So hiding a laptop in a closet in order to download scientific articles is a crime worthy of decades in prison?
So many people here seem to have no sense of perspective. Yes, what Swartz did was (probably) illegal. It was civil disobedience, not malicious or for personal gain, but I think some punishment would have been reasonable: a misdemeanor (at most), maybe a fine or probation or community service. But a felony and significant federal prison time? That's fucking insane. There was no damage. He was an asset to the community, not a threat. Lessig said is best: 'Somehow, we need to get beyond the “I’m right so I’m right to nuke you” ethics that dominates our time.'
Read the NISPOM and JFAN security guides. No external devices can be brought in to secured areas. No USB sticks, no media without a lengthy process to scan and check in the data. Nothing leaves the secured area without being shredded. We had some hefty machinery built to munch up everything from memory and CD/DVD media to hard drives and LTO tapes.
So "congress"? Yes, but we already know that cesspool for what it is. Secured areas like LANL? Not a chance.
Times have changed. Dunno about LANL, but at LLNL:
They interfere with the safe consistent operation of the gun in other situations. For example, the Ruger Mark III pistol has a magazine disconnect. You have to "dry fire" the gun in several steps while cleaning. That means, rather than remove all magazines and ammunition from your work environment while cleaning, you need to keep a magazine (unloaded yes) to insert and remove at various points in the assembly and disassembly. It makes the whole process significantly more complex.
Not only that, but the trigger feel is awful on a Mark III with the magazine disconnect. Pulling the trigger actuates the disconnect mechanism which causes the magazine to move slightly. In fact, when I first bought my Mark III, it would fail to fire at least once or twice per magazine due to the slop in the disconnect mechanism. I'd have to drop the magazine and reseat it each time this happened. I removed the magazine disconnect, and I've had exactly one malfunction (a failure to feed, IIRC) among the many thousands of rounds I've fired since then.
I like the theory of mag disconnects and loaded chamber indicators, but in practice they often don't work well. The real solution is education: following the four rules of gun safety makes these both of these safety mechanisms completely superfluous.
The National Nuclear Security Administration has little to do with energy efficiency, at least in the sense you're referring to. However, from the Top500 press release: "Sequoia is also one of the most energy efficient systems on the list".
You can get life in prison for a joint in Texas. Yes, life. Last year, there was a case where a guy was dumb enough to be smoking at a bus stop. The cop tackled him, the joint brushed the cop's arm then landed by the street.
Result: Three felonies. Assault on a peace officer (the lit joint contacting the cop's arm), obstructing justice, and attempted destruction of evidence (since the perp let go of the marijuana as he was taken to the ground.) With TX's three strikes law, that is an additional 20-life. Said guy got convicted on all three counts, and now a TDCJ "guest", whose only purpose in life is to ensure a dividend for the private lockup he is now at.
Got a citation for that? I tried searching for the case, and the only thing I found that was similar was the case of Tyrone Brown, who was sentenced to life imprisonment (and eventually pardoned) after failing a probation-mandated drug test.
Yeah, I like syntax highlighting (and color screens in general), as well as interactive debuggers. Certainly, we can write code faster and find bugs more efficiently with all the tools available today. But it's the "silver bullet" claims that I'm skeptical about.
"I remember how, with the advent of terminals, interactive debugging was supposed to solve all our programming problems, and how, with the advent of colour screens, "algorithm animation" was supposed to do the same. And what did we get? Commercial software with a disclaimer that explicitly states that you are a fool if you rely on what you just bought."
I don't see any source for your claim, though. All I found was a couple of people on usenet saying that Morning Thunder is different than they remember, and that they thought it used to have more caffeine. I can't find anything that definitively states that Morning Thunder's formulation was changed, much less that the FDA mandated such a change.
...budget cuts to space exploration. Good thing Football is safe.
It's not just ensuring that "Football is safe." The Super Bowl will have on the order of 100k people in and around the stadium and more than 100 million people watching. We can argue about whether the specific measures will be effective, or whether they invade privacy, or whatever, but don't dismiss a high-value terrorism target as just a football game.
Being mostly deaf, I use IP-relay a lot, and use an IM client to access it. Does the simple act of logging my IMs turn me into a criminal?
I doubt it. As far as I can tell, the prohibition is on recording; it's legal for one party of a telephone conversation to transcribe the conversation. Also, do people usually understand that they're talking to you over a relay? (I assume your friends do, but I don't know what the protocol is if you were, say, calling your credit card company.) If someone knows they're talking over a relay, then I think you could argue that they've implicitly consented to the transcription. It seems like explicit consent isn't necessary, just notification (i.e., "this call may be recorded..." or a specific beep tone).
And since this is Slashdot and a lot of us presumably live in California it's worth mentioning that barring a warrant only one party to a phone call needs to be aware that it's being taped in this state.
Nope, that's wrong. California is a two-party consent state:
"Cushy pension"? Federal Employees get 1% for each year of service i.e. work 30 years and get 30% of your annual salary as a pension. They also get a 4% contribution to a 401(k). Better than nothing, but not really "cushy". Employees who are required to carry guns get a better deal, but TFA had to do with "IT" employees.
I wanted to be an FBI agent, and went through part of the hiring process a few years ago when they were aggressively trying to hire people with advanced CS degrees. I dropped out of the process due to the salary: ~$50-62k (depending on location), including the extra "availability" (overtime) compensation. At the same time, the FBI was posting >$100k positions for (non-agent) computer scientists.
This is a routine trick in a security audit: drop some USB sticks in the employee parking lot, and see how many folks just plug it into their computer.
Sure, the process can still be subverted, but it's a lot easier to verify that a hard drive has been destroyed
Imagine, if you will, someone who wanted your data and could intercept the drive for long enough to swap the platters on a drive (thus taking the important data with them).
If someone wants your data and they have enough access that they can actually swap platters and smuggle the data out, then you're already in trouble. Destroying a hard drive makes it a lot less likely that data will be inadvertently leaked.
There was a challenge not long ago for anyone to recover any data whatsoever from a harddisk that had been overwritten just once with zeros (which should be considerably easier than one that was overwritten with random data). I don't remember what the prize was, but it was a considerable amount of money and would have been priceless publicity for any data recovery company that could pull it off.
That fact that nobody publicly proved that they could do this does not mean that it can't be done. If NSA had the capability to do this, do you think they'd share that information? If the data is sensitive enough, why risk even a very small chance that it could be recovered by the wrong party?
Well, DBAN is open source. If you have suspicions, you're welcome to review the source compile your own version with a trusted compiler. If that isn't to your liking, there are commercial tools that do the same thing.
This requires a) proving that the software is correct and b) verifying that the compiled result hasn't been tampered with. For the latter, I'll refer you to http://cm.bell-labs.com/who/ken/trust.html.
As for, "What if a drive is mishandled and doesn't get wiped," well, isn't that a concern with physical destruction too?
Sure, the process can still be subverted, but it's a lot easier to verify that a hard drive has been destroyed (along with inventory checks on all hard drives being removed from a facility) than it is to verify that a hard drive has been properly wiped.
There is software out there (like D-BAN) which will repeatedly overwrite the data on a hard drive, rendering it unrecoverable. Why not use that, rather than relying on encryption?
How do you verify that the software does this correctly, and that it hasn't been tampered with? What if a drive is mishandled and doesn't get wiped? And if there's a process to do this correctly and with no chance of failure, is it worth that effort to recycle some old hard drives?
Where I work, hard drives with less-sensitive data can be reused; other ones are ground up into little bits. Data cannot be recovered(*) from a thoroughly destroyed hard drive. What assurance is there for a software solution?
(*) To the best of my knowledge. Maybe NSA can piece together the dust of a hard drive, but I highly doubt it.
"Restricted Data is always classified. RD is a category of classified information, and can be of any classification level" - Are you just making this up? "Restricted" (a classification level no longer used) was equivalent to ''Sensitive but Unclassified' or 'For Official Use Only' - it does not require a separate hardened computer system, nor cryptographically secure storage.
No, that's completely wrong. Restricted Data(*) is a classified designation:
If that is true then show us one single time in the past 10 years where Apple announced a product release ahead of time with promised features, then didn't deliver.
Apple demoed OS X Leopard at WWDC 2007 (?), where Jobs claimed that the new Time Machine application would allow backups to hard drives attached to Airport Extreme routers. This feature wasn't available when Leopard shipped. Only after many months and many complaints did they finally live up to their word and allow Time Machine to be used with AEs, and not just Time Capsules.
but if it's part of a larger crack down, I've got to ask, why now?
Yeah, why would the government be looking for ways to increase tax collections in the wake of declining revenues and a highly politicized fight over the national deficit and debt? I mean, I'm sure there's a reason in there somewhere, but I'm just not seeing it.
Jeff Bezos is an infamous micro-manager. He micro-manages every single pixel of Amazon's retail site.
Whut?
Amazon's retail site is a mess. It looks like it was created by checking "Do you want to use the default presentation?" on a retail-boxed online-store app.
So either Bezos isn't quite as involved as this dude thinks, or Bezos is incredibly lax in his personal standards for information, organization, and aesthetics.
That's exactly what Steve Yegge was saying. Read the rest of the paragraph:
Larry would do these big usability studies and demonstrate beyond any shred of doubt that nobody can understand that frigging website, but Bezos just couldn't let go of those pixels, all those millions of semantics-packed pixels on the landing page.
Slashdot Mirror
So hiding a laptop in a closet in order to download scientific articles is a crime worthy of decades in prison?
So many people here seem to have no sense of perspective. Yes, what Swartz did was (probably) illegal. It was civil disobedience, not malicious or for personal gain, but I think some punishment would have been reasonable: a misdemeanor (at most), maybe a fine or probation or community service. But a felony and significant federal prison time? That's fucking insane. There was no damage. He was an asset to the community, not a threat. Lessig said is best: 'Somehow, we need to get beyond the “I’m right so I’m right to nuke you” ethics that dominates our time.'
Only the ignorant think that gun controls don't reduce the possiblity of a sick minded disturbed person from killing.
The Australian example:
1996, introduction of strict gun controls: 0.57 per 100,000
2012, current gun homicide rate: 0.17 per 100,000
Amazingly, Australia's strict gun control also dramatically reduced gun violence in the United States:
https://twitter.com/politicalmath/status/280055933038628864
Or perhaps correlation is not causation.
Read the NISPOM and JFAN security guides. No external devices can be brought in to secured areas. No USB sticks, no media without a lengthy process to scan and check in the data. Nothing leaves the secured area without being shredded. We had some hefty machinery built to munch up everything from memory and CD/DVD media to hard drives and LTO tapes.
So "congress"? Yes, but we already know that cesspool for what it is. Secured areas like LANL? Not a chance.
Times have changed. Dunno about LANL, but at LLNL:
https://csp-training.llnl.gov/CS0149-W/non-gov_respons.html
They interfere with the safe consistent operation of the gun in other situations. For example, the Ruger Mark III pistol has a magazine disconnect. You have to "dry fire" the gun in several steps while cleaning. That means, rather than remove all magazines and ammunition from your work environment while cleaning, you need to keep a magazine (unloaded yes) to insert and remove at various points in the assembly and disassembly. It makes the whole process significantly more complex.
Not only that, but the trigger feel is awful on a Mark III with the magazine disconnect. Pulling the trigger actuates the disconnect mechanism which causes the magazine to move slightly. In fact, when I first bought my Mark III, it would fail to fire at least once or twice per magazine due to the slop in the disconnect mechanism. I'd have to drop the magazine and reseat it each time this happened. I removed the magazine disconnect, and I've had exactly one malfunction (a failure to feed, IIRC) among the many thousands of rounds I've fired since then.
I like the theory of mag disconnects and loaded chamber indicators, but in practice they often don't work well. The real solution is education: following the four rules of gun safety makes these both of these safety mechanisms completely superfluous.
TFA doesn't state how much syrup is actually missing, but 100,000 gallons would only be 15-20 tanker trucks worth. Still a lot, though.
The National Nuclear Security Administration has little to do with energy efficiency, at least in the sense you're referring to. However, from the Top500 press release: "Sequoia is also one of the most energy efficient systems on the list".
You can get life in prison for a joint in Texas. Yes, life. Last year, there was a case where a guy was dumb enough to be smoking at a bus stop. The cop tackled him, the joint brushed the cop's arm then landed by the street.
Result: Three felonies. Assault on a peace officer (the lit joint contacting the cop's arm), obstructing justice, and attempted destruction of evidence (since the perp let go of the marijuana as he was taken to the ground.) With TX's three strikes law, that is an additional 20-life. Said guy got convicted on all three counts, and now a TDCJ "guest", whose only purpose in life is to ensure a dividend for the private lockup he is now at.
Got a citation for that? I tried searching for the case, and the only thing I found that was similar was the case of Tyrone Brown, who was sentenced to life imprisonment (and eventually pardoned) after failing a probation-mandated drug test.
Yeah, I like syntax highlighting (and color screens in general), as well as interactive debuggers. Certainly, we can write code faster and find bugs more efficiently with all the tools available today. But it's the "silver bullet" claims that I'm skeptical about.
"I remember how, with the advent of terminals, interactive debugging was supposed to solve all our programming problems, and how, with the advent of colour screens, "algorithm animation" was supposed to do the same. And what did we get? Commercial software with a disclaimer that explicitly states that you are a fool if you rely on what you just bought."
From http://www.cs.utexas.edu/~vl/notes/dijkstra.html.
There's still a "Caffeine Meter" on their website:
http://www.celestialseasonings.com/products/herbal-teas/morning-thunder
I don't see any source for your claim, though. All I found was a couple of people on usenet saying that Morning Thunder is different than they remember, and that they thought it used to have more caffeine. I can't find anything that definitively states that Morning Thunder's formulation was changed, much less that the FDA mandated such a change.
...budget cuts to space exploration. Good thing Football is safe.
It's not just ensuring that "Football is safe." The Super Bowl will have on the order of 100k people in and around the stadium and more than 100 million people watching. We can argue about whether the specific measures will be effective, or whether they invade privacy, or whatever, but don't dismiss a high-value terrorism target as just a football game.
This makes me wonder if there are exceptions.
Being mostly deaf, I use IP-relay a lot, and use an IM client to access it. Does the simple act of logging my IMs turn me into a criminal?
I doubt it. As far as I can tell, the prohibition is on recording; it's legal for one party of a telephone conversation to transcribe the conversation. Also, do people usually understand that they're talking to you over a relay? (I assume your friends do, but I don't know what the protocol is if you were, say, calling your credit card company.) If someone knows they're talking over a relay, then I think you could argue that they've implicitly consented to the transcription. It seems like explicit consent isn't necessary, just notification (i.e., "this call may be recorded..." or a specific beep tone).
And since this is Slashdot and a lot of us presumably live in California it's worth mentioning that barring a warrant only one party to a phone call needs to be aware that it's being taped in this state.
Nope, that's wrong. California is a two-party consent state:
"without the consent of all parties to the communication..."
The DOE tried to push polygraphs on its cleared employees, and met with a lot of resistance from the scientists:
http://www.spse.org/Polygraph_comments_Livermo.html
The DOE can require polygraphs of its cleared employees in some circumstances, but to my knowledge it's rare that they actually do this.
"Cushy pension"? Federal Employees get 1% for each year of service i.e. work 30 years and get 30% of your annual salary as a pension. They also get a 4% contribution to a 401(k). Better than nothing, but not really "cushy". Employees who are required to carry guns get a better deal, but TFA had to do with "IT" employees.
I wanted to be an FBI agent, and went through part of the hiring process a few years ago when they were aggressively trying to hire people with advanced CS degrees. I dropped out of the process due to the salary: ~$50-62k (depending on location), including the extra "availability" (overtime) compensation. At the same time, the FBI was posting >$100k positions for (non-agent) computer scientists.
This is a routine trick in a security audit: drop some USB sticks in the employee parking lot, and see how many folks just plug it into their computer.
Sure, the process can still be subverted, but it's a lot easier to verify that a hard drive has been destroyed
Imagine, if you will, someone who wanted your data and could intercept the drive for long enough to swap the platters on a drive (thus taking the important data with them).
If someone wants your data and they have enough access that they can actually swap platters and smuggle the data out, then you're already in trouble. Destroying a hard drive makes it a lot less likely that data will be inadvertently leaked.
There was a challenge not long ago for anyone to recover any data whatsoever from a harddisk that had been overwritten just once with zeros (which should be considerably easier than one that was overwritten with random data). I don't remember what the prize was, but it was a considerable amount of money and would have been priceless publicity for any data recovery company that could pull it off.
That fact that nobody publicly proved that they could do this does not mean that it can't be done. If NSA had the capability to do this, do you think they'd share that information? If the data is sensitive enough, why risk even a very small chance that it could be recovered by the wrong party?
Well, DBAN is open source. If you have suspicions, you're welcome to review the source compile your own version with a trusted compiler. If that isn't to your liking, there are commercial tools that do the same thing.
This requires a) proving that the software is correct and b) verifying that the compiled result hasn't been tampered with. For the latter, I'll refer you to http://cm.bell-labs.com/who/ken/trust.html.
As for, "What if a drive is mishandled and doesn't get wiped," well, isn't that a concern with physical destruction too?
Sure, the process can still be subverted, but it's a lot easier to verify that a hard drive has been destroyed (along with inventory checks on all hard drives being removed from a facility) than it is to verify that a hard drive has been properly wiped.
There is software out there (like D-BAN) which will repeatedly overwrite the data on a hard drive, rendering it unrecoverable. Why not use that, rather than relying on encryption?
How do you verify that the software does this correctly, and that it hasn't been tampered with? What if a drive is mishandled and doesn't get wiped? And if there's a process to do this correctly and with no chance of failure, is it worth that effort to recycle some old hard drives?
Where I work, hard drives with less-sensitive data can be reused; other ones are ground up into little bits. Data cannot be recovered(*) from a thoroughly destroyed hard drive. What assurance is there for a software solution?
(*) To the best of my knowledge. Maybe NSA can piece together the dust of a hard drive, but I highly doubt it.
"Restricted Data is always classified. RD is a category of classified information, and can be of any classification level" - Are you just making this up? "Restricted" (a classification level no longer used) was equivalent to ''Sensitive but Unclassified' or 'For Official Use Only' - it does not require a separate hardened computer system, nor cryptographically secure storage.
No, that's completely wrong. Restricted Data(*) is a classified designation:
http://en.wikipedia.org/wiki/Restricted_Data
In fact, note that even Confidential Restricted Data (the lowest classification) requires a Q (DOE Top Secret) clearance for access.
(*) Somewhat confusingly, "Formerly Restricted Data" is also classified.
If that is true then show us one single time in the past 10 years where Apple announced a product release ahead of time with promised features, then didn't deliver.
Apple demoed OS X Leopard at WWDC 2007 (?), where Jobs claimed that the new Time Machine application would allow backups to hard drives attached to Airport Extreme routers. This feature wasn't available when Leopard shipped. Only after many months and many complaints did they finally live up to their word and allow Time Machine to be used with AEs, and not just Time Capsules.
but if it's part of a larger crack down, I've got to ask, why now?
Yeah, why would the government be looking for ways to increase tax collections in the wake of declining revenues and a highly politicized fight over the national deficit and debt? I mean, I'm sure there's a reason in there somewhere, but I'm just not seeing it.
Jeff Bezos is an infamous micro-manager. He micro-manages every single pixel of Amazon's retail site.
Whut?
Amazon's retail site is a mess. It looks like it was created by checking "Do you want to use the default presentation?" on a retail-boxed online-store app.
So either Bezos isn't quite as involved as this dude thinks, or Bezos is incredibly lax in his personal standards for information, organization, and aesthetics.
That's exactly what Steve Yegge was saying. Read the rest of the paragraph:
Larry would do these big usability studies and demonstrate beyond any shred of doubt that nobody can understand that frigging website, but Bezos just couldn't let go of those pixels, all those millions of semantics-packed pixels on the landing page.
There's a new book called "Car Guys vs. Bean Counters" that might be what you're asking for:
http://www.amazon.com/Car-Guys-vs-Bean-Counters/dp/1591844002
I haven't read it yet, but the reviews I've seen were positive.