A device driver which allows programs to mmap any and all physical memory, which defaults to world-writable permissions both in the driver itself and in a system startup script, seems like a bit more than just a "bug". It's more consistent with a complete lack of security-mindedness among the developers and reviewers (if any).
The thinking is that there isn't enough useful work to be done. Machines will do most of the grunt work, and you only need x engineers/electricians/other useful jobs per 100,000 people, so what should everyone else do?
There is an obvious answer to this problem, and that is to own the machines. The prejudices against investors and shareholders, and especially inheritance, are exactly the wrong response. If the demand for human labor is decreasing in favor of automation, we need to own that automation, and ensure that our children inherit that ownership. We particularly need to get over the idea that everyone should start out from scratch. That may be practical when the main form of capital is labor, but it's not a reasonable answer when labor is being replaced with automation. Almost everyone inherits the capacity for labor from their parents, but with the demand for labor falling that isn't good enough any more. Providing one's children with seed capital and knowledge of how to manage it is becoming more and more essential.
The "war" on crime has always been a morality issue. The entire point of a legal system is to enforce moral codes.
No, the legal system is not about enforcing moral codes. The legal system is about responding to actions which cause harm to others: whether harm was done, how much harm, by whom, whether the harm was deliberate, what actions can justifiably be taken in response, etc. The critical thing about the law is that, unlike morality, it should not vary depending on your point of view. Morality is subjective; legality should be objective. There is significant overlap, of course, but the fact that some action is wrong under some particular moral code has no bearing on whether the action should be considered illegal. Conversely, what is legal is not always right.
There may even be cases where an action is required by a particular moral code, and yet legally the moral actor still owes compensation to those harmed by it. For example, your morality may require you to steal from the rich to aid the poor, but legally, it's still theft and you owe compensation to your victims. As a deliberate action, they also have the right to retribution, meaning they can justly take from you as you have taken from them.
Morality (right/wrong) and justice (legal/illegal) are completely separate concepts which merely happen to agree, in select cases, for particular varieties of morality.
No it isn't. It's a means of redistributing wealth,...
So it's legalized theft performed with the intent of redistributing wealth. It's still taking property from its rightful owners without their consent; in a word, theft.
Some people pay more tax, some less, but it all goes to paying for things that are for the benefit of society as a whole.
In line with your interests and vision for society, you mean. Obviously others disagree with your vision, and you're walking all over their rights to get what you want.
The concept of "benefit of society as a whole" is an illusion. There is exactly one sure argument that an action can be expected to result in a net increase in value, and that is that the action is voluntary: everyone with an interest (property right) at stake gives their free and informed consent. Because value is subjective, you can't balance the cost to one group against the benefit to another. Only when everyone benefits can the result be considered a definite improvement.
Put another way, you can't make a group better off at the expense of its members.
You're talking about tips, which are something you choose to pay, without obligation, out of your personal funds, in recognition of a level of personal service received above and beyond the minimum expectation which comes with paying the list price. You don't pay a tip unless there is personal service involved, and companies don't tip their suppliers. There is no reason whatsoever to tip the IRS.
If you're simply feeling charitable, there are far more effective charities to donate to than the U.S. Government's general fund.
I don't see the Condition System as an alternative: it's actually an extension of the rigid exception handling systems of popular languages (the new concept is the signal/restart-bind protocol).
That's a bit like saying that exception handling is just an extension of the return-code system (the new concept being the try/throw/catch protocol). With some effort, you could emulate exception handling with return codes (though without the optimizations). The difference is precisely in having a well-defined protocol, which is the aspect you're glossing over in the comparison between the Condition System and exception handling systems.
The Condition System can do at least one thing which the "rigid exception handling systems" cannot, which is allow you to customize the error-handling behavior of a routine from outside the routine, without forcing it to exit and restart the operation from the beginning. In my opinion, this additional ability is enough to set it apart. If anything, it's more than the difference between exception handling and return codes, which is mainly a matter of syntax. Implementing a Condition System requires features associated with functional languages: the ability to capture the lexical and dynamic environments of a block of code, and the ability to perform safe non-local returns.
If all languages implemented the Condition System natively, I could understand classifying exceptions as a subset of conditions, but that isn't the case; most languages are limited to exception handling, just as some languages are limited to return codes.
I think there are three sane ways of using a try/catch:...
I would say that there is a forth way, which is to add context-specific information to a low-level exception. For example, low-level code may throw an exception because a file can't be opened. It doesn't know why the file was being opened, or how failing to open the file will affect the program as a whole.
I would say that the code which requested the file should catch the exception, and wrap it in a second exception providing the context, so that there is more information available than simply "this file couldn't be opened". The original exception data should obviously be preserved. You won't necessarily need something like that at every function call, but it may at least be useful whenever an exception crosses from one module to another. A wrapper around each public interface should suffice.
One advantage of this is that you can still impose static exception type checking on the public interfaces, since the type will always be the outer wrapper type, not the type of the original exception. Callers need only handle "unable to read configuration data" exceptions, not "unable to open file", "parse error", "out of memory", etc.
There is at least one other method, which is available natively in Common Lisp. It's known as conditions, and involves registering a condition handler which, unlike an exception handler, runs in the context where the error occurs. The handler has access to zero or more dynamically-scoped restarts, which allow the computation to be resumed at well-defined points without unwinding the entire stack up to where the condition handler was established. The default condition handler is an interactive debugger, which allows the user to examine the state of the program and choose one of the available restarts.
For big media companies, I'd agree. But it's not that uncommon for an author, for example, to struggle for a decade or two before making it...
I understand that, but the author is already getting the first decade of copyright monopoly for free. If they haven't achieved enough recognition by then to justify the $10,000 renewal fee, it's probably time for them to reconsider their approach. The author may also be able to find someone willing to sponsor the renewal of their early work on contingency, if they can persuade them that they have a reasonable chance of "making it".
I wouldn't consider $100 billion too much to ask for a 150-year monopoly....
You might not, but the companies who actually want to hold onto their copyrights for that long would likely disagree.... Why do we care? Because they have enormous lobbying influence.
I agree about the lobbying influence, but I don't see very much hope in an approach to reform which begins by insisting on leaving alone anything the big media companies might care about. We have some influence too, and ought to take advantage of it. Anyway, it's never a good idea to lead with your most "reasonable" proposal; leave some room for negotiation.
False and malicious speech, however, is a type of fraud...
Fraud is when you use false speech (or other deception) to get something, generally in the context of a contract. It comes down to deliberately undermining the "meeting of the minds" required for a contract to be valid. Not all false and/or malicious speech is fraud.
By bundling all these things together, you're still discriminating against those who do not have or want a single "partner". Most of the privileges offered to those with "partners" on a financial basis—tax deductions, larger disability, Medicaid, and Social Security payments, etc.—should instead be based on whether a person has "dependents", which could be a spouse or child or anyone else, provided one pays the majority of their expenses. Others, like custodial rights, joint adoption, access to children's school records, visitation rights, right of inheritance, power to make funeral arrangements, and medical power-of-attorney, should instead go to separately designated individuals. Finally, there are some privileges (like the option to change one's surname on marriage) which should simply be available to everyone on an equitable basis.
Not a bad idea, but I'd say your proposed rates are too low by at least two orders of magnitude. $100 for a ten-year monopoly on something already ten years old? If you don't expect to make at least $10,000 from that over the next ten years ($1,000 per year), IMHO it clearly isn't worth renewing and ought to go into the public domain. I wouldn't consider $100 billion too much to ask for a 150-year monopoly (10 years free plus 14 10-year renewals).
P.S. Alternating $10k, $35k, $100k, $350k, $1M, $3.5M, etc., at each renewal gives a highly regular pricing structure adding up to almost exactly $150 billion over 150 years.
Then they could form a block with fake data before anyone else and then verify it themselves and place it in the chain. It's called a >50% attack.
True, but note that there are limits on what you can do with a "50% attack". Most importantly, it won't let you spend anyone else's bitcoins, as that still depends on access to their private key. If you control 50% or more of the network then you can basically do two things: first, you can delay other peoples' transactions indefinitely by refusing to include them in your blocks; second, you can reverse past transactions by allowing them to be included in a block, and then mining a new, longer chain which doesn't include the transaction.
The second case is basically the same as chargeback fraud, which can easily be committed through existing payment networks, except that the Bitcoin version is much more expensive for the attacker.
The protocol was designed to make "50% attacks" uneconomical in the extreme. They really only have value to someone interested in spending large amounts of money on mining specifically to undermine the network, which does not fit BFL's profile.
You raise a good point. QKD ensures that you share the key with exactly one peer; it doesn't say anything about who that peer is. If, rather than simply eavesdropping, someone managed to redirect the channel to their own equipment, you could end up sharing the key with the attacker rather than the intended recipient.
For this reason, all QKD protocols require an authentic (but public) classical communication channel in addition to the eavesdropping-evident quantum channel. Once the peer has been authenticated, QKD can be used to arrange a shared authentication key for the next exchange. The first exchange, however, must be authenticated through more traditional means.
I always thought that using a one time pad could use something like a simplified key. Take a irrational number like Pi, and then use an offset and size (length) for the pad instead of the whole key.
The critical part of a one-time pad is that each bit of the key is truly random: there is one bit of entropy for each bit in the key. Anything less amounts to reusing bits from the key, so it's no longer "one-time". What you've described is essentially a form of pseudo-random number generator, with the offset into Pi as the seed. A PRNG can form the core of a symmetric encryption algorithm—just XOR the pseudo-random bit-stream with the message—but it isn't a one-time pad because the entropy of the PRNG output is limited by the entropy of the seed.
For example, the offset in your example would only require a brute-force search through an approximately 56-bit key space (the first 2^56 digits of Pi). If the message is much longer than 56 bits, and not random, then a brute-force search is likely to be able to distinguish the correctly decrypted plaintext from random noise. If there are patterns in the PRNG output it may be possible to take shortcuts and reduce the search time. A true one-time pad has a key for every possible combination of plaintext and ciphertext, so a brute-force search cannot tell you which key was used, or which message was actually sent, and there are no patterns for cryptoanalysis to take advantage of.
Quantum cryptography in the popular "provably unbreakable by physical law" sense is indeed a one-time pad, and requires the secure distribution of a random key bit for every bit of the message. As you pointed out, however, the bit-rate of QKD is limited, at least for now. If you need to send a lot of data, and you're willing to settle for an algorithm subject to brute-force searches and other forms of cryptoanalysis, possibly including quantum algorithms, you can use QKD to derive an (arbitrarily large) shared key for a more traditional symmetric encryption protocol, and use that instead of a one-time pad.
Does evesdropping on a quantum message destroy the message?
Not exactly. The eavesdropping is actually detected during the key exchange (the "quantum" part), so if eavesdropping is detected, the message is never sent in the first place. If the key is exchanged without any eavesdropping, the message is encrypted with a one-time pad and sent through more traditional channels.
One-time pads are not vulnerable to cryptoanalysis—not even brute-force searches, as there is a valid key for every possible message (up to the observed message size), and no way to tell which one is the right one. The problem with one-time pads has always been key exchange, since you need a new, never-before-used bit of shared key for every bit of message. Quantum mechanics provides a way to generate shared keys for one-time pads without the risk of anyone eavesdropping (undetectably) on the key exchange.
No, public-key cryptography still requires some external form of authentication for the key exchange, if you want to know that the private key is held by a specific person and not some random stranger. The point of public-key cryptography is that the public key need not be secret, so you can publish it freely and the people who have your public key can't use it to impersonate you or read messages sent to you by others. To do the same with private-key cryptography would require a separate secret key for each pair of peers, and it would be impossible to tell which member of the pair signed a given message.
The advantage over simply exchanging the data in person is that once you've authenticated the key, you can rely on it for secure future communications, including authenticating other keys (e.g. with CAs or a web-of-trust). On the other hand, if you only need to exchange data once, a direct exchange probably is easier.
If the cops really want a 3rd party to store records for them in perpetuity, let's let them have it.
No, let's not. Requiring data to be stored for later retrieval isn't just a prelude to a possible future search, it is a search. It is an exercise of special police powers, and as such, requires a warrant. Let them demonstrate probable cause--meaning that they are more likely than not to actually discover something leading to a conviction--and specify exactly which data they are looking for; then, after a well-bounded search has been proven reasonable, a warrant can be issued requiring the data to be retained. Not before.
If they want to go fishing without a warrant, they are free to ask the service providers nicely, just like anyone else--and said service providers are free to turn them down and protect their customer's privacy. If they want to make the logging mandatory, that necessitates a warrant.
What your reference doesn't show is the projected Social Security benefits available to that highest quintile of earners. You can't determine what rate is "proportional" without considering the fact that higher earners also get lower benefits (relative to lifetime earnings).
I would hazard a guess that if you look at lifetime benefits relative to Social Security taxes paid, the ratio is slanted heavily against the higher earners, and that doesn't even consider the fact that the higher earners also tend to be less dependent on Social Security for their own needs. They've already paid in far more than their fair share of other people's retirement funds, and the purpose of SS first and foremost is social security, not redistribution of wealth.
You know, "support the troops" doesn't necessarily mean support what they're being forced to do.... many of them don't want to be there, but have no choice.
Are you saying that a significant number of the troops were conscripted? I was under the impression that the modern military was an all-volunteer outfit, and every one of those volunteers had the opportunity to research what the job might involve before signing up.
Even in the case of conscription, for that matter, there is always a choice. One is always personally accountable for one's own actions. You don't get a free pass just because you were "following orders". Even given a stark choice between turning aggressor and dying, I would still hold aggression to be wrong, and hope that I would have the courage to accept death instead.
The majority of capital gains are not dividends, though - it's profit earned from the difference between price of shares when buying and when selling them.
Yes, and that difference, averaged over the long term, is based mostly on the increase in the company's value, i.e. its reinvested profits. Whether the company distributes part of the profits as dividends, retains them all as equity, or invests them in growing the company, the end result is the same: they're taxed as profits when they're earned by the company, and as capital gains when the shareholder gets their portion.
I'm not trying to say that the taxes should or shouldn't be split up this way. I tend to prefer a single, up-front bill, but arguments can be made for splitting the tax between the up-front profits and later disbursements, particularly as a tool for encouraging (over-)investment; the principle is similar to a tax-deferred 401k. I'm just saying that to compare the shareholder's tax rates fairly with person income taxes, one must count both the corporate income tax and the capital gains tax among the shareholder's expenses.
All money in the economy is taxed numerous times - that's inevitable when you tax transactions.
Yes, but in this case there is only one transaction. The money hasn't been earned, taxed, spent, earned again, and taxed again. Starting from the same revenues, the portion going to an employee is taxed once, at the income tax rate, while the portion going to the shareholder is taxed twice, as corporate profits and as capital gains.
There is no reason whatsoever that we should be rewarding people for simply having money.
Except that "simply having money", as you put it, is proof that they produced something valuable and chose not to immediately spend the resulting income on consumption. In essence, by consuming less than they produced, they made a loan to the rest of society.
In the absence of currency manipulation, that would lead to deflation, and the resulting increase in purchasing power would be their interest on the loan. With the policy of forced inflation in vogue right now, other compensation must be offered to maintain the incentives for saving, a precondition for investment, in the presence of ongoing currency devaluation.
There is also the fact, as least in the case of stocks, that the money being taxed as capital gains has already been taxed once as corporate profits. The real tax rate to the shareholder is sum of the the corporate income tax and capital gains rates.
The real discrepancy in income tax, though, is that you aren't allowed to count the value of your time against your income as a cost of doing business. In every other form of exchange income tax applies only to the profits, but when an individual sells their labor for wages, the market value of the labor—a perfectly legitimate business expense—is not considered a qualifying deduction.
What's the natural market here? Let's say I think candidate's economic policy is crazy and will cost me my job. What is the natural offsetting position? Who would want to hedge themselves against a booming economy?
I see no particular reason why there can't be a trade where one side is a hedge, and the other side is a gamble. It's usefulness as a hedge is independent of the other party's motives. Also, it is in the nature of political policies to harm some and benefit others (to a lesser extent), and both sides have reason to hedge their bets—one against the harm, and the other against the absence of the benefit. Finally, there can be disagreement over the likely result of a given policy; two people in similar positions might want to hedge in opposite directions, depending on their own projections.
Slashdot Mirror
A device driver which allows programs to mmap any and all physical memory, which defaults to world-writable permissions both in the driver itself and in a system startup script, seems like a bit more than just a "bug". It's more consistent with a complete lack of security-mindedness among the developers and reviewers (if any).
The thinking is that there isn't enough useful work to be done. Machines will do most of the grunt work, and you only need x engineers/electricians/other useful jobs per 100,000 people, so what should everyone else do?
There is an obvious answer to this problem, and that is to own the machines. The prejudices against investors and shareholders, and especially inheritance, are exactly the wrong response. If the demand for human labor is decreasing in favor of automation, we need to own that automation, and ensure that our children inherit that ownership. We particularly need to get over the idea that everyone should start out from scratch. That may be practical when the main form of capital is labor, but it's not a reasonable answer when labor is being replaced with automation. Almost everyone inherits the capacity for labor from their parents, but with the demand for labor falling that isn't good enough any more. Providing one's children with seed capital and knowledge of how to manage it is becoming more and more essential.
The "war" on crime has always been a morality issue. The entire point of a legal system is to enforce moral codes.
No, the legal system is not about enforcing moral codes. The legal system is about responding to actions which cause harm to others: whether harm was done, how much harm, by whom, whether the harm was deliberate, what actions can justifiably be taken in response, etc. The critical thing about the law is that, unlike morality, it should not vary depending on your point of view. Morality is subjective; legality should be objective. There is significant overlap, of course, but the fact that some action is wrong under some particular moral code has no bearing on whether the action should be considered illegal. Conversely, what is legal is not always right.
There may even be cases where an action is required by a particular moral code, and yet legally the moral actor still owes compensation to those harmed by it. For example, your morality may require you to steal from the rich to aid the poor, but legally, it's still theft and you owe compensation to your victims. As a deliberate action, they also have the right to retribution, meaning they can justly take from you as you have taken from them.
Morality (right/wrong) and justice (legal/illegal) are completely separate concepts which merely happen to agree, in select cases, for particular varieties of morality.
Taxation is, essentially, legalised theft.
No it isn't. It's a means of redistributing wealth, ...
So it's legalized theft performed with the intent of redistributing wealth. It's still taking property from its rightful owners without their consent; in a word, theft.
Some people pay more tax, some less, but it all goes to paying for things that are for the benefit of society as a whole.
In line with your interests and vision for society, you mean. Obviously others disagree with your vision, and you're walking all over their rights to get what you want.
The concept of "benefit of society as a whole" is an illusion. There is exactly one sure argument that an action can be expected to result in a net increase in value, and that is that the action is voluntary: everyone with an interest (property right) at stake gives their free and informed consent. Because value is subjective, you can't balance the cost to one group against the benefit to another. Only when everyone benefits can the result be considered a definite improvement.
Put another way, you can't make a group better off at the expense of its members.
You're talking about tips, which are something you choose to pay, without obligation, out of your personal funds, in recognition of a level of personal service received above and beyond the minimum expectation which comes with paying the list price. You don't pay a tip unless there is personal service involved, and companies don't tip their suppliers. There is no reason whatsoever to tip the IRS.
If you're simply feeling charitable, there are far more effective charities to donate to than the U.S. Government's general fund.
I don't see the Condition System as an alternative: it's actually an extension of the rigid exception handling systems of popular languages (the new concept is the signal/restart-bind protocol).
That's a bit like saying that exception handling is just an extension of the return-code system (the new concept being the try/throw/catch protocol). With some effort, you could emulate exception handling with return codes (though without the optimizations). The difference is precisely in having a well-defined protocol, which is the aspect you're glossing over in the comparison between the Condition System and exception handling systems.
The Condition System can do at least one thing which the "rigid exception handling systems" cannot, which is allow you to customize the error-handling behavior of a routine from outside the routine, without forcing it to exit and restart the operation from the beginning. In my opinion, this additional ability is enough to set it apart. If anything, it's more than the difference between exception handling and return codes, which is mainly a matter of syntax. Implementing a Condition System requires features associated with functional languages: the ability to capture the lexical and dynamic environments of a block of code, and the ability to perform safe non-local returns.
If all languages implemented the Condition System natively, I could understand classifying exceptions as a subset of conditions, but that isn't the case; most languages are limited to exception handling, just as some languages are limited to return codes.
I think there are three sane ways of using a try/catch: ...
I would say that there is a forth way, which is to add context-specific information to a low-level exception. For example, low-level code may throw an exception because a file can't be opened. It doesn't know why the file was being opened, or how failing to open the file will affect the program as a whole.
I would say that the code which requested the file should catch the exception, and wrap it in a second exception providing the context, so that there is more information available than simply "this file couldn't be opened". The original exception data should obviously be preserved. You won't necessarily need something like that at every function call, but it may at least be useful whenever an exception crosses from one module to another. A wrapper around each public interface should suffice.
One advantage of this is that you can still impose static exception type checking on the public interfaces, since the type will always be the outer wrapper type, not the type of the original exception. Callers need only handle "unable to read configuration data" exceptions, not "unable to open file", "parse error", "out of memory", etc.
There is at least one other method, which is available natively in Common Lisp. It's known as conditions, and involves registering a condition handler which, unlike an exception handler, runs in the context where the error occurs. The handler has access to zero or more dynamically-scoped restarts, which allow the computation to be resumed at well-defined points without unwinding the entire stack up to where the condition handler was established. The default condition handler is an interactive debugger, which allows the user to examine the state of the program and choose one of the available restarts.
Beyond Exception Handling: Conditions and Restarts
For big media companies, I'd agree. But it's not that uncommon for an author, for example, to struggle for a decade or two before making it...
I understand that, but the author is already getting the first decade of copyright monopoly for free. If they haven't achieved enough recognition by then to justify the $10,000 renewal fee, it's probably time for them to reconsider their approach. The author may also be able to find someone willing to sponsor the renewal of their early work on contingency, if they can persuade them that they have a reasonable chance of "making it".
I wouldn't consider $100 billion too much to ask for a 150-year monopoly....
You might not, but the companies who actually want to hold onto their copyrights for that long would likely disagree.... Why do we care? Because they have enormous lobbying influence.
I agree about the lobbying influence, but I don't see very much hope in an approach to reform which begins by insisting on leaving alone anything the big media companies might care about. We have some influence too, and ought to take advantage of it. Anyway, it's never a good idea to lead with your most "reasonable" proposal; leave some room for negotiation.
False and malicious speech, however, is a type of fraud...
Fraud is when you use false speech (or other deception) to get something, generally in the context of a contract. It comes down to deliberately undermining the "meeting of the minds" required for a contract to be valid. Not all false and/or malicious speech is fraud.
By bundling all these things together, you're still discriminating against those who do not have or want a single "partner". Most of the privileges offered to those with "partners" on a financial basis—tax deductions, larger disability, Medicaid, and Social Security payments, etc.—should instead be based on whether a person has "dependents", which could be a spouse or child or anyone else, provided one pays the majority of their expenses. Others, like custodial rights, joint adoption, access to children's school records, visitation rights, right of inheritance, power to make funeral arrangements, and medical power-of-attorney, should instead go to separately designated individuals. Finally, there are some privileges (like the option to change one's surname on marriage) which should simply be available to everyone on an equitable basis.
Not a bad idea, but I'd say your proposed rates are too low by at least two orders of magnitude. $100 for a ten-year monopoly on something already ten years old? If you don't expect to make at least $10,000 from that over the next ten years ($1,000 per year), IMHO it clearly isn't worth renewing and ought to go into the public domain. I wouldn't consider $100 billion too much to ask for a 150-year monopoly (10 years free plus 14 10-year renewals).
P.S. Alternating $10k, $35k, $100k, $350k, $1M, $3.5M, etc., at each renewal gives a highly regular pricing structure adding up to almost exactly $150 billion over 150 years.
Then they could form a block with fake data before anyone else and then verify it themselves and place it in the chain. It's called a >50% attack.
True, but note that there are limits on what you can do with a "50% attack". Most importantly, it won't let you spend anyone else's bitcoins, as that still depends on access to their private key. If you control 50% or more of the network then you can basically do two things: first, you can delay other peoples' transactions indefinitely by refusing to include them in your blocks; second, you can reverse past transactions by allowing them to be included in a block, and then mining a new, longer chain which doesn't include the transaction.
The second case is basically the same as chargeback fraud, which can easily be committed through existing payment networks, except that the Bitcoin version is much more expensive for the attacker.
The protocol was designed to make "50% attacks" uneconomical in the extreme. They really only have value to someone interested in spending large amounts of money on mining specifically to undermine the network, which does not fit BFL's profile.
You raise a good point. QKD ensures that you share the key with exactly one peer; it doesn't say anything about who that peer is. If, rather than simply eavesdropping, someone managed to redirect the channel to their own equipment, you could end up sharing the key with the attacker rather than the intended recipient.
For this reason, all QKD protocols require an authentic (but public) classical communication channel in addition to the eavesdropping-evident quantum channel. Once the peer has been authenticated, QKD can be used to arrange a shared authentication key for the next exchange. The first exchange, however, must be authenticated through more traditional means.
I always thought that using a one time pad could use something like a simplified key. Take a irrational number like Pi, and then use an offset and size (length) for the pad instead of the whole key.
The critical part of a one-time pad is that each bit of the key is truly random: there is one bit of entropy for each bit in the key. Anything less amounts to reusing bits from the key, so it's no longer "one-time". What you've described is essentially a form of pseudo-random number generator, with the offset into Pi as the seed. A PRNG can form the core of a symmetric encryption algorithm—just XOR the pseudo-random bit-stream with the message—but it isn't a one-time pad because the entropy of the PRNG output is limited by the entropy of the seed.
For example, the offset in your example would only require a brute-force search through an approximately 56-bit key space (the first 2^56 digits of Pi). If the message is much longer than 56 bits, and not random, then a brute-force search is likely to be able to distinguish the correctly decrypted plaintext from random noise. If there are patterns in the PRNG output it may be possible to take shortcuts and reduce the search time. A true one-time pad has a key for every possible combination of plaintext and ciphertext, so a brute-force search cannot tell you which key was used, or which message was actually sent, and there are no patterns for cryptoanalysis to take advantage of.
Quantum cryptography in the popular "provably unbreakable by physical law" sense is indeed a one-time pad, and requires the secure distribution of a random key bit for every bit of the message. As you pointed out, however, the bit-rate of QKD is limited, at least for now. If you need to send a lot of data, and you're willing to settle for an algorithm subject to brute-force searches and other forms of cryptoanalysis, possibly including quantum algorithms, you can use QKD to derive an (arbitrarily large) shared key for a more traditional symmetric encryption protocol, and use that instead of a one-time pad.
Does evesdropping on a quantum message destroy the message?
Not exactly. The eavesdropping is actually detected during the key exchange (the "quantum" part), so if eavesdropping is detected, the message is never sent in the first place. If the key is exchanged without any eavesdropping, the message is encrypted with a one-time pad and sent through more traditional channels.
One-time pads are not vulnerable to cryptoanalysis—not even brute-force searches, as there is a valid key for every possible message (up to the observed message size), and no way to tell which one is the right one. The problem with one-time pads has always been key exchange, since you need a new, never-before-used bit of shared key for every bit of message. Quantum mechanics provides a way to generate shared keys for one-time pads without the risk of anyone eavesdropping (undetectably) on the key exchange.
No, public-key cryptography still requires some external form of authentication for the key exchange, if you want to know that the private key is held by a specific person and not some random stranger. The point of public-key cryptography is that the public key need not be secret, so you can publish it freely and the people who have your public key can't use it to impersonate you or read messages sent to you by others. To do the same with private-key cryptography would require a separate secret key for each pair of peers, and it would be impossible to tell which member of the pair signed a given message.
The advantage over simply exchanging the data in person is that once you've authenticated the key, you can rely on it for secure future communications, including authenticating other keys (e.g. with CAs or a web-of-trust). On the other hand, if you only need to exchange data once, a direct exchange probably is easier.
If the cops really want a 3rd party to store records for them in perpetuity, let's let them have it.
No, let's not. Requiring data to be stored for later retrieval isn't just a prelude to a possible future search, it is a search. It is an exercise of special police powers, and as such, requires a warrant. Let them demonstrate probable cause--meaning that they are more likely than not to actually discover something leading to a conviction--and specify exactly which data they are looking for; then, after a well-bounded search has been proven reasonable, a warrant can be issued requiring the data to be retained. Not before.
If they want to go fishing without a warrant, they are free to ask the service providers nicely, just like anyone else--and said service providers are free to turn them down and protect their customer's privacy. If they want to make the logging mandatory, that necessitates a warrant.
What your reference doesn't show is the projected Social Security benefits available to that highest quintile of earners. You can't determine what rate is "proportional" without considering the fact that higher earners also get lower benefits (relative to lifetime earnings).
I would hazard a guess that if you look at lifetime benefits relative to Social Security taxes paid, the ratio is slanted heavily against the higher earners, and that doesn't even consider the fact that the higher earners also tend to be less dependent on Social Security for their own needs. They've already paid in far more than their fair share of other people's retirement funds, and the purpose of SS first and foremost is social security, not redistribution of wealth.
You know, "support the troops" doesn't necessarily mean support what they're being forced to do.... many of them don't want to be there, but have no choice.
Are you saying that a significant number of the troops were conscripted? I was under the impression that the modern military was an all-volunteer outfit, and every one of those volunteers had the opportunity to research what the job might involve before signing up.
Even in the case of conscription, for that matter, there is always a choice. One is always personally accountable for one's own actions. You don't get a free pass just because you were "following orders". Even given a stark choice between turning aggressor and dying, I would still hold aggression to be wrong, and hope that I would have the courage to accept death instead.
The majority of capital gains are not dividends, though - it's profit earned from the difference between price of shares when buying and when selling them.
Yes, and that difference, averaged over the long term, is based mostly on the increase in the company's value, i.e. its reinvested profits. Whether the company distributes part of the profits as dividends, retains them all as equity, or invests them in growing the company, the end result is the same: they're taxed as profits when they're earned by the company, and as capital gains when the shareholder gets their portion.
I'm not trying to say that the taxes should or shouldn't be split up this way. I tend to prefer a single, up-front bill, but arguments can be made for splitting the tax between the up-front profits and later disbursements, particularly as a tool for encouraging (over-)investment; the principle is similar to a tax-deferred 401k. I'm just saying that to compare the shareholder's tax rates fairly with person income taxes, one must count both the corporate income tax and the capital gains tax among the shareholder's expenses.
All money in the economy is taxed numerous times - that's inevitable when you tax transactions.
Yes, but in this case there is only one transaction. The money hasn't been earned, taxed, spent, earned again, and taxed again. Starting from the same revenues, the portion going to an employee is taxed once, at the income tax rate, while the portion going to the shareholder is taxed twice, as corporate profits and as capital gains.
There is no reason whatsoever that we should be rewarding people for simply having money.
Except that "simply having money", as you put it, is proof that they produced something valuable and chose not to immediately spend the resulting income on consumption. In essence, by consuming less than they produced, they made a loan to the rest of society.
In the absence of currency manipulation, that would lead to deflation, and the resulting increase in purchasing power would be their interest on the loan. With the policy of forced inflation in vogue right now, other compensation must be offered to maintain the incentives for saving, a precondition for investment, in the presence of ongoing currency devaluation.
There is also the fact, as least in the case of stocks, that the money being taxed as capital gains has already been taxed once as corporate profits. The real tax rate to the shareholder is sum of the the corporate income tax and capital gains rates.
The real discrepancy in income tax, though, is that you aren't allowed to count the value of your time against your income as a cost of doing business. In every other form of exchange income tax applies only to the profits, but when an individual sells their labor for wages, the market value of the labor—a perfectly legitimate business expense—is not considered a qualifying deduction.
What's the natural market here? Let's say I think candidate's economic policy is crazy and will cost me my job. What is the natural offsetting position? Who would want to hedge themselves against a booming economy?
I see no particular reason why there can't be a trade where one side is a hedge, and the other side is a gamble. It's usefulness as a hedge is independent of the other party's motives. Also, it is in the nature of political policies to harm some and benefit others (to a lesser extent), and both sides have reason to hedge their bets—one against the harm, and the other against the absence of the benefit. Finally, there can be disagreement over the likely result of a given policy; two people in similar positions might want to hedge in opposite directions, depending on their own projections.