Yes but this is an STD. I mean you don't get HPV just being in the same room with someone. So by your logic everyone having monogamous unprotected sex is: helping to spread disease and ought to be held criminally liable.
Actually doing so would probably go a lot farther to stopping the spread of disease more than forcing people to inject things into their bodies. If you are not going to regulate the bedroom than there is no compelling reason to force vaccination for STDs. Other than your own twisted moral reasoning some of us do not share.
Personal I think the only ethical system is, "your health is your problem" if you don't get some horrible disease for which a vaccine exists get the vaccine for it yourself. Mind your own damn business and don't worry about what the rest of us are or are not doing. If you can't get vaccinated for whatever reason than you have to take alternative steps to protect yourself like partial isolation; to fucking bad we all play the hand we are dealt.
Personally, If I lived in NJ I would be really annoyed the state wasted money performing a necropsy on a non-food non endangered animal, that had stayed from its usual habitat anyway.
Sanders votes won't write in HRC because he will endorse her before he bow out of the spot light. The problem Sanders has is Hilliary will concede Iowa if the numbers are against her. Iowa really does not matter in the deligate count and a loss there will not threaten her status as the presumptive nominee. A loss in both places might but that won't happen. HRC will dump so much money in NH she will be the only thing on TV if that is what it takes. Sanders can't fight that fight. He can't win.
If you won't vote Republican and you don't want HRC elected Johnson is far and away your best shot: Sanders has far far worse chances as a write in candidate than Johnson has, as he will most likely get himself on the ballot in the majority of states. I have serious doubts that even an active advertised write in campaign could come up with more votes in the general than a mostly likely barely advertised minor party candidate who is on the ballot like Johnson will get. Lets also not forget that Johnson is at least as qualified in terms of previous business experience and popularity while holding public office as the rest of candidates.
I don't see much choice for you unless you plan to vote for Gary Johnson in the general. Hilliary's words and deeds have made it painful clear she is in about the same place on this issue. Sanders will not get the nomination and won't run as an independent.
Here lies the problem the though. We have been conditioned and taught now for decades that people are disabled they are differently-abled.
"That person in the wheel chair isn't broken, the chair is part of their identity" that is how the social just warriors have insisted with think on it. So the trouble with your statement ultimately comes down to the fact that psychopath or pedophile isn't 'acting' they are just being themselves.
An unfeeling person (possibly a psychopath) could argue almost any protected disability cases damage to others. We are forced to shoulder additional burden to make places handicapped accessible. Things like ramps might be considered a visual blight on architectural works. No this isn't a reasonable position. Mainly because society through a democratic process decided that the collective we want to enable these people to share in our common experience and the collective we are willing to bare some share of the cost of that. The collective we has not decided we are willing to make our children available to satisfy the sexual needs of pedophiles. So that is a difference. Clearly a line is drawn some place. The trouble is where.
Should that person who is autistic be allowed to teach school? After-all they are less likely to be able to spot and recognize needs of individual children. Still an autistic person is really just 'thinking differently' Its who they are. Is it right to exclude them if they really want to teach elementary school. The egalitarian would say well they can't do the job as well so they don't get it. Still that isn't what most of our disability related legislation is designed to accomplish.
I was not think of anything along the lines of deporting people. More like send the barely employed burger flipper in NYC to North Dakota to secure well paid work as roughneck or roustabout.
I am not sure I agree much with your history but your proposal to replace taxation with what amounts to insurance is interesting! I think I could support something like that.
What I don't understand. Is why liabilities are subtracted from assets. Why not simply 'tax' all assets at their liquidation value. After all any liability is an asset on some other parties balance sheet. Lower the 'tax' rate to where its affordable without subtraction of liabilities. I argue for this because otherwise it encourages radical private debt levels. I mean I have no incentive to pay anything other than interest on my mortgage because as long as I maintain 0% home equity I pay no taxes on the estate? Does not seem reasonable.
The other problem with this theory is acts in many ways like a wealth tax. The problem is what does a retired person with little income do? They have worked to put a roof over their head but now they have to pay taxes on it without income to support them. Should they system be pushing them to selling the property to replace their capital investment with rent expense, while in the mean time paying taxes on their now cash assets out of those very same assets? That seems like it will destroy familiar wealth accumulation. Maybe you consider that a 'feature' I and I think most will not but I know some on the political left do and will.
I would try and solve the post income earning years problem by augmenting your plan with exceptions for certain asset classes, perhaps something like residential real-estate personally occupied at least 55% of year should be exempt. It would realistically have to be more complex than even that though. Something like "residential real-estate personally occupied an average of at least 55% over the preceding five years or you must tax with interest on any years the exemption was taken" That way people are free to travel etc without inuring heavy tax penalties.
Its an interesting concept but I think there are lots of details on complexities to work out.
1) Doing the right thing isn't always popular, maybe not even usually. 2) Popular vs who actually votes matters a lot. 3) Politicians get elected on social reform agendas all the time. 4) Its looks Donald Trump might take the nomination of a major political party and he is out there saying stuff on a daily basis nobody would guess was nearly so popular as it appears to be. Its all in how you sell it. 5) Historically this has been done and worked in the past. Quite a lot of this was done in the 1930's the WPA was created to make work, but people were expected to and did go where the work was. 6) Emotional appeals are not a strong argument for maintaining economic inefficiency, in this case the workforce not being located where the work is, which but for illegal immigration would very much be the case in this country. 7) Why can't their families relocate with them? I personal can't in vision a relocation program that did not optionally include transportation for the nuclear family. 8) We tried the great society, and it failed we are still suffering consequences of those failed actions today. We have tried trickle down economics and welfare reforms the grow in wealth gap has accelerated. Its time for something different.
Its the same issue as the mythical man month. Complex process don't scale to multiple people perfectly. So while your typical middle manager can now do the work of 10 men in that role say forty years ago, 10 men working one tenth of the time would be unable to do the same.
The are essentially the equivalent of fixed costs within the single job role, HR and administrative related activities, time spent learning and tracking changes in the business, new processes and methods daily activities of communications, five min periods of staring into space after a couple hours of work that most peoples brains have to do, etc. It is therefore more efficient (cheaper) to hire one person to work 40 hours than ten people would probably need to work at least six to get the same amount tasks completed.
We therefore have high skilled high complexity jobs performed by a small number of people working full time. Lower skilled lower complexity jobs where the 'fixed costs' are smaller we fill with more part time labor. We might be able to automate those jobs away but there are economic impediments to doing so.
Could you build robots to take orders and make burgers with todays tech and have a fully automated fast food joint? Quite likely, there are some kiosk sized examples of exactly that. It would be expensive to scale that up to a full size Burger Joint operation though. Still probably would be cheaper than human labor in the long run but for the fact we have this social safety net (corporate welfare program). We let people live in subsidized housing, eat subsidized food, heat with subsidized fuel and send their kids to subsidized schools.
That creates a vast supply of under market priced low skill labor. Paid for by taxing the high skilled worked. The ultimate effect is a transfer of wealth from the high skilled worker to the capital owner, who fills the bottom end of their operation with low skill subsidized labor. Thus we have a shrinking middle class and an ever expanding wealth gap. The middle class is paying for the poor to work jobs that don't pay them enough to survive.
If we rolled back these safety net programs and replaced them with worker relocation programs, we could address the wealth gap. IE can't afford to live where you are working a job you can get with the skills you have, the government will ship you and your belongings to somewhere where the cost of living is lower and low skilled work is in demand; along with a few hundred bucks and change of clothes to get you going.
The short term effect would be that wages for lower skilled work and likely middle class professional work would be pushed back up, as business would have to pay living wages to retain their workforce. Thus the person serving your coffee in San Fransisco really would get $20 and hour, because otherwise nobody would be there to do it. Otherwise the cost living will fall as wealthy people leave unable to obtain the goods and services they want in that location.
Ultimately however at $20 an hour the incentive to automate production of cheeseburgers and fancy coffee drinks would be stronger. You will see a fully robotized McDonalds and and blueberry field harvested entirely by machine. At that point I don't know what happens to the average worker.
Every antivirus tool probably has a missive database of every known virus, even from 20 years ago it's checking every file against (with any hope a file hash binary search). Norton's virus definition grew from like 25MB in 2008 to 220MB in 2013
Don't count on that. I have personally seen some very old EOL systems NT4 and W2K boxes get infected with very old malicious software.
People keep some of these system in service, the AV packages often still support them but... here the rub to keep those definition files reasonably sized Symantec and friends actually drop old definitions for things that depend on vulns not present in more recent platforms. So if don't count on your old Win2K box not suddenly getting CodeRed all over again, even with NAV running and updated.
Seriously, if windows needs a 'security' kludge like UAC to stay secure, then it's not really secure at all.
That is seriously ignorant. What UAC is really under the hood is very similar to having two accounts. One privileged and one less so. The shell has some smarts in it to spot when things that are likely to need escalation such as programs named setup.exe are called and asks, when the user is privileged. Its also a little more convient for the user because the environment etc is shared, and depending on the registry settings they maybe don't need to type their password, and because the OS takes special steps to ensure programs cannot send events to UAC windows that is still somewhat tamper proof.
You could very correctly compare this to a Linux system where your user account is a member of the wheel group and wheel is allowed to run any command via sudo. The difference is UAC without a password can still be an effective security control while sudo without a password can't (the malware can just try and invoke it). So either sudo has to require password entry (annoying) or its only protecting the system from things like accidents like you thought the working directory was/home/myself/documents turns out wrong window and you are in/bin for whatever reason (still valuable).
Is the old advice of having an account that is not a local administrator and a separate account that is to use for things that need that, and then running them either via runas or via logout / login to the other account still be better. Probably, but years of practice has shown us users won't as a general rule do that. Which is why the UNIX and like world has sudo and Windows now has UAC.
The alternative is everyone runs around running everything privileged all the time. Which years of practice has shown us means malware gets to do whatever it wants.
No that does not solve the problem. Because if I am getting the main page over http, and I am the victim of an MITIM attack than the attacker can alter the page to source jquery.js from a site they control. Without or without SSL itself.
Actually what you describe is worse! Unlike the more general situation where the attacker needs somehow needs to modify page content he does not probably know about ahead of time (assuming he just wants to get any access to my stuff not just a specific site) he got to do this on the fly quickly enough I don't notice anything wrong. That will be a hard problem.
A site that use big shared popular js libraries on the other hand is way more vulnerable. His proxy can probably use a simple regex to replace lines where they are sourced. His altered libraries can constructed to just send whatever data they can get a hold of, his attack probably will work against many sites.
So no you really must authenticate the fist party site, or its game over.
Yes its possible if you don't do stupid things and don't foul up Windows security. the vast majority of liabilities/vulnerabilities on modern Windows desktops arise directly from PBCAK (Person between chair and keyboard). I personally use a mixture of Slackware and OSX at home but I do security work and I can tell you if you are following the rules below on Windows 8 and later its very unlikely anyone is going to pop your box.
[Stuff that comes out of box if you don't f**k it up] 0) Have a strong password. 1)Leave UAC enabled. 2)Leave the windows firewall on and with recommended settings, even if you are behind NAT and or some other hardware firewall. 3)Install updates promptly. 4)Don't run things from sources you don't trust. 4a) If you really must run stuff from untrusted sources have a separate user account to download and execute that stuff with that you do not use to handle any information you don't want public, and for goodness sake don't let it elevate. 5) Do not install Flash 6) Do not install the Java browser plugins.
[Mostly painless things you can do to really harden windows boxen] 7) Install EMET 8) Install KB2871997 and disable wdigest
[annoying but still a good practice] 9) logoff (not just lock) your desktop when not in use. Optionally suspend or hibernate the system, instead.
If you like BB hardware here is your chance. The next phase is no doubt to license the name and logo to some third tier Chinese or Korean manufacturer churning out utter crap that will try and ware the logo as a air of legitimacy.
If it is only a small part of data, that actually needs encryption â" the password and the credit card number â" you can do that (using the well-known and studied protocols) in JavaScript.
No you can't do that, no stop right right WRONG.
The JavaScript itself must be delivered on a authenticated encrypted channel because if it isn't how will my browser know its not supposed to run that XMLHttpRequest call to post a second plan text copy of that info to evil-hacker.com after you main in the middle my amazon session in the coffee shop.
Same goes with forms that are delivered over http but post https, this wrong and dangerous for the same reason. You can do authentication and encryption in the application layer if its a fat client and the client already has a static copy of trusted code form elsewhere but in the case of web site where the 'application' is being downloaded from the server the client needs a way authenticate and ensure transport integrity while obtaining the application itself otherwise its game over, your pwnd before you begin. The network layer is the correct place.
There also is not a lot of reason for doubt. Moving for fission to fusion is a big technological leap but DPRK has from Iran.
Which is another reason why Obama's deal is deeply stupid. He correctly asserts they were month away from a working bomb, and now if the deal holds (I think it will for a time but not the whole time) they are 15 years out. They are getting a bomb either way sure. What is missed is they continue to work with DPRK, so in the mean time:
1) Iranian nuclear engineers gain experience 2) Iran gets the benefit of data from live tests that DPRK will share with them 3) Iran gets access to the economic benefits western trade and access to all those frozen assets in the deal for the near term 4) (Possibly) DRPK is a short term source for enriched materials when Iran exists the deal
So basically the Iranians are doing their home work and rather than a few months from now being able to make a show of setting off a simple gun type fission devices, they are laying the ground work to be ready to leap directly to a more or less modern fusion design that will ready to be or already miniaturized and weaponized. They will either wait out the 15 years or move at some unknown and difficult to predict time before that.
We were better positioned to impede the nuclear ambitions of Iran and DPRK before the deal. The fact that they were close to getting a lump of metal on platform somewhere to go 'boom' was never relevant. The only nukes that matter or warheads of sufficient yield, reliability, that are also of small enough size to be carried on a missile. Until the reach that state they are as a sack of charcoal is to gunpowder.
twitter is giving up essential part of what makes twitter successful.
No Twitter is giving up something you like about it. If Twitter we a community project like Wikipedia it would be successful, but it isn't. Twitter is business and one that is losing money, which is by definition not successful.
Twitters core problem is people tweet links to places not twitter. twitter needs your eyeballs to stay on twitter if they are going to make any money with ads. So they can't have all their users just linking to external content. That is bad business. Look at what facebook does they work very hard to pull as much external content as possible into the feeds whenever people link something outside, why because it chances are if you can produce a story summary and image people will just look at it there. Just like on Slashdot nobody reads the TFA, nobody clicks that crap on facebook they read whats there and scroll on down.
Twitter can't do that in 140 chars. So they need some place for the content to go, that is also twitter.
allow an internal host to transit your firewall outbound, you have exposed more than just the router's IP, but internal network information too. This means that an attacker now knows something they didn't before.
I see this argument from time to time. I don't buy it. While I don't recommend internal address disclosure for IPv4 gateway-ed networks. I would never make it more than a LOW finding on a security report. Why because you can't do anything with that information unless you compromise an internal host. If you compromise and internal host its almost always trivial to figure out what addresses are in use internally. Even with the least privileged web shell you can usually get the adapter information off the affected host. Almost all major platforms allow ping to run without privileges and even on windows with something like AppLocker enabled ping.exe is a Microsoft signed binary and will be allowed by default. Discovering internal addressing really isn't a big deal.
Even if the ultimate outcome is that your internal addressing will now be public information, the 60 seconds someone might spend thinking about their network when turning on IPv6 probably does more for their security posture.. The other thing you have to consider is that for larger networks sub net discovery is going to get a lot harder. Discovering other hosts adjacent on the sub net also is much harder with ipv6.
I do agree though that it IS more complicated than just drop all inbound connections. That is certainly a good start but its true that it is not quite that simple. I just don't think that is so much harder though that it will impact many people at the margin. If people were just turning on NAT + UPNP and hoping for the best before they were screwed; as they will be with IPv6. If they knew/did more than that before their are not so many new considerations they are likely to do anything especially bad.
Researchers found that if they made a test deliberately hard to understand, those taking the test would exhibit greater understanding after solving it than those who were presented with a more intuitive wording of the same problem.
Paid for by the society of project managers and business software analysts.
I do wonder how things are operating at the Trump and Sanders campaigns but I have been in a few offices of state politicians in recent years and they have a "professional social media person" that does all the tweeting, facebook posting, etc. Other folks on the campaign team and maybe the candidate themselves occasional gives them a vague message to get out there, but that person chose the specific language, media platforms, etc.
I highly doubt Hilliary, Jeb, Cruz, Christy etc do their own posts. So there is no frankness to be lost out on. They reason tweats get deleted is because the campaign, not the candidate decides to try a message out, they discover it does not poll well and then walk it back. This thing might capture some interesting information, and nothing of value will be lost.
My question is why would hand a child a device to 'play' with that is tied to a system authorized to make payments? I realize all kinds of people do that every day but its still stupid. You would not hand your kid a wad of cash to used building a house of cards, why would you hand them a computer with credit information embedded?
Both IOS and Android can be set so you at least have to enter your Apple / Google password to make a purchase. If your device isn't set to lock itself with a short timeout or you ever hand it to anyone you can't trust entirely (like your spouse) then you absolutely should have the password for ordering functions on! It is true that the result is this also requires the password for free stuff, but there again if you can't be arsed to manage the entertainment software on your phone for your kid, you probably should get them their own device like maybe a PSP or their own phone with no credit card info associated.
Frankly this is an expensive lesson but this day should pay up and learn it well.
I agree. Abrams ruined Star Trek by forcing it to sink to Star Wars level. Roddenberry created some real art and very cleverly dressed it up in just enough of a pop western/space opera veneer to make it palatable to a broad audience.
Star Wars on the other hand at least in the case of "A New Hope" took the other approach it started with the western space opera part and upgraded its thoughtfulness a little bit by pulling in some ideas out of Greek tragedies and epics. The story for as much as the fans care about it was and has always been far more derivative and simplistic than want Roddenberry was doing with Star Trek. Lucas genius was more in the telling of the story with some really neat applications for new technologies in film making existing directors and studio's did not really no how to use yet. "A New Hope" was a major achievement in film, it was aÂvant-garde and deserves all the praise it gets. The rest of the trilogy is a completion of that work. The prequels and this last movie all fan service and not especially noteworthy I don't think. There is so much blind love for Star Wars out there though that any second rate crap with the logo is a license to print money.
Evidence, no not really unfortunately like most economics questions we don't have a good control. So its a hypothesis we can test if we implement my policy suggestion but that is all.
I am not sure I agree with your evidence against. I can argue by some measures the wealth gap is larger than it has ever been. Its also true that poor (speaking about USA here) are largely better off than they have been in the past.
Social safety net programs evidently do not cure the wealth gap problem. They have existed for 50 years and the wealth gap has grown over the same period. We don't have enough evidence to prove they make it worse as I suspect. We don't have enough evidence to prove they really help the poor either, the generally improved working conditions might and quality of life might easily be functions of a society that is in aggregate wealthier and or the product of other regulations like health and worker safety standards that I would not consider 'social safety net' specifically.
Slashdot Mirror
while problems like global warming, climate change, systemic poverty, famine, and clean potable drinking water
I strongly suspect the audible pissing contest, is a better alternative on every single issue you mention to a shooting war on the Korean peninsula.
Yes but this is an STD. I mean you don't get HPV just being in the same room with someone. So by your logic everyone having monogamous unprotected sex is: helping to spread disease and ought to be held criminally liable.
Actually doing so would probably go a lot farther to stopping the spread of disease more than forcing people to inject things into their bodies. If you are not going to regulate the bedroom than there is no compelling reason to force vaccination for STDs. Other than your own twisted moral reasoning some of us do not share.
Personal I think the only ethical system is, "your health is your problem" if you don't get some horrible disease for which a vaccine exists get the vaccine for it yourself. Mind your own damn business and don't worry about what the rest of us are or are not doing. If you can't get vaccinated for whatever reason than you have to take alternative steps to protect yourself like partial isolation; to fucking bad we all play the hand we are dealt.
Personally, If I lived in NJ I would be really annoyed the state wasted money performing a necropsy on a non-food non endangered animal, that had stayed from its usual habitat anyway.
Seems like pretty stupid allocation of resources.
Sanders votes won't write in HRC because he will endorse her before he bow out of the spot light. The problem Sanders has is Hilliary will concede Iowa if the numbers are against her. Iowa really does not matter in the deligate count and a loss there will not threaten her status as the presumptive nominee. A loss in both places might but that won't happen. HRC will dump so much money in NH she will be the only thing on TV if that is what it takes. Sanders can't fight that fight. He can't win.
If you won't vote Republican and you don't want HRC elected Johnson is far and away your best shot:
Sanders has far far worse chances as a write in candidate than Johnson has, as he will most likely get himself on the ballot in the majority of states. I have serious doubts that even an active advertised write in campaign could come up with more votes in the general than a mostly likely barely advertised minor party candidate who is on the ballot like Johnson will get. Lets also not forget that Johnson is at least as qualified in terms of previous business experience and popularity while holding public office as the rest of candidates.
I don't see much choice for you unless you plan to vote for Gary Johnson in the general. Hilliary's words and deeds have made it painful clear she is in about the same place on this issue. Sanders will not get the nomination and won't run as an independent.
Here lies the problem the though. We have been conditioned and taught now for decades that people are disabled they are differently-abled.
"That person in the wheel chair isn't broken, the chair is part of their identity" that is how the social just warriors have insisted with think on it. So the trouble with your statement ultimately comes down to the fact that psychopath or pedophile isn't 'acting' they are just being themselves.
An unfeeling person (possibly a psychopath) could argue almost any protected disability cases damage to others. We are forced to shoulder additional burden to make places handicapped accessible. Things like ramps might be considered a visual blight on architectural works. No this isn't a reasonable position. Mainly because society through a democratic process decided that the collective we want to enable these people to share in our common experience and the collective we are willing to bare some share of the cost of that. The collective we has not decided we are willing to make our children available to satisfy the sexual needs of pedophiles. So that is a difference. Clearly a line is drawn some place. The trouble is where.
Should that person who is autistic be allowed to teach school? After-all they are less likely to be able to spot and recognize needs of individual children. Still an autistic person is really just 'thinking differently' Its who they are. Is it right to exclude them if they really want to teach elementary school. The egalitarian would say well they can't do the job as well so they don't get it. Still that isn't what most of our disability related legislation is designed to accomplish.
I was not think of anything along the lines of deporting people. More like send the barely employed burger flipper in NYC to North Dakota to secure well paid work as roughneck or roustabout.
I am not sure I agree much with your history but your proposal to replace taxation with what amounts to insurance is interesting! I think I could support something like that.
What I don't understand. Is why liabilities are subtracted from assets. Why not simply 'tax' all assets at their liquidation value. After all any liability is an asset on some other parties balance sheet. Lower the 'tax' rate to where its affordable without subtraction of liabilities. I argue for this because otherwise it encourages radical private debt levels. I mean I have no incentive to pay anything other than interest on my mortgage because as long as I maintain 0% home equity I pay no taxes on the estate? Does not seem reasonable.
The other problem with this theory is acts in many ways like a wealth tax. The problem is what does a retired person with little income do? They have worked to put a roof over their head but now they have to pay taxes on it without income to support them. Should they system be pushing them to selling the property to replace their capital investment with rent expense, while in the mean time paying taxes on their now cash assets out of those very same assets? That seems like it will destroy familiar wealth accumulation. Maybe you consider that a 'feature' I and I think most will not but I know some on the political left do and will.
I would try and solve the post income earning years problem by augmenting your plan with exceptions for certain asset classes, perhaps something like residential real-estate personally occupied at least 55% of year should be exempt. It would realistically have to be more complex than even that though. Something like "residential real-estate personally occupied an average of at least 55% over the preceding five years or you must tax with interest on any years the exemption was taken" That way people are free to travel etc without inuring heavy tax penalties.
Its an interesting concept but I think there are lots of details on complexities to work out.
1) Doing the right thing isn't always popular, maybe not even usually.
2) Popular vs who actually votes matters a lot.
3) Politicians get elected on social reform agendas all the time.
4) Its looks Donald Trump might take the nomination of a major political party and he is out there saying stuff on a daily basis nobody would guess was nearly so popular as it appears to be. Its all in how you sell it.
5) Historically this has been done and worked in the past. Quite a lot of this was done in the 1930's the WPA was created to make work, but people were expected to and did go where the work was.
6) Emotional appeals are not a strong argument for maintaining economic inefficiency, in this case the workforce not being located where the work is, which but for illegal immigration would very much be the case in this country.
7) Why can't their families relocate with them? I personal can't in vision a relocation program that did not optionally include transportation for the nuclear family.
8) We tried the great society, and it failed we are still suffering consequences of those failed actions today. We have tried trickle down economics and welfare reforms the grow in wealth gap has accelerated. Its time for something different.
Its the same issue as the mythical man month. Complex process don't scale to multiple people perfectly. So while your typical middle manager can now do the work of 10 men in that role say forty years ago, 10 men working one tenth of the time would be unable to do the same.
The are essentially the equivalent of fixed costs within the single job role, HR and administrative related activities, time spent learning and tracking changes in the business, new processes and methods daily activities of communications, five min periods of staring into space after a couple hours of work that most peoples brains have to do, etc. It is therefore more efficient (cheaper) to hire one person to work 40 hours than ten people would probably need to work at least six to get the same amount tasks completed.
We therefore have high skilled high complexity jobs performed by a small number of people working full time. Lower skilled lower complexity jobs where the 'fixed costs' are smaller we fill with more part time labor. We might be able to automate those jobs away but there are economic impediments to doing so.
Could you build robots to take orders and make burgers with todays tech and have a fully automated fast food joint? Quite likely, there are some kiosk sized examples of exactly that. It would be expensive to scale that up to a full size Burger Joint operation though. Still probably would be cheaper than human labor in the long run but for the fact we have this social safety net (corporate welfare program). We let people live in subsidized housing, eat subsidized food, heat with subsidized fuel and send their kids to subsidized schools.
That creates a vast supply of under market priced low skill labor. Paid for by taxing the high skilled worked. The ultimate effect is a transfer of wealth from the high skilled worker to the capital owner, who fills the bottom end of their operation with low skill subsidized labor. Thus we have a shrinking middle class and an ever expanding wealth gap. The middle class is paying for the poor to work jobs that don't pay them enough to survive.
If we rolled back these safety net programs and replaced them with worker relocation programs, we could address the wealth gap. IE can't afford to live where you are working a job you can get with the skills you have, the government will ship you and your belongings to somewhere where the cost of living is lower and low skilled work is in demand; along with a few hundred bucks and change of clothes to get you going.
The short term effect would be that wages for lower skilled work and likely middle class professional work would be pushed back up, as business would have to pay living wages to retain their workforce. Thus the person serving your coffee in San Fransisco really would get $20 and hour, because otherwise nobody would be there to do it. Otherwise the cost living will fall as wealthy people leave unable to obtain the goods and services they want in that location.
Ultimately however at $20 an hour the incentive to automate production of cheeseburgers and fancy coffee drinks would be stronger. You will see a fully robotized McDonalds and and blueberry field harvested entirely by machine. At that point I don't know what happens to the average worker.
Every antivirus tool probably has a missive database of every known virus, even from 20 years ago it's checking every file against (with any hope a file hash binary search). Norton's virus definition grew from like 25MB in 2008 to 220MB in 2013
Don't count on that. I have personally seen some very old EOL systems NT4 and W2K boxes get infected with very old malicious software.
People keep some of these system in service, the AV packages often still support them but... here the rub to keep those definition files reasonably sized Symantec and friends actually drop old definitions for things that depend on vulns not present in more recent platforms. So if don't count on your old Win2K box not suddenly getting CodeRed all over again, even with NAV running and updated.
Seriously, if windows needs a 'security' kludge like UAC to stay secure, then it's not really secure at all.
That is seriously ignorant. What UAC is really under the hood is very similar to having two accounts. One privileged and one less so. The shell has some smarts in it to spot when things that are likely to need escalation such as programs named setup.exe are called and asks, when the user is privileged. Its also a little more convient for the user because the environment etc is shared, and depending on the registry settings they maybe don't need to type their password, and because the OS takes special steps to ensure programs cannot send events to UAC windows that is still somewhat tamper proof.
You could very correctly compare this to a Linux system where your user account is a member of the wheel group and wheel is allowed to run any command via sudo. The difference is UAC without a password can still be an effective security control while sudo without a password can't (the malware can just try and invoke it). So either sudo has to require password entry (annoying) or its only protecting the system from things like accidents like you thought the working directory was /home/myself/documents turns out wrong window and you are in /bin for whatever reason (still valuable).
Is the old advice of having an account that is not a local administrator and a separate account that is to use for things that need that, and then running them either via runas or via logout / login to the other account still be better. Probably, but years of practice has shown us users won't as a general rule do that. Which is why the UNIX and like world has sudo and Windows now has UAC.
The alternative is everyone runs around running everything privileged all the time. Which years of practice has shown us means malware gets to do whatever it wants.
No that does not solve the problem. Because if I am getting the main page over http, and I am the victim of an MITIM attack than the attacker can alter the page to source jquery.js from a site they control. Without or without SSL itself.
Actually what you describe is worse! Unlike the more general situation where the attacker needs somehow needs to modify page content he does not probably know about ahead of time (assuming he just wants to get any access to my stuff not just a specific site) he got to do this on the fly quickly enough I don't notice anything wrong. That will be a hard problem.
A site that use big shared popular js libraries on the other hand is way more vulnerable. His proxy can probably use a simple regex to replace lines where they are sourced. His altered libraries can constructed to just send whatever data they can get a hold of, his attack probably will work against many sites.
So no you really must authenticate the fist party site, or its game over.
Yes its possible if you don't do stupid things and don't foul up Windows security. the vast majority of liabilities/vulnerabilities on modern Windows desktops arise directly from PBCAK (Person between chair and keyboard). I personally use a mixture of Slackware and OSX at home but I do security work and I can tell you if you are following the rules below on Windows 8 and later its very unlikely anyone is going to pop your box.
[Stuff that comes out of box if you don't f**k it up]
0) Have a strong password.
1)Leave UAC enabled.
2)Leave the windows firewall on and with recommended settings, even if you are behind NAT and or some other hardware firewall.
3)Install updates promptly.
4)Don't run things from sources you don't trust.
4a) If you really must run stuff from untrusted sources have a separate user account to download and execute that stuff with that you do not use to handle any information you don't want public, and for goodness sake don't let it elevate.
5) Do not install Flash
6) Do not install the Java browser plugins.
[Mostly painless things you can do to really harden windows boxen]
7) Install EMET
8) Install KB2871997 and disable wdigest
[annoying but still a good practice]
9) logoff (not just lock) your desktop when not in use. Optionally suspend or hibernate the system, instead.
If you like BB hardware here is your chance. The next phase is no doubt to license the name and logo to some third tier Chinese or Korean manufacturer churning out utter crap that will try and ware the logo as a air of legitimacy.
Well, yes a "child of circumcision" does seem more appropriate here.
If it is only a small part of data, that actually needs encryption â" the password and the credit card number â" you can do that (using the well-known and studied protocols) in JavaScript.
No you can't do that, no stop right right WRONG.
The JavaScript itself must be delivered on a authenticated encrypted channel because if it isn't how will my browser know its not supposed to run that XMLHttpRequest call to post a second plan text copy of that info to evil-hacker.com after you main in the middle my amazon session in the coffee shop.
Same goes with forms that are delivered over http but post https, this wrong and dangerous for the same reason. You can do authentication and encryption in the application layer if its a fat client and the client already has a static copy of trusted code form elsewhere but in the case of web site where the 'application' is being downloaded from the server the client needs a way authenticate and ensure transport integrity while obtaining the application itself otherwise its game over, your pwnd before you begin. The network layer is the correct place.
There also is not a lot of reason for doubt. Moving for fission to fusion is a big technological leap but DPRK has from Iran.
Which is another reason why Obama's deal is deeply stupid. He correctly asserts they were month away from a working bomb, and now if the deal holds (I think it will for a time but not the whole time) they are 15 years out. They are getting a bomb either way sure. What is missed is they continue to work with DPRK, so in the mean time:
1) Iranian nuclear engineers gain experience
2) Iran gets the benefit of data from live tests that DPRK will share with them
3) Iran gets access to the economic benefits western trade and access to all those frozen assets in the deal for the near term
4) (Possibly) DRPK is a short term source for enriched materials when Iran exists the deal
So basically the Iranians are doing their home work and rather than a few months from now being able to make a show of setting off a simple gun type fission devices, they are laying the ground work to be ready to leap directly to a more or less modern fusion design that will ready to be or already miniaturized and weaponized. They will either wait out the 15 years or move at some unknown and difficult to predict time before that.
We were better positioned to impede the nuclear ambitions of Iran and DPRK before the deal. The fact that they were close to getting a lump of metal on platform somewhere to go 'boom' was never relevant. The only nukes that matter or warheads of sufficient yield, reliability, that are also of small enough size to be carried on a missile. Until the reach that state they are as a sack of charcoal is to gunpowder.
twitter is giving up essential part of what makes twitter successful.
No Twitter is giving up something you like about it. If Twitter we a community project like Wikipedia it would be successful, but it isn't. Twitter is business and one that is losing money, which is by definition not successful.
Twitters core problem is people tweet links to places not twitter. twitter needs your eyeballs to stay on twitter if they are going to make any money with ads. So they can't have all their users just linking to external content. That is bad business. Look at what facebook does they work very hard to pull as much external content as possible into the feeds whenever people link something outside, why because it chances are if you can produce a story summary and image people will just look at it there. Just like on Slashdot nobody reads the TFA, nobody clicks that crap on facebook they read whats there and scroll on down.
Twitter can't do that in 140 chars. So they need some place for the content to go, that is also twitter.
allow an internal host to transit your firewall outbound, you have exposed more than just the router's IP, but internal network information too. This means that an attacker now knows something they didn't before.
I see this argument from time to time. I don't buy it. While I don't recommend internal address disclosure for IPv4 gateway-ed networks. I would never make it more than a LOW finding on a security report. Why because you can't do anything with that information unless you compromise an internal host. If you compromise and internal host its almost always trivial to figure out what addresses are in use internally. Even with the least privileged web shell you can usually get the adapter information off the affected host. Almost all major platforms allow ping to run without privileges and even on windows with something like AppLocker enabled ping.exe is a Microsoft signed binary and will be allowed by default. Discovering internal addressing really isn't a big deal.
Even if the ultimate outcome is that your internal addressing will now be public information, the 60 seconds someone might spend thinking about their network when turning on IPv6 probably does more for their security posture.. The other thing you have to consider is that for larger networks sub net discovery is going to get a lot harder. Discovering other hosts adjacent on the sub net also is much harder with ipv6.
I do agree though that it IS more complicated than just drop all inbound connections. That is certainly a good start but its true that it is not quite that simple. I just don't think that is so much harder though that it will impact many people at the margin. If people were just turning on NAT + UPNP and hoping for the best before they were screwed; as they will be with IPv6. If they knew/did more than that before their are not so many new considerations they are likely to do anything especially bad.
Researchers found that if they made a test deliberately hard to understand, those taking the test would exhibit greater understanding after solving it than those who were presented with a more intuitive wording of the same problem.
Paid for by the society of project managers and business software analysts.
I do wonder how things are operating at the Trump and Sanders campaigns but I have been in a few offices of state politicians in recent years and they have a "professional social media person" that does all the tweeting, facebook posting, etc. Other folks on the campaign team and maybe the candidate themselves occasional gives them a vague message to get out there, but that person chose the specific language, media platforms, etc.
I highly doubt Hilliary, Jeb, Cruz, Christy etc do their own posts. So there is no frankness to be lost out on. They reason tweats get deleted is because the campaign, not the candidate decides to try a message out, they discover it does not poll well and then walk it back. This thing might capture some interesting information, and nothing of value will be lost.
My question is why would hand a child a device to 'play' with that is tied to a system authorized to make payments? I realize all kinds of people do that every day but its still stupid. You would not hand your kid a wad of cash to used building a house of cards, why would you hand them a computer with credit information embedded?
Both IOS and Android can be set so you at least have to enter your Apple / Google password to make a purchase. If your device isn't set to lock itself with a short timeout or you ever hand it to anyone you can't trust entirely (like your spouse) then you absolutely should have the password for ordering functions on! It is true that the result is this also requires the password for free stuff, but there again if you can't be arsed to manage the entertainment software on your phone for your kid, you probably should get them their own device like maybe a PSP or their own phone with no credit card info associated.
Frankly this is an expensive lesson but this day should pay up and learn it well.
I agree. Abrams ruined Star Trek by forcing it to sink to Star Wars level. Roddenberry created some real art and very cleverly dressed it up in just enough of a pop western/space opera veneer to make it palatable to a broad audience.
Star Wars on the other hand at least in the case of "A New Hope" took the other approach it started with the western space opera part and upgraded its thoughtfulness a little bit by pulling in some ideas out of Greek tragedies and epics. The story for as much as the fans care about it was and has always been far more derivative and simplistic than want Roddenberry was doing with Star Trek. Lucas genius was more in the telling of the story with some really neat applications for new technologies in film making existing directors and studio's did not really no how to use yet. "A New Hope" was a major achievement in film, it was aÂvant-garde and deserves all the praise it gets. The rest of the trilogy is a completion of that work. The prequels and this last movie all fan service and not especially noteworthy I don't think. There is so much blind love for Star Wars out there though that any second rate crap with the logo is a license to print money.
Evidence, no not really unfortunately like most economics questions we don't have a good control. So its a hypothesis we can test if we implement my policy suggestion but that is all.
I am not sure I agree with your evidence against. I can argue by some measures the wealth gap is larger than it has ever been. Its also true that poor (speaking about USA here) are largely better off than they have been in the past.
Social safety net programs evidently do not cure the wealth gap problem. They have existed for 50 years and the wealth gap has grown over the same period. We don't have enough evidence to prove they make it worse as I suspect. We don't have enough evidence to prove they really help the poor either, the generally improved working conditions might and quality of life might easily be functions of a society that is in aggregate wealthier and or the product of other regulations like health and worker safety standards that I would not consider 'social safety net' specifically.