In fact, this happened to my wife before we got married. She had "student insurance" at her college, but when she actually needed to use it for surgery, she found out she'd be on the hook for half the bill -about $10k almost 20 years ago. Fortunately she found out before actually scheduling the surgery. Since she's from Germany she was able to head home and get it done under the German "socialist" program. Bottom line under the old market was that you'd pay $800/month (at least in FL) for full/platinum-style insurance that actually provides the same level of coverage as a good employer plan. In most cases, if you were under private insurance, only a major medical/catastrophic policy makes sense -- true insurance rather than health-care funding.
Yeah, retrofitting underground cables in urban areas is a nightmare, and probably not worth it. Especially in an area where the main natural disaster is earthquakes. The phone and power lines that stay down for weeks at a time tend to be in suburbia or rural areas. In those areas, right of way negotiations, work rules and routing around existing infrastructure don't get so complicated -- plus the benefits to service reliability are greater.
I stopped using C-Net when they started pulling this little trick and thought Sourceforge had more respect for open software. I can understand why they need to do this, but why didn't they reach out to the community to discuss new revenue streams rather than pull this stunt and then "reach out to the community" after the fact? Maybe they actually want to kill the project hosting service?
Sorry, guys. SF needs to back down from this before I D/L there again. I'll probably continue to use Freecode and D/L direct from the developers where possible, but even that seems like it won't last for long.
A lot of times you don't use information you have because it would reveal your methods and sources. But now that a lot of NSA methods and sources are known, they can use the information out in the open like this. Assuming the court accepts it as admissible under rules of evidence.
Considering how Minecraft physics are almost laughable even in the Newtonian realm (for example, you can compress/store 27x64 cubic meters of cobblestone into a 1m cube/chest) nitpicking on the implementation of quantum concepts is a waste of time. This isn't intended as a rigorous treatment, it's an introduction to the concepts and how they would impact if they were visible at the macro scale. Personally, I think the implementation of superposition is reasonable - the block is in an undetermined state when it's not being observed and has it's state frozen by observation. Switching states after being observed isn't quite kosher without some other interaction, but I'll live with that for the sake of gaemeplay. Maybe a redstone signal could be required to destabilize the state of the block after being observed. The Observer dependency is a bit more problematic with its directional dependencies, but I can't think of a good way to implement that in a game. In theory we could use redstone as an activator again and selecting the state of the block probabilistically based on available observers and their distance from the block, but that's a fairly complex algorithm to run in realtime, updating every 1/20th of a second (the Minecraft tick/sampling rate) in Java.
The entanglement doesn't seem to properly describe the quantum phenomenon at all. Action at a distance != teleportation. The trouble is a realistic implementation would probably be exploitable in game terms. For example if you have 2 of those entanglement altars (or whatever they are called) and you place a block in one, I would expect to see the same block appear in the other one. Now how do you prevent people from using this to clone valuable blocks like diamond in game? In multiplayer, with 1 player at each "altar" you would have a very tight time sync requirement if both players tried to mine a block in their respective altars simultaneously.
More likely explanations: 1) Someone in the family downloaded something that installed an open BitTorrent client/tracker, and your network is being used to host pirate files, porn, and/or documents from a terrorist cell. Most likely just Miley Cyrus MP3s though. 2) You have uPnP open to the internet or one of your uPnP devices opened itself the internet. 3) Your kid publicized your minecraft server's IP address on YouTube. 4) You're being probed by random botnets.
The only way you'd be getting DDoS'ed is if someone paid a botnet. If you haven't pissed anyone that shady off lately, that's not it. Meanwhile, run WIreshark as described above.
Considering I had posted this conclusion several times in comments here already, I think I qualify. The production times on these studies of theirs must take months.
There will be a substantial part of the population that simply isn't smart or creative enough to hold a job in the face of automated competition. The only refuge for the average worker will be in situations where customers expect and require a human interface (for example in many service/hospitality industries). The tipping point will probably be around the time that most taxi services and some bus lines use driverless vehicles for at least some of their pickups.
I think a lot of this is more a personal statement about the rule of law and constitutional protections in the US in general, rather than any specific risk to Groklaw itself. PJ has always been careful to emphasize that the rule of law is a process designed to ensure justice is achieved as much as humanly possible. It must be incredibly disillusioning to her to see this process break down so dramatically as it has in the case of the NSA and FISA. If the rule of law means nothing anymore, Groklaw serves no purpose, regardless of whether there is any direct impact to the site from the NSA monitoring.
Although I think this is a slight over-reaction to how government security monitoring actually affects Groklaw itself, as a statement of objection against the security apparatus monitoring the internet in general, it is entirely valid. We in the US (and UK) who truly value freedom are slowly being reduced to the behaviors of cold-war Soviet dissidents, forced to smuggle our communications around by hand, to a limited number of people we know and trust personally.
How do we get from the current system to your desired utopia without a violent civil war? And who gets to decide what the rules will be in your end game?
Give a realistic road map from here to there, and a destination that most people can agree on, and it just might work. Otherwise, it's just "dorm-room bull session fodder", as was observed earlier. There's a lot of hate out there for the 2 party system, but it's going to take a combination of funding and grass-roots anger to pull off what you want. Right now the grass-roots anger only expresses itself at the extreme liberal (Occupy ***) and conservative (Tea Party) ends of the spectrum. The establishment will just keep on with business as usual until the center revolts from both parties. And they pander just enough to the center spectrum to avoid triggering major unrest.
OTOH, they are human and can miscalculate, as they seem to be doing in relation to the NSA.
Voted for him twice, but in neither case was the Republican candidate even making any mention of civil liberties and changing prior administration policy. Also, the prime debate subject during both campaigns was the economy. So shame on Obama for violating his campaign promises, but I don't think you can blame folks for voting for him. At the time, as Ron says, he was "better than the alternative." Republican attempts to trim government spending and economic stimulus in 2012-2013 were premature.
OTOH, I'm probably going to have to vote with a 3rd party in 2016. The problem is that there really isn't a party to represent "liberal libertarians" so I'm stuck waffling between Republicans when I think the Democrats is out of control and the Democrats when I think the Republicans are out of control. Right now, both parties are out of control, so we're all screwed.
Not to mention that even if this is a legitimate promise not to torture Snowden, it would be carried out under the administration's definition of what constitutes torture. Despite all the sound and fury, as far as I know the government's definition of torture has not changed since the Bush administration.
This is so obvious, and yet it is the downfall of so many successful companies. IBM lost control of the computer hardware business because it was worried about mid range cannibalizing mainframes, then PCs cannibalizing mid-range.
Hey CEOs: If you don't let your own new products cannibalize your current products, your competitors will do it for you. And then you'll be left with no sales for the old product and no new product to take its place.
Yeah, but if your sanitizing is defective in some way and you load into Adobe Reader, the remaining JS will still execute. With a reader that is incapable of running javascript, it doesn't matter.
On the flip side, if you don't sanitize the JS and pass the file along to an unsuspecting 3rd party, they may get infected. So the best option seems to be to do both: try to strip JS from the files and use a reader that doesn't parse JS.
...We're discussing whether it is morally justified to support a person or organization whose profit from goods and/or services sold will be used in furtherance of the oppression of a political minority. Mr. Card is the example under discussion.
Or conversely, whether it is morally justified to boycott a work that is the product of the combined effort of hundreds of people simply because it is based on an artistic work of an individual whose views fall somewhere on the spectrum between disagreeable and repugnant, With or without consideration of the merits of either the derived work or the original.
The real issue here for me isn't whether to boycott or not, or whether either side should be prevented from expressing their views, it's Card's whingeing about the reaction of those who have found his viewpoint to be offensive. If you're going to take a faith-based position, don't try to ameliorate the tenets of your faith to satisfy your greed.
The primary problem is when he uses his artistic medium and influence to spread this message. Which he most certainly has.
You mean like 99% of all the media personalities in LA from Bill Cosby to Susan Sarandon?
I don't have a problem with Card expressing himself, no matter how repugnant I find his views. I expressed myself by ceasing to buy his stuff, so fair's fair.
There ARE 2 prongs to this though. Don't behave unethically/unconstitutionally and you don't generate the "Snowden-style" leaks. You only have to deal with the normal disgruntled types who feel screwed over and the ones who have their own ethical issues and somehow rationalize harming the company for their own benefit. Those are a bit easier to detect during the hiring process than the Snowdens who are motivated by their own ethical standards.
The irony of corporate ethics training coming from companies who continually skirt or cross the bounds of legality is not lost on a lot of their employees. More companies should take a look at the whistleblower risks of such shortcut decisions.
Yes, this is the general class of error where you need to think about making the individual user's experience less flexible than would be possible for a single-user system. For a concrete example, if a user activity can cause sustained high usage of system resources such as memory or CPU, and enough users "abuse" this feature, it will bring down usability/performance/system response for the majority of the users and should probably be re-thought.
For an example of a user feature that can be damaging to the system as a whole for a read operation: what if your application has an ad-hoc query interface that end users can access, or even just a search interface that allows poorly indexed queries... A user can generate queries that require full table scans or queries that return large result sets (or both). Enough users doing this could consume mass quantities of application memory to hold their result sets or I/O time on the DBMS scanning the tables. This in turn would bring overall system performance down for all users if you run up against physical capacity limits on the DB server or the application server.
In such a case it could be better to eliminate the feature rather than optimize it. If a feature is available, you can bet your users will "abuse" it to the extent that it negatively impacts other users.
Well, that plus the fact that by sending an unencrypted email that is stored on the mail servers of an unknown number of ISPs and mail forwarders, they are (probably) violating the privacy notice that says they are only sharing his data with affiliated parties, government, etc.
I was going to suggest S/MIME backed by certificates issued by a low-cost/free certificate authority (this would be a good service for the Open ID foundation or Amazon to get into, since they already have a widely-used SSO service), but based on the discussion above, that solution isn't 100% reliable, so I'd like to hear some ideas that: * are easy for stupid/lazy/cheapskate users and merchants to use * guarantee authentication (signing) and encryption, excluding the message routing. I'm not proposing a mail anonymizer service.
It would also help if gmail would implement this as a feature. They're big enough they could act both as certificate authority and mail server.
Slashdot Mirror
In fact, this happened to my wife before we got married. She had "student insurance" at her college, but when she actually needed to use it for surgery, she found out she'd be on the hook for half the bill -about $10k almost 20 years ago. Fortunately she found out before actually scheduling the surgery. Since she's from Germany she was able to head home and get it done under the German "socialist" program. Bottom line under the old market was that you'd pay $800/month (at least in FL) for full/platinum-style insurance that actually provides the same level of coverage as a good employer plan. In most cases, if you were under private insurance, only a major medical/catastrophic policy makes sense -- true insurance rather than health-care funding.
Yeah, retrofitting underground cables in urban areas is a nightmare, and probably not worth it. Especially in an area where the main natural disaster is earthquakes. The phone and power lines that stay down for weeks at a time tend to be in suburbia or rural areas. In those areas, right of way negotiations, work rules and routing around existing infrastructure don't get so complicated -- plus the benefits to service reliability are greater.
I stopped using C-Net when they started pulling this little trick and thought Sourceforge had more respect for open software. I can understand why they need to do this, but why didn't they reach out to the community to discuss new revenue streams rather than pull this stunt and then "reach out to the community" after the fact? Maybe they actually want to kill the project hosting service?
Sorry, guys. SF needs to back down from this before I D/L there again. I'll probably continue to use Freecode and D/L direct from the developers where possible, but even that seems like it won't last for long.
A lot of times you don't use information you have because it would reveal your methods and sources. But now that a lot of NSA methods and sources are known, they can use the information out in the open like this. Assuming the court accepts it as admissible under rules of evidence.
Considering how Minecraft physics are almost laughable even in the Newtonian realm (for example, you can compress/store 27x64 cubic meters of cobblestone into a 1m cube/chest) nitpicking on the implementation of quantum concepts is a waste of time. This isn't intended as a rigorous treatment, it's an introduction to the concepts and how they would impact if they were visible at the macro scale. Personally, I think the implementation of superposition is reasonable - the block is in an undetermined state when it's not being observed and has it's state frozen by observation. Switching states after being observed isn't quite kosher without some other interaction, but I'll live with that for the sake of gaemeplay. Maybe a redstone signal could be required to destabilize the state of the block after being observed. The Observer dependency is a bit more problematic with its directional dependencies, but I can't think of a good way to implement that in a game. In theory we could use redstone as an activator again and selecting the state of the block probabilistically based on available observers and their distance from the block, but that's a fairly complex algorithm to run in realtime, updating every 1/20th of a second (the Minecraft tick/sampling rate) in Java.
The entanglement doesn't seem to properly describe the quantum phenomenon at all. Action at a distance != teleportation. The trouble is a realistic implementation would probably be exploitable in game terms. For example if you have 2 of those entanglement altars (or whatever they are called) and you place a block in one, I would expect to see the same block appear in the other one. Now how do you prevent people from using this to clone valuable blocks like diamond in game? In multiplayer, with 1 player at each "altar" you would have a very tight time sync requirement if both players tried to mine a block in their respective altars simultaneously.
An alternative mod spotlight.
https://www.youtube.com/watch?v=1HI-keffxmA
More likely explanations:
1) Someone in the family downloaded something that installed an open BitTorrent client/tracker, and your network is being used to host pirate files, porn, and/or documents from a terrorist cell. Most likely just Miley Cyrus MP3s though.
2) You have uPnP open to the internet or one of your uPnP devices opened itself the internet.
3) Your kid publicized your minecraft server's IP address on YouTube.
4) You're being probed by random botnets.
The only way you'd be getting DDoS'ed is if someone paid a botnet. If you haven't pissed anyone that shady off lately, that's not it. Meanwhile, run WIreshark as described above.
Considering I had posted this conclusion several times in comments here already, I think I qualify. The production times on these studies of theirs must take months.
A recent sample from 2012.
http://slashdot.org/comments.pl?sid=3317435&cid=42303767
I think a lot of this is more a personal statement about the rule of law and constitutional protections in the US in general, rather than any specific risk to Groklaw itself. PJ has always been careful to emphasize that the rule of law is a process designed to ensure justice is achieved as much as humanly possible. It must be incredibly disillusioning to her to see this process break down so dramatically as it has in the case of the NSA and FISA. If the rule of law means nothing anymore, Groklaw serves no purpose, regardless of whether there is any direct impact to the site from the NSA monitoring.
Although I think this is a slight over-reaction to how government security monitoring actually affects Groklaw itself, as a statement of objection against the security apparatus monitoring the internet in general, it is entirely valid. We in the US (and UK) who truly value freedom are slowly being reduced to the behaviors of cold-war Soviet dissidents, forced to smuggle our communications around by hand, to a limited number of people we know and trust personally.
"Why perpetuate a broken system?"
How do we get from the current system to your desired utopia without a violent civil war? And who gets to decide what the rules will be in your end game?
Give a realistic road map from here to there, and a destination that most people can agree on, and it just might work. Otherwise, it's just "dorm-room bull session fodder", as was observed earlier. There's a lot of hate out there for the 2 party system, but it's going to take a combination of funding and grass-roots anger to pull off what you want. Right now the grass-roots anger only expresses itself at the extreme liberal (Occupy ***) and conservative (Tea Party) ends of the spectrum. The establishment will just keep on with business as usual until the center revolts from both parties. And they pander just enough to the center spectrum to avoid triggering major unrest.
OTOH, they are human and can miscalculate, as they seem to be doing in relation to the NSA.
Voted for him twice, but in neither case was the Republican candidate even making any mention of civil liberties and changing prior administration policy. Also, the prime debate subject during both campaigns was the economy. So shame on Obama for violating his campaign promises, but I don't think you can blame folks for voting for him. At the time, as Ron says, he was "better than the alternative." Republican attempts to trim government spending and economic stimulus in 2012-2013 were premature.
OTOH, I'm probably going to have to vote with a 3rd party in 2016. The problem is that there really isn't a party to represent "liberal libertarians" so I'm stuck waffling between Republicans when I think the Democrats is out of control and the Democrats when I think the Republicans are out of control. Right now, both parties are out of control, so we're all screwed.
Not to mention that even if this is a legitimate promise not to torture Snowden, it would be carried out under the administration's definition of what constitutes torture. Despite all the sound and fury, as far as I know the government's definition of torture has not changed since the Bush administration.
Eric, meet waterboard.
This is so obvious, and yet it is the downfall of so many successful companies. IBM lost control of the computer hardware business because it was worried about mid range cannibalizing mainframes, then PCs cannibalizing mid-range.
Hey CEOs: If you don't let your own new products cannibalize your current products, your competitors will do it for you. And then you'll be left with no sales for the old product and no new product to take its place.
Yeah, but if your sanitizing is defective in some way and you load into Adobe Reader, the remaining JS will still execute. With a reader that is incapable of running javascript, it doesn't matter.
On the flip side, if you don't sanitize the JS and pass the file along to an unsuspecting 3rd party, they may get infected. So the best option seems to be to do both: try to strip JS from the files and use a reader that doesn't parse JS.
Or conversely, whether it is morally justified to boycott a work that is the product of the combined effort of hundreds of people simply because it is based on an artistic work of an individual whose views fall somewhere on the spectrum between disagreeable and repugnant, With or without consideration of the merits of either the derived work or the original.
The real issue here for me isn't whether to boycott or not, or whether either side should be prevented from expressing their views, it's Card's whingeing about the reaction of those who have found his viewpoint to be offensive. If you're going to take a faith-based position, don't try to ameliorate the tenets of your faith to satisfy your greed.
"people like Card"... prejudiced pot, meet stereotyping kettle. Sigh...
You mean like 99% of all the media personalities in LA from Bill Cosby to Susan Sarandon?
I don't have a problem with Card expressing himself, no matter how repugnant I find his views. I expressed myself by ceasing to buy his stuff, so fair's fair.
There ARE 2 prongs to this though. Don't behave unethically/unconstitutionally and you don't generate the "Snowden-style" leaks. You only have to deal with the normal disgruntled types who feel screwed over and the ones who have their own ethical issues and somehow rationalize harming the company for their own benefit. Those are a bit easier to detect during the hiring process than the Snowdens who are motivated by their own ethical standards.
The irony of corporate ethics training coming from companies who continually skirt or cross the bounds of legality is not lost on a lot of their employees. More companies should take a look at the whistleblower risks of such shortcut decisions.
Law abiding security agencies have no need to worry if the citizens have an understanding of what information is being gathered, from where, and why.
And all that stuff is open to the public internet consuming Verizon bandwidth? You must have a dedicated security team. :)
"I was only following orders." is not usually a valid criminal defense, it just adds conspiracy charges.
Yes, this is the general class of error where you need to think about making the individual user's experience less flexible than would be possible for a single-user system. For a concrete example, if a user activity can cause sustained high usage of system resources such as memory or CPU, and enough users "abuse" this feature, it will bring down usability/performance/system response for the majority of the users and should probably be re-thought.
For an example of a user feature that can be damaging to the system as a whole for a read operation: what if your application has an ad-hoc query interface that end users can access, or even just a search interface that allows poorly indexed queries... A user can generate queries that require full table scans or queries that return large result sets (or both). Enough users doing this could consume mass quantities of application memory to hold their result sets or I/O time on the DBMS scanning the tables. This in turn would bring overall system performance down for all users if you run up against physical capacity limits on the DB server or the application server.
In such a case it could be better to eliminate the feature rather than optimize it. If a feature is available, you can bet your users will "abuse" it to the extent that it negatively impacts other users.
It's because of people like you that we can't have nice things (service).
Nice to see your business is going so well, though.
Well, that plus the fact that by sending an unencrypted email that is stored on the mail servers of an unknown number of ISPs and mail forwarders, they are (probably) violating the privacy notice that says they are only sharing his data with affiliated parties, government, etc.
I was going to suggest S/MIME backed by certificates issued by a low-cost/free certificate authority (this would be a good service for the Open ID foundation or Amazon to get into, since they already have a widely-used SSO service), but based on the discussion above, that solution isn't 100% reliable, so I'd like to hear some ideas that:
* are easy for stupid/lazy/cheapskate users and merchants to use
* guarantee authentication (signing) and encryption, excluding the message routing. I'm not proposing a mail anonymizer service.
It would also help if gmail would implement this as a feature. They're big enough they could act both as certificate authority and mail server.