I agree with your statement but what people *need* to understand about exercise is that its not really about the calories you burn while you are doing its about your overall metabolism.
If you say go hiking most weekends in summer and cross country skiing most weekends in winter, you are going to have a great deal more muscle tissue on your legs are arms than someone who spends their weekends in front of their xbone. You will also have cardio-pulmonary development to support sustained high output.
That muscle tissue and elevated metabolism is going to sit there burning more calories during the week while you sit in the office at your desk. So in the context of exercising to lose weight its not really about the energy expenditure in performing the direct act, its about about turning your body to "run hotter".
You are probably right but there are some things to consider here.
1) Transporting nuclear waste by rail is not exactly blue sky research. I don't think anyone seriously doubts we can find a way to get that done. Which is not say it will not take a great deal of thinking, research, testing, around the safety engineering of it or that it would be expensive to do.
2) It may prove politically impossible to ever transport these materials on a large scale. After the recent accidents with oil on rail, have the public pretty squeamish, about hazardous materials moving thru their back yards. Decades of propaganda have lots of people afraid and opposed to atomic* or nuclear* in general. In the wake of Fukushima we have already seen major western nations shutter their nuclear generating. If these trains were ready to roll today and there was a disposal site, politics would never let it happen. So there may be no need to undertake 1.
3) For practical reasons there may never be any disposal site. First for technical reasons breaders probably still make more sense, and solve the spent fuel problem. If we move in that direction most of the spent fuel isn't spent at all and it may be better to keep where it is now so its accessible. Reduces the need for 1, although only partially we still might need to move the stuff between sites.
4) Politically there may never be a disposal site. Reid has basically killed Yucca. If we can't muster the political will to put a storage facility in sparsely populated low economic value desert I don't know how we'd ever get it done anywhere else.
5) Environmentally it has been determined that even Yucca, most promising spot identified today is really not as ideal as we once thought. There may not be anyplace that is really 'good' to use as a radio active waste dump. Again killing the need for 1.
So in light of the fact that 1 is a known obstacle which we are confident is solvable, while the fundamental issues are more open questions it probably does make more sense to try and resolve the other issues first.
Removing elected officials from office because of their corruption is not contrary to the rule of law.
Umm yes it is contrary to the rule of law unless you: A) have an established process by which a leader can be impeached B) follow process A
The winner won because the whole "should we split up the country" issue breaks down geographically and the pro-Russia part of the country more or less could not vote. Just like the pro-Western groups in Crimea more or less could not vote. Either both of those 'elections' is legitimate or neither is. The Fact is neither election was anything close to what we would regard as inclusive, free, and fair.
I am not buying any of the propaganda about the current leadership and its legitimacy. The Fact is the previous president was compelled to leave office via extra-legal means.
Fled vs Ousted is really a Symantec argument as nobody does what would be described as "fleeing" except under duress, otherwise its just "leaving" and nobody is saying he just left. It comes down to if you want to add a connotation of cowardice and guilt or not.
You can spin things as much as you like. If you want to say we helped oust a corrupt, leader who was trying to give the nation away to his Russian counter parts. That might be true, but you cannot claim it was done by standing up for the rule of law. That is plainly false.
I remain convinced that better maneuvering around this issues was perfectly possible. A little more prudent and careful action could have gained us the westernized Ukraine we wanted without escalating apparent tensions with the Russians it jsut would have taken a few more years.
"sovereignty" what a fucking joke. They ousted a lawfully elected president, using an unlawful process at our urging. Lets face it when Obam says "elections have consequences" he means "election have consequences, if the elected is me". We have seen this with Morsi as well.
I am not saying Yanakovich was good guy; but we could have taken all their air out of this thing at the start if we would have backed Russia, in insisting the rebels/rioters just go home. Putin did not like Yanakovich either but had more or less backed him publicly at the time. It would have been much more politically challenging for him to get away with invading Ukraine while the sitting Russian leaning president was in office and than after he lost the next election to a European leaning one. Now we a situation where people can argue about the the legitmacy of the current office holders, Putin can and does make the very correct argument they are no more or less legitimate than the separatist leaders.
We could have avoided all this if Obama had been a little more patient and not tried bring Ukraine under Western influence so aggressively and quickly. It would have happen, was happening just needed time.
Now this is really Russia's game to loose. Ukraine is strategically more valuable to them than us. We have more immediate threats to deal with ISIS, Assad, IRAQ, Hamas, North Korean, and the African coast. All of those pose much greater economic and security risks to us than what happens in Non-NATO Eastern Europe.
The problem with 'Big Data' is everyone is trying to use it as a substitute for actual hypothesizing and experimentation.
I am not suggesting it isn't useful, it is, and it can be a huge help in identifying non-intuitive relationships that may exist. Its not being marketed that way though! Everyone is trying to sell it as the solution to all their unresolved problems and knowledge gaps.
At the end of the day all it can ever show is correlation, never causation. All the fancy AIs we add on top are really just correlation engines as well. One day real-soon-now WATSON or something like it will diagnose your cancer. It won't 'discover' the cure though, it will just apply the 'KNOWN' treatment that statistically correlates with the best outcome, hopefully excluding some which correlate with especially un pleasant side effects.
Same is true with the financial markets. Big Data alone will never discover a unified theory that explains market behavior. It will probably make a handful of people stupid amounts of money based again or event correlation and speed. As long as those are the drivers though we will remain forever at risk of sudden meltdowns.
I have worked with lots really sharp guys from India, mind you they have been here in the US. Which implies selection bias, they were ones who had the interest, ability, and resources to get here. I have worked with lots of guys and from all over Europe an South America as too. Some great some not so great.
I don't think 'where' has much to do with it, talent is talent and it cares not about the label applied to map marking ones place of birth.
That said I don't think much of these programs. I expect 'my government' to look out for the 'general welfare' of 'my fellow countrymen'. I think the long term economic wisdom of importing all these workers from elsewhere is highly questionable. Based on intuition, labor statistics, and anecdotes, I fail to to reach the conclusion that the vast vast majority of tech jobs could not be filled by current citizens. Its not even clear it would alter the long term cost structure of these companies much; even if it did hurt the next few quarters.
So I suggest we dispense with all of the crap, the unsubstantiated economic voodoo, the nationalism, and the Xenophobia. Lets stop incentivising off-shoring and importing of workers. Lets not disincentivise it either. Get rid of the tax loop holes; dump payroll taxes entirely. Just allocate what is required for entitlements like SS and Medicare from the general fund. Get rid of the tax exemption on benefits make them taxable as regular income. Provide that no employer may require an employee to participate in their benefits program. That will make the heal-care market place more open and take that dimension mostly out of labor competitiveness.
Then adopt a permissive immigration policy, no quotas no incentives. Let as many people come as want to but require they prove at least one of the following:
1) An offer of gainful employment 2) Existing financial resources on which they can live for at least two years.
Denying access as the default and explicit allowing exceptions is much more secure than the opposite.
Well no argument there but there are appropriate places to install filters and in appropriate ones. Its the job of the firewall to prevent connections to outside resources or possibly a proxy or gateway server, not the DNS servers because if the ip can be discovered some other way the control is bypassed.
Naturally in a high security environment you might need to control DNS. It can after all (at least with a cooperative) remote server be used for ingress and egress. You might configure an internal DNS server to return records only for zone on which it is an authority and perhaps whitelist specific external zones like our.trusted.partners.com; but you certainly are not going to say allow it to resolve any.com and not any.mail|.food|.biz that makes no sense.
Right so we can repeat the problems where dip shit network admin decided to not read any documentation and used something other than RFC1918 address space for internal routing. Now Bob in customer service is trying to get to the clients website which happens to be in the same IP range internal hosts uses, and wonders why he can't.
Seen it. You can't just exclude conflicting TLDs because sooner or later someone might need a resource on one of those tlds.
There is a universal truth out there nobody, not even Vixie, fully understands DNS in terms of all its interactions with it self scaled globally and what assumptions (correct or otherwise) software that uses it makes.
I fail to see how this proposed behavior solves anything. Most software out there was written to assume that if you get back an address DNS resolution worked, if there was a problem you get back something like NXDOMAIN. Lots of apps are not going to report any problems if they get back 127.0.53.53, there are going to sit and wait for the connection to time out or depending on how the system is configured report connection refused. Leaving the user with no way to know the name was wrong.
Its not good for developers writing new code either, because now they have to do somethig like this:
Try addr = gethostbyname($hostname)//stupid hack to test for 127.0.53.53 raise NSException.NXDOMAIN if addr == aton("127.0.53.53") dosomethingwithaddress(addr) catch NSException => e echo 'Name resolution problem' + e.msg >> $strerr end
Which is ungly confusing and stupid.
Of course the real issue here nobody is taking care of is the security one. Bob is happily using his laptop to read his mail on the corporate network connected to mail.some_now_public_tld and then he goes to the coffee shop, the guys operating some_now_public_tld fixup their dns to answer for mail and wait for Bob to send his credentials. It will work too because Its a certain that the same folks who thought it was a good idea to ignore the rfcs and use some_now_public_tld are the same ones who still think its okay to run services with no authentication to the client. So Bobs mail app not configured to use SSL etc never checks any server cert and just sends his password.
many otherwise well-informed people think they have to do something wrong, or stupid, or insecure
Wait how does executing code delivered over a clear text channel without some other strong attribution and integrity controls in place not count as stupid or insecure.
Then we have slashdot here were we shove our session cookies back and forth in clear text. Not ideal but I don't execute code from slashdot (noscript) and I don't reuse my user name ore password elsewhere. So that lowers my exposure somewhat.
The browser makes need to at this point: Disable the execution of any script or content of any script tag that was not transferred securely or loaded from local media; by default. Perhaps provide a white-list function to accommodate legacy intranets and stuff. They should similarly deny embedded objects like flash, sliverlight, acrobat, etc in those situations.
This would do a lot to protect people from both inject attacks and various forms of phishing. It would also really push site operators and web hosts to make sure SSL is available everywhere.
He admits to the acts but not to the intents. Intent is a big part of criminal culpability. He would also dispute many of the claimed harms done.
I work in Information Security, much of what I do phishing, exploit development, etc would be illegal except for intent and harm. There is no harm because any property I obtain or gain control of is not converted for my use but promptly returned unimpaired. I have no intent to illegally convert anything for my use or disclose any information about your organization but rather to fully comply with the NDA and scope of activities agreement I signed with your boss.
And for those reasons it isn't fraud when I call you pretending to be from the IT Directory from the European Subsidiary needed you to install the emgency "patch" I am about to e-mail you.
The law is not as simple as "what you did" why you did it matters and so does what the outcome was and even what the potential outcomes were.
many of the highly rated comments are really just wisecracks which might be funny, but don't add anything to the discussion.
Two comments on that.
The wise cracks tend to actually be moderated as "funny" by simply not including a funny moderation options a site would probably do a lot to discourage modding comments of that type up. A site could also easily offer user preferences for not including funny up mods when determining how to sort comments for display time.
A bit of levity might not directly contribute to the conversation by may encourage others to participate who otherwise would not have. IT may also inspire creative thinking in others leading to additional insight. Humor is something many people use to tackle issues they find challenging.
if he was a true patriot as he claims he'd have faced the music
Oh come on, what the hell is patriotic about being shoved in an oubliette some place, after a show trial where you can't present any evidence because everything is classified?
Snowden would never get anything resembling a fair trial before a jury of his peers. A show trial is the most he could hope, but its just as likely he'd be held pretty much indefinitely without trial on some flimsy constitutionally unsound national security pretext. If you want to know who the cowards are its Kerry, Clapper, and Alexander who want to burry him or avoid tackling his criticism with lies and indirection rather than confronting it with actual facts.
Going through the system, and there is evidence he did try does not work. Just try filing and FOIA request about anything that is connected to "terrorism" in their wildest imaginations (like animal rights) and see what happens. The first time you will probably get a nice letter back telling you: "they can't tell you why they can't tell" you what you wanted because 'national security'. Send a another request for ANY information on how they handled your first request and they will probably just stonewall. Which is ILLEGAL the law say they have 20 days to do something and the three letter agencies won't do that.
Statistically you are more likely to die falling out of bed than you currently are from any kind of terrorist attack. Logic would then dictate at the very least we would create a "Bedtime Safety Authority" to make sure we are all tucked in at night before investing more in counter terrorism and yet we keep allocating more and more federal to that; well that is what the NSA tells us they are doing with them anyway preventing terrorism. Then we also dump more money into policing while crime nears all time lows, and yet no recruitment fliers for the BSA are there to be found.
There are no good reasons for these people to be doing what they are so they instead just want to silence critics like Snowden. No Snowden is no coward he is the guy that gave up home, family, and a cushy job in paradise to keep this issue alive.
Automating war is a scary. What people should really look at is things like the flash crash to know why; or even the recent BGP hijacks for that matter.
The more automation your create and the more those autonomous systems interact with one another the more potential you have for bizarre positive or negative feedback problems. Eventually the system becomes so complex it is no longer very predictable but plenty dangerous.
The stock market today can plunge 700 points for no fundamental reason what so ever. One machine starts selling, which triggers another machine to act and so on. Its bad enough when its only money, and these people want to weaponize it!
Or one person manages to compromise one machine and instructs it do something like advertise a route and the next thing you know thousands of other machines react to it making the attack possible.
Not to go all SkyNet but something like this could quite literally inflict massive damage on the world before any person even realizes something is wrong. Be pretty sad if a software bug ends modern society as we know it because some asshat military-industrial-complex guy thought automated strikes were a good idea.
I am sure it came from all the property the cease without any kind of due process. The DEA like the NSA is so out of control and so culturally broken the ONLY viable solution is complete dissolution of the agency. The cancer is so bad just outright killing the patient is the best outcome; we can't fix'em.
Honestly we need a whole house cleaning of these two agencies (to start with) that includes pretty much anyone who has greater role than sweeping the floors or brewing coffee. Every last 'analyst' every supervisor, every IT guy. We need to ensure the current culture dies completely.
Given all the ridicules and bullshit mental gymnastics the government does all the time to argue they can do clearly unconstitutional things like compel you to use your private property to purchase a service you may not want; its not hard to construct a right to travel. In fact I think the right to travel is actually pretty clear.
We have a first amendment right to peaceful assembly. In order to assemble one must be able to go to that place the assembly is taking place. (1) this should establish a basic right to right travel.
Now can the government determine how you travel? No it can't. The tenth amendment grants any powers not enumerated for the federal government or reserved for the states to the people. No where is the an enumerated right for the government to define in what manor a citizen may travel. (2) So its clear they cannot constitutionally forbid you to fly, ride a bus or train or car, bike etc.
Which leaves the commerce clause, where you could make an argument that transporting someone over state lines constitutes interstate commerce, so they probably have you there, but if you want to fly from say Cleveland to Cincinnati I don't believe there is any legitimate way the Federal government can interfere constitutionally, but good luck getting thru the TSA line if you are on one of their lists regardless.
What you are looking for is ex post facto but that isn't the case against the Computer fraud and abuse act. What that means is you can't do something which is perfectly legal, congress decide they don't like it, quickly pass a law against it and than prosecute you for what you did before the law was written.
The problems with the CFNA are that it is, 1. Vague - a law that is so broad a prosecutor can apply it to basically anything is unconstitutional, or void for vagueness.
2. Its cruel and unusual in that the sentences is prescribes are often far more severe than many violent crimes. When altering the query string in your URL bar can get your more years than rape something is terribly terribly wrong.
One lack of authentication for the miners with the pools. Something a few SSL on the servers and wrapping those sockets calls with openSSL would make the route hijacking ineffective for stealing mining resources.
So there is a lesson in this whatever it is you are doing on the internet if you care AT ALL about it you should be using SSL and checking certs, (Looking at your slashdot) sure there are tons of problems as weaknesses in SSL but until something better comes along its beats the hell out of clear text with no authentication what so ever.
Two BGP needs to be replaced or updated to support much stronger authentication and the network operators need to just push getting it done, even if it means telling customers we can't / won't peer with you and neither will anyone else unless you get you routers and or software update to do this. If they stick together in it there should be no trouble getting that done.
Stealing some computer cycles used to generate bit coins is probably among the least real harm someone with access to advertise bogus routes in BGP could do; and lots of people are in a position to do that. We should be thankful its only a little money these guys were making off with. The Internet has gotten to big for the network operators to just relay on everyone playing nice and being good citizens, We need some stronger technical controls put in place and regular auditing beyound well nobody has complained on NANOG.
Okay maybe its not the kind of thing I would be willing to invest time and money in; but you could easily ask the opposite question:
What kind of society have we become when we allow vendors to blatantly misrepresent products prior to sale?
Sony should be honest about the products actual specifications. We have regulations in place because we collectively decided that all the snake-oil selling had to stop. We standardized weights and measures, and pass truth in advertising laws. They should be followed, simple as that.
No the computer needs to make better decision than the typical driver. The average driver is probably considerably worse than the mode, because there are some really horrible drivers out there.
Exactly the entire effort is wrong headed. If someone wants to cause a calamity they can.
Consider the west. You don't even need cells of 5 people, if you just had 20 people that all agreed they were going to drive out some highway in 20 different areas out west and start a wild fire all on the same day it could easily be enough to exhaust fire fighting resources. All of the could accomplish that with no training and supplies they could acquire at any gas station on the way to job without raising any suspicion. It could very well be the largest loss of property this country has ever seen.
The reality the SECURITY apparatus does not want to admit is there are in fact NOT that many people who want to hurt the United States AND are capable of getting here in the first place. There are so many soft but high value targets, we would be victims of high impact domestic terrorism every frigging day if even a few percent of the people on the list had real intent to act. The list is worse than useless its a distraction its pull resources that either don't need to go to security in the first place or security resources that would be more effective utilized elsewhere.
Really what we NEED to do is secure our boarder. its a fucking joke to strip search airline passengers, when literally any able bodied person can just walk in over our southern boarder, having come from the essentially lawless regions of South American and the Mexican state doing nothing to impede them. The best way to improve our security situation here would be fix the boarder problems so that people can not cross it illegally, and be much much more careful about who we grant visas and allow in here.
I bet most projects would be happy to accept patches to their man pages, and files they store in/usr/doc/ if they improve quality or accuracy.
This is one of the few areas where just about anyone can contribute even if you don't code. Chances are you can still read it enough glean what the expected options are etc.
Google should start trolling their competitors. All they have to do is park a boat someplace and they can spur everyone into a flurry of pointless activity and worry.
Slashdot Mirror
I agree with your statement but what people *need* to understand about exercise is that its not really about the calories you burn while you are doing its about your overall metabolism.
If you say go hiking most weekends in summer and cross country skiing most weekends in winter, you are going to have a great deal more muscle tissue on your legs are arms than someone who spends their weekends in front of their xbone. You will also have cardio-pulmonary development to support sustained high output.
That muscle tissue and elevated metabolism is going to sit there burning more calories during the week while you sit in the office at your desk. So in the context of exercising to lose weight its not really about the energy expenditure in performing the direct act, its about about turning your body to "run hotter".
Yes that right wing nutjob Harry Reid.
You are probably right but there are some things to consider here.
1) Transporting nuclear waste by rail is not exactly blue sky research. I don't think anyone seriously doubts we can find a way to get that done. Which is not say it will not take a great deal of thinking, research, testing, around the safety engineering of it or that it would be expensive to do.
2) It may prove politically impossible to ever transport these materials on a large scale. After the recent accidents with oil on rail, have the public pretty squeamish, about hazardous materials moving thru their back yards. Decades of propaganda have lots of people afraid and opposed to atomic* or nuclear* in general. In the wake of Fukushima we have already seen major western nations shutter their nuclear generating. If these trains were ready to roll today and there was a disposal site, politics would never let it happen. So there may be no need to undertake 1.
3) For practical reasons there may never be any disposal site. First for technical reasons breaders probably still make more sense, and solve the spent fuel problem. If we move in that direction most of the spent fuel isn't spent at all and it may be better to keep where it is now so its accessible. Reduces the need for 1, although only partially we still might need to move the stuff between sites.
4) Politically there may never be a disposal site. Reid has basically killed Yucca. If we can't muster the political will to put a storage facility in sparsely populated low economic value desert I don't know how we'd ever get it done anywhere else.
5) Environmentally it has been determined that even Yucca, most promising spot identified today is really not as ideal as we once thought. There may not be anyplace that is really 'good' to use as a radio active waste dump. Again killing the need for 1.
So in light of the fact that 1 is a known obstacle which we are confident is solvable, while the fundamental issues are more open questions it probably does make more sense to try and resolve the other issues first.
Removing elected officials from office because of their corruption is not contrary to the rule of law.
Umm yes it is contrary to the rule of law unless you:
A) have an established process by which a leader can be impeached
B) follow process A
The winner won because the whole "should we split up the country" issue breaks down geographically and the pro-Russia part of the country more or less could not vote. Just like the pro-Western groups in Crimea more or less could not vote. Either both of those 'elections' is legitimate or neither is. The Fact is neither election was anything close to what we would regard as inclusive, free, and fair.
I am not buying any of the propaganda about the current leadership and its legitimacy. The Fact is the previous president was compelled to leave office via extra-legal means.
Fled vs Ousted is really a Symantec argument as nobody does what would be described as "fleeing" except under duress, otherwise its just "leaving" and nobody is saying he just left. It comes down to if you want to add a connotation of cowardice and guilt or not.
You can spin things as much as you like. If you want to say we helped oust a corrupt, leader who was trying to give the nation away to his Russian counter parts. That might be true, but you cannot claim it was done by standing up for the rule of law. That is plainly false.
I remain convinced that better maneuvering around this issues was perfectly possible. A little more prudent and careful action could have gained us the westernized Ukraine we wanted without escalating apparent tensions with the Russians it jsut would have taken a few more years.
"sovereignty" what a fucking joke. They ousted a lawfully elected president, using an unlawful process at our urging. Lets face it when Obam says "elections have consequences" he means "election have consequences, if the elected is me". We have seen this with Morsi as well.
I am not saying Yanakovich was good guy; but we could have taken all their air out of this thing at the start if we would have backed Russia, in insisting the rebels/rioters just go home. Putin did not like Yanakovich either but had more or less backed him publicly at the time. It would have been much more politically challenging for him to get away with invading Ukraine while the sitting Russian leaning president was in office and than after he lost the next election to a European leaning one. Now we a situation where people can argue about the the legitmacy of the current office holders, Putin can and does make the very correct argument they are no more or less legitimate than the separatist leaders.
We could have avoided all this if Obama had been a little more patient and not tried bring Ukraine under Western influence so aggressively and quickly. It would have happen, was happening just needed time.
Now this is really Russia's game to loose. Ukraine is strategically more valuable to them than us. We have more immediate threats to deal with ISIS, Assad, IRAQ, Hamas, North Korean, and the African coast. All of those pose much greater economic and security risks to us than what happens in Non-NATO Eastern Europe.
The problem with 'Big Data' is everyone is trying to use it as a substitute for actual hypothesizing and experimentation.
I am not suggesting it isn't useful, it is, and it can be a huge help in identifying non-intuitive relationships that may exist. Its not being marketed that way though! Everyone is trying to sell it as the solution to all their unresolved problems and knowledge gaps.
At the end of the day all it can ever show is correlation, never causation. All the fancy AIs we add on top are really just correlation engines as well. One day real-soon-now WATSON or something like it will diagnose your cancer. It won't 'discover' the cure though, it will just apply the 'KNOWN' treatment that statistically correlates with the best outcome, hopefully excluding some which correlate with especially un pleasant side effects.
Same is true with the financial markets. Big Data alone will never discover a unified theory that explains market behavior. It will probably make a handful of people stupid amounts of money based again or event correlation and speed. As long as those are the drivers though we will remain forever at risk of sudden meltdowns.
I have worked with lots really sharp guys from India, mind you they have been here in the US. Which implies selection bias, they were ones who had the interest, ability, and resources to get here. I have worked with lots of guys and from all over Europe an South America as too. Some great some not so great.
I don't think 'where' has much to do with it, talent is talent and it cares not about the label applied to map marking ones place of birth.
That said I don't think much of these programs. I expect 'my government' to look out for the 'general welfare' of 'my fellow countrymen'. I think the long term economic wisdom of importing all these workers from elsewhere is highly questionable. Based on intuition, labor statistics, and anecdotes, I fail to to reach the conclusion that the vast vast majority of tech jobs could not be filled by current citizens. Its not even clear it would alter the long term cost structure of these companies much; even if it did hurt the next few quarters.
So I suggest we dispense with all of the crap, the unsubstantiated economic voodoo, the nationalism, and the Xenophobia. Lets stop incentivising off-shoring and importing of workers. Lets not disincentivise it either. Get rid of the tax loop holes; dump payroll taxes entirely. Just allocate what is required for entitlements like SS and Medicare from the general fund. Get rid of the tax exemption on benefits make them taxable as regular income. Provide that no employer may require an employee to participate in their benefits program. That will make the heal-care market place more open and take that dimension mostly out of labor competitiveness.
Then adopt a permissive immigration policy, no quotas no incentives. Let as many people come as want to but require they prove at least one of the following:
1) An offer of gainful employment
2) Existing financial resources on which they can live for at least two years.
Denying access as the default and explicit allowing exceptions is much more secure than the opposite.
Well no argument there but there are appropriate places to install filters and in appropriate ones. Its the job of the firewall to prevent connections to outside resources or possibly a proxy or gateway server, not the DNS servers because if the ip can be discovered some other way the control is bypassed.
Naturally in a high security environment you might need to control DNS. It can after all (at least with a cooperative) remote server be used for ingress and egress. You might configure an internal DNS server to return records only for zone on which it is an authority and perhaps whitelist specific external zones like our.trusted.partners.com; but you certainly are not going to say allow it to resolve any .com and not any .mail|.food|.biz that makes no sense.
Right so we can repeat the problems where dip shit network admin decided to not read any documentation and used something other than RFC1918 address space for internal routing. Now Bob in customer service is trying to get to the clients website which happens to be in the same IP range internal hosts uses, and wonders why he can't.
Seen it. You can't just exclude conflicting TLDs because sooner or later someone might need a resource on one of those tlds.
Right,
There is a universal truth out there nobody, not even Vixie, fully understands DNS in terms of all its interactions with it self scaled globally and what assumptions (correct or otherwise) software that uses it makes.
I fail to see how this proposed behavior solves anything. Most software out there was written to assume that if you get back an address DNS resolution worked, if there was a problem you get back something like NXDOMAIN. Lots of apps are not going to report any problems if they get back 127.0.53.53, there are going to sit and wait for the connection to time out or depending on how the system is configured report connection refused. Leaving the user with no way to know the name was wrong.
Its not good for developers writing new code either, because now they have to do somethig like this:
Try addr = gethostbyname($hostname) //stupid hack to test for 127.0.53.53
raise NSException.NXDOMAIN if addr == aton("127.0.53.53")
dosomethingwithaddress(addr)
catch NSException => e
echo 'Name resolution problem' + e.msg >> $strerr
end
Which is ungly confusing and stupid.
Of course the real issue here nobody is taking care of is the security one. Bob is happily using his laptop to read his mail on the corporate network connected to mail.some_now_public_tld and then he goes to the coffee shop, the guys operating some_now_public_tld fixup their dns to answer for mail and wait for Bob to send his credentials. It will work too because Its a certain that the same folks who thought it was a good idea to ignore the rfcs and use some_now_public_tld are the same ones who still think its okay to run services with no authentication to the client. So Bobs mail app not configured to use SSL etc never checks any server cert and just sends his password.
many otherwise well-informed people think they have to do something wrong, or stupid, or insecure
Wait how does executing code delivered over a clear text channel without some other strong attribution and integrity controls in place not count as stupid or insecure.
Then we have slashdot here were we shove our session cookies back and forth in clear text. Not ideal but I don't execute code from slashdot (noscript) and I don't reuse my user name ore password elsewhere. So that lowers my exposure somewhat.
The browser makes need to at this point:
Disable the execution of any script or content of any script tag that was not transferred securely or loaded from local media; by default. Perhaps provide a white-list function to accommodate legacy intranets and stuff. They should similarly deny embedded objects like flash, sliverlight, acrobat, etc in those situations.
This would do a lot to protect people from both inject attacks and various forms of phishing. It would also really push site operators and web hosts to make sure SSL is available everywhere.
He admits to the acts but not to the intents. Intent is a big part of criminal culpability. He would also dispute many of the claimed harms done.
I work in Information Security, much of what I do phishing, exploit development, etc would be illegal except for intent and harm. There is no harm because any property I obtain or gain control of is not converted for my use but promptly returned unimpaired. I have no intent to illegally convert anything for my use or disclose any information about your organization but rather to fully comply with the NDA and scope of activities agreement I signed with your boss.
And for those reasons it isn't fraud when I call you pretending to be from the IT Directory from the European Subsidiary needed you to install the emgency "patch" I am about to e-mail you.
The law is not as simple as "what you did" why you did it matters and so does what the outcome was and even what the potential outcomes were.
many of the highly rated comments are really just wisecracks which might be funny, but don't add anything to the discussion.
Two comments on that.
The wise cracks tend to actually be moderated as "funny" by simply not including a funny moderation options a site would probably do a lot to discourage modding comments of that type up. A site could also easily offer user preferences for not including funny up mods when determining how to sort comments for display time.
A bit of levity might not directly contribute to the conversation by may encourage others to participate who otherwise would not have. IT may also inspire creative thinking in others leading to additional insight. Humor is something many people use to tackle issues they find challenging.
if he was a true patriot as he claims he'd have faced the music
Oh come on, what the hell is patriotic about being shoved in an oubliette some place, after a show trial where you can't present any evidence because everything is classified?
Snowden would never get anything resembling a fair trial before a jury of his peers. A show trial is the most he could hope, but its just as likely he'd be held pretty much indefinitely without trial on some flimsy constitutionally unsound national security pretext. If you want to know who the cowards are its Kerry, Clapper, and Alexander who want to burry him or avoid tackling his criticism with lies and indirection rather than confronting it with actual facts.
Going through the system, and there is evidence he did try does not work. Just try filing and FOIA request about anything that is connected to "terrorism" in their wildest imaginations (like animal rights) and see what happens. The first time you will probably get a nice letter back telling you: "they can't tell you why they can't tell" you what you wanted because 'national security'. Send a another request for ANY information on how they handled your first request and they will probably just stonewall. Which is ILLEGAL the law say they have 20 days to do something and the three letter agencies won't do that.
Statistically you are more likely to die falling out of bed than you currently are from any kind of terrorist attack. Logic would then dictate at the very least we would create a "Bedtime Safety Authority" to make sure we are all tucked in at night before investing more in counter terrorism and yet we keep allocating more and more federal to that; well that is what the NSA tells us they are doing with them anyway preventing terrorism. Then we also dump more money into policing while crime nears all time lows, and yet no recruitment fliers for the BSA are there to be found.
There are no good reasons for these people to be doing what they are so they instead just want to silence critics like Snowden. No Snowden is no coward he is the guy that gave up home, family, and a cushy job in paradise to keep this issue alive.
Automating war is a scary. What people should really look at is things like the flash crash to know why; or even the recent BGP hijacks for that matter.
The more automation your create and the more those autonomous systems interact with one another the more potential you have for bizarre positive or negative feedback problems. Eventually the system becomes so complex it is no longer very predictable but plenty dangerous.
The stock market today can plunge 700 points for no fundamental reason what so ever. One machine starts selling, which triggers another machine to act and so on. Its bad enough when its only money, and these people want to weaponize it!
Or one person manages to compromise one machine and instructs it do something like advertise a route and the next thing you know thousands of other machines react to it making the attack possible.
Not to go all SkyNet but something like this could quite literally inflict massive damage on the world before any person even realizes something is wrong. Be pretty sad if a software bug ends modern society as we know it because some asshat military-industrial-complex guy thought automated strikes were a good idea.
I am sure it came from all the property the cease without any kind of due process. The DEA like the NSA is so out of control and so culturally broken the ONLY viable solution is complete dissolution of the agency. The cancer is so bad just outright killing the patient is the best outcome; we can't fix'em.
Honestly we need a whole house cleaning of these two agencies (to start with) that includes pretty much anyone who has greater role than sweeping the floors or brewing coffee. Every last 'analyst' every supervisor, every IT guy. We need to ensure the current culture dies completely.
Given all the ridicules and bullshit mental gymnastics the government does all the time to argue they can do clearly unconstitutional things like compel you to use your private property to purchase a service you may not want; its not hard to construct a right to travel. In fact I think the right to travel is actually pretty clear.
We have a first amendment right to peaceful assembly. In order to assemble one must be able to go to that place the assembly is taking place. (1) this should establish a basic right to right travel.
Now can the government determine how you travel? No it can't. The tenth amendment grants any powers not enumerated for the federal government or reserved for the states to the people. No where is the an enumerated right for the government to define in what manor a citizen may travel. (2) So its clear they cannot constitutionally forbid you to fly, ride a bus or train or car, bike etc.
Which leaves the commerce clause, where you could make an argument that transporting someone over state lines constitutes interstate commerce, so they probably have you there, but if you want to fly from say Cleveland to Cincinnati I don't believe there is any legitimate way the Federal government can interfere constitutionally, but good luck getting thru the TSA line if you are on one of their lists regardless.
What you are looking for is ex post facto but that isn't the case against the Computer fraud and abuse act. What that means is you can't do something which is perfectly legal, congress decide they don't like it, quickly pass a law against it and than prosecute you for what you did before the law was written.
The problems with the CFNA are that it is,
1. Vague - a law that is so broad a prosecutor can apply it to basically anything is unconstitutional, or void for vagueness.
2. Its cruel and unusual in that the sentences is prescribes are often far more severe than many violent crimes. When altering the query string in your URL bar can get your more years than rape something is terribly terribly wrong.
So what we have here are two problems.
One lack of authentication for the miners with the pools. Something a few SSL on the servers and wrapping those sockets calls with openSSL would make the route hijacking ineffective for stealing mining resources.
So there is a lesson in this whatever it is you are doing on the internet if you care AT ALL about it you should be using SSL and checking certs, (Looking at your slashdot) sure there are tons of problems as weaknesses in SSL but until something better comes along its beats the hell out of clear text with no authentication what so ever.
Two BGP needs to be replaced or updated to support much stronger authentication and the network operators need to just push getting it done, even if it means telling customers we can't / won't peer with you and neither will anyone else unless you get you routers and or software update to do this. If they stick together in it there should be no trouble getting that done.
Stealing some computer cycles used to generate bit coins is probably among the least real harm someone with access to advertise bogus routes in BGP could do; and lots of people are in a position to do that. We should be thankful its only a little money these guys were making off with. The Internet has gotten to big for the network operators to just relay on everyone playing nice and being good citizens, We need some stronger technical controls put in place and regular auditing beyound well nobody has complained on NANOG.
Okay maybe its not the kind of thing I would be willing to invest time and money in; but you could easily ask the opposite question:
What kind of society have we become when we allow vendors to blatantly misrepresent products prior to sale?
Sony should be honest about the products actual specifications. We have regulations in place because we collectively decided that all the snake-oil selling had to stop. We standardized weights and measures, and pass truth in advertising laws. They should be followed, simple as that.
No the computer needs to make better decision than the typical driver. The average driver is probably considerably worse than the mode, because there are some really horrible drivers out there.
Exactly the entire effort is wrong headed. If someone wants to cause a calamity they can.
Consider the west. You don't even need cells of 5 people, if you just had 20 people that all agreed they were going to drive out some highway in 20 different areas out west and start a wild fire all on the same day it could easily be enough to exhaust fire fighting resources. All of the could accomplish that with no training and supplies they could acquire at any gas station on the way to job without raising any suspicion. It could very well be the largest loss of property this country has ever seen.
The reality the SECURITY apparatus does not want to admit is there are in fact NOT that many people who want to hurt the United States AND are capable of getting here in the first place. There are so many soft but high value targets, we would be victims of high impact domestic terrorism every frigging day if even a few percent of the people on the list had real intent to act. The list is worse than useless its a distraction its pull resources that either don't need to go to security in the first place or security resources that would be more effective utilized elsewhere.
Really what we NEED to do is secure our boarder. its a fucking joke to strip search airline passengers, when literally any able bodied person can just walk in over our southern boarder, having come from the essentially lawless regions of South American and the Mexican state doing nothing to impede them. The best way to improve our security situation here would be fix the boarder problems so that people can not cross it illegally, and be much much more careful about who we grant visas and allow in here.
No worse the will come from
updates@?tfosorcim?.com which will be displayed like:
updates@microsoft.com
Just imagine the ? marks being the left-right reverse character.
I bet most projects would be happy to accept patches to their man pages, and files they store in /usr/doc/ if they improve quality or accuracy.
This is one of the few areas where just about anyone can contribute even if you don't code. Chances are you can still read it enough glean what the expected options are etc.
Google should start trolling their competitors. All they have to do is park a boat someplace and they can spur everyone into a flurry of pointless activity and worry.