So I can do it, and use it for evil... so long as the UK government doesn't find out about it?
Got it.
So when I write that paper on "de-anonymization made easy", all I have to do is anonymize my authorship of the paper, and I'll be safe, because the U.K. government won't break their own laws... correct?
Nominally motivated (according to the article, which the moderators apparently did not read) by the recent measles outbreak, the move is intended to protect the population at large, rather than the individuals being vaccinated.
Then you understand that the minimum R0 for Pertussis ("whooping cough") and Measles is 12, and in modern strains, closer to 17 and 18, respectively.
That means that you have to have 94% and 95% successful vaccination to hit the threshold where you are actually protecting the population from the spread of the disease in the population.
6% of the population is immunocompromised. This doesn't have to mean HIV; it also means hepatitis, organ transplant, organ failure for other reasons, Lupus, Mononucleosis, Epstein-Barr virus, or Helicobacter pylori, and other diseases.
Even if you immunize everyone, and the vaccines are 100% effective, you've already lost on measles, and you're 1% away from losing on pertussis.
And this assumes a homogenous population, in which that 6% is spread throughout the population uniformly -- and that you don't immunize them, you give them an exception -- which the legislation doesn't allow: you get immunized whether you can tolerate the vaccine or not.
Add to the 6% the 2% allergic to the non-vaccine proteins that result from the culture medium, and you have lost on pertussis as well.
Unless you willfully kill off people, vaccination, even with 100% effective vaccines, will never, ever successfully eradicate measles or pertussis: they are here for the long haul, and they will be with humanity until a method other than vaccination us used in order to either eradicate or contain the diseases.
It turns out containment actually works. It's called quarantine, and the U.S., after several outbreaks of Ebola -- resulting in deaths -- on U.S. soil, the U.S. instituted quarantine for doctors returning to the U.S. from hot zones. And there have been no more outbreaks in the U.S..
This is precisely how we dealt with tuberculosis, before we could do anything about it, and it's precisely how we dealt with Hansen's disease (leprosy). and it freaking works. It's just not politically correct to quarantine people from hot zones -- until it is.
---
And the vaccines are still not 100% effective anyway -- unless you get a type 1 IgE reaction because of antibodies. If you only get a type 2 IgE reaction, then you are going to be an asymptomatic carrier, and spread the disease around. You're going to be a Typhoid Mary. Thankfully, only a fraction of people end up type 2 -- but it still happens. It's why the OPV (Oral Polio Vaccine), which is still used in countries like India and Pakistan, who won't buy solar powered refrigerators for rural clinics -- has resulted in secondary live virus vaccine infections that have resulted in 48,000 cases of partial or complete polio myelitis based paralysis so far.
We use recombinant polio vaccine in Western countries -- where we have refrigerators and reliable electricity -- called IPV -- Injectibale Polio Vaccine. It doesn't have these side effects.
Ironically, the recombinant measles vaccine, rather than the attenuated virus version -- is drastically less effective. In other words, some 35% of people who get the measles vaccine will not be immune to measles.
There's a way to fix this, but it's hugely expensive: perform antibody titers, and verify a Type 1 IgE reaction, and if the person doesn't have the antibodies, immunize them again. And again. And again. Until they have the antibodies. This technique is sometimes used on health care workers who will be knowingly going into a hot zone. But it's an expensive procedure, verifying that an immunization worked.
Not only will it not impact measles measurably, since the vaccine is not effective enough to get to the required R0 of 94% to achieve herd immunity...
It's also going to kill off the 6% of the population that's immunocompromised in France, who can't tolerate vaccination, and it'll kill off an additional 2% of the population with egg allergies, who can't tolerate the culture medium cross-contamination in the vaccines.
Way to go, Measles! 8% of France! Even the Nazis, in WW II were only able to kill off 1.37% of the French!
Yes, the above was sarcasm; you should get vaccinated for measles, and anything else you can tolerate the vaccine for.
But if you think you are saving other people from Measles or Pertussis, you are going to need to attend remedial math classes.
You should really read the literature. They also used other vectors, and while they show a USB stick on the vector line, not all of them were via USB. Sometimes it came in loaded on Lexmark printers.
There are plenty of digital controls in nuclear plants. Yes, there is also a lot of older relay technology as well, but plants have been upgrading controls for quite some time. Critical safety systems are still mostly non-digital because of difficult licensing process for upgrade to digital, but that is also changing.
I don't know what you've been smoking, but when a friend of mine was involved in the group that attempted to send robots in to assess the damage in the Fukushima facility, all of the electronics in the robots kept dying.
This is because almost no electronics that aren't military -- and generally sourced from NSA-run chip foundries -- aren't radiation hardened.
The systems are electromechanical because they have to operate in the event of a large scale radiation leak.
While you are correct that there's a lot of digital, it's on the ends of very long wires, well away from the possibility of accidental exposure to hard radiation, which would cause it to stop operating and/or malfunctions pretty spectacularly.
Additionally, these systems tend to exist for monitoring only, not for control.
And if anyone hooks anything but the monitoring legs of these things -- which are typically output only, optoisolated links -- to the Internet, they are fired, and potentially jailed.
Or, alternatively... In Europe, we actually have pretty strong protections on our privacy, where companies aren't allowed to just grab all the data they can and run with it. Facebook tries to grab all our data and run with it, and unsurprisingly are being found to be outside the law.
Facebook can't do that either.
You have to agree to it. No one requires you to agree with the terms of service: you just don't get to have service, if you don't.
Just because the Germans haven't been able to develop their own version of Facebook, doesn't mean that they should have any say in how the U.S. version of Facebook is run.
I hope Facebook does the same thing that a lot of other services do, when Europe passes some dumbass law and tries to fine them: pull the heck out of the country.
Remember how well the Spanish news sites did, after they tried to charge Google news excerpting fees?
isn't this argument valid for some other companies as well ???
No, it's not.
It's only valid for companies with deep pockets, which can have money extorted out of them by governments who have basically squelched their technology sector to the point there's no way in hell it could come up with something competitive with the company they are attempting to extort money from.
If your friend didn't bother to contact you personally, and if none of your mutual friends bothered to contact you either, and no one happened to mention the upcoming wedding in your presence...
Instead of being bullied, why don't those German users just use one of the incredibly popular German social media sites coming out of Germany's equivalent of Silicon Valley, and their thriving venture capital sector, and startup company friendly tax laws?
Oh. Wait. Germany. Where Spotify is illegal because they aren't paying the BMG tax on songs not recorded either in Germany or by David Hasselhoff, but which you have to pay anyway.
He also didn't consider international calls when making up his bullshit story. If the ring tone comes from the line card my pair connects to, why do I hear different ring tones based on the country I am calling?
Because international calls are terminated at the PSTN (Public Switched Telephone Network) office.
The call goes from your POTS line to the line card at the LATE, or it goes to the cellular backhaul, which then goes to the Carrier Exchange.
From there, it goes to the Foreign eXchange (FX), which is the thing that terminates the call from the packet switched network to the circuit switched international network.
It's the other end of the exchange the generated the ring tone you hear in the phone.
These days the ring cadence is almost always virtual, but it switched at any new call termination point in the hop from you to your destination (note: not all countries have a distinctive cadence).
The UK tends to keep the cadence that they had historically on the make/break for the ringing of the physical phone bells on POTS lines, even though it no longer matters. This happens for two reasons:
1. People in the UK were used to hearing this ring cadence on outbound calls 2. Because they can
But effectively, you get the different cadence because at that point the call has been terminated in the remote international exchange.
FWIW: I received my "first phone license" to work on circuit switched telecommunications equipment when I was 14 years old. I was also at Artisoft when we started acquiring the companies that produced telephone line cards to make PC's into PBX's.
These things tend to be very convoluted for historical reasons, all having to do with how things used to be billed based on everything running over circuit switched networks.
Then they go on to talk about developers, engineers, and programmers, instead of IT workers.
Then they go back and talk about IT workers: "skilled technology employees".
I can understand that they might also have a shortage of those other things as well as IT workers, but what do developers, engineers, and programmers have to do with answering the phone at the help desk, pulling cat 5/cat 6 cable, using puppet to configure systems, or swapping out disks on raid arrays (aka the stuff that "IT workers" do)?
If you can do a TPM in a VM, it's strong cryptography.
Which you are not allowed to have without a license from two agencies in Russia.
It's also a waste of time, when you have actual hardware available, but you are not allowed to take it into or out of the country.
If the things will never be allowed to be sold in Russia, why pay a Russian team to work on something that's never going to impact their market? How can they be expected to come up with clever or innovative new things, when all they have is their imagination about how they might be used, rather than actually using them themselves?
But seriously: if you could build software TPMs that are as useful and secure as a hardware TPM, why would you ever buy a hardware TPM again?
One from their equivalent of the State Department, and one from their equivalent of the NSA.
The NSA part stopped granting licenses a while back, which is why the Chromebook crypto development group was disbanded in Moscow (and most of them ended up moving West to Finland, and started working on the same code again).
You weren't allowed to import or export computers with TPM hardware.
Hard to work on Chromebooks when you can't get Chromebooks.
The normal "ringing" you hear used to be connected to the make/break on the POTS lines for the 80+V AC that was sent down to run the bell on the phone on the other end (via tip and ring lines), after the stepper relays put the circuit in place in the circuit switched network.
Even if you have POTS lines, the current "ringing" you hear on the phone on the callers end is generated by the LATE line card; this is why instead of getting an immediate intercept as the first thing you hear with an "out of service" line, you get a couple of rings first.
To play the music to you instead of the ringing noise, the call has to be completed to a system on the other side of the line card which knows about the magic music that the person your calling has set up for when you, in particular call.
This was technically a "call completion", back when "long distance rates" were still a thing, and you got billed for it.
I know one of the people who came up with the things. I also know executives (well, former executives, now) at U.S. West who were involved in the decision, and we discussed it at a New Years party at what is now the Hampton Inn & Suites Ogden, and how much they were making on it. They likely had no idea that I was one of the areas most (in)famous Phone Phreaks (retired), or they wouldn't have discussed it. The hard liquor they were drinking probably also had something to do with it.
And yes, today, you don't get billed for it, because only a moron buys a metered rate plan these days.
And by "swept under the rug" I mean "no longer prominently advertised as a service, due to it not being profitable enough to waste column inches advertising".
Which is sort of the point of the original article that started this whole thread, don't you think?
Financial reasons for ringback tones disappeared; that's why this thing has disappeared from our lives.
The financial incentive was that the carrier was allowed to have it counted as a "call completion" at the start of the call, rather than at the time the call was actually picked up. Ot
Now that we have "unlimited minutes", this no longer has financial value to the carriers; now it's actually a cost center.
So carriers have quietly swept it under the rug of history; the equipment to do it is still there, and the music licenses still in place, but it actually costs them for you to use it, instead of paying off as $0.06-$0.12, which is about the amount of time an average person will let a phone ring before hanging up.
By putting a song there, the idea was you would let it ring longer, in order to not hang up on the song, given that there was still the possibility of the person you were calling answering the phone.
Slashdot Mirror
That's 0.8 more degrees of global warming than there are of Kevin Bacon.
So I can do it, and use it for evil... so long as the UK government doesn't find out about it?
Got it.
So when I write that paper on "de-anonymization made easy", all I have to do is anonymize my authorship of the paper, and I'll be safe, because the U.K. government won't break their own laws ... correct?
Just in the US.
More than 9,000 per year from skin cancer.
Are they testing them by implantation... in high profile people that are widely disliked?
It's almost about 1/10th as bad as San Francisco in that regard.
Could have just left off "For Ads"...
Just saying...
Immunity conferred by immunization is not heritable.
Look, I know my other post got modded down.
But this is the ultimate "nanny state" move.
Nominally motivated (according to the article, which the moderators apparently did not read) by the recent measles outbreak, the move is intended to protect the population at large, rather than the individuals being vaccinated.
If you understand the mechanism for herd immunity: https://en.wikipedia.org/wiki/...
Then you understand that the minimum R0 for Pertussis ("whooping cough") and Measles is 12, and in modern strains, closer to 17 and 18, respectively.
That means that you have to have 94% and 95% successful vaccination to hit the threshold where you are actually protecting the population from the spread of the disease in the population.
6% of the population is immunocompromised. This doesn't have to mean HIV; it also means hepatitis, organ transplant, organ failure for other reasons, Lupus, Mononucleosis, Epstein-Barr virus, or Helicobacter pylori, and other diseases.
Even if you immunize everyone, and the vaccines are 100% effective, you've already lost on measles, and you're 1% away from losing on pertussis.
And this assumes a homogenous population, in which that 6% is spread throughout the population uniformly -- and that you don't immunize them, you give them an exception -- which the legislation doesn't allow: you get immunized whether you can tolerate the vaccine or not.
Add to the 6% the 2% allergic to the non-vaccine proteins that result from the culture medium, and you have lost on pertussis as well.
Unless you willfully kill off people, vaccination, even with 100% effective vaccines, will never, ever successfully eradicate measles or pertussis: they are here for the long haul, and they will be with humanity until a method other than vaccination us used in order to either eradicate or contain the diseases.
It turns out containment actually works. It's called quarantine, and the U.S., after several outbreaks of Ebola -- resulting in deaths -- on U.S. soil, the U.S. instituted quarantine for doctors returning to the U.S. from hot zones. And there have been no more outbreaks in the U.S..
This is precisely how we dealt with tuberculosis, before we could do anything about it, and it's precisely how we dealt with Hansen's disease (leprosy). and it freaking works. It's just not politically correct to quarantine people from hot zones -- until it is.
---
And the vaccines are still not 100% effective anyway -- unless you get a type 1 IgE reaction because of antibodies. If you only get a type 2 IgE reaction, then you are going to be an asymptomatic carrier, and spread the disease around. You're going to be a Typhoid Mary. Thankfully, only a fraction of people end up type 2 -- but it still happens. It's why the OPV (Oral Polio Vaccine), which is still used in countries like India and Pakistan, who won't buy solar powered refrigerators for rural clinics -- has resulted in secondary live virus vaccine infections that have resulted in 48,000 cases of partial or complete polio myelitis based paralysis so far.
We use recombinant polio vaccine in Western countries -- where we have refrigerators and reliable electricity -- called IPV -- Injectibale Polio Vaccine. It doesn't have these side effects.
Ironically, the recombinant measles vaccine, rather than the attenuated virus version -- is drastically less effective. In other words, some 35% of people who get the measles vaccine will not be immune to measles.
There's a way to fix this, but it's hugely expensive: perform antibody titers, and verify a Type 1 IgE reaction, and if the person doesn't have the antibodies, immunize them again. And again. And again. Until they have the antibodies. This technique is sometimes used on health care workers who will be knowingly going into a hot zone. But it's an expensive procedure, verifying that an immunization worked.
And if you think the 35% number
I think this is brilliant!
Not only will it not impact measles measurably, since the vaccine is not effective enough to get to the required R0 of 94% to achieve herd immunity...
It's also going to kill off the 6% of the population that's immunocompromised in France, who can't tolerate vaccination, and it'll kill off an additional 2% of the population with egg allergies, who can't tolerate the culture medium cross-contamination in the vaccines.
Way to go, Measles! 8% of France! Even the Nazis, in WW II were only able to kill off 1.37% of the French!
Yes, the above was sarcasm; you should get vaccinated for measles, and anything else you can tolerate the vaccine for.
But if you think you are saving other people from Measles or Pertussis, you are going to need to attend remedial math classes.
That was only one of the vectors.
You should really read the literature. They also used other vectors, and while they show a USB stick on the vector line, not all of them were via USB. Sometimes it came in loaded on Lexmark printers.
https://www2.cs.arizona.edu/~c...
There are plenty of digital controls in nuclear plants. Yes, there is also a lot of older relay technology as well, but plants have been upgrading controls for quite some time. Critical safety systems are still mostly non-digital because of difficult licensing process for upgrade to digital, but that is also changing.
I don't know what you've been smoking, but when a friend of mine was involved in the group that attempted to send robots in to assess the damage in the Fukushima facility, all of the electronics in the robots kept dying.
This is because almost no electronics that aren't military -- and generally sourced from NSA-run chip foundries -- aren't radiation hardened.
The systems are electromechanical because they have to operate in the event of a large scale radiation leak.
While you are correct that there's a lot of digital, it's on the ends of very long wires, well away from the possibility of accidental exposure to hard radiation, which would cause it to stop operating and/or malfunctions pretty spectacularly.
Additionally, these systems tend to exist for monitoring only, not for control.
And if anyone hooks anything but the monitoring legs of these things -- which are typically output only, optoisolated links -- to the Internet, they are fired, and potentially jailed.
Or, alternatively... In Europe, we actually have pretty strong protections on our privacy, where companies aren't allowed to just grab all the data they can and run with it. Facebook tries to grab all our data and run with it, and unsurprisingly are being found to be outside the law.
Facebook can't do that either.
You have to agree to it. No one requires you to agree with the terms of service: you just don't get to have service, if you don't.
Just because the Germans haven't been able to develop their own version of Facebook, doesn't mean that they should have any say in how the U.S. version of Facebook is run.
I hope Facebook does the same thing that a lot of other services do, when Europe passes some dumbass law and tries to fine them: pull the heck out of the country.
Remember how well the Spanish news sites did, after they tried to charge Google news excerpting fees?
Basically it's a monopoly situation and should be scrutinized and penalized as such.
So ...much like the German position on what constitutes beer putting German brewers in a monopoly position, yes?
So the German brewers should be penalized as such, in order to make the German market safe for French beer, yes?
isn't this argument valid for some other companies as well ???
No, it's not.
It's only valid for companies with deep pockets, which can have money extorted out of them by governments who have basically squelched their technology sector to the point there's no way in hell it could come up with something competitive with the company they are attempting to extort money from.
I think you missed the part where there was "something of value" involved. Or the part where we were talking about Facebook.
Either way, you missed the boat on one of the major prerequisites for it to be extortion.
You do realize...
If your friend didn't bother to contact you personally, and if none of your mutual friends bothered to contact you either, and no one happened to mention the upcoming wedding in your presence...
It may not have been an accidental oversight...
Right?
I'm not understanding the problem?
Instead of being bullied, why don't those German users just use one of the incredibly popular German social media sites coming out of Germany's equivalent of Silicon Valley, and their thriving venture capital sector, and startup company friendly tax laws?
Oh. Wait. Germany. Where Spotify is illegal because they aren't paying the BMG tax on songs not recorded either in Germany or by David Hasselhoff, but which you have to pay anyway.
Never mind.
He also didn't consider international calls when making up his bullshit story. If the ring tone comes from the line card my pair connects to, why do I hear different ring tones based on the country I am calling?
Because international calls are terminated at the PSTN (Public Switched Telephone Network) office.
The call goes from your POTS line to the line card at the LATE, or it goes to the cellular backhaul, which then goes to the Carrier Exchange.
From there, it goes to the Foreign eXchange (FX), which is the thing that terminates the call from the packet switched network to the circuit switched international network.
It's the other end of the exchange the generated the ring tone you hear in the phone.
These days the ring cadence is almost always virtual, but it switched at any new call termination point in the hop from you to your destination (note: not all countries have a distinctive cadence).
The UK tends to keep the cadence that they had historically on the make/break for the ringing of the physical phone bells on POTS lines, even though it no longer matters. This happens for two reasons:
1. People in the UK were used to hearing this ring cadence on outbound calls
2. Because they can
But effectively, you get the different cadence because at that point the call has been terminated in the remote international exchange.
FWIW: I received my "first phone license" to work on circuit switched telecommunications equipment when I was 14 years old. I was also at Artisoft when we started acquiring the companies that produced telephone line cards to make PC's into PBX's.
These things tend to be very convoluted for historical reasons, all having to do with how things used to be billed based on everything running over circuit switched networks.
The summary is very confusing.
First, they claim a shortage of IT workers.
Then they go on to talk about developers, engineers, and programmers, instead of IT workers.
Then they go back and talk about IT workers: "skilled technology employees".
I can understand that they might also have a shortage of those other things as well as IT workers, but what do developers, engineers, and programmers have to do with answering the phone at the help desk, pulling cat 5/cat 6 cable, using puppet to configure systems, or swapping out disks on raid arrays (aka the stuff that "IT workers" do)?
Except the TPM, of course. And the Cellular modem. And the camera controller. And the PMU.
An emulator isn't the same as a simulator.
If you can do a TPM in a VM, it's strong cryptography.
Which you are not allowed to have without a license from two agencies in Russia.
It's also a waste of time, when you have actual hardware available, but you are not allowed to take it into or out of the country.
If the things will never be allowed to be sold in Russia, why pay a Russian team to work on something that's never going to impact their market? How can they be expected to come up with clever or innovative new things, when all they have is their imagination about how they might be used, rather than actually using them themselves?
But seriously: if you could build software TPMs that are as useful and secure as a hardware TPM, why would you ever buy a hardware TPM again?
Importing crypto to Russia requires two licenses.
One from their equivalent of the State Department, and one from their equivalent of the NSA.
The NSA part stopped granting licenses a while back, which is why the Chromebook crypto development group was disbanded in Moscow (and most of them ended up moving West to Finland, and started working on the same code again).
You weren't allowed to import or export computers with TPM hardware.
Hard to work on Chromebooks when you can't get Chromebooks.
Actually no: it counts as a call completion.
The normal "ringing" you hear used to be connected to the make/break on the POTS lines for the 80+V AC that was sent down to run the bell on the phone on the other end (via tip and ring lines), after the stepper relays put the circuit in place in the circuit switched network.
Even if you have POTS lines, the current "ringing" you hear on the phone on the callers end is generated by the LATE line card; this is why instead of getting an immediate intercept as the first thing you hear with an "out of service" line, you get a couple of rings first.
To play the music to you instead of the ringing noise, the call has to be completed to a system on the other side of the line card which knows about the magic music that the person your calling has set up for when you, in particular call.
This was technically a "call completion", back when "long distance rates" were still a thing, and you got billed for it.
I know one of the people who came up with the things. I also know executives (well, former executives, now) at U.S. West who were involved in the decision, and we discussed it at a New Years party at what is now the Hampton Inn & Suites Ogden, and how much they were making on it. They likely had no idea that I was one of the areas most (in)famous Phone Phreaks (retired), or they wouldn't have discussed it. The hard liquor they were drinking probably also had something to do with it.
And yes, today, you don't get billed for it, because only a moron buys a metered rate plan these days.
And by "swept under the rug" I mean "no longer prominently advertised as a service, due to it not being profitable enough to waste column inches advertising".
Which is sort of the point of the original article that started this whole thread, don't you think?
Financial reasons for ringback tones disappeared; that's why this thing has disappeared from our lives.
The financial incentive was that the carrier was allowed to have it counted as a "call completion" at the start of the call, rather than at the time the call was actually picked up. Ot
Now that we have "unlimited minutes", this no longer has financial value to the carriers; now it's actually a cost center.
So carriers have quietly swept it under the rug of history; the equipment to do it is still there, and the music licenses still in place, but it actually costs them for you to use it, instead of paying off as $0.06-$0.12, which is about the amount of time an average person will let a phone ring before hanging up.
By putting a song there, the idea was you would let it ring longer, in order to not hang up on the song, given that there was still the possibility of the person you were calling answering the phone.