Most casual users aren't likely to reverse image-search a troll's avatar to see if it was stolen from someone else
If you're using someone else's photo as your avatar you're impersonating that person and that's illegal.
The article refers to "avatar", you switch that to "photo". An "avatar" is an image of some kind, but it is not defined to be "user photo". Many people use the same "avatar" because they like the image; they are not all claiming to be the same person. The "avatar" I use on FB, for example, does not mean I am claiming to be the person in the image, and only a moron would believe it did. Yes, I stole it from another source. Am I a nazi because of that?
So you're saying that Ephraim Mirvis really said that "not all nazis were bad"?
I've actually read what I wrote, and I find no references to Ephraim Mirvis at all. So no, I guess I'm not saying that. Perhaps you should read what I wrote. Given the question, however, I would expect that someone in his profession would be willing to admit that some people who were members of the National Socialist Party in Germany were members not because they believed the tenets but for other reasons. Like not being sent to a death camp, for example. I don't know the man, so I will not say he would be that open minded, however, so no, I've still not claimed he would say the words you attempted to put in my mouth.
The link you provided does not show any claim that he said such a thing, nor does it show any evidence that an imposter said that, either. Is it actually relevant to anything?
Based on the article anyone saying the exact same things under their own identity would not trigger the bot.
You've missed the very simple point: what is "their own identity"? Do you have a passport with the name "fouget", or a birth certificate, or any document that shows that what most people would call "your own identity" is how you are identifying yourself here? Have you provided that documentation to slashdot so they know what "your own identity" actually is? Do you not believe that users of Twitter also make up "their own identity" as a handle? My Twitter handle is not "my own identity", it is something else. I did not have to prove "my own identity" to Twitter to get it, I just had to pick it before someone else did. Do you believe that the Twitter user who snapped up "DonaldTrump" so that the Real Donald Trump has to add the adjective to his handle showed Twitter some ID that proved he was Donald Trump?
You're basing your entire argument that the identification of nazis is possible because they use avatars that are used by someone else, too? Fuck, I don't even know what my "avatar" on Twitter is, so maybe my default avatar proves that I am a nazi because it is the same default someone else has. I've seen my "avatar" on a lot of social media and online sites, and for all of those the default is a stylized version of my first initial. Are all the people who claim to have the same first name as I do but don't change their "avatar" claiming to be me? Or I am claiming to be them?
And if I did bother setting my avatar on Twitter it would probably be some image I swiped from somewhere on the net, so your reverse image search would likely find it belonging to someone else. In your tiny universe, that would prove I'm a nazi and I deserve to have a bot attack me for every post I make. That's just ridiculous.
This bot is using a crowdsourced list of Twitter handles that people have decided need to be attacked, and the author of the bot is trying to justify his use of the list by claiming that there are no false positives because he's verified things. To do that he'd have to have access to a database that shows what "true identity" every handle in his list has associated with it, AND that the "true identity" is false. He doesn't have that. Twitter doesn't have that. He's guessing, and because it's attacking people you don't like you're ok with it.
Trump is not even in the top ten, according to this analysis. As a "world leader", this shows that Pope Francis outranks Trump by quite a bit, and Trump beats number 3 Narenda Modi of India by only 70,000 followers.
I have never seen a single article about Twitter having a liberal bias
Then the massive reaction against every Trump tweet, by Twitter users, has missed your attention. And the fact that Barack Obama, despite being a has-been, still beats Trump in followers means nothing.
1) Censorship is only ever done by governments. No one except a government can censor anything. This has been proven by hundreds of not thousands of shitposts by low-UID slashdotters and is therefore unassailable. Take this into consideration for all future uses of the word censorship.
This is the quintessential example of the drift ('or hollowing out', or expansion) of word meaning that makes some words useless at best, dangerous at worst, that started a long discussion earlier.
"Censorship" did, indeed, begin with the meaning of a governmental official who could prevent speech. Today it means anyone who stops or impedes the speech of another in any way, but is still used as a pejorative. "That's CENSORSHIP" now is meaningless because it can apply to a newspaper editor who rejects your letter to the editor for publishing, or the webmaster who removes your comment in a blog.
Along with "censorship", we now have "racist" -- anyone who says anything that hints that there might be differences between races is a "racist". We've even seen where the professor who used the word "niggardly" is a racist, even though that word's etymology has nothing at all to do with race in any way. A local business owner has been shut down because she made a comment about hoping her children grow up in a society free from oppression and fear. (She's white, that's why this is "racist".) "Rape" is headed that way. And I will not Godwin this discussion by mentioning a name that has become just as useless through misuse. We have even identified and named the misuse and trivialization of that name, so why is it hard to realize that it has happened to other words as well?
You can insult everyone who knows the origins of words for objecting to their misuse and spread into uselessness, but some of us do know better. And some of us haven't given up on pointing out the problem.
No, you did, because you brought it up. You tried to make it relevant to the discussion by claiming that "cis people" have a "favorite hobby" of attacking you for being trans. Now, I might guess that a lot of people attack you for being a nutter, but if it makes you happy to think they do it because they somehow know you personally and know your gender, well, helps prove the former cause.
I still can't figure out if you were trying to argue that it's ok for arbitrary people on Twitter to be attacked by a bot because cis people attack you for being trans, or that neither is ok. I guess we'll just never know that one.
And, for all I know, you're claiming membership in a group that you really don't belong to just to make a point, which would be "impersonating" someone according to some people here. I don't know anything about you other than what you claim. Before you see that as a challenge to prove to me your validity, please, don't bother. I really don't care.
"one of the favourite hobbies of cis people on Twitter"
Yeah, you kinda did say that all cis people did it. All it would have taken to limit your accusation is one word -- "some" -- but you deliberately chose not to make the limitation.
You're conveniently leaving out that they say they are targeting impersonator accounts which is a pretty objective criterion.
To be objective, you need to know who the poster is and that he is not who he claims to be. (Not "what he claims to be", "who".) Has someone hacked the Twitter database to learn what "true identities" are linked to the Twitter handles being used? Does Twitter even know the "true identity" of anyone? I don't recall having to provide a birth certificate or other legal ID when I created the Twitter handle I haven't used for years. Have they changed the process?
Impersonating someone else is also illegal
What I understand to be the truth is that the Twitter posters are claiming to have certain characteristics, not to be specific people. The example I've seen above is "I'm Jewish and I think [a certain person] has some good ideas." Is it illegal to claim in a Twitter post that one is Jewish? Is it illegal to claim that one is a Native American to gain voter support?
So this bot seems like a good short term solution.
An automated system that responds to arbitrarily determined members of a certain group that you disagree with in what many people would liken to trying to drown out their speech, or at least making ad hominem attacks upon them, is a good idea on your planet? Is the sky blue there like it is here on Earth?
Saying "X is a snowflake, therefore..." or "X is a snowflake, and..." also carries the exact same meaning.
No. "Therefore" is a causal relationship. "Because the first clause is true the second clause it true."
"And" is a conjunction meaning "also". "London lies west of Berlin; also Paris is the capital of France."
and this can be rephrased as "Poptix made two arguments.
No. Poptix expressed an opinion by applying a label to a group. He then made an argument about the previously labeled group based on their actions. The opinion that the group should be labelled "snowflake" was not used as support for the remaining argument.
It's a ripoff. I have never had to have a tech come to my house except ONCE years ago.
And some people get visits more often. The dog chews the cable, it's pinched in a door, pulled from the wall. The same kid who tried putting the peanut butter sandwich in the VCR spilled his juice box on the converter. Or the cheap Chinese splitter you put in the line to hook up your own stuff is marginal enough that it failed after six months or because the incoming signal level dropped a dB or two. Or you installed it and never noticed that the upper frequency channels didn't come in well, and now you have.
If you don't think you need it, fine, but your experience isn't what other people have.
When you allow your company operate with such complete disregard for decency you as a shareholder deserve to be spit on, not rewarded.
Yeah! Because I heard from someone that every stockholder in Comcast has the personal telephone number of the Comcast CEO and the ability to walk into his office and fire him!
Get a grip, please. The vast majority of Comcast stockholders probably don't even know they own Comcast stock, and certainly don't have controlling interest in the company to the point they could order this stopped. That is, it's probably a major component of many retirement portfolios, so it's held by middle income people who have retirement money tied up in this.
Tell that to the operator of any Internet service that uses two-factor authentication where ability to receive a code through email, SMS, or voice call is the second factor.
Ok. Hey, operator of any Internet service where you allow unlimited unrestricted email/sms/voice calls generated by every login attempt, you're a mail/sms/telephone bomb waiting to happen. You could have told them that and saved me the time.
Yes, the two things you typed mean essentially the same thing. I said something different.
You said:
The message should say "that password is not correct for the account [whatever you typed]." That's certainly better than "at least one of those two is wrong and I'm not telling you which."
Those two things MEAN EXACTLY THE SAME THING. "The password not being correct for the account you typed" means at least one of the two is incorrect and they didn't tell you which.
There are four possible cases. Three of them are either the username or password being incorrect, or both. Neither of your suggested statements identifies which is wrong. The fourth case is both are correct.
the pharmacy will deliver the branded version, no questions asked.
You need to find a better pharmacy. Mine is very good about dealing with generics and getting any prescription that can be filled by a generic changed so it can. It doesn't come up often because my primary care doc is also generic-friendly.
I have no doubt that if the only difference is your hypothetical 295mg vs. 300mg, my pharmacist would be faxing in a change request to get the generic instead.
The patient will pay their ten dollar co-pay
Patients need to stop being passive consumers of their health care and pick up an active role. If their doc prescribes a branded med with a 295mg dose, and the web shows the existence of a 300mg generic, they damn well ought to be on the phone to the doc getting the prescription fixed. It's fun to rant about big bad pharma, but if you do nothing to solve the problem when you can, then you are part of the problem, too.
The message should say "that password is not correct for the account [whatever you typed]." That's certainly better than "at least one of those two is wrong and I'm not telling you which."
It means exactly the same thing. "Username/password error" means "at least one of the two is wrong, and I'm not telling you which."
I would say that the "patent" on Niacin isn't very effective at blocking competition. In fact, I doubt there is a patent. I expect the difference is that Niacor is being sold as a drug and thus has the expense of FDA approval for that use; the stuff sold on Amazon is a "nutritional supplement" and doesn't.
This kind of thing isn't new or especially earthshaking. I had something that the doc could have prescribed Ibuprofen for, but he told me to just buy OTC and take two. The only difference between the two products was -- one was twice the dose of the other per pill. The prescription version was one pill, the OTC required taking two. The prescription version had a deep-pocket pharma company that lawyers love to sue (e.g. Celebrex) whenever there are side effects, the store brand was forcing consumers to rely on doctor's orders and violate the published dosage limit.
Before you crucify the maker of Niacor, keep in mind that their market for Niacor is extremely small (why buy Niacor when you can get the same thing for what many people would be paying as a co-pay for the expensive drug?) and their liability is high.
If this were a case of a single-maker death-preventing drug, yeah. But niacin tablets creating such a furor? Really?
If someone tries to create an account for mightyyar@zorlonmail.example,
They're not trying to create an account, they're running email addresses through the login process. If the login process normally fails with "no such user", and it does not fail that way with "mightyyar@zorlonmail.example", then you know that MightyYar has an account there. It's worse than just using a username, since anyone could have the username "MightyYar", but only one mailbox "mightyyar@zorlonmail.example" can exist.
If it fails with "username or password incorrect" you don't know nothin.
then you'll receive the confirmation message instead of the attacker.
If a website sends a confirmation email for a login attempt, or for an attempt to create an account that already exists, then it is a mailbomb waiting to happen. The victim getting the "confirmation message" is the goal, not the deterrent.
You can check a salted password just fine in a single database query; I know, I've done it before.
Ahh, the wisdom that comes with age. For absolutely DECADES, Unix stored both the username and encrypted password in the same file, both retrieved at the same time. It's amazing how some people claim that the things Unix did on a routine basis are impossible.
What is this whole thread about? If it is in the database, it is correct and we can concentrate on the password, or am I missing something?
The point is, I may have miss-entered my username (but it does belong to someone else) while entering my correct password. If you tell me "the password is incorrect" that's incorrect. It's the correct password, just the wrong username, for me.
You keep saying that despite all the evidence that shows otherwise. I've pointed out how there is no invasion of privacy. How about you show there is something, other than just repeating "invasion of privacy, invasion of privacy, look at the bad man invading our privacy!"
I'm not debating the expense, so go jump up and down somewhere else.
Someone who overstays their visa is not a criminal.
In interesting language you speak, that looks so much like English but isn't. Someone who breaks the law is a criminal.
Overstaying ones visa is a civil offense, not a criminal one.
It is a violation of law, and that is what the common term "criminal" means. It is not limited to the strict legal definition of "what kind of offense was it?" We're not in a legal forum or standing in front of a judge where precise legal terminology is expected. We're speekin da English.
As for the rest of your argument, it is my opinion that the cost in money and freedom
Well, since the "cost in freedom" is precisely zero, it must be a money issue for you. Catching criminals is usually a worthwhile thing, and catching people who abuse the immigration system is an expense that we need to pay. Why have laws if you're just going to ignore them because it costs something to enforce them?
If you go back to the start of this discussion, you'll see that that's what I had suggested changing,
You can suggest changing it, but the fact is how it is now. If you're talking about the enhanced role of TSA as being immigration and passport control for other countries, I think I've already dealt with that. It's not going to happen. TSA is not immigration and customs enforcement, not even for our own country.
Yes, but they have information sharing agreements with the US government.
Share the information that doesn't exist. The US doesn't keep track of who leaves. When you come back, they don't know how you left. The fact they don't know how you left isn't proof of a crime, it is just how it is. There is no "resolve" necessary -- you leave on someone else's boarding pass, you come back on your own passport.
If you're smart about it, you go to a foreign airport where you don't even go through customs or immigration, you just go to your return flight's gate and start being you.
So if "The only new bit of information that facial recognition provides is that the face matches", then why is the government doing this?
Because knowing that the person walking down the jetway is the person they claim to be is an important piece of data, especially for non-citizens on a short-term visa.
These people already identified themselves, the DHS already knows who they are, so why spend the money?
They didn't identify which people are actually leaving versus walking back out the exit.
You had suggested that the friend would be taking the flight to the other country.
Yes.
and no other record of their departure from the country would be hard to explain to US Customs/Immigration on the way back in.
You can leave the country without a record of it here. That's how lax the US exit process is.
They could tell some story that starts with "I changed my mind
They don't have to tell any ICE agent on the way back in that they "changed their mind". ICE isn't going to care that someone missed a domestic flight. It's ridiculous to think they would.
and decided to go to Venezuela by boat
Canada and Mexico are a lot closer, and a lot of US citizens go to either or both every year.
2a. This might be skippable if you print at home, I always have luggage and no printer so I don't know how this works out.
You gotta show one to the airline sometime. They need to know you have it so they won't get stuck hauling you back when you don't and can't get in at the destination.
3. The boarding pass will have a big honking "INTL" on it when going through security, even for the domestic leg, prompting the TSA to ask for the passport as a travel document. They also write some scribbles on the boarding pass.
They always write "scribbles" on the boarding pass, even for a domestic flight. As for demanding a passport, I can't recall them ever doing that to me.
It is trivial to get around this, too. Instead of one flight, take one to a hub and then one international. I.e., one domestic, one international. Go through security for the domestic flight using your Real ID compatible driver's license, then you're already behind security for the international flight and you never deal with TSA for that.
4. Finally, when boarding the actual international plane, airline staff will look at everyone's passport and stamp the boarding pass with something indicating they're good to go.
No. That takes place a long time before boarding, simply so they can get it done with and board the plane faster. Passport checks at boarding take a lot of time.
The gate agent will look at the stamp before letting each person in.
Nope. With electronic boarding passes there is no stamp to look at, and you can hold your own paper pass against the glass until it beeps "ok". They don't bother to look unless the computer tells them to -- when there's a problem.
Nothing at all crosschecks the identity of the person getting on the plane against the records, which makes this facial scan valuable. Is the person walking down the jetway who it is supposed to be?
Slashdot Mirror
Most casual users aren't likely to reverse image-search a troll's avatar to see if it was stolen from someone else If you're using someone else's photo as your avatar you're impersonating that person and that's illegal.
The article refers to "avatar", you switch that to "photo". An "avatar" is an image of some kind, but it is not defined to be "user photo". Many people use the same "avatar" because they like the image; they are not all claiming to be the same person. The "avatar" I use on FB, for example, does not mean I am claiming to be the person in the image, and only a moron would believe it did. Yes, I stole it from another source. Am I a nazi because of that?
So you're saying that Ephraim Mirvis really said that "not all nazis were bad"?
I've actually read what I wrote, and I find no references to Ephraim Mirvis at all. So no, I guess I'm not saying that. Perhaps you should read what I wrote. Given the question, however, I would expect that someone in his profession would be willing to admit that some people who were members of the National Socialist Party in Germany were members not because they believed the tenets but for other reasons. Like not being sent to a death camp, for example. I don't know the man, so I will not say he would be that open minded, however, so no, I've still not claimed he would say the words you attempted to put in my mouth.
The link you provided does not show any claim that he said such a thing, nor does it show any evidence that an imposter said that, either. Is it actually relevant to anything?
Based on the article anyone saying the exact same things under their own identity would not trigger the bot.
You've missed the very simple point: what is "their own identity"? Do you have a passport with the name "fouget", or a birth certificate, or any document that shows that what most people would call "your own identity" is how you are identifying yourself here? Have you provided that documentation to slashdot so they know what "your own identity" actually is? Do you not believe that users of Twitter also make up "their own identity" as a handle? My Twitter handle is not "my own identity", it is something else. I did not have to prove "my own identity" to Twitter to get it, I just had to pick it before someone else did. Do you believe that the Twitter user who snapped up "DonaldTrump" so that the Real Donald Trump has to add the adjective to his handle showed Twitter some ID that proved he was Donald Trump?
You're basing your entire argument that the identification of nazis is possible because they use avatars that are used by someone else, too? Fuck, I don't even know what my "avatar" on Twitter is, so maybe my default avatar proves that I am a nazi because it is the same default someone else has. I've seen my "avatar" on a lot of social media and online sites, and for all of those the default is a stylized version of my first initial. Are all the people who claim to have the same first name as I do but don't change their "avatar" claiming to be me? Or I am claiming to be them?
And if I did bother setting my avatar on Twitter it would probably be some image I swiped from somewhere on the net, so your reverse image search would likely find it belonging to someone else. In your tiny universe, that would prove I'm a nazi and I deserve to have a bot attack me for every post I make. That's just ridiculous.
This bot is using a crowdsourced list of Twitter handles that people have decided need to be attacked, and the author of the bot is trying to justify his use of the list by claiming that there are no false positives because he's verified things. To do that he'd have to have access to a database that shows what "true identity" every handle in his list has associated with it, AND that the "true identity" is false. He doesn't have that. Twitter doesn't have that. He's guessing, and because it's attacking people you don't like you're ok with it.
Trump is the world's most prominent Tweeter.
Trump is not even in the top ten, according to this analysis. As a "world leader", this shows that Pope Francis outranks Trump by quite a bit, and Trump beats number 3 Narenda Modi of India by only 70,000 followers.
I have never seen a single article about Twitter having a liberal bias
Then the massive reaction against every Trump tweet, by Twitter users, has missed your attention. And the fact that Barack Obama, despite being a has-been, still beats Trump in followers means nothing.
1) Censorship is only ever done by governments. No one except a government can censor anything. This has been proven by hundreds of not thousands of shitposts by low-UID slashdotters and is therefore unassailable. Take this into consideration for all future uses of the word censorship.
This is the quintessential example of the drift ('or hollowing out', or expansion) of word meaning that makes some words useless at best, dangerous at worst, that started a long discussion earlier.
"Censorship" did, indeed, begin with the meaning of a governmental official who could prevent speech. Today it means anyone who stops or impedes the speech of another in any way, but is still used as a pejorative. "That's CENSORSHIP" now is meaningless because it can apply to a newspaper editor who rejects your letter to the editor for publishing, or the webmaster who removes your comment in a blog.
Along with "censorship", we now have "racist" -- anyone who says anything that hints that there might be differences between races is a "racist". We've even seen where the professor who used the word "niggardly" is a racist, even though that word's etymology has nothing at all to do with race in any way. A local business owner has been shut down because she made a comment about hoping her children grow up in a society free from oppression and fear. (She's white, that's why this is "racist".) "Rape" is headed that way. And I will not Godwin this discussion by mentioning a name that has become just as useless through misuse. We have even identified and named the misuse and trivialization of that name, so why is it hard to realize that it has happened to other words as well?
You can insult everyone who knows the origins of words for objecting to their misuse and spread into uselessness, but some of us do know better. And some of us haven't given up on pointing out the problem.
Did you just compare being trans,
No, you did, because you brought it up. You tried to make it relevant to the discussion by claiming that "cis people" have a "favorite hobby" of attacking you for being trans. Now, I might guess that a lot of people attack you for being a nutter, but if it makes you happy to think they do it because they somehow know you personally and know your gender, well, helps prove the former cause.
I still can't figure out if you were trying to argue that it's ok for arbitrary people on Twitter to be attacked by a bot because cis people attack you for being trans, or that neither is ok. I guess we'll just never know that one.
And, for all I know, you're claiming membership in a group that you really don't belong to just to make a point, which would be "impersonating" someone according to some people here. I don't know anything about you other than what you claim. Before you see that as a challenge to prove to me your validity, please, don't bother. I really don't care.
Yeah, you kinda did say that all cis people did it. All it would have taken to limit your accusation is one word -- "some" -- but you deliberately chose not to make the limitation.
You're conveniently leaving out that they say they are targeting impersonator accounts which is a pretty objective criterion.
To be objective, you need to know who the poster is and that he is not who he claims to be. (Not "what he claims to be", "who".) Has someone hacked the Twitter database to learn what "true identities" are linked to the Twitter handles being used? Does Twitter even know the "true identity" of anyone? I don't recall having to provide a birth certificate or other legal ID when I created the Twitter handle I haven't used for years. Have they changed the process?
Impersonating someone else is also illegal
What I understand to be the truth is that the Twitter posters are claiming to have certain characteristics, not to be specific people. The example I've seen above is "I'm Jewish and I think [a certain person] has some good ideas." Is it illegal to claim in a Twitter post that one is Jewish? Is it illegal to claim that one is a Native American to gain voter support?
So this bot seems like a good short term solution.
An automated system that responds to arbitrarily determined members of a certain group that you disagree with in what many people would liken to trying to drown out their speech, or at least making ad hominem attacks upon them, is a good idea on your planet? Is the sky blue there like it is here on Earth?
Saying "X is a snowflake, therefore ..." or "X is a snowflake, and ..." also carries the exact same meaning.
No. "Therefore" is a causal relationship. "Because the first clause is true the second clause it true."
"And" is a conjunction meaning "also". "London lies west of Berlin; also Paris is the capital of France."
and this can be rephrased as "Poptix made two arguments.
No. Poptix expressed an opinion by applying a label to a group. He then made an argument about the previously labeled group based on their actions. The opinion that the group should be labelled "snowflake" was not used as support for the remaining argument.
It's a ripoff. I have never had to have a tech come to my house except ONCE years ago.
And some people get visits more often. The dog chews the cable, it's pinched in a door, pulled from the wall. The same kid who tried putting the peanut butter sandwich in the VCR spilled his juice box on the converter. Or the cheap Chinese splitter you put in the line to hook up your own stuff is marginal enough that it failed after six months or because the incoming signal level dropped a dB or two. Or you installed it and never noticed that the upper frequency channels didn't come in well, and now you have.
If you don't think you need it, fine, but your experience isn't what other people have.
When you allow your company operate with such complete disregard for decency you as a shareholder deserve to be spit on, not rewarded.
Yeah! Because I heard from someone that every stockholder in Comcast has the personal telephone number of the Comcast CEO and the ability to walk into his office and fire him!
Get a grip, please. The vast majority of Comcast stockholders probably don't even know they own Comcast stock, and certainly don't have controlling interest in the company to the point they could order this stopped. That is, it's probably a major component of many retirement portfolios, so it's held by middle income people who have retirement money tied up in this.
But thirty accounts in thirty minutes would still be likely to activate a rate limiter.
Thirty accounts done sequentially is not "at the same time."
So my next question is what approximate rate you meant by "one at a time".
It's simple English. One at a time.
a high school needs to provision students' accounts on various services. ... How would this be done?
One at a time? Next question.
Tell that to the operator of any Internet service that uses two-factor authentication where ability to receive a code through email, SMS, or voice call is the second factor.
Ok. Hey, operator of any Internet service where you allow unlimited unrestricted email/sms/voice calls generated by every login attempt, you're a mail/sms/telephone bomb waiting to happen. You could have told them that and saved me the time.
Yes, the two things you typed mean essentially the same thing. I said something different.
You said:
The message should say "that password is not correct for the account [whatever you typed]." That's certainly better than "at least one of those two is wrong and I'm not telling you which."
Those two things MEAN EXACTLY THE SAME THING. "The password not being correct for the account you typed" means at least one of the two is incorrect and they didn't tell you which. There are four possible cases. Three of them are either the username or password being incorrect, or both. Neither of your suggested statements identifies which is wrong. The fourth case is both are correct.
the pharmacy will deliver the branded version, no questions asked.
You need to find a better pharmacy. Mine is very good about dealing with generics and getting any prescription that can be filled by a generic changed so it can. It doesn't come up often because my primary care doc is also generic-friendly.
I have no doubt that if the only difference is your hypothetical 295mg vs. 300mg, my pharmacist would be faxing in a change request to get the generic instead.
The patient will pay their ten dollar co-pay
Patients need to stop being passive consumers of their health care and pick up an active role. If their doc prescribes a branded med with a 295mg dose, and the web shows the existence of a 300mg generic, they damn well ought to be on the phone to the doc getting the prescription fixed. It's fun to rant about big bad pharma, but if you do nothing to solve the problem when you can, then you are part of the problem, too.
The message should say "that password is not correct for the account [whatever you typed]." That's certainly better than "at least one of those two is wrong and I'm not telling you which."
It means exactly the same thing. "Username/password error" means "at least one of the two is wrong, and I'm not telling you which."
In the specific case of patented drugs, the patent explicitly blocks competition so (a) is immediately off the table.
Niacor is nicotinic acid, vitamin B3. I don't know what it costs.
You can buy the same thing from Amazon for $5.21.
I would say that the "patent" on Niacin isn't very effective at blocking competition. In fact, I doubt there is a patent. I expect the difference is that Niacor is being sold as a drug and thus has the expense of FDA approval for that use; the stuff sold on Amazon is a "nutritional supplement" and doesn't.
This kind of thing isn't new or especially earthshaking. I had something that the doc could have prescribed Ibuprofen for, but he told me to just buy OTC and take two. The only difference between the two products was -- one was twice the dose of the other per pill. The prescription version was one pill, the OTC required taking two. The prescription version had a deep-pocket pharma company that lawyers love to sue (e.g. Celebrex) whenever there are side effects, the store brand was forcing consumers to rely on doctor's orders and violate the published dosage limit.
Before you crucify the maker of Niacor, keep in mind that their market for Niacor is extremely small (why buy Niacor when you can get the same thing for what many people would be paying as a co-pay for the expensive drug?) and their liability is high.
If this were a case of a single-maker death-preventing drug, yeah. But niacin tablets creating such a furor? Really?
If someone tries to create an account for mightyyar@zorlonmail.example,
They're not trying to create an account, they're running email addresses through the login process. If the login process normally fails with "no such user", and it does not fail that way with "mightyyar@zorlonmail.example", then you know that MightyYar has an account there. It's worse than just using a username, since anyone could have the username "MightyYar", but only one mailbox "mightyyar@zorlonmail.example" can exist.
If it fails with "username or password incorrect" you don't know nothin.
then you'll receive the confirmation message instead of the attacker.
If a website sends a confirmation email for a login attempt, or for an attempt to create an account that already exists, then it is a mailbomb waiting to happen. The victim getting the "confirmation message" is the goal, not the deterrent.
You can check a salted password just fine in a single database query; I know, I've done it before.
Ahh, the wisdom that comes with age. For absolutely DECADES, Unix stored both the username and encrypted password in the same file, both retrieved at the same time. It's amazing how some people claim that the things Unix did on a routine basis are impossible.
What is this whole thread about? If it is in the database, it is correct and we can concentrate on the password, or am I missing something?
The point is, I may have miss-entered my username (but it does belong to someone else) while entering my correct password. If you tell me "the password is incorrect" that's incorrect. It's the correct password, just the wrong username, for me.
and can be used to invade our privacy!
You keep saying that despite all the evidence that shows otherwise. I've pointed out how there is no invasion of privacy. How about you show there is something, other than just repeating "invasion of privacy, invasion of privacy, look at the bad man invading our privacy!"
I'm not debating the expense, so go jump up and down somewhere else.
Someone who overstays their visa is not a criminal.
In interesting language you speak, that looks so much like English but isn't. Someone who breaks the law is a criminal.
Overstaying ones visa is a civil offense, not a criminal one.
It is a violation of law, and that is what the common term "criminal" means. It is not limited to the strict legal definition of "what kind of offense was it?" We're not in a legal forum or standing in front of a judge where precise legal terminology is expected. We're speekin da English.
As for the rest of your argument, it is my opinion that the cost in money and freedom
Well, since the "cost in freedom" is precisely zero, it must be a money issue for you. Catching criminals is usually a worthwhile thing, and catching people who abuse the immigration system is an expense that we need to pay. Why have laws if you're just going to ignore them because it costs something to enforce them?
If you go back to the start of this discussion, you'll see that that's what I had suggested changing,
You can suggest changing it, but the fact is how it is now. If you're talking about the enhanced role of TSA as being immigration and passport control for other countries, I think I've already dealt with that. It's not going to happen. TSA is not immigration and customs enforcement, not even for our own country.
Yes, but they have information sharing agreements with the US government.
Share the information that doesn't exist. The US doesn't keep track of who leaves. When you come back, they don't know how you left. The fact they don't know how you left isn't proof of a crime, it is just how it is. There is no "resolve" necessary -- you leave on someone else's boarding pass, you come back on your own passport.
If you're smart about it, you go to a foreign airport where you don't even go through customs or immigration, you just go to your return flight's gate and start being you.
So if "The only new bit of information that facial recognition provides is that the face matches", then why is the government doing this?
Because knowing that the person walking down the jetway is the person they claim to be is an important piece of data, especially for non-citizens on a short-term visa.
These people already identified themselves, the DHS already knows who they are, so why spend the money?
They didn't identify which people are actually leaving versus walking back out the exit.
You had suggested that the friend would be taking the flight to the other country.
Yes.
and no other record of their departure from the country would be hard to explain to US Customs/Immigration on the way back in.
You can leave the country without a record of it here. That's how lax the US exit process is.
They could tell some story that starts with "I changed my mind
They don't have to tell any ICE agent on the way back in that they "changed their mind". ICE isn't going to care that someone missed a domestic flight. It's ridiculous to think they would.
and decided to go to Venezuela by boat
Canada and Mexico are a lot closer, and a lot of US citizens go to either or both every year.
2a. This might be skippable if you print at home, I always have luggage and no printer so I don't know how this works out.
You gotta show one to the airline sometime. They need to know you have it so they won't get stuck hauling you back when you don't and can't get in at the destination.
3. The boarding pass will have a big honking "INTL" on it when going through security, even for the domestic leg, prompting the TSA to ask for the passport as a travel document. They also write some scribbles on the boarding pass.
They always write "scribbles" on the boarding pass, even for a domestic flight. As for demanding a passport, I can't recall them ever doing that to me.
It is trivial to get around this, too. Instead of one flight, take one to a hub and then one international. I.e., one domestic, one international. Go through security for the domestic flight using your Real ID compatible driver's license, then you're already behind security for the international flight and you never deal with TSA for that.
4. Finally, when boarding the actual international plane, airline staff will look at everyone's passport and stamp the boarding pass with something indicating they're good to go.
No. That takes place a long time before boarding, simply so they can get it done with and board the plane faster. Passport checks at boarding take a lot of time.
The gate agent will look at the stamp before letting each person in.
Nope. With electronic boarding passes there is no stamp to look at, and you can hold your own paper pass against the glass until it beeps "ok". They don't bother to look unless the computer tells them to -- when there's a problem.
Nothing at all crosschecks the identity of the person getting on the plane against the records, which makes this facial scan valuable. Is the person walking down the jetway who it is supposed to be?