unique serial numbers.
Bitcoin transactions are recorded in a public ledger, but that ledger only lists the addresses involved, not the identities of the two parties exchanging funds. By itself this doesn't give very much away. To discover who was actually involved they would first need to follow the transactions until they find an address they already have an identity for, and then hope that this party is both within their jurisdiction and aware of the identity of the next party in the chain. Best practices indicate that the receiving addresses should be unique for each transaction, so even for well-known merchants and exchanges the mapping from addresses to public identity is not necessarily obvious.
They don't really need to send the development team overseas, just the signing key. It would suffice to require all upgrades to be signed with not only their own key but also a distinct key held by an independent and neutral third-party (or group of third-parties) outside of U.S. jurisdiction, with instructions to refuse any image-signing requests made under duress.
Of course, they should also ensure that no image other than the one already installed on the device can execute until after the device has been unlocked, short of a full factory reset.
Slashdot Mirror
That doesn't make much sense to me - a law enforcement agency could certainly afford to transfer $500 to the market if that's all it takes to earn trust.
They earn trust in the sense that if they don't deliver the $200 worth of goods they promised, or violate the site's rules in some other way, part or all of that $500 deposit held in escrow will be forfeit. The deposit is a "hostage" to guard against fraud and minor infractions of the rules by normal members of the community; it says nothing about whether they're acting on behalf of law enforcement. For protection from law enforcement the site relies on the anonymity of its operators and members and encrypted, onion-routed communications, not deposits.
Blocking a public walkway so that others cannot use it seems like a justifiable reason to me.
The relevant question is whether they were preventing anyone from reaching their destination, not whether they were blocking one particular walkway. From the sound of it, no one was prevented from getting to where they wanted to go. Slightly inconvenienced, perhaps, but other perfectly reasonable routes were available.
If this were a private walkway then they could be charged with trespassing if they refused to leave when asked, but by definition they cannot trespass on a public walkway. They had just as much right to be there as anyone else. Even if they were charged with trespassing, that would not justify the use of force to evict them unless their presence constituted an imminent threat of irreversible harm. The proportional response would be at most the loss of some of their own property, i.e. a fine.
How about a student in a wheelchair that needs to get to a class to take a test? I guess they don't count.
If that case actually came up in real life, and the protesters were blocking the only reasonable route navigable by wheelchair and refused to move aside so the wheelchair could pass through, then you might have a point. Mere hypothetical scenarios, however, count for nothing.
You are free to pursue any kind of health care you want - or none at all if you so choose - as a medicare patient. You just know that medicare will cover some things and not others. It is no different from private health insurance, and I have not heard anyone raise a stink about health insurance "controlling" health care.
The differences you're glossing over are voluntary participation and competition among providers, which are exactly the aspects a single-payer system would eliminate by definition. In the single-payer system you are forced to pay for coverage for a set of services selected by the government, whether you personally value them or not. Sure, you can pay out-of-pocket for services which are not in this set—but the funds you would need for those services have already been earmarked for other services you don't want, so this only works if you're wealthy enough to pay for both the services you use and the unwanted ones the government selected.
Moreover, while private insurance companies do play a similar role in selecting which services will be covered under their insurance plans and which will not, you are free to choose your own insurer. Competition among insurers, and the ability for new insurers to enter the market to address any unfilled demand, ensures that premiums are linked to the costs of the treatments people actually want, not just the ones preferred by the politicians and bureaucrats.
You're trying to be sarcastic, but that actually sounds like an excellent deal for the company. Private 24-hour security guards and firefighters would cost them significantly less than the taxes they currently pay, while providing better service. However, I'm not sure why you think you ought to send the worker's ambulance bill to the office; their home address would be a more reasonable and customary choice, unless the company has some special arrangement with the hospital on behalf of its employees.
What kind of phone contract do you have which charges more for long distance? I haven't seen that for a long time.
It's still pretty common for land-line service, actually. Even though most providers have moved to "unlimited long distance", it's a separate line-item on the bill and you pay extra for the ability to call long-distance numbers compared to local-only service. Without that long-distance plan you would have to pay by the minute, e.g. by calling collect or using a prepaid card.
The average CalPERS retiree worked for 19.93 years. By dividing the average annual pension for a CalPERS participant in 2012, $30,456, by the average years of service, 19.93. The result, $1,528, is the amount the average CalPERS retiree accrued in annual pension benefits for each year they worked during their careers.
Just for reference, this adds up to retirement benefits worth about $11,000 per year over the 20-year employment period.
Initial balance required for a 20-year annuity (from ages 50 to 70) paying out $30,456 per year at 5% (real) expected return: $368,000.
Annual investment needed at 5% (real) return over the 20-year work period to have $368,000 at retirement: $11,000.
Of course, if one did only work five years before retiring at 50, all else being equal, the equivalent annual investment needed to earn that $30k pension would be closer to $66,500. That's a significant difference in benefits, biased against the more senior employees.
The policeman ordering me move so that he can keep me in his line of sight can certainly confine me for failing to comply. Am I the slave of the policeman?
Yes. If you haven't done anything else that would justify confinement and you're being punished simply for failing to comply with his command, that would be an example of slavery—albeit a minor one.
First off, if you're paid *anything* as compensation for doing a job, it's not slavery anymore, by definition.
Your definition of "slavery" is excessively narrow, to the point of non-existence. Even the worst examples tended to offer some pay, even if it was only in the form of room and board. If offering some token compensation was all it took to avoid a charge of slavery there would be no slavery.
If you risk corporal punishment, confinement, or loss of property for failing to carry out a task assigned by someone else, that is slavery—not counting the repayment of debts you voluntarily agreed to, or contractual penalties, as you chose to give up that property of your own free will when you went into debt and/or entered the contract.
The prison case is a bit odd, of course, since the inmates are going to be confined either way, with all their basic subsistence needs met. They aren't compelled to do the work; if they receive anything for their labor it will be strictly in excess of what they would otherwise receive. One could also argue, at least in some cases, that enslavement would be a reasonable and just punishment for their offense, perhaps more so than mere confinement.
So if eris is planet 11, "Planet 9" should be Planet 12.
Make that Planet 14. Right now there are a total of five officially-recognized dwarf planets in the solar system, in addition to the eight proper planets: Ceres, Pluto, Haumea, Makemake, and Eris.
The headers do need to indicate the message's destination, unless you simply want to broadcast to everyone and leave the recipient to identify their own messages by whether or not they have the matching decryption key (which obviously doesn't scale). The destination doesn't need to be complete—for example, the full e-mail address could be encrypted so that only the destination server can see it, while everyone else only needs to know the server name. More importantly, the cleartext headers of a GPG-encrypted e-mail also include the source address, subject line, and list of which servers the message has passed through, among other data, none of which are essential to delivering the message.
Since we tax income, the implication here was that "their share" would be a fixed proportion of income.
Obviously. That is the unsupported assumption which I was highlighting. Equal amounts, or proportions, are not automatically fair just because they are equal. If you go to a restaurant with a group of friends, for example, your share of the final bill is proportional to the amount that you ordered (or the amount you ate, if you're sharing a single item). Approximations like splitting the bill evenly are only acceptable when each party's share is close to the average. The amount you earn is irrelevant.
If the point were to distribute the burden fairly, one's fair share would be determined by how much one contributes to the cost of the system, not how much one earns.
That's not known, and it's not practically knowable.
We're talking about fairness here, so the answer is inherently subjective. The only way to guarantee fairness would be to come up with an arrangement that everyone involved agrees to voluntarily, but since the subject is taxation that isn't an option. Lack of voluntary consent is built in to the definition.
That said, a system where some people are forced to pay more than the value of the goods and services they receive in order that others can receive benefits they did not pay for is not a system one could reasonable expect the former group to consent to, or consider fair.
First, you'd need to define "dependent" here.
The definition of "dependent" is obvious. The rich are already covering most of the cost of public services for society as a whole; they could easily afford to buy the same (or better) services just for themselves, assuming they even want those services in the first place.
Second, you need to realize that people contribute to the cost of the system independently of whether they depend on it.
Sure, but if they aren't dependent on it then its disappearance would not hurt them; quite the opposite, actually, since as it stands they are paying more than their fair share of the costs, which makes the system a net loss so far as they are concerned.
This seems to suggest that they pay more than "their share" of taxes, right? Well, there's not sufficient data in your post to come to that conclusion.
Indeed. To begin with, you would need to define what "their share" means. If the point were to distribute the burden fairly, one's fair share would be determined by how much one contributes to the cost of the system, not how much one earns. As a rule these factors are inversely related: the more you make, the less dependent you are on government services. One's share of the costs certainly does not scale linearly (or super-linearly) with increasing income.
"economic beneficiary" is bank-speak for "person who really is behind a given account" (rather than the straw man or shell company's officer who showed up at the branch to open the account).
That's that I thought it meant, but the Bitcoin blockchain doesn't provide that information. It only includes Bitcoin addresses, which are generally ephemeral and used only for a single transaction output.
Except of course, that this ephemeral identity is used at least twice. Indeed, before being able to spend money from a wallet, you must first put money into that wallet, and there's your second transaction. Done from another wallet, which also had at least 2 transactions.
I assume that by "wallet" you actually mean "Bitcoin address", since a "wallet" is really just a collection of addresses and there is no way to observe which addresses make up a single wallet just by observing the blockchain.
I would count that as one use, not two, since the address is associated with a single transaction output. The output does appear in two transactions, first as an output and then as an input when it is spent, so you can observe the funds being transferred between different addresses. This suggests that the source and destination addresses are related somehow (barring automatic mixing protocols like CoinJoin), but full anonymity of the participants would not preclude traffic analysis either, so I do not see this as an argument against anonymity.
Following the trail, eventually you get to a wallet having done much more than 2 transactions, and from there you can draw conclusions...
This once again assumes that someone is reusing addresses, contrary to best practices. Moreover, this "transaction nexus" probably doesn't represent the same "economic beneficiary" as the other transactions. More likely it's a merchant, exchange service, or mining pool interacting with many otherwise-unrelated accounts. Even if you identify who this entity is in the real world, they may not be willing (or able) to tell you anything about the other addresses.
However, this identity allows to see (given some amount of effort) which transactions belong together and were executed for the same "economic beneficiary".
Only if by "economic beneficiary" you mean a single Bitcoin address, and not an actual person. Reusing addresses is, of course, already considered poor security practice. If your pseudonymous identity is only attached to a single transaction, you might as well be anonymous. There is no real difference between "ephemeral identity used exactly once" and "no identity".
You almost make the TPP sound like a good idea. Almost. Unfortunately it's all-or-nothing, and there is more than enough bad in the TPP to cancel out any good this might have done. If they were willing to break it up, however, then penalities of this sort for protectionist and populist local legislation would be ones of the parts well worth adopting.
Any decision against Apple could not compel the contractor to do a particular thing that is outside of their contract terms...
You would think so, but the same logic would suggest that Apple cannot be compelled to unlock a phone that doesn't even belong to them and to which they do not have the key. It doesn't matter that this other contractor is not a party to the case; neither is Apple. If the government is willing and able to apply the All Writs Act to enforce what amounts to a writ of assistance for a non-party like Apple to aid them in their investigation by producing and signing new hacking software, they could do the same to anyone else, for any purpose, and minor annoyances like contracts are not going to stand in their way.
I do admit - and perhaps I need to clarify more - that I use a very narrow definition of wealth: goods or the ability to provide services.
That's fine so long as we both understand that we're not talking about the same thing. In any case value is all people really care about; goods, or the ability to provide services, are only a means to an end. I suppose the underlying point I really should have been responding to was the implication in the original comment that "buy low, sell high" trading just shuffles goods around and provides no benefit to anyone else:
This type of profit is notable in that it is not associated with a reduction in prices, so overall society tends not to benefit.
That isn't actually true. The side-effect of buying low and selling high is that the traded goods are put to more economically valuable uses, which reduces waste. This does have an effect on prices. Going back to the oil example, the fact that the restaurant's oil will be processed by the refinery rather than discarded results in an increase in the supply of fuel-precursors, which has the effect of lowing their price, and thus the cost of fuel production, and consequently—assuming a competitive market—the price of fuel, and of other goods which require fuel in their production and distribution. Of course, the difference is generally less dramatic than this example (because previous trade already dealt with the more obvious inefficiencies), but the effect is the same even when the differences are small and spread out over many layers of a long supply-chain. A few cents here and there really add up when you're talking about the supply of goods and services for several billion individuals.
A "trader" buying used cooking oil and selling it to a refiner is less efficient in the strictest sense, all else equal, than the refiner just buying it directly from the restaurant because the refiner has to pay more for that oil than it would if it just purchased it directly from the restaurant. ... But perhaps the "trader" provides value even with the extra markup because the refiner doesn't want to deal with the logistics.
Or because the refiner didn't know that this particular restaurant had oil they were prepared to throw away, and the restaurant owner didn't know that the refinery would be happy to buy their used oil. It's a trader's job to discover these sorts of opportunities and earn a profit by correcting the imbalance. Over the long term the two parties might decide to work with each other more directly, but someone has to make that initial connection.
As an aside - I'm not sure I understand the claim about "the law of supply and demand which ... prevents painful shortages and wasteful surpluses", because supply and demand says nothing about shortages and surpluses - and given the fact that we have both shortages and surpluses, I'd say that indicates something is missing from that model.
The law of supply and demand (the short version) says that the price of a good settles at the point where supply and demand are in balance. This is the point where there are no shortages (demand in excess of supply) or surpluses (supply in excess of demand). A higher price incentivizes more supply and less demand, and vice-versa for a lower price. However, the price doesn't just adjust on its own to account for all the possible sources of supply and demand; it's a result of negotiation between buyers and sellers. Without trade the price would be set by "local" conditions in the existing market, and within that context the law still holds, but there may be other places where there is an unrecognized surplus (the restaurant with its "waste" oil) or a shortage (the refinery which is willing and able to buy the oil but doesn't know it's available).
Absolute equilibrium, of course, is an ideal state which will probably never be reached, much less preserved. Supp
"Buy low sell high" types of profits fit into this category: they do not change the amount of real wealth (goods or services) in the economy, but simply allocate more wealth to a particular group or individual.
They may not change the quantity of goods or services, but they do change the amount of real wealth (economic value). The trader was able to buy low and sell high because the good was originally undervalued. As a result of that trade, the good was saved for a more valuable use instead of the less valuable use it was originally destined for.
To illustrate, suppose there is a restaurant owner with a surplus of used cooking oil. To them, this oil is just waste; they're prepared to throw it out, or more likely pay someone to remove it. A trader recognizes an opportunity here, buys up the oil at a low price, and re-sells it to a processing plant to be turned into biodiesel, earning a decent profit from the difference in the value of used-oil-as-waste vs. used-oil-as-fuel-precursor. The trader didn't change the amount of goods, just how they're perceived, and yet this has resulted in a net increase in economic value. Instead of expending additional resources disposing of waste, society gets a boost in the supply of fuel.
A trader's profit is earned through finding more efficient ways to allocate existing goods and services, an essential economic activity which brings value not only to themselves but also to others.
This would avoid penalizing producers, and encourage traders to stop trading and produce instead.
Hopefully you can see by now why discouraging a necessary economic activity like trade would impoverish society as a whole. The law of supply and demand which regulates the flow of goods and prevents painful shortages and wasteful surpluses is not something which occurs by magic; it comes about through the buying and selling of goods, i.e. through trading. Moreover, the best traders, the ones able to ensure the most optimal allocation of goods, are generally specialists in that field, rather than the original producer or the final consumer.
It seems you have some grudge against Let's Encrypt, but most of your complaints aren't actually true. To begin with, while the webroot verification you referred to is the most common method, DNS verification is also available as part of the ACME standard, with preliminary (but functional) support implemented in Let's Encrypt. For webroot verification the client software does not need to run on the web server itself; the challenge can be met by manually writing the challenge file to the expected location, or the server could simply forward the well-known URI to some other box running the ACME client software. The reference implementation provides some optional auto-configuration logic to make the setup process easier for first-time users, but you don't have to use it. If you do choose to run the client on the web server it can run as an unprivileged user with write access only to the /.well-known/acme-challenge/ directory. Finally, it doesn't matter that the challenge response is transmitted over HTTP, as the one-time-use response token is not a secret and is only used to demonstrate control over the web server currently servicing requests at the domain name listed in the certificate.
I'm going to assume you didn't read my entire post, as I actually address why that is not the case.
You assume incorrectly, and after re-reading your comment I still don't see any part which suggests a reason why the third-party's signing key would be less secure than Apple's.
it still doesn't address the issue of Apple signing dozens, if not hundreds, of binaries daily in the course of development and testing
It isn't really necessary to have such stringent authentication for in-house development and testing images, provided measures are taken to ensure that they cannot be run on devices intended for production use. For example, a mechanism could be provided to place a device in development mode ("unlocking the bootloader") with the caveats that the existing encryption keys will be wiped and that the bootloader will present the user with a message at each startup indicating that the device is in development mode. In this mode images could either be left unsigned or require an internal Apple development-only signature (to prevent "jailbreaking"). Only the production images released for general use would require the extra overhead of a third-party signature.
a knowledgeable attacker would already have access to the other key before going after the key Apple keeps locally.
I think it would be just as plausible to propose that a "knowledgeable attacker" would already have access to Apple's key—which would be even more of a problem if Apple's key were the only key. There is no particular reason to assume that the third-party key would be any less secure. It could even be split among multiple jurisdictions with a history of political and cultural rivalry using an "N of M" signature protocol, making it even less likely that any one party could easily compromise or corrupt enough third-parties to either get a coerced image signed or prevent Apple from releasing their own genuine updates.
That's easy to fix: just require signatures from both the foreign contractor and Apple. If either party is coerced, or the foreign contractor tries to sign something Apple doesn't approve of, the other party can withhold their half of the signature.
On the other hand I am sorry that a company can dictate what a country can or can not do.
Don't be. The people that make up this company have rights, and the scope of what any country (read: government) can or cannot do ought to be limited to actions which do not infringe on those rights. That is what it means to have rights, that you can legitimately dictate to anyone, governments included, that certain actions shall not be taken which would infringe on those rights. The ability to enforce that prohibition absolutely via technology is a vast improvement over dependence on physical security. The real tragedy here would be if the government could get away with doing whatever it pleased.
At this point Apple ought to simply destroy their code-signing key, or at least transfer it to a cabal of neutral third-parties beyond U.S. jurisdiction. If they can't guarantee the security of the update process due to legal threats to the secrecy of their signing key then they should eliminate the potential for updates altogether, and take steps to design future devices with a more secure update protocol.
You should read up on bit coin it is much less anonymous then using cash. There is a public electronic record for every transaction made.
It's "differently anonymous", not "less anonymous". For one thing, if you're transacting in cash then it's hard to avoid interacting with the other party in person. They probably know who you are, and your location can be monitored to reveal who you interact with. Cash isn't exactly impossible to trace in its own right, either, thanks to the need for physical handling (thus leaving DNA evidence) and unique serial numbers.
Bitcoin transactions are recorded in a public ledger, but that ledger only lists the addresses involved, not the identities of the two parties exchanging funds. By itself this doesn't give very much away. To discover who was actually involved they would first need to follow the transactions until they find an address they already have an identity for, and then hope that this party is both within their jurisdiction and aware of the identity of the next party in the chain. Best practices indicate that the receiving addresses should be unique for each transaction, so even for well-known merchants and exchanges the mapping from addresses to public identity is not necessarily obvious.
They don't really need to send the development team overseas, just the signing key. It would suffice to require all upgrades to be signed with not only their own key but also a distinct key held by an independent and neutral third-party (or group of third-parties) outside of U.S. jurisdiction, with instructions to refuse any image-signing requests made under duress.
Of course, they should also ensure that no image other than the one already installed on the device can execute until after the device has been unlocked, short of a full factory reset.