Correct me if I'm wrong, but so far there have been a total of zero successful attacks against AACS (the Blu-Ray encryption system). Everything so far has been built around using known decryption keys extracted from BluRay players and playback software.
Obviously, that doesn't stop your from emulating an LVDS flat panel and taking your output from after the stage where it has been decrypted and now thinks it's talking to a flat panel display, but is instead talking to your electronics instead.
It's unlikely that a television owner will accept the equivalent of an "error 53" on their very expensive display panel, so third party repairs will most likely remain possible. At which point we can know there is no security association between the flat panel itself and the separate decode hardware stage.
So basically: if people can see it at all, it's possible to get it in cleartext, even if you may eventually have to resort to tempest-level eavesdropping on the flat panel itself.
Now while it's true that these things might be watermarked in the decode process... it's possible to use sampling with multiple sets of hardware, and then use differential analysis on the images to remove, or at least obscure, andy electronic artifacts designed to identify the source of the video. Not that it's not actually going to be the same way most movies get released these days: someone gets a hold of an awards ceremony DVD by doing dumpster diving, or some member of the academy just releases it, or the pressing factory in China just runs a "third shift operation".
Frankly, however, I can't see them being successful in requiring going to the Internet; it's not like the Internet can tell if it's a legitimate disc in the first place, if it's a bit-identical disc that was run off by the factory that ran off the legitimate copies. It's basically a repeat of the DIVX (DIgital Video eXpress) fiasco if they go that route anyway. https://en.wikipedia.org/wiki/... -- nobody wants to rent the videos they buy, and potentially later lose access to them, when you replace a player, or a key that happens to be for your brand of player gets invalidated, or the studio goes out of business, or gets bought by a religious organization that thinks R-rated movies are somehow "Against God".
And if you think that can't happen: It's Chick-fil-A's nationwide policy to be closed on Sunday because of its managements religious beliefs.
and because all of the U.S. talent that they would have potentially hired to do outsourced work for various companies was locked up in companies like Disney.
Okay - So now that all that talent formerly "locked up" at Disney has entered the job market, the company to which Disney outsourced its IT department now has qualified domestic workers available and no longer has any excuse to hire H1Bs.
It's really not that hard to understand.
Too late: the H-1B's were already granted while the talent was locked up. And seriously: most out the outsourcing generally means off-shoring, not H-1B's Those jobs are being taken by people from India, but they are in offices in India, where it's cheaper to maintain them, rather than offices in the U.S..
But by driving down costs to companies by wiping out units of qualified US workers for foreign workers, where is the incentive for a US student to invest money & time into a position which will only be filled by "cheaper" foreign worker?
Well, obviously, if you got a "full ride" academic scholarship, you aren't investing money, only time.
But yes, if you export middle-classness to Hyderabad, you must, of necessity of the balance of trade, import poverty into the U.S., given that many of these positions are actually not in the U.S. for the particular contractors involved. A lot of them come over on an H-3, get the training, and then go back home and do the job remotely. The U.S. does not currently have a visa waiver program covering India, so at a minimum, you're talking an L-1B or B-1 to cover up to 90 days of training.
How is this legal? It's my admittedly weak understanding of H1B law that it can only be used to fill a job position if there are no qualified domestic workers. It sounds very much like a case of Disney replacing a current employee with an H1B visa worker.
Disney is not hiring H1-B's to replace their existing IT people; they are outsourcing the jobs that used to be handled by their in-house IT department to another company. That other company happens to have a bunch of H1-B workers, because they are well known for having a lot of H1-B workers, and because all of the U.S. talent that they would have potentially hired to do outsourced work for various companies was locked up in companies like Disney.
If there is a demand for more skilled workers, then why are companies replacing existing skilled labor with foreign workers on the H1-B visa program?
There are three aspects tot he answer to this question:
(1) Disney didn't actually replace the workers with H1-B workers; they replaced an internal department with an outsourced department consisting onf a third party company, which happens to have a lot of H1-B workers.
(2) In many cases, the labor being replaced is not actually all that skilled. The U.S. education system isn't what it used to be, and the graduates aren't what they used to be, back when they were getting through their degree programs on academic scholarships, rather than student loans. A lot of this has to do with the U.S. workers having experience, but not degrees, since they were in many cases sniped out of degree programs by companies in the.bomb era who needed cubicle warmers to prove to their VCs that they were hitting their hiring targets. Now we have an non-degreed generation, which gets us to the third part.
(3) A lot of these people are greying. That's a kind way of saying that they are expensive, compared to new graduates. Usually, that's couched as "culture fit", but what it really means is that CEOs tend to prefer people younger than themselves be working for them, because it's cheaper, and in many cases, you can hire better quality: they may have gone through a crappy degree program, but at least they didn't leave a crappy degree program after two years to become a cubicle warmer for some company that later tanked, going down with all hands.
So in combo, that pretty much covers why they want H1-B's, and why the outsourcing companies are able to do for Disney what Disney wants done, cheaper than an in house IT department would be able to do it.
The position and opportunity should be the incentive, not the paycheck
Theoretically, so that they don't compromise their principles in exchange for a payday. It's supposed to make them resistant to being bribed or vote selling.
If Mr O'Neill and the rest of these corporate leaders were actually so desperate for qualified tech people, perhaps they could consider starting extensive intern programs.
Perhaps colleges should start turning out people who are qualified to participate in extensive intern programs. Perhaps they could change the ABET accreditation standards for computer science programs back from being "outcome based", and instead actually teach people how to code again. There are maybe two handfuls of universities in the U.S. who have programs that are actually worthwhile, and most of those programs are legacy hold-overs bas on what used to be taught in the early to mid 1980's, and not all degree contract options include those now-optional classes. Rice is one. Brown is another. MIT is another. Stanford is also one.
Companies are not in business to educate you, they are in business to focus on their products. If you want a company to train you, look no further than the University of Phoenix, DeVry, or one of the other companies who are in business to provide educations, as opposed to, you know, shipping product.
PWRs are light water reactors, not heavy water --- so I'm still puzzled about the origin of the tritium.
There is intentional addition of Boron, in the form of boric acid, to the water in PWRs to act as a moderator for the reaction. Which is how the Boron crystals indicated the slow leak in the pipe in the filtration system for the refueling process which recently occurred, resulting in the tritium in the test well. When exposed to radiation, Boron tends to turn to Tritium.
It wasn't a big leak, and the company self-reported the leak. For comparison purposes, the amount per liter of water was still in picocuries; it we wanted to make it sound even scarier, of course, we'd measure it in bequerels, so that it'd be 37,000 times larger still. Or we could compare it to the naturally occurring radioactivity from the potassium already in your body, which is about 50 times higher.
The problem with ARM and graphics... is memory bus bandwidth.
Apple has been addressing this in their CPU, but everyone else is 6-8 years behind the curve, even with the most recent nVidia offerings. Fast graphics engines are great, and all, but if you are limited to operating quickly only on what's in cache, and then you have to push across a slow memory bus to get that data to the frame buffer, you are going to be pretty limited in what you can accomplish.
Please, please, please address the memory bus bandwidth issue before the end of the decade; yeah, the P.A. Semi guys that Apple bought had a lot of experience prior working on the DEC Alpha, but there *has* to be other engineers capable of solving the problem, right?
"This section does not prohibit any lawfully authorized investigative, protective, information security, or intelligence activity of an officer, agent, or employee of the United States, a State, or a political subdivision of a State, or a person acting pursuant to a contract with the United States, a State, or a political subdivision of a State. For purposes of this subsection, the term âoeinformation securityâ means activities carried out in order to identify and address the vulnerabilities of a government computer, computer system, or computer network."
Meaning they'd still have to pay Apple to do it so that it's a contract.
Q: "Reason for leaving last job?" A: "They asked me to comply with the request, so I quit."
The correct answer should always be you are unable to comply with any request from any actor evil or noble... quitting out of principal means you have already failed.
On the contrary. It (1) Shields the company from the actions of the court, and (2) shields you personally from the court, since the court order was issued against the company, rather than you as a person. When you are acting on behalf of the company in a position to which a court order is applicable, it's possible for the court to hold you, personally in contempt.
We already saw this with the Elcomsoft case, and Dmitry Sklyarov.
While I agree that that should be the answer, that *being* the answer, and a court *accepting* that answer and backing off the engineer in question, are two different things.
NB: Ironically, the FBI is asking Apple to violate the DMCA by creating a circumvention device, in the same way Elcomsoft created a circumvention device. Nothing, in principle, prevents the DMCA provisions being applied to Apple by a federal prosecutor, or to a former employee by a federal procesutor, should they be involved, even if it's Apple's code. For example, if the author of the DVD CSS were to publish an exploit for it, how many media companies would go after his or her ass with torches and a pitchfork?
There is the chance that some of the people that could do it are principled enough to resign from Apple and start to work for one of the competitors (if you have such skills that shouldn't be too hard to do).
If I were to have such skills and if I were to be (in part) responsible for the design and implementation of what is arguably one of the most secure consumer devices in the world, I would take great pride in my work. Being asked to undo such an accomplishment, is a really, really big thing. This is an issue that is often enough ignored: the actual people doing the work. Apple may be a company, but a company is made up of people, and if there are no people that are willing and able to perform a certain task, it won't happen, valid court order or not.
Job interview:
Q: "What did you do at your last job that makes you feel you are qualified to work on cryptographic systems?" A: "Wrote cryptography hard enough to break that the FBI invoked the All Writs Act of 1789 to try and force my company to break it" Q: "Reason for leaving last job?" A: "They asked me to comply with the request, so I quit."
In other words some hundreds of people could create it in a month. Color me unimpressed by the level of difficulty. IF, that is (and it's big IF) your premise is accurate.
Hundreds of people as qualified as the creator of the architecture.
Let's say Fred Brooks was wrong, and all engineers are equivalent cogs that can be replaced by any other cog. It's just a lot of typing, right?
So let's also say "hundreds" is "300".
So 300 x 1 month = 100 x 3 months = 25 x 12 months... OK, that's ballpark for "man decades" if that "s" translates to 2.5.
What do 25 engineers of that calibre cost for a year? Well, minimally, you are looking at 2 x their salary -- that's the "flooring cost" for an engineer, and equipment, and rent, and computers, and... that you have to pay them.
What do you think this guy got in stock options and base pay for one year of work? So basically... you are looking at a minimum of about $100M, with no guarantee that they outcome is possible.
Can Apple pay this out of petty cash? Probably. Will they? No. Should they? Hell no! This is (effectively) contract work for the FBI: they get to pay any costs, and the outcome is uncertain.
But wait! If Apple has 300 engineers of this calibre working on the thing for a month... what about their opportunity costs? That $100M is just to cover expenses related to keeping these people working and the lights on. During that month: they can't work on any Apple products, because they are too damn busy working on cracking the iPhone in software for the FBI!
Apple loses whatever work product those engineers would have produced in that month, plus whatever value in time to market that that one month lead would have gained them on any competitors, and they lose that lead *in perpetuity*. And you know that if Apple is paying an engineer *that* much, they are going to be making at least *twice* that much off their labors. Or they wouldn't be willing to pay them.
So now we are in the 1/5th to 1/4 billion dollar ballpark for the work.
OR.
The FBI could just pay some ordinary engineer $30,000 to pull the flash chip, and reset it every 4 tries, up to 250 times.
Tell me again why Apple should do it the FBI's way instead of the *easy* way?
"And the positions I’d be offered would all be unpaid internships."
This is something that needs to be killed, with fire.
Let me translate that into fashion magazine editor speak for you:
"You aren't Anne Hathaway. We wish the hell you would quit applying for internships with us, but if you promise to sit quietly, we'll let you hang out. We won't pay you, of course, but we also won't forcibly eject you from the building."
You do know that Sevastopol was a jointly-administered Ukrainian-Russian area with officially deployed Russian troops, don't you?
I was aware. Soldiers stationed in an area where they are non-citizens, and their families who are non-citizens, should not be allowed to vote on such things. This is the reason the United Nations does not recognize the 2014 referendum as being valid.
This isn't exaggeration or hyperbole, especially since the FBI said they only want a firmware update on this single phone under Apple's auspices.
Fuck them.
They can have the data they want tomorrow two ways:
(1) Have a FISA court order the NSA to give them the data, since it's just traffic analysis and MMS/SMS data the FBI wants, and NSAs PRISM collects that.
(2) Let Apple do a hardware hack on the phone, desolder the flash, socket it, and reset it on every 4th attempt until it's cracked.
Quit fucking asking for a tool to get the data that can be applied to every phone. There is no such tool, if such a tool were possible to create (and I was discussing this today at lunch with the guy who *designed* the security architecture in question: it's doubtful), it would take *man decades* to create it.
I would tend to believe that the question is invalid.
They likely did not ask the obvious followup: "Would your answer change if you knew the NSA already had this information, and the FBI just hasn't asked for it?"
But nice attempt at astroturfing it as if it weren't an annexation. The United Nations does not recognize the 2014 referendum as valid.
It was an annexation with popular support. For what happens without said support, see Donbass.
You can't just move a bunch of people into an area, annex it without permission of the government from whom you are annexing it, and then call it "annexation with popular support". Otherwise, there are a few European countries well on their way to Syria declaring them "annexed with popular support".
It mattered to the residents of Crimea, who had, as a majority, voted for Ukrainian rule.
The majority voted for Russian rule.
Wrong.
"In January 1991, a referendum was held in the Crimean Oblast, and voters approved restoring the Crimean Autonomous Soviet Socialist Republic. However, after the dissolution of the Soviet Union less than a year later, the Autonomous Republic of Crimea was formed as a constituent entity of independent Ukraine, with a slight majority of Crimean voters approving Ukrainian independence in a December referendum."
[...]
"The internationally recognised Ukrainian territory of Crimea was annexed by the Russian Federation on 18 March 2014. From the time of the annexation, Russia has de facto administered the peninsula as two federal subjects—the Republic of Crimea and the city of Sevastopol—within the Crimean Federal District. The military intervention and annexation by Russia took place in the aftermath of the Ukrainian Revolution and was part of wider unrest across southern and eastern Ukraine."
But nice attempt at astroturfing it as if it weren't an annexation. The United Nations does not recognize the 2014 referendum as valid.
A large percentage of the residents of Crimea were already Russian citizens, so it obviously had relevance to them.
They were on vacation there. Or they were expatriates, trying to escape Russian rule. So yeah, you got me on that. It mattered to the residents of Crimea, who had, as a majority, voted for Ukrainian rule.
It mattered to Russia to have a warm-water port to ship oil from, given that their oil pipie line in Afghanistan has been endangered since "The War On Terror" first landed boots in Afghanistan.
But mattering to Russian Oligarchs is a far cry from mattering "to daily life of ordinary Russians", unless those oligarchs draft you into the army.
This clearly shows a review of Yelp has backlash but the small business owners subject to the totally shitty reviews from yelp have no way to remove callous and shitty reviews.
Yelp being a fuck-stick of a company in your opinion (pardon my French) in no way justifies a higher salary for employees, unless you are suggesting that they should get "a cut of the take".
She was working at Yelp for minimum wage in the hopes that it would get her foot in the door for a real job.
No David, she wasn't. She was working for $17/hour. That what the position was advertised at for the San Francisco office on Indeed.com.
I realize that some cities have (inadvisedly) increased minimum wage to $15/hour, but San Francisco is not one of them, and even their minimum wage increase over the federal minimum proposal was scaled to kick in over the end of the next decade, not immediately. They pay well, because they are well hated.
Unfortunately, the reality is that this technique almost never works. She might as well be working at Burger King. The job would have been easier, and because of her college degree, she probably would have been able to quickly move up to a shift lead job, which would have paid her more than she was making at Yelp....
All this is very true; there's a lot of unreasonable expectations instilled in college graduates, especially those who believe that a degree, *any* degree, will magically get them a job in their chosen field, and "if they can only get their foot in the door..." that will happen immediately, or even quickly.
I was really frustrated by her complaining about "a *whole* year" to move out of a support role, into a role which she would be paid to do what she admitted she was already doing on her own time for free. Why in heck would they pay her to do something that she's going to do anyway?!?
Slashdot Mirror
Correct me if I'm wrong, but so far there have been a total of zero successful attacks against AACS (the Blu-Ray encryption system). Everything so far has been built around using known decryption keys extracted from BluRay players and playback software.
Obviously, that doesn't stop your from emulating an LVDS flat panel and taking your output from after the stage where it has been decrypted and now thinks it's talking to a flat panel display, but is instead talking to your electronics instead.
It's unlikely that a television owner will accept the equivalent of an "error 53" on their very expensive display panel, so third party repairs will most likely remain possible. At which point we can know there is no security association between the flat panel itself and the separate decode hardware stage.
So basically: if people can see it at all, it's possible to get it in cleartext, even if you may eventually have to resort to tempest-level eavesdropping on the flat panel itself.
Now while it's true that these things might be watermarked in the decode process... it's possible to use sampling with multiple sets of hardware, and then use differential analysis on the images to remove, or at least obscure, andy electronic artifacts designed to identify the source of the video. Not that it's not actually going to be the same way most movies get released these days: someone gets a hold of an awards ceremony DVD by doing dumpster diving, or some member of the academy just releases it, or the pressing factory in China just runs a "third shift operation".
Frankly, however, I can't see them being successful in requiring going to the Internet; it's not like the Internet can tell if it's a legitimate disc in the first place, if it's a bit-identical disc that was run off by the factory that ran off the legitimate copies. It's basically a repeat of the DIVX (DIgital Video eXpress) fiasco if they go that route anyway. https://en.wikipedia.org/wiki/... -- nobody wants to rent the videos they buy, and potentially later lose access to them, when you replace a player, or a key that happens to be for your brand of player gets invalidated, or the studio goes out of business, or gets bought by a religious organization that thinks R-rated movies are somehow "Against God".
And if you think that can't happen: It's Chick-fil-A's nationwide policy to be closed on Sunday because of its managements religious beliefs.
and because all of the U.S. talent that they would have potentially hired to do outsourced work for various companies was locked up in companies like Disney.
Okay - So now that all that talent formerly "locked up" at Disney has entered the job market, the company to which Disney outsourced its IT department now has qualified domestic workers available and no longer has any excuse to hire H1Bs.
It's really not that hard to understand.
Too late: the H-1B's were already granted while the talent was locked up. And seriously: most out the outsourcing generally means off-shoring, not H-1B's Those jobs are being taken by people from India, but they are in offices in India, where it's cheaper to maintain them, rather than offices in the U.S..
But by driving down costs to companies by wiping out units of qualified US workers for foreign workers, where is the incentive for a US student to invest money & time into a position which will only be filled by "cheaper" foreign worker?
Well, obviously, if you got a "full ride" academic scholarship, you aren't investing money, only time.
But yes, if you export middle-classness to Hyderabad, you must, of necessity of the balance of trade, import poverty into the U.S., given that many of these positions are actually not in the U.S. for the particular contractors involved. A lot of them come over on an H-3, get the training, and then go back home and do the job remotely. The U.S. does not currently have a visa waiver program covering India, so at a minimum, you're talking an L-1B or B-1 to cover up to 90 days of training.
How is this legal? It's my admittedly weak understanding of H1B law that it can only be used to fill a job position if there are no qualified domestic workers. It sounds very much like a case of Disney replacing a current employee with an H1B visa worker.
Disney is not hiring H1-B's to replace their existing IT people; they are outsourcing the jobs that used to be handled by their in-house IT department to another company. That other company happens to have a bunch of H1-B workers, because they are well known for having a lot of H1-B workers, and because all of the U.S. talent that they would have potentially hired to do outsourced work for various companies was locked up in companies like Disney.
It's really not that hard to understand.
If there is a demand for more skilled workers, then why are companies replacing existing skilled labor with foreign workers on the H1-B visa program?
There are three aspects tot he answer to this question:
(1) Disney didn't actually replace the workers with H1-B workers; they replaced an internal department with an outsourced department consisting onf a third party company, which happens to have a lot of H1-B workers.
(2) In many cases, the labor being replaced is not actually all that skilled. The U.S. education system isn't what it used to be, and the graduates aren't what they used to be, back when they were getting through their degree programs on academic scholarships, rather than student loans. A lot of this has to do with the U.S. workers having experience, but not degrees, since they were in many cases sniped out of degree programs by companies in the .bomb era who needed cubicle warmers to prove to their VCs that they were hitting their hiring targets. Now we have an non-degreed generation, which gets us to the third part.
(3) A lot of these people are greying. That's a kind way of saying that they are expensive, compared to new graduates. Usually, that's couched as "culture fit", but what it really means is that CEOs tend to prefer people younger than themselves be working for them, because it's cheaper, and in many cases, you can hire better quality: they may have gone through a crappy degree program, but at least they didn't leave a crappy degree program after two years to become a cubicle warmer for some company that later tanked, going down with all hands.
So in combo, that pretty much covers why they want H1-B's, and why the outsourcing companies are able to do for Disney what Disney wants done, cheaper than an in house IT department would be able to do it.
The position and opportunity should be the incentive, not the paycheck
Theoretically, so that they don't compromise their principles in exchange for a payday. It's supposed to make them resistant to being bribed or vote selling.
If Mr O'Neill and the rest of these corporate leaders were actually so desperate for qualified tech people, perhaps they could consider starting extensive intern programs.
Perhaps colleges should start turning out people who are qualified to participate in extensive intern programs. Perhaps they could change the ABET accreditation standards for computer science programs back from being "outcome based", and instead actually teach people how to code again. There are maybe two handfuls of universities in the U.S. who have programs that are actually worthwhile, and most of those programs are legacy hold-overs bas on what used to be taught in the early to mid 1980's, and not all degree contract options include those now-optional classes. Rice is one. Brown is another. MIT is another. Stanford is also one.
Companies are not in business to educate you, they are in business to focus on their products. If you want a company to train you, look no further than the University of Phoenix, DeVry, or one of the other companies who are in business to provide educations, as opposed to, you know, shipping product.
PWRs are light water reactors, not heavy water --- so I'm still puzzled about the origin of the tritium.
There is intentional addition of Boron, in the form of boric acid, to the water in PWRs to act as a moderator for the reaction. Which is how the Boron crystals indicated the slow leak in the pipe in the filtration system for the refueling process which recently occurred, resulting in the tritium in the test well. When exposed to radiation, Boron tends to turn to Tritium.
It wasn't a big leak, and the company self-reported the leak. For comparison purposes, the amount per liter of water was still in picocuries; it we wanted to make it sound even scarier, of course, we'd measure it in bequerels, so that it'd be 37,000 times larger still. Or we could compare it to the naturally occurring radioactivity from the potassium already in your body, which is about 50 times higher.
See also: http://www.nrc.gov/reading-rm/...
What if Allah is not willing?
Just saying...
The problem with ARM and graphics... is memory bus bandwidth.
Apple has been addressing this in their CPU, but everyone else is 6-8 years behind the curve, even with the most recent nVidia offerings. Fast graphics engines are great, and all, but if you are limited to operating quickly only on what's in cache, and then you have to push across a slow memory bus to get that data to the frame buffer, you are going to be pretty limited in what you can accomplish.
Please, please, please address the memory bus bandwidth issue before the end of the decade; yeah, the P.A. Semi guys that Apple bought had a lot of experience prior working on the DEC Alpha, but there *has* to be other engineers capable of solving the problem, right?
Lawyers deserve _some_ credit.
"This section does not prohibit any lawfully authorized investigative, protective, information security, or intelligence activity of an officer, agent, or employee of the United States, a State, or a political subdivision of a State, or a person acting pursuant to a contract with the United States, a State, or a political subdivision of a State. For purposes of this subsection, the term âoeinformation securityâ means activities carried out in order to identify and address the vulnerabilities of a government computer, computer system, or computer network."
Meaning they'd still have to pay Apple to do it so that it's a contract.
Q: "Reason for leaving last job?"
A: "They asked me to comply with the request, so I quit."
The correct answer should always be you are unable to comply with any request from any actor evil or noble ... quitting out of principal means you have already failed.
On the contrary. It (1) Shields the company from the actions of the court, and (2) shields you personally from the court, since the court order was issued against the company, rather than you as a person. When you are acting on behalf of the company in a position to which a court order is applicable, it's possible for the court to hold you, personally in contempt.
We already saw this with the Elcomsoft case, and Dmitry Sklyarov.
While I agree that that should be the answer, that *being* the answer, and a court *accepting* that answer and backing off the engineer in question, are two different things.
NB: Ironically, the FBI is asking Apple to violate the DMCA by creating a circumvention device, in the same way Elcomsoft created a circumvention device. Nothing, in principle, prevents the DMCA provisions being applied to Apple by a federal prosecutor, or to a former employee by a federal procesutor, should they be involved, even if it's Apple's code. For example, if the author of the DVD CSS were to publish an exploit for it, how many media companies would go after his or her ass with torches and a pitchfork?
There is the chance that some of the people that could do it are principled enough to resign from Apple and start to work for one of the competitors (if you have such skills that shouldn't be too hard to do).
If I were to have such skills and if I were to be (in part) responsible for the design and implementation of what is arguably one of the most secure consumer devices in the world, I would take great pride in my work. Being asked to undo such an accomplishment, is a really, really big thing. This is an issue that is often enough ignored: the actual people doing the work. Apple may be a company, but a company is made up of people, and if there are no people that are willing and able to perform a certain task, it won't happen, valid court order or not.
Job interview:
Q: "What did you do at your last job that makes you feel you are qualified to work on cryptographic systems?"
A: "Wrote cryptography hard enough to break that the FBI invoked the All Writs Act of 1789 to try and force my company to break it"
Q: "Reason for leaving last job?"
A: "They asked me to comply with the request, so I quit."
Hired!
In other words some hundreds of people could create it in a month. Color me unimpressed by the level of difficulty. IF, that is (and it's big IF) your premise is accurate.
Hundreds of people as qualified as the creator of the architecture.
Let's say Fred Brooks was wrong, and all engineers are equivalent cogs that can be replaced by any other cog. It's just a lot of typing, right?
So let's also say "hundreds" is "300".
So 300 x 1 month = 100 x 3 months = 25 x 12 months ... OK, that's ballpark for "man decades" if that "s" translates to 2.5.
What do 25 engineers of that calibre cost for a year? Well, minimally, you are looking at 2 x their salary -- that's the "flooring cost" for an engineer, and equipment, and rent, and computers, and ... that you have to pay them.
What do you think this guy got in stock options and base pay for one year of work? So basically... you are looking at a minimum of about $100M, with no guarantee that they outcome is possible.
Can Apple pay this out of petty cash? Probably. Will they? No. Should they? Hell no! This is (effectively) contract work for the FBI: they get to pay any costs, and the outcome is uncertain.
But wait! If Apple has 300 engineers of this calibre working on the thing for a month ... what about their opportunity costs? That $100M is just to cover expenses related to keeping these people working and the lights on. During that month: they can't work on any Apple products, because they are too damn busy working on cracking the iPhone in software for the FBI!
Apple loses whatever work product those engineers would have produced in that month, plus whatever value in time to market that that one month lead would have gained them on any competitors, and they lose that lead *in perpetuity*. And you know that if Apple is paying an engineer *that* much, they are going to be making at least *twice* that much off their labors. Or they wouldn't be willing to pay them.
So now we are in the 1/5th to 1/4 billion dollar ballpark for the work.
OR.
The FBI could just pay some ordinary engineer $30,000 to pull the flash chip, and reset it every 4 tries, up to 250 times.
Tell me again why Apple should do it the FBI's way instead of the *easy* way?
I don't get it. Why the hell do people live in San Francisco or anywhere near it?
One of her parents, whom she used to live with and not pay rent, lives in the Bay Area.
Yes, I know: she could move back in, or not moved out in the first place.
"And the positions I’d be offered would all be unpaid internships."
This is something that needs to be killed, with fire.
Let me translate that into fashion magazine editor speak for you:
"You aren't Anne Hathaway. We wish the hell you would quit applying for internships with us, but if you promise to sit quietly, we'll let you hang out. We won't pay you, of course, but we also won't forcibly eject you from the building."
You do know that Sevastopol was a jointly-administered Ukrainian-Russian area with officially deployed Russian troops, don't you?
I was aware. Soldiers stationed in an area where they are non-citizens, and their families who are non-citizens, should not be allowed to vote on such things. This is the reason the United Nations does not recognize the 2014 referendum as being valid.
This isn't exaggeration or hyperbole, especially since the FBI said they only want a firmware update on this single phone under Apple's auspices.
Fuck them.
They can have the data they want tomorrow two ways:
(1) Have a FISA court order the NSA to give them the data, since it's just traffic analysis and MMS/SMS data the FBI wants, and NSAs PRISM collects that.
(2) Let Apple do a hardware hack on the phone, desolder the flash, socket it, and reset it on every 4th attempt until it's cracked.
Quit fucking asking for a tool to get the data that can be applied to every phone. There is no such tool, if such a tool were possible to create (and I was discussing this today at lunch with the guy who *designed* the security architecture in question: it's doubtful), it would take *man decades* to create it.
I would tend to believe that the question is invalid.
They likely did not ask the obvious followup: "Would your answer change if you knew the NSA already had this information, and the FBI just hasn't asked for it?"
My wife is in healthcare, her eyes gloss over when I start discussing this stuff, or how important it is.
Most people in healthcare are like this.
Which is why HIPAA violations are so common.
But nice attempt at astroturfing it as if it weren't an annexation. The United Nations does not recognize the 2014 referendum as valid.
It was an annexation with popular support. For what happens without said support, see Donbass.
You can't just move a bunch of people into an area, annex it without permission of the government from whom you are annexing it, and then call it "annexation with popular support". Otherwise, there are a few European countries well on their way to Syria declaring them "annexed with popular support".
It mattered to the residents of Crimea, who had, as a majority, voted for Ukrainian rule.
The majority voted for Russian rule.
Wrong.
"In January 1991, a referendum was held in the Crimean Oblast, and voters approved restoring the Crimean Autonomous Soviet Socialist Republic. However, after the dissolution of the Soviet Union less than a year later, the Autonomous Republic of Crimea was formed as a constituent entity of independent Ukraine, with a slight majority of Crimean voters approving Ukrainian independence in a December referendum."
[...]
"The internationally recognised Ukrainian territory of Crimea was annexed by the Russian Federation on 18 March 2014. From the time of the annexation, Russia has de facto administered the peninsula as two federal subjects—the Republic of Crimea and the city of Sevastopol—within the Crimean Federal District. The military intervention and annexation by Russia took place in the aftermath of the Ukrainian Revolution and was part of wider unrest across southern and eastern Ukraine."
But nice attempt at astroturfing it as if it weren't an annexation. The United Nations does not recognize the 2014 referendum as valid.
A large percentage of the residents of Crimea were already Russian citizens, so it obviously had relevance to them.
They were on vacation there. Or they were expatriates, trying to escape Russian rule. So yeah, you got me on that. It mattered to the residents of Crimea, who had, as a majority, voted for Ukrainian rule.
It mattered to Russia to have a warm-water port to ship oil from, given that their oil pipie line in Afghanistan has been endangered since "The War On Terror" first landed boots in Afghanistan.
But mattering to Russian Oligarchs is a far cry from mattering "to daily life of ordinary Russians", unless those oligarchs draft you into the army.
This clearly shows a review of Yelp has backlash but the small business owners subject to the totally shitty reviews from yelp have no way to remove callous and shitty reviews.
Yelp being a fuck-stick of a company in your opinion (pardon my French) in no way justifies a higher salary for employees, unless you are suggesting that they should get "a cut of the take".
She was working at Yelp for minimum wage in the hopes that it would get her foot in the door for a real job.
No David, she wasn't. She was working for $17/hour. That what the position was advertised at for the San Francisco office on Indeed.com.
I realize that some cities have (inadvisedly) increased minimum wage to $15/hour, but San Francisco is not one of them, and even their minimum wage increase over the federal minimum proposal was scaled to kick in over the end of the next decade, not immediately. They pay well, because they are well hated.
Unfortunately, the reality is that this technique almost never works. She might as well be working at Burger King. The job would have been easier, and because of her college degree, she probably would have been able to quickly move up to a shift lead job, which would have paid her more than she was making at Yelp....
All this is very true; there's a lot of unreasonable expectations instilled in college graduates, especially those who believe that a degree, *any* degree, will magically get them a job in their chosen field, and "if they can only get their foot in the door..." that will happen immediately, or even quickly.
I was really frustrated by her complaining about "a *whole* year" to move out of a support role, into a role which she would be paid to do what she admitted she was already doing on her own time for free. Why in heck would they pay her to do something that she's going to do anyway?!?