In response to the current situation, I've been researching random number generators - especially the builtin one in Intel processors.
It's impossible to tell in general whether there's a vulnerability in a random number generator. It's a "computationally infeasible" problem, the best we can do is check for known deviations from randomness. If you know how it deviates, it's easy to check but beyond that there's no way to tell.
If the NSA has modified devices to reduce the entropy of random keys, then eventually two keys will have the same factors. This is easy to determine: The GCD algorithm will very quickly tell you what factors two keys have in common....and this is exactly what is seen in practice! Some 0.3% of keys tested had common factors: statistically, a *huge* percentage.
With a very large number of keys, you don't need to try N*(N-1) pairs of keys: partition the keys into two sets, multiply all the keys in the first set together, multiply all the keys in the second set together, then calculate GCD(Set1,Set2). In one calculation, you've determined whether any single key in the first set has factors in common with the any key from the second set.
Bruce Schneier believes that the algorithms are robust, and that the NSA is using other methods to break the encryption. Here's one likely way that they are doing it - they weaken the random number generator on a class of devices, harvest all the encryption keys they can find, then look for common factors.
From this article talking about the study: "[Researchers from the linked paper found] “vulnerable devices from 27 manufacturers. These include enterprise-grade routers from Cisco; server management cards from Dell, Hewlett-Packard, and IBM; VPN devices; building security systems; network attached storage devices; and several kinds of consumer routers and VoIP products [1]."
The upshot is this: even locally-generated RSA keys are not guaranteed to be safe, nor will they ever be. When you can't trust the hardware, all bets are off.
Sorry guys, Tor is designed to be used in all the ways we've spent years trying to fix broken internet protocols from doing, you really need to stop drooling over it. Its not actually a good solution. It is in fact an absolutely shitty solution to the problem, as its really a way to create a bunch of new ones.
If you have to hide, the Internet isn't for you.
It's a really good solution! It protects privacy, it's supported/maintained by really smart people who want to protect privacy, and (when using the most current version) gives the user strong privacy.
I just made a whole lot of unsubstantiated claims with no explanation, no supporting evidence, and with no background... just like you did. (I didn't call people names, though.)
Sheesh, gimme some Deep Woods Off! - The number of astroturfers on Slashdot is astounding.
Who cares who else uses Tor? Who cares whether it creates protocol problems? Who cares whether pedophiles or botnets use the system?
The important bit, the one that has value to *me*, is that it can hide my identity. It can hide the identity of people who are afraid of oppression, it can hide the identity of whistle blowers, it can hide the identity of people asking for help.
Stop astroturfing - you're not particularly good at it.
You do understand you're being called retarded due to your absolutely stupid and ludicrous statement of 'impenetrable security' yea? Are you really that retarded to not see this?
Man can make it, man can break it. Impenetrable security is BULLSHIT, son.
One of my favorite overheard comments: "It's not enough to be right, you also have to be effective."
You understand why I chose that particular phrase, right?
It'll take about two years for this problem to disappear.
There's an enormous monetary incentive for cloud services to implement good privacy. Anyone who doesn't implement it will get their lunch eaten by someone who does.
There's already a massive exodus away from US based servers, both at home and abroad. People are thinking through the ramifications of having their sensitive information used as "incentives" to help business. Your client lists, sales information, costs and accounting - if any part of your local network is in the cloud, the US can rifle through it and trade the information to another company in return for help fighting terrorism. Many people will choose to believe that this is not happening, but what the heck - who can tell any more?
This is a self-correcting problem.
Mega has announced an encrypted E-mail service, the client software will be open for public inspection, and none of it will be hosted on US servers.
Google has admitted in court that they don't think users have an expectation of privacy.
Which E-mail service would you rather use? The one from a sleazy convicted criminal, but with impenetrable security? Or the one from a company that always rifles through the contents, but promises to only do it for the better good?
I've changed my mind, now I see the value in these articles.
Various replies have been particularly insightful. For example:
[...] "nerds" who read Slashdot often provide more insightful commentary than any other group of private citizen commentators, and certainly more insight than what the majority of the 24 hour news-cycle organizations. Furthermore, because Slashdot has global readership we get commentary from people outside the United States. I love reading slashdot comments for the same reasons I like listening to the BBC on the radio on my local public radio station (KQED), because I hear fresh viewpoints that originate not in this country.
I'd like to see more articles on Syria or Nigeria. [...] The mainstream media distracts us from the "stuff that matters" unless the shit is really hitting the fan somewhere. It's becoming more and more clear they're a propaganda machine that occasionally reports on world events to maintain a shred of credibility, but never without some partisan bullshit like the administration's refusal to classify this coup as a coup.
In these comments I see all kinds of points about policies and actions going back decades that have contributed to this situation. I'd never find something like that in the mainstream media, Google News included. They're too busy trying to convince me of which lizard is the wrong lizard.
I've changed my opinion. It's probably good that Slashdot posts important news items, simply because you don't get insightful commentary anywhere else - it's a side-effect of the moderation system. Other news outlets allow commentary and have smart readers, we're the only one with insightful discussion. (Can anyone point to another site where the comments are worth reading?)
In particular, I found the comment "I'd like to see more articles on Syria or Nigeria" thought provoking. I don't know anything about either place, and maybe I should.
Slashdot is in a sense community driven. If there's not a lot of push-back, we will continue to see important articles.
Usually news stories on this site have at least a faint aroma of tech relevance.
Certain select stories are of such a high importance that everyone wants to talk about them and they appear on this site despite having no relevance to the major purpose.
That's fine, really it is. But I have to ask, where is the dividing line? Will we be seeing articles on Syria? More than 100 people are killed there on a regular basis. Fourty-four were killed in a mosque in Nigeria the other day. Is that significant? A white-ish guy shot an innocent black kid who was definitely not bashing the white-guy's head into the pavement - is that relevant?
I found this very interesting Third Amendment lawsuit (yes, Third amendment) and didn't submit because it was offtopic.
I'm not saying that world events are not important, and this one is pretty high on the importance scale. It's just that I avoid regular news sites and frequent this one because it saves time. Yes, I can skip articles - but note that I can skip articles in Google News and Reddit as well.
I can't find the link, but I remember a chart of "Slashdot readership" that showed a general decline over the last several years.
This leade to a simple question: Is Slashdot better for reporting generic news items, or should it be more about "News for Nerds"?
... in order to sign the victim up for some premium-rate SMS services.
The fuck?
Why the hell doesn't the FTC shut these companies down? Why doesn't the FCC kick the carrier's behind into policing these companies better? Why doesn't the US attorney's office rain hellfire and brimstone down on these companies to the extent it did to Aaron Schwartz?
Premium SMS is billed through the carriers, so they have a relationship with the SMS company. There is a clear money trail. The recipient is most likely incorporated. This should be easy.
With all the US mistrust of government right now, this would be an easy way to gain some respectability.
This whole thing about privacy will be a non-issue in about 2 years.
There's currently a mass-exodus away from US-based cloud services, and (within the US) away from all cloud services.
Cloud services will have to provide privacy or go out of business. The only way to ensure privacy is client-based encryption keys and open-source software. Since it's impossible to control the distribution of open-source software, the client-side package will end up being free.
This is a good thing, IMHO. Cloud services will focus on the actual service, they won't be able to rummage around in our lives (both corporate and personal), they won't be able to "monetize" their customers as products to advertisers, and the NSA will be shut out of much illegal snooping.
People are already thinking about how to encrypt existing web-based mail services, and I'm even hearing rumors about replacing SMTP altogether with a more secure protocol.
Expect a lot of wailing and gnashing-of-teeth from the government, proposals to make this or that protocol "illegal" or to require government backdoor access, but in the end it will come down to simple economics.
There is an enormous market-driven push towards more privacy. Edward Snowden has had a measurable effect on the world, and probably deserves the Nobel peace prize he was nominated for.
In an alternate universe where certain facts are known for certain, then sure there may be a problem. Over here, we can make up whatever stories we want about these alternate universes, but they don't affect us.
If the coworker takes off at a critical time without notice (did that actually happen?), then the job will be poorly done and you should raise the issue to management. Point out that the department was understaffed, and it's management's responsibility to have the right talent in-house at the right time.
Or, you take home extra pay pulling overtime picking up the slack, which costs management more than regular time, so they will eventually notice.
Or, you refuse unpaid overtime or have previous commitments that you cannot break and let your boss know this. If your boss can force you to come in to work even though you've got Laker's tickets, find another job.
You shouldn't particularly care if coworkers take time off or not - care about getting the job done on time, under budget, and at good quality. If you can't do this, care about whether it's your fault. Don't let your boss put unreasonable demands on you - that will only shift the blame to you when you can't pull off a miracle. Let them know about problems as they arise, and don't accept blame for things you can't control.
Holding yourself to a high standard of professionalism will work out better in the long run than putting "staying employed" ahead of everything else in your life. It may cost you in the immediate short-term, but the total returns over time far outweigh the immediate costs.
I'm not disturbed by the note, and yes it's likely a poor choice of words from a non-English speaker.
Are we now condemning conspiracy to submit fraudulent information? I thought fraud was the bad act.
I've worked with non-English speaking students, and there are a surprising number of awkward constructions that you wouldn't notice as a native speaker.
For example, one multiple-choice optics test question had this answer: "The image is half as large".
The phrase "half as large" translates simultaneously into "big" and "small" at the same time... it was pointed out that many students didn't know what this meant. The first rewrite came out as "half the size", but since many cultures implicitly measure size in terms of area instead of height, lots of people misinterpreted this as well (half the height = 1/4 the area). Having an answer "none of the above" further confused the issue. The test should have been specific in saying "half the height".
I've proofread/edited more than 10 papers written by foreign types, and "twisted meanings" are quite common - phrases that seem syntactically reasonable but which have a different meaning to a native speaker. (I grew up in Amish territory - statements like "Sarah is wonderful sick today" and "throw papa down the stairs his hat" were commonplace.)
I wouldn't think twice about the note in the paper. Unless the researcher actually makes up the analysis out of whole cloth it's not a problem.
I am reading into Glen's statements (I said so in the post), so no I can't point to anything firmer.
I would like to see more evidence, though. Your first link talks about two known incidents - it would be good to have more information so we can tell who is right without speculation. The real situation may be closer to what I wrote, the WSJ extrapolation from two incidents, or something completely different.
Reading into Glen Greenwald's comments and some of his other statements, it would seem that much of the spying is used not for security purposes, rather it's to give an edge to certain select US businesses.
If this is true, it would be huge. Citizens don't count for much in terms of US policy decisions, but an unfair boost to chosen businesses would tick off every other business in the US and abroad - the economic ramifications would be nothing short of tectonic.
I don't understand why that information would ever be released. Are they trying to provoke the US government? I think so.
There really is a difference between short-term advantage and long-term gain, and it's one of the ways to measure intelligence. If Glen should withhold the information for fear of ticking off the US government, he gives up the potential benefits of a future where the US has been forced to stop such corrupt and illegal practices.
The long-term gain is enormous and long-lasting, the short-term pain is fleeting and ephemeral. That's why he is releasing the information.
In the long run, we're all better off by having this information out in the open.
In his book "On Writing", he explains (among many other good points) that one hallmark of good writing is finding the right combination of words for imagery.
He uses examples like "I lit a cigarette, tasted like a plumber's handkerchief'" from Raymond Chandler and "'It was darker than a carload of assholes' by George V Higgins.
The Odyssey (IIRC) has the phrase "it was a wine dark sea", so this has been around for a very long time.
For casual writing the project may be useful, but I wonder how much imagery will be lost in translation.
Many of the works of revolutionaries, radicals, and dissenters are memorable for their specific imagery. Simon Sinek analyzed "I have a dream", and noted the difference between "I have a dream" and "I have a plan". The two are very different, and have different effects on people. (Viz. TED talk "How Great Leaders Inspire Action")
I'm doubtful that AI has progressed to the point where the mood and emotional content will be preserved in such a translation.
To be effective, defiant writing will still require courage.
The 4th amendment says that people have a right to be secure against unreasonable searches.
This simple prohibition has no context - the fact that someone else (a foreign government, a corporation, another citizen) gives the information to the government doesn't matter. It's still a violation, the fourth amendment makes no distinction for how the government gets the data.
The fact that the legislature passed a law saying that they can doesn't matter, and the fact that the executive branch says that they can doesn't matter either. The executive branch cannot and must not be the ones to judge the legality of their actions - that would be tyranny.
Determining whether something is legal is, and always has been, the purview of the judicial branch. In cases of ambiguity or differing interpretations, there is always the option of bringing it to the supreme court.
Many legal scholars count the government's actions as illegal, and a common-sense reading of the fourth amendment seems to agree.
I wish the people who keep repeating that the government hasn't broken any laws would shut up - they're giving tyranny a measure of respectability just by saying that. I also wish people who don't care about their own privacy would shut up - many people do care, and since you don't care there is nothing to be gained by arguing... or even voicing your position.
If you think what the government is doing is OK, please STFU and let people bring the issue to the supreme court. If you're correct, then it won't matter and you shouldn't object to raising the question. There's no honourable reason to argue against verification.
As a followup to the excellent relativistic answer above...
As one of my professors put it: "if there is one monopole anywhere, then charge is quantized everywhere". This was at the end of a fairly straightforward derivation, first done by Paul Dirac IIRC.
We see by experiment that charge is quantized everywhere, but this doesn't prove the existence of monopoles. It's a tantalizing clue to why things may be the way they are in our universe.
Monopoles are predicted by some of the unified theories, so if they exist how come we don't see any?
The rule (at least in the US) is very simple: You are not required, nor should you allow any law enforcement officer into your home or business without a search warrant.
This is true, but there's a further wrinkle in the name of "must Identify" laws.
This applies to "Terry Stops" and not "casual conversation", but if the police are at your door for a specific reason, they would argue that it's a Terry Stop and the "must identify" laws would apply.
The "must identify" laws require that you correctly identify yourself when asked (during a Terry stop), and laws in various states have other questions which must be answered as well. There is no such law in MA, but the NH law reads:
Questioning and Detaining Suspects. – A peace officer may stop any person abroad whom he has reason to suspect is committing, has committed or is about to commit a crime, and may demand of him his name, address, business abroad and where he is going.
Not talking to the police is good advice, but taking it as an absolute can get you convicted. The law is a wildly complex minefield for the average person (a "non-elite").
OP here - all the typos are my fault and the editors didn't notice them.
No excuse, it was late and I was tired. I'll try to do better in future submissions. I did submit a working link - *that* I checked - no idea how it got screwed up...
Funny that you picked Mecca. Saudi Arabia is & has been spending 10s of billions to upgrade or build roads, trains, elevated metro, housing, mosques and other infrastructure in and around Mecca + other holy sites.
Why? Because game theory doesn't apply to everything all the time.
So, you're saying that Mecca is, in fact run like a museum? You're saying that Saudi Arabia charges admission?
Would your point be valid if Mecca weren't run like a museum?
I'm not sure what you're saying here... if Mecca isn't being run like a museum and at the same time it isn't changed like it would be if it were a museum...
If you sell it like a fixed resource, you'll get high fees for access and discouraged use... like what we have now for phone and internet service (high monthly fees, data caps and rationed "minutes", kicking out high users, &c).
If you owned a museum which was wildly popular (say, "Mecca" as a museum) you'd hike up the ticket prices as high as you could, and would be under no incentive to improve the experience. If, on the other hand you could only charge a fixed upper price per person, then you have incentive to push more people through the museum - you'd upgrade the infrastructure to handle more people.
Change the model. If you have a fixed resource, sell it with the restriction that you can only charge for usage.
If the spectrum was sold with the restriction that you could only charge $.02 per gigabyte or less, then companies could only make money by encouraging higher usage. Instead of high monthly fees and discouraged use, companies would encourage innovative new applications, home servers, and high bandwidth.
The FCC could set the price equivalent to what is now charged under the fixed-resource model, so that companies wouldn't make any less than they do now.
But the model will change: companies would have to compete for users by improving the experience and encouraging use.
How is the dispersion of these bacteria controlled? Will the bacteria spread to other plants, such as weeds? Will they be spread by air-borne reproductive means? (Not that food crops use dandelions tufts, but you know what I mean - pollen or seeds blown around by the wind.)
I'm all for scientific progress and not a big fan of Jeremy Rifkin, but he serves an important purpose by voicing concerns and making people stop to consider some of the larger ramifications.
Let's not stop the research, but I really think we should do some environmental impact studies.
Slashdot Mirror
In response to the current situation, I've been researching random number generators - especially the builtin one in Intel processors.
It's impossible to tell in general whether there's a vulnerability in a random number generator. It's a "computationally infeasible" problem, the best we can do is check for known deviations from randomness. If you know how it deviates, it's easy to check but beyond that there's no way to tell.
If the NSA has modified devices to reduce the entropy of random keys, then eventually two keys will have the same factors. This is easy to determine: The GCD algorithm will very quickly tell you what factors two keys have in common. ...and this is exactly what is seen in practice! Some 0.3% of keys tested had common factors: statistically, a *huge* percentage.
With a very large number of keys, you don't need to try N*(N-1) pairs of keys: partition the keys into two sets, multiply all the keys in the first set together, multiply all the keys in the second set together, then calculate GCD(Set1,Set2). In one calculation, you've determined whether any single key in the first set has factors in common with the any key from the second set.
Bruce Schneier believes that the algorithms are robust, and that the NSA is using other methods to break the encryption. Here's one likely way that they are doing it - they weaken the random number generator on a class of devices, harvest all the encryption keys they can find, then look for common factors.
From this article talking about the study: "[Researchers from the linked paper found] “vulnerable devices from 27 manufacturers. These include enterprise-grade routers from Cisco; server management cards from Dell, Hewlett-Packard, and IBM; VPN devices; building security systems; network attached storage devices; and several kinds of consumer routers and VoIP products [1]."
The upshot is this: even locally-generated RSA keys are not guaranteed to be safe, nor will they ever be. When you can't trust the hardware, all bets are off.
Sorry guys, Tor is designed to be used in all the ways we've spent years trying to fix broken internet protocols from doing, you really need to stop drooling over it. Its not actually a good solution. It is in fact an absolutely shitty solution to the problem, as its really a way to create a bunch of new ones.
If you have to hide, the Internet isn't for you.
It's a really good solution! It protects privacy, it's supported/maintained by really smart people who want to protect privacy, and (when using the most current version) gives the user strong privacy.
I just made a whole lot of unsubstantiated claims with no explanation, no supporting evidence, and with no background... just like you did. (I didn't call people names, though.)
Sheesh, gimme some Deep Woods Off! - The number of astroturfers on Slashdot is astounding.
Who cares who else uses Tor? Who cares whether it creates protocol problems? Who cares whether pedophiles or botnets use the system?
The important bit, the one that has value to *me*, is that it can hide my identity. It can hide the identity of people who are afraid of oppression, it can hide the identity of whistle blowers, it can hide the identity of people asking for help.
Stop astroturfing - you're not particularly good at it.
You do understand you're being called retarded due to your absolutely stupid and ludicrous statement of 'impenetrable security' yea? Are you really that retarded to not see this?
Man can make it, man can break it. Impenetrable security is BULLSHIT, son.
One of my favorite overheard comments: "It's not enough to be right, you also have to be effective."
You understand why I chose that particular phrase, right?
You're joking, right? You can't really be that retarded, can you?
As an outside observer, what do you think about the human race?
I have a measured IQ of 87 so yeah, I can be that retarded - but no more. What's IQ got to do with it anyway?
Here's an IQ test for you, fill in the blank:
rue is to pain as street is to ___________
It'll take about two years for this problem to disappear.
There's an enormous monetary incentive for cloud services to implement good privacy. Anyone who doesn't implement it will get their lunch eaten by someone who does.
There's already a massive exodus away from US based servers, both at home and abroad. People are thinking through the ramifications of having their sensitive information used as "incentives" to help business. Your client lists, sales information, costs and accounting - if any part of your local network is in the cloud, the US can rifle through it and trade the information to another company in return for help fighting terrorism. Many people will choose to believe that this is not happening, but what the heck - who can tell any more?
This is a self-correcting problem.
Mega has announced an encrypted E-mail service, the client software will be open for public inspection, and none of it will be hosted on US servers.
Google has admitted in court that they don't think users have an expectation of privacy.
Which E-mail service would you rather use? The one from a sleazy convicted criminal, but with impenetrable security? Or the one from a company that always rifles through the contents, but promises to only do it for the better good?
I've changed my mind, now I see the value in these articles.
Various replies have been particularly insightful. For example:
[...] "nerds" who read Slashdot often provide more insightful commentary than any other group of private citizen commentators, and certainly more insight than what the majority of the 24 hour news-cycle organizations. Furthermore, because Slashdot has global readership we get commentary from people outside the United States. I love reading slashdot comments for the same reasons I like listening to the BBC on the radio on my local public radio station (KQED), because I hear fresh viewpoints that originate not in this country.
I'd like to see more articles on Syria or Nigeria. [...] The mainstream media distracts us from the "stuff that matters" unless the shit is really hitting the fan somewhere. It's becoming more and more clear they're a propaganda machine that occasionally reports on world events to maintain a shred of credibility, but never without some partisan bullshit like the administration's refusal to classify this coup as a coup.
In these comments I see all kinds of points about policies and actions going back decades that have contributed to this situation. I'd never find something like that in the mainstream media, Google News included. They're too busy trying to convince me of which lizard is the wrong lizard.
I've changed my opinion. It's probably good that Slashdot posts important news items, simply because you don't get insightful commentary anywhere else - it's a side-effect of the moderation system. Other news outlets allow commentary and have smart readers, we're the only one with insightful discussion. (Can anyone point to another site where the comments are worth reading?)
In particular, I found the comment "I'd like to see more articles on Syria or Nigeria" thought provoking. I don't know anything about either place, and maybe I should.
Slashdot is in a sense community driven. If there's not a lot of push-back, we will continue to see important articles.
Usually news stories on this site have at least a faint aroma of tech relevance.
Certain select stories are of such a high importance that everyone wants to talk about them and they appear on this site despite having no relevance to the major purpose.
That's fine, really it is. But I have to ask, where is the dividing line? Will we be seeing articles on Syria? More than 100 people are killed there on a regular basis. Fourty-four were killed in a mosque in Nigeria the other day. Is that significant? A white-ish guy shot an innocent black kid who was definitely not bashing the white-guy's head into the pavement - is that relevant?
I found this very interesting Third Amendment lawsuit (yes, Third amendment) and didn't submit because it was offtopic.
I'm not saying that world events are not important, and this one is pretty high on the importance scale. It's just that I avoid regular news sites and frequent this one because it saves time. Yes, I can skip articles - but note that I can skip articles in Google News and Reddit as well.
I can't find the link, but I remember a chart of "Slashdot readership" that showed a general decline over the last several years.
This leade to a simple question: Is Slashdot better for reporting generic news items, or should it be more about "News for Nerds"?
Dude awesome post. Thanks for that.
... in order to sign the victim up for some premium-rate SMS services.
The fuck?
Why the hell doesn't the FTC shut these companies down? Why doesn't the FCC kick the carrier's behind into policing these companies better? Why doesn't the US attorney's office rain hellfire and brimstone down on these companies to the extent it did to Aaron Schwartz?
Premium SMS is billed through the carriers, so they have a relationship with the SMS company. There is a clear money trail. The recipient is most likely incorporated. This should be easy.
With all the US mistrust of government right now, this would be an easy way to gain some respectability.
There have been "rumors" and "proposals" to replace SMTP for almost a decade. It'll never happen...
Um... there is now an enormous economic incentive to do this.
Are you saying that the current situation is exactly like it was in the last decade?
This whole thing about privacy will be a non-issue in about 2 years.
There's currently a mass-exodus away from US-based cloud services, and (within the US) away from all cloud services.
Cloud services will have to provide privacy or go out of business. The only way to ensure privacy is client-based encryption keys and open-source software. Since it's impossible to control the distribution of open-source software, the client-side package will end up being free.
This is a good thing, IMHO. Cloud services will focus on the actual service, they won't be able to rummage around in our lives (both corporate and personal), they won't be able to "monetize" their customers as products to advertisers, and the NSA will be shut out of much illegal snooping.
People are already thinking about how to encrypt existing web-based mail services, and I'm even hearing rumors about replacing SMTP altogether with a more secure protocol.
Expect a lot of wailing and gnashing-of-teeth from the government, proposals to make this or that protocol "illegal" or to require government backdoor access, but in the end it will come down to simple economics.
There is an enormous market-driven push towards more privacy. Edward Snowden has had a measurable effect on the world, and probably deserves the Nobel peace prize he was nominated for.
What if... What if ... What if...
In an alternate universe where certain facts are known for certain, then sure there may be a problem. Over here, we can make up whatever stories we want about these alternate universes, but they don't affect us.
If the coworker takes off at a critical time without notice (did that actually happen?), then the job will be poorly done and you should raise the issue to management. Point out that the department was understaffed, and it's management's responsibility to have the right talent in-house at the right time.
Or, you take home extra pay pulling overtime picking up the slack, which costs management more than regular time, so they will eventually notice.
Or, you refuse unpaid overtime or have previous commitments that you cannot break and let your boss know this. If your boss can force you to come in to work even though you've got Laker's tickets, find another job.
You shouldn't particularly care if coworkers take time off or not - care about getting the job done on time, under budget, and at good quality. If you can't do this, care about whether it's your fault. Don't let your boss put unreasonable demands on you - that will only shift the blame to you when you can't pull off a miracle. Let them know about problems as they arise, and don't accept blame for things you can't control.
Holding yourself to a high standard of professionalism will work out better in the long run than putting "staying employed" ahead of everything else in your life. It may cost you in the immediate short-term, but the total returns over time far outweigh the immediate costs.
I'm not disturbed by the note, and yes it's likely a poor choice of words from a non-English speaker.
Are we now condemning conspiracy to submit fraudulent information? I thought fraud was the bad act.
I've worked with non-English speaking students, and there are a surprising number of awkward constructions that you wouldn't notice as a native speaker.
For example, one multiple-choice optics test question had this answer: "The image is half as large".
The phrase "half as large" translates simultaneously into "big" and "small" at the same time... it was pointed out that many students didn't know what this meant. The first rewrite came out as "half the size", but since many cultures implicitly measure size in terms of area instead of height, lots of people misinterpreted this as well (half the height = 1/4 the area). Having an answer "none of the above" further confused the issue. The test should have been specific in saying "half the height".
I've proofread/edited more than 10 papers written by foreign types, and "twisted meanings" are quite common - phrases that seem syntactically reasonable but which have a different meaning to a native speaker. (I grew up in Amish territory - statements like "Sarah is wonderful sick today" and "throw papa down the stairs his hat" were commonplace.)
I wouldn't think twice about the note in the paper. Unless the researcher actually makes up the analysis out of whole cloth it's not a problem.
Science is about evidence, not hearsay.
Thanks - that's pretty insightful.
I am reading into Glen's statements (I said so in the post), so no I can't point to anything firmer.
I would like to see more evidence, though. Your first link talks about two known incidents - it would be good to have more information so we can tell who is right without speculation. The real situation may be closer to what I wrote, the WSJ extrapolation from two incidents, or something completely different.
We'd be better off with more facts.
Reading into Glen Greenwald's comments and some of his other statements, it would seem that much of the spying is used not for security purposes, rather it's to give an edge to certain select US businesses.
If this is true, it would be huge. Citizens don't count for much in terms of US policy decisions, but an unfair boost to chosen businesses would tick off every other business in the US and abroad - the economic ramifications would be nothing short of tectonic.
I don't understand why that information would ever be released. Are they trying to provoke the US government? I think so.
There really is a difference between short-term advantage and long-term gain, and it's one of the ways to measure intelligence. If Glen should withhold the information for fear of ticking off the US government, he gives up the potential benefits of a future where the US has been forced to stop such corrupt and illegal practices.
The long-term gain is enormous and long-lasting, the short-term pain is fleeting and ephemeral. That's why he is releasing the information.
In the long run, we're all better off by having this information out in the open.
An excellent point, I will try to remember this in future writing. It's the sort of thing you don't get in a writing course, for which I am grateful.
Thanks.
Stephen King seems to agree with you.
In his book "On Writing", he explains (among many other good points) that one hallmark of good writing is finding the right combination of words for imagery.
He uses examples like "I lit a cigarette, tasted like a plumber's handkerchief'" from Raymond Chandler and "'It was darker than a carload of assholes' by George V Higgins.
The Odyssey (IIRC) has the phrase "it was a wine dark sea", so this has been around for a very long time.
For casual writing the project may be useful, but I wonder how much imagery will be lost in translation.
Many of the works of revolutionaries, radicals, and dissenters are memorable for their specific imagery. Simon Sinek analyzed "I have a dream", and noted the difference between "I have a dream" and "I have a plan". The two are very different, and have different effects on people. (Viz. TED talk "How Great Leaders Inspire Action")
I'm doubtful that AI has progressed to the point where the mood and emotional content will be preserved in such a translation.
To be effective, defiant writing will still require courage.
The 4th amendment says that people have a right to be secure against unreasonable searches.
This simple prohibition has no context - the fact that someone else (a foreign government, a corporation, another citizen) gives the information to the government doesn't matter. It's still a violation, the fourth amendment makes no distinction for how the government gets the data.
The fact that the legislature passed a law saying that they can doesn't matter, and the fact that the executive branch says that they can doesn't matter either. The executive branch cannot and must not be the ones to judge the legality of their actions - that would be tyranny.
Determining whether something is legal is, and always has been, the purview of the judicial branch. In cases of ambiguity or differing interpretations, there is always the option of bringing it to the supreme court.
Many legal scholars count the government's actions as illegal, and a common-sense reading of the fourth amendment seems to agree.
I wish the people who keep repeating that the government hasn't broken any laws would shut up - they're giving tyranny a measure of respectability just by saying that. I also wish people who don't care about their own privacy would shut up - many people do care, and since you don't care there is nothing to be gained by arguing... or even voicing your position.
If you think what the government is doing is OK, please STFU and let people bring the issue to the supreme court. If you're correct, then it won't matter and you shouldn't object to raising the question. There's no honourable reason to argue against verification.
As a followup to the excellent relativistic answer above...
As one of my professors put it: "if there is one monopole anywhere, then charge is quantized everywhere". This was at the end of a fairly straightforward derivation, first done by Paul Dirac IIRC.
We see by experiment that charge is quantized everywhere, but this doesn't prove the existence of monopoles. It's a tantalizing clue to why things may be the way they are in our universe.
Monopoles are predicted by some of the unified theories, so if they exist how come we don't see any?
The rule (at least in the US) is very simple: You are not required, nor should you allow any law enforcement officer into your home or business without a search warrant.
This is true, but there's a further wrinkle in the name of "must Identify" laws.
This applies to "Terry Stops" and not "casual conversation", but if the police are at your door for a specific reason, they would argue that it's a Terry Stop and the "must identify" laws would apply.
The "must identify" laws require that you correctly identify yourself when asked (during a Terry stop), and laws in various states have other questions which must be answered as well. There is no such law in MA, but the NH law reads:
Questioning and Detaining Suspects. – A peace officer may stop any person abroad whom he has reason to suspect is committing, has committed or is about to commit a crime, and may demand of him his name, address, business abroad and where he is going.
Not talking to the police is good advice, but taking it as an absolute can get you convicted. The law is a wildly complex minefield for the average person (a "non-elite").
Cybercriminals HAS [sic] Heroin?
What is this, I Can Haz Slashdot?
OP here - all the typos are my fault and the editors didn't notice them.
No excuse, it was late and I was tired. I'll try to do better in future submissions. I did submit a working link - *that* I checked - no idea how it got screwed up...
Funny that you picked Mecca. Saudi Arabia is & has been spending 10s of billions to upgrade or build roads, trains, elevated metro, housing, mosques and other infrastructure in and around Mecca + other holy sites.
Why? Because game theory doesn't apply to everything all the time.
So, you're saying that Mecca is, in fact run like a museum? You're saying that Saudi Arabia charges admission?
Would your point be valid if Mecca weren't run like a museum?
I'm not sure what you're saying here... if Mecca isn't being run like a museum and at the same time it isn't changed like it would be if it were a museum...
Do you know a hawk from a handsaw?
If you sell it like a fixed resource, you'll get high fees for access and discouraged use... like what we have now for phone and internet service (high monthly fees, data caps and rationed "minutes", kicking out high users, &c).
If you owned a museum which was wildly popular (say, "Mecca" as a museum) you'd hike up the ticket prices as high as you could, and would be under no incentive to improve the experience. If, on the other hand you could only charge a fixed upper price per person, then you have incentive to push more people through the museum - you'd upgrade the infrastructure to handle more people.
Change the model. If you have a fixed resource, sell it with the restriction that you can only charge for usage.
If the spectrum was sold with the restriction that you could only charge $.02 per gigabyte or less, then companies could only make money by encouraging higher usage. Instead of high monthly fees and discouraged use, companies would encourage innovative new applications, home servers, and high bandwidth.
The FCC could set the price equivalent to what is now charged under the fixed-resource model, so that companies wouldn't make any less than they do now.
But the model will change: companies would have to compete for users by improving the experience and encouraging use.
It's a Game Theory thing.
Okay, I'll be the first to ask:
How is the dispersion of these bacteria controlled? Will the bacteria spread to other plants, such as weeds? Will they be spread by air-borne reproductive means? (Not that food crops use dandelions tufts, but you know what I mean - pollen or seeds blown around by the wind.)
Will these be the 3-d equivalent of Bolivian Tree Lizards?
I'm all for scientific progress and not a big fan of Jeremy Rifkin, but he serves an important purpose by voicing concerns and making people stop to consider some of the larger ramifications.
Let's not stop the research, but I really think we should do some environmental impact studies.
Well we can start by getting rid of cemetaries and graveyards, and stop cremating people.
Um... apropos of nothing, how does cremation affect the phosphorus content?