The etext and battery life is the whole point of something like the kindle vs a laptop or pda. The etext is light years easier on the eyes and you can read a kindle for about 4 solid DAYS with the wireless off without recharging. And I dont mean "an hour a day for four days".
Unless you are clicking a button, the kindle draws almost no power. (The screen only draws power when it changes content)
Read up on "The Federalist Papers" and the role anonymity played in the formation of America. These were -critical- to the debate at the time and, without anonymity, they would never have happened.
The problem with giving up core freedoms to "combat crime" and whatnot is that if you assume your motive is more worthwhile than those freedoms, you are completely justified in locking anyone or anything up for any reason. If no one is allowed to do anything, they won't commit a crime.
The government must necessarily have restrictions on it or it's just a brute without any rule of law.
...because nerds, being (please dont laugh too loud, Im being serious) are part of the intellectuals in their various countries - they're part of a larger group of people who can actually intelligently affect the world around them. As such, the political machinations of one of the most powerful group of people on earth (US Congress) should very, very much be considered both news for nerds and news that matters on general principles. Not all of us nerds think the world starts and ends with linux and Make magazine.
Im just curious how you can make it through an entire four year computer science degree at a major university...and not be aware of what job options are available at the end it. I understand not knowing the ins-and-outs of getting said jobs, but we're talking a really high-level thing here? And this is an honest question, Im not trolling in the least.
Not so much. It really depends on what youve done, what you're doing, whether your TS needs you to take a poly (not all do), whether the poly involved is a full lfiestyle or a smaller less intrusive subset of questions, etc....
TSA security will have nothing to do with the next terrorist attack. The terrorists will either not attack airplanes, or they will take non-prohibited items through and turn them into weapons, or they will secrete them in body locations TSA will not search, or they will have them placed on the planes for them by ground crew.
investing money in things that will give no return is bad business.
Investing in increasing the ecnonomic health of poor peoples and nations often gives a large financal return. It's good business for you to make people smarter, give them jobs, give them ways to earn an income. That does two things: First, the people have enough invested in negotiating disputes financially, instead of with arms. Second, they have more money to spend in general and the market can support more goods/services exchanged, and everyone benefits.
Capitalism isn't the problem per se. Ignorance and lack of forethough is the problem.
There are legit responses to the rest of your comments, but to keep it simple let's get to the heart of it:
There is a fact of the matter whether a particular model or implementation can be breached by an adversary, even with infinite resources.
"No adversary should gain access to any resource unless implicitly or explicitly authorized to use it".
Both of these are true. But they both assume someone has (subjectively) identified which resources to protect and how much cost/effort should be spent to protect them. Without those subjective decisions, security models are irrelevant
That didnt make a whole lot of sense as a response to me and was trolling a bit, but Ill bite (waiting for a meeting).
You're mixing types here and -fail- at logic. Process and Methodology are synonyms. Results can be from processes and methodologies. Results can be both objective and false/actual/perceived all at the same time. Etc. Were you trying to say "security is a lot of different things"? Thanks captain obvious.
SECURITY is (especially because of the obvious truth you pointed out) a concept with a subjective root: Ie, If I dont want anyone else to access the machine but me, my concept of what it means to secure the box is completely different from someone who runs a honeypot.
And while the fact that Im an enterprise security architect for a large organization (among other things) isn't a guarantee that I know wtf Im talking about, it's a pretty good indication that I have the basics down right:P
You can have government censorship through inaction. The government should be -ensuring- free expression is alive and healthy in the country as it is a prerequisite for democracy/capitalism (yes, I know we're not completely either of those). The difference between a free market system and anarchy is that there is a governing body protecting against systematic abuses and theft (theft of speech, even). With as much corporate censorship as is going on, it has become a systemic threat to the health and security of the US and so should be addressed formally.
If they're any good, they'll agree with him...security is fundamentally subjective (what you want your box to do vs how much what you have on it is worth vs etc)
Completely agree with you. (And yeah, I thought I was making a legit point...but thats how Slashdot goes.) I guess I was arguing the same point from reverse: Yes, they dont put their whole package together very well (resulting in obvious defects), but that doesn't mean their threat modeling process is automatically junk - especially when so few organizations follow any sort of threat modeling process whatsoever. Everyone should!
Im just replying randomly to this post since it's as good as any other: Why do Slashdotters so often fail to differentiate between a company's business decisions and its technical capabilities? MS has a mature, well-developed threat modeling processes that works fine. That has little to do with which features are implemented in which time-frames, how well the QA on the final code is, whether or not they have to maintain backward compatitibility to feature sets and software which require old (bad) security models, etc. It's a bit more complicated than "Microsoft Baaaaaad. Linux Goooooood"
Right. But all of that is essentially old news and oft covered here. In fact, it's such conventional wisdom that long after it IS fixed, youll still hear people saying it on Slashdot. The NEW information - which is what makes this more than yet-another-article-about-the-same-old-crap is the alleged -intentional- deception and that they're being criminally investigated for it (vs dealing with it withing the scope of contractual control)
Some security rules or procedures are drafted and never reviewed.
Except that wasn't the problem in this case. No one has alleged that UNISYS wasn't aware of security rules or procedures - they're very much aware of them - and DHS internally has regular, required, security training.
What does this have to do with the article? The issue isn't a lack of security really that's at issue. a) Managed Security Services never find really bad stuff except by accident b)The Chinese are in and out of our entire government largely at-will (it always takes them months or longer to detect the intrusions and exfiltration c) MSSP's -always- have clients that dispute their installation process and billing. Given these, UNISYS really is no worse off than anyone else in the industry and the conversation seems typical.
The only really interesting thing here is whether or not they actually found something and intentionally covered it up or, if as is common, they found something interesting, couldnt validate it, and let it fall through for lack of anything particularly actionably within the bounds of their SLA's
Of course, the experiment only covers a situation where a snap judgment is required.
Hence the next sentence I posted:
The article did not in any way indicate that it tested what the evaluative processes that liberals vs conservatives go through before they integrate new ideas into their view of the world.
You said: Instead, it may be indicating that the "conservative mind" is less on the lookout for information that defies its expectations.
I disagree somewhat. I would consider myself conservative (kindof sortof), but I do good work in information and data analysis. It doesn't seem to be what the brain is on the lookout for, merely what path it takes on its way to further analysis. The study doesnt cover whether or not that information was accepted for further processing, just that it wasn't acted on immediately by conservatives.
The whole evolution of our species has revolved around our ability to create metaphoral/symbolic constructs above and beyond what our initial biological reaction would have us do...it would be really surprising to me if we found that 50% of the population couldn't accept new information easily vs just processed it differently.
If we're unwilling to discuss the hot button issues, yes. But that works both ways. If you tend to latch on to any idea that comes your way (without discussion) youre completely subject to the whims of chance as to whether youre right or wrong.
Basically, relying on an instant decision is fatally flawed in both cases. Thats why experience is such a big deal in leadership situations - sometimes mental muscle memory will override your natural biological reactions in split second scenarios.
In the first split second. That in no way implies it doesn't happen later. Basically, we now know how liberals vs conservatives respond if they have only an instant to think about it - we know nothing about how the process routes afterwards.
Most people here assume just accepting new ideas at face value (which is all the study suggested) is a good thing. The article did not in any way indicate that it tested what the evaluative processes that liberals vs conservatives go through before they integrate new ideas into their view of the world. That's a critical thing to know. Frankly, I want people in charge and those voting to have some initial skepticism and to analyze new ideas before they accept them. Just because you hear it or have an initial thought doesn't make it true or valid.
On another note, the article indicated that they chose "very liberal" or "very conservative". It's entirely plausible that the extremes are there for biological reasons and those who dont "identify" with their political orientation choose that orientation for different reasons (former biological, latter rational thought)
Slashdot Mirror
Thanks for the correction. Not sure why I used etext there :)
The etext and battery life is the whole point of something like the kindle vs a laptop or pda. The etext is light years easier on the eyes and you can read a kindle for about 4 solid DAYS with the wireless off without recharging. And I dont mean "an hour a day for four days". Unless you are clicking a button, the kindle draws almost no power. (The screen only draws power when it changes content)
Read up on "The Federalist Papers" and the role anonymity played in the formation of America. These were -critical- to the debate at the time and, without anonymity, they would never have happened. The problem with giving up core freedoms to "combat crime" and whatnot is that if you assume your motive is more worthwhile than those freedoms, you are completely justified in locking anyone or anything up for any reason. If no one is allowed to do anything, they won't commit a crime. The government must necessarily have restrictions on it or it's just a brute without any rule of law.
Pretty much. Compare Windows to its competition when it took over the world, not its competition after.
...because nerds, being (please dont laugh too loud, Im being serious) are part of the intellectuals in their various countries - they're part of a larger group of people who can actually intelligently affect the world around them. As such, the political machinations of one of the most powerful group of people on earth (US Congress) should very, very much be considered both news for nerds and news that matters on general principles. Not all of us nerds think the world starts and ends with linux and Make magazine.
Im just curious how you can make it through an entire four year computer science degree at a major university...and not be aware of what job options are available at the end it. I understand not knowing the ins-and-outs of getting said jobs, but we're talking a really high-level thing here? And this is an honest question, Im not trolling in the least.
You should look here: http://usmilitary.about.com/od/theorderlyroom/l/blsecmenu.htm
Not so much. It really depends on what youve done, what you're doing, whether your TS needs you to take a poly (not all do), whether the poly involved is a full lfiestyle or a smaller less intrusive subset of questions, etc....
TSA security will have nothing to do with the next terrorist attack. The terrorists will either not attack airplanes, or they will take non-prohibited items through and turn them into weapons, or they will secrete them in body locations TSA will not search, or they will have them placed on the planes for them by ground crew.
Just a point of clarification: TSA's operations are not limited to potential attacks against aircraft -
http://www.tsa.dhs.gov/what_we_do/tsnm/index.shtm
I think (just offhand) a lot of the problem comes from interest in short-term profit vs long-term profit - esp in publicly traded companies.
investing money in things that will give no return is bad business.
Investing in increasing the ecnonomic health of poor peoples and nations often gives a large financal return. It's good business for you to make people smarter, give them jobs, give them ways to earn an income. That does two things: First, the people have enough invested in negotiating disputes financially, instead of with arms. Second, they have more money to spend in general and the market can support more goods/services exchanged, and everyone benefits.
Capitalism isn't the problem per se. Ignorance and lack of forethough is the problem.
There are legit responses to the rest of your comments, but to keep it simple let's get to the heart of it:
There is a fact of the matter whether a particular model or implementation can be breached by an adversary, even with infinite resources.
"No adversary should gain access to any resource unless implicitly or explicitly authorized to use it".
Both of these are true. But they both assume someone has (subjectively) identified which resources to protect and how much cost/effort should be spent to protect them. Without those subjective decisions, security models are irrelevant
That didnt make a whole lot of sense as a response to me and was trolling a bit, but Ill bite (waiting for a meeting).
:P
You're mixing types here and -fail- at logic. Process and Methodology are synonyms. Results can be from processes and methodologies. Results can be both objective and false/actual/perceived all at the same time. Etc. Were you trying to say "security is a lot of different things"? Thanks captain obvious.
SECURITY is (especially because of the obvious truth you pointed out) a concept with a subjective root: Ie, If I dont want anyone else to access the machine but me, my concept of what it means to secure the box is completely different from someone who runs a honeypot.
And while the fact that Im an enterprise security architect for a large organization (among other things) isn't a guarantee that I know wtf Im talking about, it's a pretty good indication that I have the basics down right
You can have government censorship through inaction. The government should be -ensuring- free expression is alive and healthy in the country as it is a prerequisite for democracy/capitalism (yes, I know we're not completely either of those). The difference between a free market system and anarchy is that there is a governing body protecting against systematic abuses and theft (theft of speech, even). With as much corporate censorship as is going on, it has become a systemic threat to the health and security of the US and so should be addressed formally.
If they're any good, they'll agree with him...security is fundamentally subjective (what you want your box to do vs how much what you have on it is worth vs etc)
Completely agree with you. (And yeah, I thought I was making a legit point...but thats how Slashdot goes.) I guess I was arguing the same point from reverse: Yes, they dont put their whole package together very well (resulting in obvious defects), but that doesn't mean their threat modeling process is automatically junk - especially when so few organizations follow any sort of threat modeling process whatsoever. Everyone should!
Im just replying randomly to this post since it's as good as any other: Why do Slashdotters so often fail to differentiate between a company's business decisions and its technical capabilities? MS has a mature, well-developed threat modeling processes that works fine. That has little to do with which features are implemented in which time-frames, how well the QA on the final code is, whether or not they have to maintain backward compatitibility to feature sets and software which require old (bad) security models, etc. It's a bit more complicated than "Microsoft Baaaaaad. Linux Goooooood"
Right. But all of that is essentially old news and oft covered here. In fact, it's such conventional wisdom that long after it IS fixed, youll still hear people saying it on Slashdot. The NEW information - which is what makes this more than yet-another-article-about-the-same-old-crap is the alleged -intentional- deception and that they're being criminally investigated for it (vs dealing with it withing the scope of contractual control)
Some security rules or procedures are drafted and never reviewed.
Except that wasn't the problem in this case. No one has alleged that UNISYS wasn't aware of security rules or procedures - they're very much aware of them - and DHS internally has regular, required, security training.
What does this have to do with the article? The issue isn't a lack of security really that's at issue. a) Managed Security Services never find really bad stuff except by accident b)The Chinese are in and out of our entire government largely at-will (it always takes them months or longer to detect the intrusions and exfiltration c) MSSP's -always- have clients that dispute their installation process and billing. Given these, UNISYS really is no worse off than anyone else in the industry and the conversation seems typical.
The only really interesting thing here is whether or not they actually found something and intentionally covered it up or, if as is common, they found something interesting, couldnt validate it, and let it fall through for lack of anything particularly actionably within the bounds of their SLA's
Someone should mod this up.
See my response here (second to last para): http://slashdot.org/comments.pl?sid=293603&threshold=0&commentsort=0&mode=thread&pid=20552799#20553161
Of course, the experiment only covers a situation where a snap judgment is required.
Hence the next sentence I posted: The article did not in any way indicate that it tested what the evaluative processes that liberals vs conservatives go through before they integrate new ideas into their view of the world.
You said: Instead, it may be indicating that the "conservative mind" is less on the lookout for information that defies its expectations.
I disagree somewhat. I would consider myself conservative (kindof sortof), but I do good work in information and data analysis. It doesn't seem to be what the brain is on the lookout for, merely what path it takes on its way to further analysis. The study doesnt cover whether or not that information was accepted for further processing, just that it wasn't acted on immediately by conservatives.
The whole evolution of our species has revolved around our ability to create metaphoral/symbolic constructs above and beyond what our initial biological reaction would have us do...it would be really surprising to me if we found that 50% of the population couldn't accept new information easily vs just processed it differently.
If we're unwilling to discuss the hot button issues, yes. But that works both ways. If you tend to latch on to any idea that comes your way (without discussion) youre completely subject to the whims of chance as to whether youre right or wrong. Basically, relying on an instant decision is fatally flawed in both cases. Thats why experience is such a big deal in leadership situations - sometimes mental muscle memory will override your natural biological reactions in split second scenarios.
In the first split second. That in no way implies it doesn't happen later. Basically, we now know how liberals vs conservatives respond if they have only an instant to think about it - we know nothing about how the process routes afterwards.
Most people here assume just accepting new ideas at face value (which is all the study suggested) is a good thing. The article did not in any way indicate that it tested what the evaluative processes that liberals vs conservatives go through before they integrate new ideas into their view of the world. That's a critical thing to know. Frankly, I want people in charge and those voting to have some initial skepticism and to analyze new ideas before they accept them. Just because you hear it or have an initial thought doesn't make it true or valid.
On another note, the article indicated that they chose "very liberal" or "very conservative". It's entirely plausible that the extremes are there for biological reasons and those who dont "identify" with their political orientation choose that orientation for different reasons (former biological, latter rational thought)