IANAL and Texas is not my jurisdiction even if I was, but typically the crime is "intent to...", there's no evidence that there was an intent to do anything other then show off a cool project.
Fortunately we have this convenient rule to help everyone out in this case: Innocent until proven guilty. "We're not sure if he intended for it to be a hoax or not, so... INNOCENT!".
Then at least the cops should have taken the time to check to see if there was a CRIME committed before taking the poor kid into custody. That being, you know, their job and all.
Last I checked, building an alarm clock is not a crime. Having it go off in class is disruptive, but also not a crime.
At the very least some sincere apologies are owed the kid from the 'adults' involved.
Weather or not your overseeing people you are overseeing projects and larger scale strategic strategy, which makes you a manager.
You don't have the luxury anymore of being able to do things yourself. Context switching from strategic to tactical mode and back has a huge cost. Humans suck at multitasking. That's the reason that in most human endeavors over the millennia we've settled on the idea that organizations work most effectively when you have a few people overseeing the larger scale picture and many people managing the day to day tactical situation and reporting the information that the leaders need in order to make decisions up.
You can no more be successful if you're in systems typing ps to discover what's going on as a general can be if they had to write every field report by hand. At best you'll burn yourself out and then everyone will be in trouble.
Instead my advice would be to take this as a coaching opportunity. "Hey, I'd like to take a peek at this config file. Mind bringing it up for me? Ah, see, that's where the problem is, you how that quotation mark is missing? The next line is being included int he string. Thanks, I'll raise a change to fix that." You've just taught someone something. Next time they will remember to check their string terminators. It's a win-win.
And I know this because I was in EXACTLY the same spot and mindset as you about 10 years ago. It's time to shift your mental viewpoint. It's not easy, but the fact that you were given this responsible suggests your fellow leaders believe you're up for it.
I suppose you could view it slightly differently as "What is merit". If you define someone's worth solely by the quality and quantity of work they turn out, maybe. The thing is the "who you know" bit often times is a helpful proxy for "soft skills".
As a manager, if one of my team comes up to me and say "Hey, I worked with Joe at Acme, and he worked well with us, turned out high quality code, participated in the scrum, and wrote tight test cases." I'm going to take that interview. Now if Joe was a right asshat, he'd not have gotten the reference.
As a hiring manager, soft skills are important in my team, they reduce friction, and as any engineer knows, friction is wasted energy. Social friction is no different.
I recommend Charlie Miller's talk from DC 22 - in which he goes through the architecture of a number of vehicles. His goal was the opposite of yours, to find the most hack-able car to set up for his talk this year (and the preceding Jeep recall) but if you turn the crank in the other direction, you should be able to get to the conclusion you want:
Agreed, actually I respect the show for their research. I may have misinterpreted the tone of your comment, I read it as "this could only happen in a TV show", and was pointing out it has a long history of working in real life. Apologies if I misinterpreted.
Do a timed release. Once the FOIA request is completed, the requester gets X months of exclusivity to publish, and then it gets released publicly. This preserves the inventive for the journalists, while at the same time ensuring that even FOIA requests that don't produce something sexy enough to publish still become public access at the end of the exclusivity period.
Precisely. My job is to run interference for my department, get them the things they need to be able to do their job and keep other depts from asking them questions, because I've answered them at aforementioned meetings.
Actually quite a tough job for an introvert, but I've managed.
That and mentoring the next generation of professionals are my main duties.
I've been wearing one since Christmas (thanks Santa!) and I have to say I don't think I'd wanna give it up now. It's a nice to have definitely, rather then a necessity, but so is my smart phone.
I have the type of job with double and triple stacked meetings 8 hrs a day and it's REALLY nice to be able to glance at my watch and find out where I need to be next, what the dial in for the conference bridge is etc without having to pull my phone out of my pocket, unlock it, etc. Means I'm late for fewer meetings.
It's also a lot more socially acceptable in my office at least to glance at a watch and check to see if that new email your phone is buzzing about is important enough to excuse yourself from the meeting or not. Also being able to screen a call without the fuss of pulling out a phone. Glance at the watch, see it's important, excuse myself from the meeting and pull my phone out on the way is a lot less disruptive.
So ya, it's a nice to have, but it's quickly becoming a high priority nice to have. I miss it when I forget to put it on in the morning (like today) because I have too little caffeine in my blood.
Like every other early adopter device, it's got bugs but it's over the "more trouble then it's worth" hurdle for me at least.
This looks like it's more of a play for the embedded systems or IoT space. Look at the examples given, nuclear reactors, IoT, etc. These are specialized systems where it's possible to say "I've monitored the system for x time, and these are the things that should be running. OK, anything new running can't use the disk IO driver to write to the disk".
There was a similar proposal for a device to work on the engine bus but focused on communications. "We monitor the bus for the first X seconds and classify the traffic on it. Then if something new starts talking or an existing player suddenly starts communicating to something it has never talked to, we declare condition red and fire the photon torps."
Hyperbole aside of 100% protection against everything, this is not a bad strategy for very specialized systems. Doesn't do crap for a general purpose computing environment, but as we leverage general purpose OS and off the shelf hardware for more embedded/IoT applications, we begin to have uses for tools that are highly restrictive because the things they're protecting are well defined.
I don't know - you can do a lot of damage in 512 words. I think we should stick to the letter of the law - 512 bits, Even if they try some fancy representation that should keep them out of trouble - and no references to call out tables, you sneaky religious types!
We could start with a decent family leave system (something half as good as the Nordic Countries and/or Canada)
Funny story - I'm a Canadian working for the Canadian office of a company that's (like most North American wide companies) predominately based in the US. The SHOCK when the US side of my team learned how much time off we get for maternity/paternity leave was amusing, followed by the scramble when they had to back-fill the role.
(For those who are unaware, Canada gives 6 months leave to each the mother and father. They can opt to consolidate that for a full year under the mother at their choice. The government pays full unemployment benefits for the duration and your employer is required to hold your position or equivalent for you, and you continue to accrue seniority/vacation/etc while you're away).
These weren't federal loans, as far as I can tell from RTFA. In short the allegations say that this is what happened:
1) The private loan market cratered 2) ITT said, "No problem we'll sell loans to ourselves, backed by investors, and we'll guarantee those loans" (see equity backed mortgages, for a similar case study) 3) Lots of loans started to default 4) ITT did math and said "Oh Nos", if we pay off those guarantees it's going to look bad. I know, let's pay those loans ourselves for a bit instead, I'm sure they will start paying again. 5) They didn't start paying again 6) They had to come clean to investors, stock tanks 6) They got caught in the coverup 7) SEC sues, stock tanks somemore 8) (profit)*-1
I assume this is an honest question so here's an honest answer.
The relevant bit is:
Section 33.
(1) Parliament or the legislature of a province may expressly declare in an Act of Parliament or of the legislature, as the case may be, that the Act or a provision thereof shall operate notwithstanding a provision included in section 2 or sections 7 to 15. (2) An Act or a provision of an Act in respect of which a declaration made under this section is in effect shall have such operation as it would have but for the provision of this Charter referred to in the declaration. (3) A declaration made under subsection (1) shall cease to have effect five years after it comes into force or on such earlier date as may be specified in the declaration. (4) Parliament or the legislature of a province may re-enact a declaration made under subsection (1). (5) Subsection (3) applies in respect of a re-enactment made under subsection (4).
Contrary to popular belief it's not specific to Quebec, it can be undertaken by either the federal or provincial/territorial level by a simple majority of the applicable governing body. (note that it doesn't apply to municipalities, so is irrelevant in the particulars of this article)
It allows temporary suspension of some Charter rights for a period of time (again country to popular belief it's not a blank check, and can't be used to suspend, e.g. mobility rights, or democratic rights, and the Supreme Court has ruled its use invalid in the past.).
It was first used by the Yukon Territory in 1982, but was never brought into force.
It's also been used in Alberta (in an ill fated attempt to ban same sex marriages), Saskatchewan (to attempt to force through back to work legislation, and avoid a Charter challenge based on freedom of association), and Quebec (in the most famous instance, to allow the provinces french only sign law). There are not currently as far as I know any in-use cases of Section Thirty Three.
Yep, it's possible. There's a couple of places listed in the talk that a skilled enough attacker could maybe make inroads, but the probability is limited by the fact that the networks speak VASTLY different networking protocols. Jeff *might* be able to infect the network bridge on a couple of specific airplane models.
Of course, if it's Bruce Schneier, just let him into the cockpit and give him the flight yoke, it'll be slower:)
Mod this up - Seriously, if you're at all thinking this stuff might be possible read the paper for a good analysis of what is and isn't possible. (hint: your probably more at risk from signals outside of the plane then from someone inside it, and not all that much risk (for now) even then.)
Actually, according to the latest figures I can find: http://www.bls.gov/opub/ted/20...
in 2009, women were on average paid 80% of men, across a broad segment of the work spectrum.
This data is from the US Dept of Labor. If you have a more recent or competing authoritative citation I'd love to hear it, but in so far as I'm aware we still have an issue.
Slashdot Mirror
IANAL and Texas is not my jurisdiction even if I was, but typically the crime is "intent to...", there's no evidence that there was an intent to do anything other then show off a cool project.
Min
Fortunately we have this convenient rule to help everyone out in this case: Innocent until proven guilty. "We're not sure if he intended for it to be a hoax or not, so... INNOCENT!".
It's not that tough, really.
Min
Then at least the cops should have taken the time to check to see if there was a CRIME committed before taking the poor kid into custody. That being, you know, their job and all.
Last I checked, building an alarm clock is not a crime. Having it go off in class is disruptive, but also not a crime.
At the very least some sincere apologies are owed the kid from the 'adults' involved.
Min
Weather or not your overseeing people you are overseeing projects and larger scale strategic strategy, which makes you a manager.
You don't have the luxury anymore of being able to do things yourself. Context switching from strategic to tactical mode and back has a huge cost. Humans suck at multitasking. That's the reason that in most human endeavors over the millennia we've settled on the idea that organizations work most effectively when you have a few people overseeing the larger scale picture and many people managing the day to day tactical situation and reporting the information that the leaders need in order to make decisions up.
You can no more be successful if you're in systems typing ps to discover what's going on as a general can be if they had to write every field report by hand. At best you'll burn yourself out and then everyone will be in trouble.
Instead my advice would be to take this as a coaching opportunity. "Hey, I'd like to take a peek at this config file. Mind bringing it up for me? Ah, see, that's where the problem is, you how that quotation mark is missing? The next line is being included int he string. Thanks, I'll raise a change to fix that." You've just taught someone something. Next time they will remember to check their string terminators. It's a win-win.
And I know this because I was in EXACTLY the same spot and mindset as you about 10 years ago. It's time to shift your mental viewpoint. It's not easy, but the fact that you were given this responsible suggests your fellow leaders believe you're up for it.
Min
I suppose you could view it slightly differently as "What is merit". If you define someone's worth solely by the quality and quantity of work they turn out, maybe. The thing is the "who you know" bit often times is a helpful proxy for "soft skills".
As a manager, if one of my team comes up to me and say "Hey, I worked with Joe at Acme, and he worked well with us, turned out high quality code, participated in the scrum, and wrote tight test cases." I'm going to take that interview. Now if Joe was a right asshat, he'd not have gotten the reference.
As a hiring manager, soft skills are important in my team, they reduce friction, and as any engineer knows, friction is wasted energy. Social friction is no different.
Min
I recommend Charlie Miller's talk from DC 22 - in which he goes through the architecture of a number of vehicles. His goal was the opposite of yours, to find the most hack-able car to set up for his talk this year (and the preceding Jeep recall) but if you turn the crank in the other direction, you should be able to get to the conclusion you want:
https://www.youtube.com/watch?...
Min
Agreed, actually I respect the show for their research. I may have misinterpreted the tone of your comment, I read it as "this could only happen in a TV show", and was pointing out it has a long history of working in real life. Apologies if I misinterpreted.
Min
If dropping infected USB sticks into a parking lot and seeing who picks them up and plugs them in works
| Yeah, I watch Mr. Robot, too...
Um, Mr Robot took it from ancient (in internet terms anyways) history:
Just one random story from 2011:
http://thenextweb.com/insider/...
Min
Do a timed release. Once the FOIA request is completed, the requester gets X months of exclusivity to publish, and then it gets released publicly. This preserves the inventive for the journalists, while at the same time ensuring that even FOIA requests that don't produce something sexy enough to publish still become public access at the end of the exclusivity period.
Min
... too bad it was here :)
Precisely. My job is to run interference for my department, get them the things they need to be able to do their job and keep other depts from asking them questions, because I've answered them at aforementioned meetings.
Actually quite a tough job for an introvert, but I've managed.
That and mentoring the next generation of professionals are my main duties.
Min
I've been wearing one since Christmas (thanks Santa!) and I have to say I don't think I'd wanna give it up now. It's a nice to have definitely, rather then a necessity, but so is my smart phone.
I have the type of job with double and triple stacked meetings 8 hrs a day and it's REALLY nice to be able to glance at my watch and find out where I need to be next, what the dial in for the conference bridge is etc without having to pull my phone out of my pocket, unlock it, etc. Means I'm late for fewer meetings.
It's also a lot more socially acceptable in my office at least to glance at a watch and check to see if that new email your phone is buzzing about is important enough to excuse yourself from the meeting or not. Also being able to screen a call without the fuss of pulling out a phone. Glance at the watch, see it's important, excuse myself from the meeting and pull my phone out on the way is a lot less disruptive.
So ya, it's a nice to have, but it's quickly becoming a high priority nice to have. I miss it when I forget to put it on in the morning (like today) because I have too little caffeine in my blood.
Like every other early adopter device, it's got bugs but it's over the "more trouble then it's worth" hurdle for me at least.
Min
This looks like it's more of a play for the embedded systems or IoT space. Look at the examples given, nuclear reactors, IoT, etc. These are specialized systems where it's possible to say "I've monitored the system for x time, and these are the things that should be running. OK, anything new running can't use the disk IO driver to write to the disk".
There was a similar proposal for a device to work on the engine bus but focused on communications. "We monitor the bus for the first X seconds and classify the traffic on it. Then if something new starts talking or an existing player suddenly starts communicating to something it has never talked to, we declare condition red and fire the photon torps."
Hyperbole aside of 100% protection against everything, this is not a bad strategy for very specialized systems. Doesn't do crap for a general purpose computing environment, but as we leverage general purpose OS and off the shelf hardware for more embedded/IoT applications, we begin to have uses for tools that are highly restrictive because the things they're protecting are well defined.
Min
I don't know - you can do a lot of damage in 512 words. I think we should stick to the letter of the law - 512 bits, Even if they try some fancy representation that should keep them out of trouble - and no references to call out tables, you sneaky religious types!
Min
We could start with a decent family leave system (something half as good as the Nordic Countries and/or Canada)
Funny story - I'm a Canadian working for the Canadian office of a company that's (like most North American wide companies) predominately based in the US. The SHOCK when the US side of my team learned how much time off we get for maternity/paternity leave was amusing, followed by the scramble when they had to back-fill the role.
(For those who are unaware, Canada gives 6 months leave to each the mother and father. They can opt to consolidate that for a full year under the mother at their choice. The government pays full unemployment benefits for the duration and your employer is required to hold your position or equivalent for you, and you continue to accrue seniority/vacation/etc while you're away).
Min
Maybe the graveyard solar orbit of something like WMAP then... http://map.gsfc.nasa.gov/missi...
Min
These weren't federal loans, as far as I can tell from RTFA. In short the allegations say that this is what happened:
1) The private loan market cratered
2) ITT said, "No problem we'll sell loans to ourselves, backed by investors, and we'll guarantee those loans" (see equity backed mortgages, for a similar case study)
3) Lots of loans started to default
4) ITT did math and said "Oh Nos", if we pay off those guarantees it's going to look bad. I know, let's pay those loans ourselves for a bit instead, I'm sure they will start paying again.
5) They didn't start paying again
6) They had to come clean to investors, stock tanks
6) They got caught in the coverup
7) SEC sues, stock tanks somemore
8) (profit)*-1
Min
How about the SOHO satellite? A L1 orbit should stay pretty stable even without any further assistance.
http://sohowww.nascom.nasa.gov...
Min
Read this - pay attention to the interpretive dance requirement:
http://www.moserware.com/2009/...
K/Tnx/Bai,
Min
I assume this is an honest question so here's an honest answer.
The relevant bit is:
Section 33.
(1) Parliament or the legislature of a province may expressly declare in an Act of Parliament or of the legislature, as the case may be, that the Act or a provision thereof shall operate notwithstanding a provision included in section 2 or sections 7 to 15.
(2) An Act or a provision of an Act in respect of which a declaration made under this section is in effect shall have such operation as it would have but for the provision of this Charter referred to in the declaration.
(3) A declaration made under subsection (1) shall cease to have effect five years after it comes into force or on such earlier date as may be specified in the declaration.
(4) Parliament or the legislature of a province may re-enact a declaration made under subsection (1).
(5) Subsection (3) applies in respect of a re-enactment made under subsection (4).
Contrary to popular belief it's not specific to Quebec, it can be undertaken by either the federal or provincial/territorial level by a simple majority of the applicable governing body. (note that it doesn't apply to municipalities, so is irrelevant in the particulars of this article)
It allows temporary suspension of some Charter rights for a period of time (again country to popular belief it's not a blank check, and can't be used to suspend, e.g. mobility rights, or democratic rights, and the Supreme Court has ruled its use invalid in the past.).
It was first used by the Yukon Territory in 1982, but was never brought into force.
It's also been used in Alberta (in an ill fated attempt to ban same sex marriages), Saskatchewan (to attempt to force through back to work legislation, and avoid a Charter challenge based on freedom of association), and Quebec (in the most famous instance, to allow the provinces french only sign law). There are not currently as far as I know any in-use cases of Section Thirty Three.
Min
Yep, it's possible. There's a couple of places listed in the talk that a skilled enough attacker could maybe make inroads, but the probability is limited by the fact that the networks speak VASTLY different networking protocols. Jeff *might* be able to infect the network bridge on a couple of specific airplane models.
Of course, if it's Bruce Schneier, just let him into the cockpit and give him the flight yoke, it'll be slower :)
Min
Fortunately pilots are less likely to do it to themselves then drivers are :).
http://jalopnik.com/progressiv...
Min
Mod this up - Seriously, if you're at all thinking this stuff might be possible read the paper for a good analysis of what is and isn't possible. (hint: your probably more at risk from signals outside of the plane then from someone inside it, and not all that much risk (for now) even then.)
Min
Actually, according to the latest figures I can find:
http://www.bls.gov/opub/ted/20...
in 2009, women were on average paid 80% of men, across a broad segment of the work spectrum.
This data is from the US Dept of Labor. If you have a more recent or competing authoritative citation I'd love to hear it, but in so far as I'm aware we still have an issue.
Min
Winter was freestyle skiing - she just finished that this week. Summer will be French camp, a museum camp, and Defcon/r00tz this year.
Min