There lies the rub. If you push to much of the burden out to homeowners they just might start going off the grid. A little in improvement in battery or other storage tech and it could happen.
That is a problem too because it will create a question of capital. If I have the capital resources to invest in a home energy system to go off the grid and say the payback time is 15 years. I and many other people might decide to do just that.
Where does that leave the people who don't have $30K + maintenance costs to purchase said system? It leaves them on a grid with fewer and fewer customers and probably the customers less dependable for on time payment at that. Because the grid has to go where the people are the fixed operating costs don't go down much, and I doubt the variable costs of distribution are significant. Eventually the local PUC will have to allow distribution and connection fees to go up faced with a bankrupt distributor that nobody will buy and may simply shut its doors otherwise.
The situation on the generation side too is not entirely dissimilar, although the generation business has more variable costs their are limits to how quickly it can scale down. Certainly not as fast as individual home owners can deploy domestic systems. Plants are built with 60 year anticipated service life, if you suddenly only need to generate only 30% of the power in year 20 you anticipated, it may not be efficient to operate the plant profitably at that level.
I want to EMPHASIZE STRONGLY I AM NOT ADVOCATING ANY POLICY POSITION in this post but I think its an interesting question because technology that allows middle class folks to go off grid affordably very much has the potential to result in haves and have-nots when it comes to reliable electrical power, while today even the very poor for the most part have dependable electricity in this country(USA).
Working code speak volumes in the standards process and that is okay. You take on the risk that nobody will be interested in what you have built or you may discover political opposition that you never counted on; if the resistance is strong enough you get left holding the bag having spent time and treasure on something that will never see wide use.
On the other hand if you start out with a large open consensus building process as you say its very likely you don't get anywhere, or end up with a bastardized design by committee mess, and we spend the next two decades reading on slashdot about how if only people had listened to Person about X during the design process the world would be better.
Short answer is there are problems with both approaches and neither is right or wrong, you just have to go with what makes the most sense in terms of resources and time scale for you.
Although, put out by HandSpring (with palm OS) and than later required by Palm, the Treo phones were some of the earliest of what we might consider to be modern 'smart' phones and they really were the best of their generation. Yes Blackberry might have had some more feature richness but needed a lot of propriety costly infrastructure behind it to deliver that functionality. A Treo could do IMAP etc so was actually useful to 'regular' people and businesses that were to small to justify a BES server.
I don't think HandSpring/Palm were wrong to move into the mobile phone market. I don't think they positioned themselves well. Had they gone after the consumer market and branded themselves as the Blackberry for anyone not a shyster^H^H^H^H^H^H sales professional they might have succeeded. If anything they were perhaps to early to market.
You gotta love the cognitive dissonance. We are perfectly 'okay' (societally) with same gender patdowns because you know that can't be 'sexual' or exploitative, yet we no longer consider homosexuality to be deviant behavior to the point we largely support marriage equality.
My take on its government should not be allowed to have it both ways. You either don't believe in homosexuality as a normal state, or you can't support TSA patdowns. Sexual assault is sexual assault no matter what gender or sex the other persona happens to be unless its invited. And the TSA procedure meets every definition for assault. Do you feel free to turn around and leave if you are selected for an enhanced search? I don't I'd be considerably afraid that if I they suggested they needed to do a patdown and I responded "no thanks I'll just head back to my car" that I would find myself detained shortly their after.
I feel you but I am really afraid that Rand simply isn't his father. I am not sure who Rand or Ted Cruz really are. They don't seem very consistent to me, and in Rands case I don't see much evidence that once faced with 'the realities of the office' he would utterly bend over and just pick up with Bush and Obama left off.
The feds cant use a warrant obtained in the USA to require a US based company to hand over physical documents stored in a foreign company, why should they be able to do it for electronic documents?
What are you smoking. Sure the feds can't use a warrant obtained in the US to go kick in a door on foreign soil, they have to ask the local government their nicely to do it for them (unless its in the Middle East than we just do it anyway); but they certainly can subpena records.
You think for example during the Enron trials if they had just said "gee SEC we don't have to comply with these subpenas for records because we do all out accounting out of our Mexico City office", the feds would have responded "Oh well than I guess there is nothing we can do". No they would have been held in contempt and punished that way.
No its not. A records request in accordance with some kind of due process that is public information and established before the event, is decidedly not spying.
You are welcome to consider such a process bad law, and objectionable for any number of reasons but its a very different animal. At least someone is accountable for it, whether its a judge who signed a warrant and legislator who signed the law authorizing record sharing with $AGENCY. There is a (theoretically) functional political process by which you can attack the problem.
On the other hand spying is done in secret, so nobody is effectively accountable. You never learn that it happened in many cases so you can never seek redress. The politician and legal process for dealing with it when revelations do come out are entirely broken, look at the legal standing issues around the phone metadata law suits,etc.
Domestic spying is IMHO way way worse, in that it represents and entirely extra-legal undemocratic application of government power, without due process and frequently in violation of other civil rights. Government fundamentally can't be by the people and for the people when its secret from the people. All those who support these programs are immediately wrong for doing so, be they are contrary to the fundamental mission of our government set fourth in the Constitution and its Bill of Rights. There can be no justification.
This isn't about spying its about compliance with records requests and privacy laws. EU has all kinds of (frankly downright crazy) privacy laws around email. That make it difficult to hand records to anything third party (that isn't an EU or member nation organ) and still be in compliance with the letter of the law; the US government is arguing that our courts etc have the power to subpena records on overseas servers.
This puts companies like Microsoft between a rock an hard place, they essentially can't follow both sets of rules if US jurisdictional rules are not limited in scope to well, the US.
I am not sure what the right answer is here, but it is a problem.
If someone defecated on my dinner table I would never eat off that table again.
Really why? I mean you know we have things like disinfectants and such that would make it entirely safe right? A little soap water, and some elbow grease to clean it, then follow it with a little Lysol (which probably from a health stand point isn't even needed) and it should be cleaner and more germ free than before there was a turd on it.
Have you ever been around small children or had sick pet? If your standard is must dispose of anything that has even been in contact with fecal matter must be disposed of you had better avoid both pets and children or be prepared to replace all your furniture several times over.
That said I would much my ordering of things would be: Pie theft Turd leaving iPad theft
I mean Pie's are cheap and easy to make. If the wife does not feel like making another we can just go get ice-cream or something. Occasionally turds have to be cleaned up, that comes with life and I can handle it, but I'd rather bake a pie. The iPad is pretty pricy.
Well I would add to that list a little bit, the national tlds are perfectly reasonable for serious business, and perfectly well intentioned individuals to use as well, I don't have a problem with.us,.uk,.ca,...
The anything goes as a TLD situation though is what sucks. We have enough problems with 'identity' when we care about it online as it is without adding ambiguities like, does example mean example.example.com because I have example.com. in my search suffix list or is it a tld, well okay if it was a tld it should have been written example. but did the moron who wrote the app I am using that uses that as a string component to create some more complex URI to send somewhere else know that?
the real story is: what applied back in the turn of the century does not apply any longer.
Yet there are no good reasons that it could not apply again.
they were INVESTED here, they eventually learned the language and merged in. that was then.
what we have now is a 'grab, take, return home' situation.
Its much easier to invest in something when you have a fairly concrete promise. H1Bs (and various other forms of visa holders) can't really expect to become full citizens with any degree of certainty at anytime. We ought to fix that problem.
stop playing star spangled banner and smell the real coffee. what worked 100 years ago is not applicable now. the workforce is too crowded, the unemployment is sky high and we are borderline on depression, again and again.
This is just false. The unemployment rate is probably lower now than it was at the turn of dawn of the 20th century. The difference now is people feel entitled to stay where they are, back then you moved where the work was. The other thing is the economy is much more stable than it was then, even with the trauma of the 2007-10 years. I actually think THAT IS A PROBLEM, its the reason we have such a big wealth gap, its the reason we have "long term unemployment", its the reason we have problems like 'systemic risk' we don't let the big fail we don't stir the pot so folk shift in an out of the workforce; we prevent industry for adapting to the needs of the day.
and yes, I do think that being born in a country and raised there DOES give you more rights over those who just moved in. try moving to germany or france or austria or switzerland or probably most other european countries and trying to be 'a citizen'.
The failures of others is not a justification for not attempting to do/be better. It may offer proof the problem was hard and excuse failure but it isn't in and of it self a good reason not to try if the ends are noble.
Honestly the best way to 'fix' the problem IMHO is do away with all the quota and specialty visa programs. Let anyone who wants to come do so. Tell them they have 24 months during which they must any felony convictions and pass a 4th grade level English exam (for anyone over the age of 10), and provide the government with current contact information at all times. If they do that they get a green card. Commit a felony automatic deportation NO reentry ever. No unaccompanied minors unless they can prove they have relatives willing to house them. Fail to pass the English exam they must go home and can try to immigrate again after one year. Failure to provide contact info or sit for the exam is felony illicit immigration.
That way its nice an simple and open to every, which means anyone who does immigrate illegally is almost certain to be an undesirable or other sort of bad actor we should have little sympathy for; which means we CAN secure boarder (utilizing force as required) and work aggressively to discover and deport anyone who is not supposed to be here.
Pretty much what I said a week ago and got modded into oblivion for it. Google already has/had an somewhat antagonistic relationship with parts of the Chinese government and they don't get the revenue from there they get elsewhere and are unlikely to do so in the near future.
Which is the problems with the CA system, To Big to Fail CAs now exist. What if this was Verisign/GeoTrust/Thawte etc caught doing something like this. Think any of the major browser or OS vendors would even consider revocation of there roots? I don't.
holder ceases to publish, market, support and profit from a product
Its a nice idea but kinda hard to enforce. Suppose Microsoft wants to make sure XP's copyright does not expire early. They gather up 20 retail copies of "new old stock" they have somewhere an set an Outlook reminder to put one on Ebay once a year. Does that count? What if its a small ISV with a shareware product that they maybe only sell a handful of license for per year. Its not a product they pay much attention to but hey once in a while someone decides to toss them $50 to make the nag screen go away, it costs them nothing to leave the license generator and sales page up on their site, so what not? Should they not be allowed to do that as long as they care to?
We you make to many rules it just creates to many questions and to many competing interpretations. It leaves everyone wonder what really is allowed and what isn't and the real beneficiaries end up being the attorneys.
I think we need to keep it simple like, authors lifetime + 15 or just strait 75 years where author is a nonhuman legal entity. No ifs, ands, or buts, no renewals, sorry Disney you can't own Micky for ever.. type system.
They are like the ISP/Telco/Wireless provider crowd though they want to have it both ways. "I am a common carrier" when it affords me legal protection or entitles me to some government handouts, rights of way etc, "I am pure commercial entity that should be except from regulation" when I want invent new revenue streams and leverage my monopoly by double dipping.
Same for the games industry, suggest they should be regulated and the cry is "We are artists, free speech!", unless that pesky first sale doctrine implies you could resell it like a novel or a painting, than "we are service providers!". Same deal on copyrights if someone uses their stuff for anything "OMG Pirates!, save the intellectual properties", they want to use something, "its just sampling".
These are not rational and consistent arguments they are making. You can't therefore try and reason with them or make assumptions about what their position will be for a given set of facts, you have to understand there thinking just boils down to "Whatever is most favorable to us right now!", that is really all there is if you try and analyze beyond you will reach incorrect conclusions 99% of the time.
No we don't. The hands on votec schools don't teach industry history and if you look at that stack overflow poll from a few days ago it looks like the majority of people only spend about 15 years in software development. So once every 10 years or so the majority of developers are two young to know better when 'hard learned lesson' is called into question by one of the rockstars.
This will come to bad end. Its one thing to think about containers and VMs as being their own little hosts and everything, like patching that goes along with that.
Thinking of them as 'application bundles' will lead a nightmarish security situation. With the exception of applications that don't really handle external data you don't get the isolation from containers or VMs that many people seem to thing you do. Suppose you bundle up your CMS server and all the customizations written for it, it access a backed database, later an RCE in the webserver it uses is discovered. Boom your database is compromised because the attacker can control the web front end. Similarly something like heatbleed could go on exposing users private information long after OpenSSL on the host has been fixed if the bundle is never updated.
There is not much out there in the way of tooling to do things like large scale patch management on these bundles. As long as we treat containers as little servers and leave the operating system package management things are alright, we have tools.
Going this route thought is sure to lead to lots of old bad code sitting around out there in unshared-libraries, that never get updated. This will lead to dangerous and frequently surprising consequences I think.
Oh well you have to update the platform test your app and than re-deploy the bundle. Sure that sounds easy. Oh wait no not really it sounds pretty much like updating a VM or fat-container image and redeploying it, less the shell script the change the host name and network address. All to save a few tens of megabytes by not having to include things like 'bash' on the virtual disk image (which admittedly could/would be a security win; payloads would have to get larger and more detectable as attackers can't 'live off the land'). There are already tones of great tools out there to manage scalable farms of VM or Container servers; if that is your use case.
I am not saying there is no value to things like docker, if you want to be able to let uses download your video game or something and be confident it run everywhere, that makes some sense. Anything that handles 'data' someone might care about though the old system of shared libraries for all its faults does mean that your app gets bettered hardened SSL when Microsoft pushes a patch to schannel which might be really important depending on what your application is/does.
Lightweight containers can/will definitely be a good thing, but they are no a one-size fits all solution and suspect people using them to solve the wrong problems will lead to much trouble.
Which is precisely why we should just give up on the stupid concept of income taxes entirely and move to a pure consumptive or pure transaction tax system.
There are zero good reasons not to do so. States and business a like are already setup to cope with sales tax, and exceptions to make it not regressive, which you do but excluding certain items from taxation, cotton clothing, unprepared foods, transportation fuels, heating fuels, and a few other things. EVERYTHING not on that list gets taxed, no matter who or what type of entity is transacting.
Pay an employee, you are a purchaser of time, employer pays the tax. By a share in a company you pay sales tax at purchase time, no capital gains later. Want to 'buy' Euros to spend on your vacation to Spain or to purchase raw materials for your manufacturing company, or for that matter to pay your overseas employees - you pay the tax. Essentially if a dollar changes hands the tax is collected.
There is no tax evasion possible, because there are only a handful of excluded transactions and the same rules apply to everyone and every entity, nobody ever has to 'file' anything.
Right but you have to start somewhere. The 'technocrats' are always telling us the lie that government spending is somehow different. Over the short term maybe that is true, in that I can't print money but they can, over the long term however its wealth in vs wealth out. Military spending is almost uniquely consumptive. When you build a bomb once you use it you no longer have a bomb any more, unless it did something like end WII it probably ultimately means nothing. Sometimes you do get technological advances but only sometimes.
Tell me how OUR society continues to benefit form ordinance detonated over IRAQ 13 years ago..
Even if the government builds a road or a dam we get a road and a dam, by comparison and those things continue to pay dividends for a long time, they give us electricity, a reservoir of potable water to support a city or industry, cheaper and faster transportation of people and goods etc. Even if you spend money on something like education you get a better more productive workforce.
Yes, but a lot of that pork goes to Democratic districts too. I for one have a tough time listing to all this talk about the 'wealth' gap while they support programs that basically hand billions to defense contractors with 300:1 CEO/employee pay rations to make stuff we don't need.
If any of these social just DNC members want me to give a shit about the wealth gap they need to spine to up deal with the issue head on. We collect taxes form a person earning 80K trying to support a partner and 4 kids so we build weapons, for sale to Egypt, which they will purchase with aide money we gave them to do it, again out of that guys tax dollars. Meanwhile its probably a violation of our own law, because there was a coup there (even if that ass hat John Kerry doesn't care to determine so).
Until than I am sticking with 'tax cuts only' crowd because I don't see any good reason throw 'real' money away on these misappropriations, much better to toss debt at them if they can't be stopped, at least debt can one day be defaulted on! I also don't think using the military simultaneously as 'Team America World Police' and a Jobs program is a noble effort. I don't particularly think make work programs are a good idea to begin with but at least if we shifted like 60% of military resource allocations (in terms of people and money) to a new WPA our society might end up with something to show for it.
Except that the app isn't open source. If it was someone probably would have spotted this sooner. So if anything this highlights the danger of using closed source anything crypto related. Sure OSS stuff might have problems, very very clever people might be able to insert back doors and weaken algorithms in ways others might not see, and any software can have subtle bugs, but at least very basic FRAUD as in it does not even attempt to do what it claims would get spotted.
That and the authors probably never would have published the code because lets face it; in 2015 if you know what a bitwise operation is and how to use XOR you know while it might be useful in the act encrypting plain texts it does not itself provide encryption if you just use some static byte over and over again. Shame is a powerful tool, really all of society rests on shame and seeking to avoid it at some level.
The second lesson here is that the app store tramp stamp does not mean you are dealing with quality software, anymore than the old winlogo program ever did. At most it means some basic user interface level QA testing happened. Probably not much better than "we ran the app it appeared upon cursor inspection to have done something that could be similar to what is claimed, it did not crash, and did not display a goatse.cx page." They don't dig into the detail. If something says it encrypts documents, and they don't open when "encrypted" and do open when "decrypted" that is all it takes to pass this level of testing.
Just because you paid for it and got it from an app store does not make trust worthy.
Stop the stupid ass warning for self signed certs and let secure communications between the two parties it concerns.
You don't get those warnings if you have verified and installed and trusted the cert.
This argument that warning about self signed certs is stupid. Look the software has to do something to let you know the connection is insecure, you should assume http is insecure and you know that because the little lock icon is not present. You know http does not contain any other authenticity or integrity controls, you make your choice. https (SSL/TLS) normally is you authentication, integrity, and privacy control suite, you have to be told somehow those things can't be assured when https is in use but no trust relationship has been established.
I suppose the little lock could simply not be displayed but than as use how do I know what the problem is? Is the site using plain text, is the cert expired, not trusted, etc, I have no information about what I might need to do to obtain a secure channel. So you can object to the warning all you want but somehome this information fundamentally must be displayed so a human can make a security decision and take some action.
This is a good thing, and despite the upheaval it will cause for people requiring new certs
Except that it won't cause much upheaval, which is really the only reason they can do it in the fist place.
Google is not the player in China that it is in the west, there is quite a bit of local competition for most Google services there, they really are not even a leader and that has a lot to do with Google actually being "not evil" and refusing to cooperate with the 'Party' on some things.
Chrome isn't Internet Explorer, the people using it across the world are far more likely to understand what a digital certificate is than the general population of Internet browser users. Which is not to say they all do but the fact is if you are using Chrome and to a somewhat lessor extent a Droid device you have somewhat self selected by picking your technology which makes it likely you know something about it. Now select for the users that are making use of Chinese sites, and the pool gets even smaller.
I may be cynical but I still don't believe if say Verisign, Thawte, or GeoTrust had got caught either negligently or willfully making bogus certificates available the result would be the same. I suspect they would be considered To Big to Fail. If you are Google you can't push an update that breaks 30% of the SSL sites westerns (your better paying advertising demographic) visit often. To many of them won't like it, even if in an abstract way a large portion of them do recognize you are looking out for there interests. They will go back to IE or worse put down the Droid phone and pickup their IPad because 'Amazon works with those' and they can 'Watch the Netflix'.
People like driving, some of the time would be the more accurate statement. Lots of folks enjoy a Sunday drive, or even a road trip, relatively few enjoy their morning commute. We like driving our cars when its on our own terms we don't have to be someplace and we have some ability to avoid aggravating situations like high traffic areas and needing to be someplace by 7:30 etc.
This is much the same way we like ridding horses when its not cold, or raining, or for such great distances we get saddle sore, etc. Its a fine hobby but not the ideal way to get to work or the grocery store when your other choice is an modern automobile.
Similarly driving and racing will be find hobbies for those who can afford it, but not the ideal choice to get work if the alternative is you can sit in your personal transportation pod and prepare your notes, eat your breakfast (safely), make phone calls, just relax if you are over tired not feeling well etc.
Ultimately people will drive for the sake of it, but the utility aspect of it will be given over to automation.
I think the parent has a point about the social impact though. More and more we do without interacting with one another. Driving puts many of us into life's beautiful random situations. The route you wanted to take is closed, you detour down a road you have never taken before spot a little restaurant that looks interesting, now you know its there, you can come back and try it some time. If the auto drive system is on and you never look up from your book that does not happen. Road trip same thing, you get tired or hungry you pull off the interstate into some little town, have dinner somewhere meet a few locals, read a historical marker and discover some aspect of history you never knew. Again auto drive system on you just sit there until you arrive at your planned destination. Why stop? just pack a sandwich etc.
Actually I can see this doing more harm to the domestic airline industry than anything. Flying these days SUCKS. By the time you get there an hour early and wait for your luggage on the otherside, quite a lot of the time you could get to your destination by car just as quickly and in greater comfort. Right now I figure you have to go at least 300 miles before a flight makes sense. Suppose you never had stop to sleep/rest/eat because you are not driving, but you have the freedom to ask the car to do it should you want to do so. You also save money not having to rent a car at your destination etc. Suddenly driving all night to get somewhere does not seem like to bad a deal or even all that inconvenient, you can just sleep the whole way like the plane. If its a business meeting you actually could spread some documents on the seats and dash, have room to open the laptop lid all the way, maybe do some work etc.
Slashdot Mirror
There lies the rub. If you push to much of the burden out to homeowners they just might start going off the grid. A little in improvement in battery or other storage tech and it could happen.
That is a problem too because it will create a question of capital. If I have the capital resources to invest in a home energy system to go off the grid and say the payback time is 15 years. I and many other people might decide to do just that.
Where does that leave the people who don't have $30K + maintenance costs to purchase said system? It leaves them on a grid with fewer and fewer customers and probably the customers less dependable for on time payment at that. Because the grid has to go where the people are the fixed operating costs don't go down much, and I doubt the variable costs of distribution are significant. Eventually the local PUC will have to allow distribution and connection fees to go up faced with a bankrupt distributor that nobody will buy and may simply shut its doors otherwise.
The situation on the generation side too is not entirely dissimilar, although the generation business has more variable costs their are limits to how quickly it can scale down. Certainly not as fast as individual home owners can deploy domestic systems. Plants are built with 60 year anticipated service life, if you suddenly only need to generate only 30% of the power in year 20 you anticipated, it may not be efficient to operate the plant profitably at that level.
I want to EMPHASIZE STRONGLY I AM NOT ADVOCATING ANY POLICY POSITION in this post but I think its an interesting question because technology that allows middle class folks to go off grid affordably very much has the potential to result in haves and have-nots when it comes to reliable electrical power, while today even the very poor for the most part have dependable electricity in this country(USA).
Working code speak volumes in the standards process and that is okay. You take on the risk that nobody will be interested in what you have built or you may discover political opposition that you never counted on; if the resistance is strong enough you get left holding the bag having spent time and treasure on something that will never see wide use.
On the other hand if you start out with a large open consensus building process as you say its very likely you don't get anywhere, or end up with a bastardized design by committee mess, and we spend the next two decades reading on slashdot about how if only people had listened to Person about X during the design process the world would be better.
Short answer is there are problems with both approaches and neither is right or wrong, you just have to go with what makes the most sense in terms of resources and time scale for you.
Although, put out by HandSpring (with palm OS) and than later required by Palm, the Treo phones were some of the earliest of what we might consider to be modern 'smart' phones and they really were the best of their generation. Yes Blackberry might have had some more feature richness but needed a lot of propriety costly infrastructure behind it to deliver that functionality. A Treo could do IMAP etc so was actually useful to 'regular' people and businesses that were to small to justify a BES server.
I don't think HandSpring/Palm were wrong to move into the mobile phone market. I don't think they positioned themselves well. Had they gone after the consumer market and branded themselves as the Blackberry for anyone not a shyster^H^H^H^H^H^H sales professional they might have succeeded. If anything they were perhaps to early to market.
The engines themselves still burn fuel as normal, they just weigh less.
Hype or no hype that last clause is a pretty big deal when it comes to anything related to rocketry.
You gotta love the cognitive dissonance. We are perfectly 'okay' (societally) with same gender patdowns because you know that can't be 'sexual' or exploitative, yet we no longer consider homosexuality to be deviant behavior to the point we largely support marriage equality.
My take on its government should not be allowed to have it both ways. You either don't believe in homosexuality as a normal state, or you can't support TSA patdowns. Sexual assault is sexual assault no matter what gender or sex the other persona happens to be unless its invited. And the TSA procedure meets every definition for assault. Do you feel free to turn around and leave if you are selected for an enhanced search? I don't I'd be considerably afraid that if I they suggested they needed to do a patdown and I responded "no thanks I'll just head back to my car" that I would find myself detained shortly their after.
Richrz,
I feel you but I am really afraid that Rand simply isn't his father. I am not sure who Rand or Ted Cruz really are. They don't seem very consistent to me, and in Rands case I don't see much evidence that once faced with 'the realities of the office' he would utterly bend over and just pick up with Bush and Obama left off.
Who we need is someone like this:
http://en.wikipedia.org/wiki/G...
who has announced he is going to run in 2016.
The feds cant use a warrant obtained in the USA to require a US based company to hand over physical documents stored in a foreign company, why should they be able to do it for electronic documents?
What are you smoking. Sure the feds can't use a warrant obtained in the US to go kick in a door on foreign soil, they have to ask the local government their nicely to do it for them (unless its in the Middle East than we just do it anyway); but they certainly can subpena records.
You think for example during the Enron trials if they had just said "gee SEC we don't have to comply with these subpenas for records because we do all out accounting out of our Mexico City office", the feds would have responded "Oh well than I guess there is nothing we can do". No they would have been held in contempt and punished that way.
Two sides of the same coin, isn't it?
No its not. A records request in accordance with some kind of due process that is public information and established before the event, is decidedly not spying.
You are welcome to consider such a process bad law, and objectionable for any number of reasons but its a very different animal. At least someone is accountable for it, whether its a judge who signed a warrant and legislator who signed the law authorizing record sharing with $AGENCY. There is a (theoretically) functional political process by which you can attack the problem.
On the other hand spying is done in secret, so nobody is effectively accountable. You never learn that it happened in many cases so you can never seek redress. The politician and legal process for dealing with it when revelations do come out are entirely broken, look at the legal standing issues around the phone metadata law suits ,etc.
Domestic spying is IMHO way way worse, in that it represents and entirely extra-legal undemocratic application of government power, without due process and frequently in violation of other civil rights. Government fundamentally can't be by the people and for the people when its secret from the people. All those who support these programs are immediately wrong for doing so, be they are contrary to the fundamental mission of our government set fourth in the Constitution and its Bill of Rights. There can be no justification.
This isn't about spying its about compliance with records requests and privacy laws. EU has all kinds of (frankly downright crazy) privacy laws around email. That make it difficult to hand records to anything third party (that isn't an EU or member nation organ) and still be in compliance with the letter of the law; the US government is arguing that our courts etc have the power to subpena records on overseas servers.
This puts companies like Microsoft between a rock an hard place, they essentially can't follow both sets of rules if US jurisdictional rules are not limited in scope to well, the US.
I am not sure what the right answer is here, but it is a problem.
If someone defecated on my dinner table I would never eat off that table again.
Really why? I mean you know we have things like disinfectants and such that would make it entirely safe right? A little soap water, and some elbow grease to clean it, then follow it with a little Lysol (which probably from a health stand point isn't even needed) and it should be cleaner and more germ free than before there was a turd on it.
Have you ever been around small children or had sick pet? If your standard is must dispose of anything that has even been in contact with fecal matter must be disposed of you had better avoid both pets and children or be prepared to replace all your furniture several times over.
That said I would much my ordering of things would be:
Pie theft
Turd leaving
iPad theft
I mean Pie's are cheap and easy to make. If the wife does not feel like making another we can just go get ice-cream or something. Occasionally turds have to be cleaned up, that comes with life and I can handle it, but I'd rather bake a pie. The iPad is pretty pricy.
Well I would add to that list a little bit, the national tlds are perfectly reasonable for serious business, and perfectly well intentioned individuals to use as well, I don't have a problem with .us, .uk, .ca, ...
The anything goes as a TLD situation though is what sucks. We have enough problems with 'identity' when we care about it online as it is without adding ambiguities like, does example mean example.example.com because I have example.com. in my search suffix list or is it a tld, well okay if it was a tld it should have been written example. but did the moron who wrote the app I am using that uses that as a string component to create some more complex URI to send somewhere else know that?
I hate this mess.
the real story is: what applied back in the turn of the century does not apply any longer.
Yet there are no good reasons that it could not apply again.
they were INVESTED here, they eventually learned the language and merged in. that was then.
what we have now is a 'grab, take, return home' situation.
Its much easier to invest in something when you have a fairly concrete promise. H1Bs (and various other forms of visa holders) can't really expect to become full citizens with any degree of certainty at anytime. We ought to fix that problem.
stop playing star spangled banner and smell the real coffee. what worked 100 years ago is not applicable now. the workforce is too crowded, the unemployment is sky high and we are borderline on depression, again and again.
This is just false. The unemployment rate is probably lower now than it was at the turn of dawn of the 20th century. The difference now is people feel entitled to stay where they are, back then you moved where the work was. The other thing is the economy is much more stable than it was then, even with the trauma of the 2007-10 years. I actually think THAT IS A PROBLEM, its the reason we have such a big wealth gap, its the reason we have "long term unemployment", its the reason we have problems like 'systemic risk' we don't let the big fail we don't stir the pot so folk shift in an out of the workforce; we prevent industry for adapting to the needs of the day.
and yes, I do think that being born in a country and raised there DOES give you more rights over those who just moved in. try moving to germany or france or austria or switzerland or probably most other european countries and trying to be 'a citizen'.
The failures of others is not a justification for not attempting to do/be better. It may offer proof the problem was hard and excuse failure but it isn't in and of it self a good reason not to try if the ends are noble.
Honestly the best way to 'fix' the problem IMHO is do away with all the quota and specialty visa programs. Let anyone who wants to come do so. Tell them they have 24 months during which they must any felony convictions and pass a 4th grade level English exam (for anyone over the age of 10), and provide the government with current contact information at all times. If they do that they get a green card. Commit a felony automatic deportation NO reentry ever. No unaccompanied minors unless they can prove they have relatives willing to house them. Fail to pass the English exam they must go home and can try to immigrate again after one year. Failure to provide contact info or sit for the exam is felony illicit immigration.
That way its nice an simple and open to every, which means anyone who does immigrate illegally is almost certain to be an undesirable or other sort of bad actor we should have little sympathy for; which means we CAN secure boarder (utilizing force as required) and work aggressively to discover and deport anyone who is not supposed to be here.
Pretty much what I said a week ago and got modded into oblivion for it. Google already has/had an somewhat antagonistic relationship with parts of the Chinese government and they don't get the revenue from there they get elsewhere and are unlikely to do so in the near future.
Which is the problems with the CA system, To Big to Fail CAs now exist. What if this was Verisign/GeoTrust/Thawte etc caught doing something like this. Think any of the major browser or OS vendors would even consider revocation of there roots? I don't.
So there is no real remedy for misbehavior now.
holder ceases to publish, market, support and profit from a product
Its a nice idea but kinda hard to enforce. Suppose Microsoft wants to make sure XP's copyright does not expire early. They gather up 20 retail copies of "new old stock" they have somewhere an set an Outlook reminder to put one on Ebay once a year. Does that count? What if its a small ISV with a shareware product that they maybe only sell a handful of license for per year. Its not a product they pay much attention to but hey once in a while someone decides to toss them $50 to make the nag screen go away, it costs them nothing to leave the license generator and sales page up on their site, so what not? Should they not be allowed to do that as long as they care to?
We you make to many rules it just creates to many questions and to many competing interpretations. It leaves everyone wonder what really is allowed and what isn't and the real beneficiaries end up being the attorneys.
I think we need to keep it simple like, authors lifetime + 15 or just strait 75 years where author is a nonhuman legal entity. No ifs, ands, or buts, no renewals, sorry Disney you can't own Micky for ever.. type system.
They would be indignant, I am sure.
They are like the ISP/Telco/Wireless provider crowd though they want to have it both ways. "I am a common carrier" when it affords me legal protection or entitles me to some government handouts, rights of way etc, "I am pure commercial entity that should be except from regulation" when I want invent new revenue streams and leverage my monopoly by double dipping.
Same for the games industry, suggest they should be regulated and the cry is "We are artists, free speech!", unless that pesky first sale doctrine implies you could resell it like a novel or a painting, than "we are service providers!". Same deal on copyrights if someone uses their stuff for anything "OMG Pirates!, save the intellectual properties", they want to use something, "its just sampling".
These are not rational and consistent arguments they are making. You can't therefore try and reason with them or make assumptions about what their position will be for a given set of facts, you have to understand there thinking just boils down to "Whatever is most favorable to us right now!", that is really all there is if you try and analyze beyond you will reach incorrect conclusions 99% of the time.
No we don't. The hands on votec schools don't teach industry history and if you look at that stack overflow poll from a few days ago it looks like the majority of people only spend about 15 years in software development. So once every 10 years or so the majority of developers are two young to know better when 'hard learned lesson' is called into question by one of the rockstars.
This will come to bad end. Its one thing to think about containers and VMs as being their own little hosts and everything, like patching that goes along with that.
Thinking of them as 'application bundles' will lead a nightmarish security situation. With the exception of applications that don't really handle external data you don't get the isolation from containers or VMs that many people seem to thing you do. Suppose you bundle up your CMS server and all the customizations written for it, it access a backed database, later an RCE in the webserver it uses is discovered. Boom your database is compromised because the attacker can control the web front end. Similarly something like heatbleed could go on exposing users private information long after OpenSSL on the host has been fixed if the bundle is never updated.
There is not much out there in the way of tooling to do things like large scale patch management on these bundles. As long as we treat containers as little servers and leave the operating system package management things are alright, we have tools.
Going this route thought is sure to lead to lots of old bad code sitting around out there in unshared-libraries, that never get updated. This will lead to dangerous and frequently surprising consequences I think.
Oh well you have to update the platform test your app and than re-deploy the bundle. Sure that sounds easy. Oh wait no not really it sounds pretty much like updating a VM or fat-container image and redeploying it, less the shell script the change the host name and network address. All to save a few tens of megabytes by not having to include things like 'bash' on the virtual disk image (which admittedly could/would be a security win; payloads would have to get larger and more detectable as attackers can't 'live off the land'). There are already tones of great tools out there to manage scalable farms of VM or Container servers; if that is your use case.
I am not saying there is no value to things like docker, if you want to be able to let uses download your video game or something and be confident it run everywhere, that makes some sense. Anything that handles 'data' someone might care about though the old system of shared libraries for all its faults does mean that your app gets bettered hardened SSL when Microsoft pushes a patch to schannel which might be really important depending on what your application is/does.
Lightweight containers can/will definitely be a good thing, but they are no a one-size fits all solution and suspect people using them to solve the wrong problems will lead to much trouble.
Which is precisely why we should just give up on the stupid concept of income taxes entirely and move to a pure consumptive or pure transaction tax system.
There are zero good reasons not to do so. States and business a like are already setup to cope with sales tax, and exceptions to make it not regressive, which you do but excluding certain items from taxation, cotton clothing, unprepared foods, transportation fuels, heating fuels, and a few other things. EVERYTHING not on that list gets taxed, no matter who or what type of entity is transacting.
Pay an employee, you are a purchaser of time, employer pays the tax. By a share in a company you pay sales tax at purchase time, no capital gains later. Want to 'buy' Euros to spend on your vacation to Spain or to purchase raw materials for your manufacturing company, or for that matter to pay your overseas employees - you pay the tax. Essentially if a dollar changes hands the tax is collected.
There is no tax evasion possible, because there are only a handful of excluded transactions and the same rules apply to everyone and every entity, nobody ever has to 'file' anything.
Right but you have to start somewhere. The 'technocrats' are always telling us the lie that government spending is somehow different. Over the short term maybe that is true, in that I can't print money but they can, over the long term however its wealth in vs wealth out. Military spending is almost uniquely consumptive. When you build a bomb once you use it you no longer have a bomb any more, unless it did something like end WII it probably ultimately means nothing. Sometimes you do get technological advances but only sometimes.
Tell me how OUR society continues to benefit form ordinance detonated over IRAQ 13 years ago..
Even if the government builds a road or a dam we get a road and a dam, by comparison and those things continue to pay dividends for a long time, they give us electricity, a reservoir of potable water to support a city or industry, cheaper and faster transportation of people and goods etc. Even if you spend money on something like education you get a better more productive workforce.
Yes, but a lot of that pork goes to Democratic districts too. I for one have a tough time listing to all this talk about the 'wealth' gap while they support programs that basically hand billions to defense contractors with 300:1 CEO/employee pay rations to make stuff we don't need.
If any of these social just DNC members want me to give a shit about the wealth gap they need to spine to up deal with the issue head on. We collect taxes form a person earning 80K trying to support a partner and 4 kids so we build weapons, for sale to Egypt, which they will purchase with aide money we gave them to do it, again out of that guys tax dollars. Meanwhile its probably a violation of our own law, because there was a coup there (even if that ass hat John Kerry doesn't care to determine so).
Until than I am sticking with 'tax cuts only' crowd because I don't see any good reason throw 'real' money away on these misappropriations, much better to toss debt at them if they can't be stopped, at least debt can one day be defaulted on! I also don't think using the military simultaneously as 'Team America World Police' and a Jobs program is a noble effort. I don't particularly think make work programs are a good idea to begin with but at least if we shifted like 60% of military resource allocations (in terms of people and money) to a new WPA our society might end up with something to show for it.
Except that the app isn't open source. If it was someone probably would have spotted this sooner. So if anything this highlights the danger of using closed source anything crypto related. Sure OSS stuff might have problems, very very clever people might be able to insert back doors and weaken algorithms in ways others might not see, and any software can have subtle bugs, but at least very basic FRAUD as in it does not even attempt to do what it claims would get spotted.
That and the authors probably never would have published the code because lets face it; in 2015 if you know what a bitwise operation is and how to use XOR you know while it might be useful in the act encrypting plain texts it does not itself provide encryption if you just use some static byte over and over again. Shame is a powerful tool, really all of society rests on shame and seeking to avoid it at some level.
The second lesson here is that the app store tramp stamp does not mean you are dealing with quality software, anymore than the old winlogo program ever did. At most it means some basic user interface level QA testing happened. Probably not much better than "we ran the app it appeared upon cursor inspection to have done something that could be similar to what is claimed, it did not crash, and did not display a goatse.cx page." They don't dig into the detail. If something says it encrypts documents, and they don't open when "encrypted" and do open when "decrypted" that is all it takes to pass this level of testing.
Just because you paid for it and got it from an app store does not make trust worthy.
I find it interesting that these telecommunication companies want to be known as a Common Carrier only when it benefits them. They want it both ways.
I don't find it interesting that they want to read the rules in way that is most helpful to them whatever the situation is, most people want that.
What I find interesting is that the think they can get away with an inconsistent characterization of who/what they are.
Stop the stupid ass warning for self signed certs and let secure communications between the two parties it concerns.
You don't get those warnings if you have verified and installed and trusted the cert.
This argument that warning about self signed certs is stupid. Look the software has to do something to let you know the connection is insecure, you should assume http is insecure and you know that because the little lock icon is not present. You know http does not contain any other authenticity or integrity controls, you make your choice. https (SSL/TLS) normally is you authentication, integrity, and privacy control suite, you have to be told somehow those things can't be assured when https is in use but no trust relationship has been established.
I suppose the little lock could simply not be displayed but than as use how do I know what the problem is? Is the site using plain text, is the cert expired, not trusted, etc, I have no information about what I might need to do to obtain a secure channel. So you can object to the warning all you want but somehome this information fundamentally must be displayed so a human can make a security decision and take some action.
This is a good thing, and despite the upheaval it will cause for people requiring new certs
Except that it won't cause much upheaval, which is really the only reason they can do it in the fist place.
Google is not the player in China that it is in the west, there is quite a bit of local competition for most Google services there, they really are not even a leader and that has a lot to do with Google actually being "not evil" and refusing to cooperate with the 'Party' on some things.
Chrome isn't Internet Explorer, the people using it across the world are far more likely to understand what a digital certificate is than the general population of Internet browser users. Which is not to say they all do but the fact is if you are using Chrome and to a somewhat lessor extent a Droid device you have somewhat self selected by picking your technology which makes it likely you know something about it. Now select for the users that are making use of Chinese sites, and the pool gets even smaller.
I may be cynical but I still don't believe if say Verisign, Thawte, or GeoTrust had got caught either negligently or willfully making bogus certificates available the result would be the same. I suspect they would be considered To Big to Fail. If you are Google you can't push an update that breaks 30% of the SSL sites westerns (your better paying advertising demographic) visit often. To many of them won't like it, even if in an abstract way a large portion of them do recognize you are looking out for there interests. They will go back to IE or worse put down the Droid phone and pickup their IPad because 'Amazon works with those' and they can 'Watch the Netflix'.
People like driving, some of the time would be the more accurate statement. Lots of folks enjoy a Sunday drive, or even a road trip, relatively few enjoy their morning commute. We like driving our cars when its on our own terms we don't have to be someplace and we have some ability to avoid aggravating situations like high traffic areas and needing to be someplace by 7:30 etc.
This is much the same way we like ridding horses when its not cold, or raining, or for such great distances we get saddle sore, etc. Its a fine hobby but not the ideal way to get to work or the grocery store when your other choice is an modern automobile.
Similarly driving and racing will be find hobbies for those who can afford it, but not the ideal choice to get work if the alternative is you can sit in your personal transportation pod and prepare your notes, eat your breakfast (safely), make phone calls, just relax if you are over tired not feeling well etc.
Ultimately people will drive for the sake of it, but the utility aspect of it will be given over to automation.
I think the parent has a point about the social impact though. More and more we do without interacting with one another. Driving puts many of us into life's beautiful random situations. The route you wanted to take is closed, you detour down a road you have never taken before spot a little restaurant that looks interesting, now you know its there, you can come back and try it some time. If the auto drive system is on and you never look up from your book that does not happen. Road trip same thing, you get tired or hungry you pull off the interstate into some little town, have dinner somewhere meet a few locals, read a historical marker and discover some aspect of history you never knew. Again auto drive system on you just sit there until you arrive at your planned destination. Why stop? just pack a sandwich etc.
Actually I can see this doing more harm to the domestic airline industry than anything. Flying these days SUCKS. By the time you get there an hour early and wait for your luggage on the otherside, quite a lot of the time you could get to your destination by car just as quickly and in greater comfort. Right now I figure you have to go at least 300 miles before a flight makes sense. Suppose you never had stop to sleep/rest/eat because you are not driving, but you have the freedom to ask the car to do it should you want to do so. You also save money not having to rent a car at your destination etc. Suddenly driving all night to get somewhere does not seem like to bad a deal or even all that inconvenient, you can just sleep the whole way like the plane. If its a business meeting you actually could spread some documents on the seats and dash, have room to open the laptop lid all the way, maybe do some work etc.