Unfortunately most young web/cloud companies do not care about security at all
This actually isn't nearly a stupid as it sounds, at least for anything "social". Your users tend to be young and careless or just generally not very privacy and security conscious. With a bit of luck noone will attack you for a while (until you're really big). If you can show quick growth during that time, you should be able to get a huge offer and sell out before any significant attacks happen, making security 100% SEP. Money spent on fixing vulnerabilities is money wasted in this plan - caveat emptor.
The surprising thing is that in this case it worked perfectly as described... but they didn't take the offer. Mindboggling. Sure, they could hold on to it and keep going, but if that was their plan, then they really should have thought about security and privacy from the start.
Today's summary describes a correct response. I asked why stuff like this must be news, when it should, but clearly isn't, business as usual. How can "please inform us about any security problems here: x@y.z" possibly be newsworthy, not standard procedure since early beta? They could have handled the situation like this from the start. Unfortunately most young web/cloud companies do not care about security at all (heh, as if older ones were much better...) and do not react properly even if informed.
So:
In what way is waiting (...) before you actually do something a "correct response"?
In no way at all and the post you just replied to never claimed otherwise.
Why so angry? Or am I reading too much between the lines?
Why oh why must things like this be news? Correct response to a security problem. Too bad it wasn't fast enough to avoid exploitation.
Anyway, I'm more and more convinced that keeping a successful product, taking responsibility for it and developing it further might be The Right Thing (for the customers and the code), but is not the right business strategy. If your product becomes successful enough to prompt a giga$ offer - sell. Immediately. If you really want to keep working on it, insist on keeping some technical management position (you won't have full control anymore anyway).
Magnetic poo? Sounds like BS, but the question you're trying to answer is actually the most interesting thing about this research. WHY? If the alignment is real, it's kind of cool, but makes you wonder - they have a magnetic sense and they use it to... poop straight?!? WTF?
I guess it does have other uses, might explain some decisions dogs make in labyrinths etc... But why do they do THIS? What's the advantage? Weird.
Or do we underestimate the importance of pooping ceremonies? Good material for a new religion...
Not amazing. The number of users is probably dropping as well, just a tiny bit slower than the entire desktop market, giving the appearance of an increase. Many people simply migrate away from desktops.
My guess is that anyone with the slightest tendency to migrate threw out Vista either immediately or as soon as 7 was released, meaning that the ones who still have it are most likely to keep their system as is as long as possible. So, expect this ~3.6% result to stay remarkably stable compared to the others, or even grow if the desktop market shrinks faster.
Relatively flat management structure in my department puts me in a weird position - direct management of a relatively small team, but high enough on the chart to have to deal with a lot of high-level stuff. That means I get to do a lot of both technical and non-technical management stuff on several layers.
The technical management is very, very easy in comparison. If you have the right people, projects mostly do themselves, your job is just to steer them and solve deadlocks where your developers just can't agree and any decision is better than none. But the non-technical parts... the horror... Keeping the team motivated on one side, keeping the bosses happy on the other. Hiring. Resources. Paperwork. Getting other departments to really support you, not "just do their work". This. Is. Difficult. And few people see it as such.
A good non-technical manager recognizes situations where such questions may arise and: 1. Predicts such questions or gathers them from informal talks before the actual meeting, asks the team, makes sure that he/she understood the answer well enough by rephrasing it in front of someone from the team... and is ready to give a technical answer. 2. Is very good at delaying the answer to consult the team first and at recognizing situations where this is not enough and the person asking must be redirected to the right person on the team (as rarely as possible). 3. Has at least one person on the team with sufficient interpersonal skills (and enough political common sense to stay quiet during non-technical discussions) to take with him to meetings where many unpredictable technical questions are likely to arise.
Really, this doesn't happen all that often. Most of the manager's work is non-technical. I'd take a good absolutely non-technical manager over an average technical one any time.
With similar management skills a technical manager would probably be better. Probably. Can he resist the urge to micromanage things he does somewhat understand?
Not likely. Not for the therapeutic vaccine. I think most HIV-positive people will take the chance if it really works.
For future use as preventive vaccine - yeah, expect resistance. Even more than for other vaccines. After all, most of them are just punching bags for your immune system - they aren't supposed to "do" anything, the FUD is about unintented ("or are they?") side-effects, impurities, stuff like that. In this case the vaccine is directly active - it modifies your body in a way.
In fact, I would be reluctant as well to use it until it had been in use for 20 years or so. HIV is not that virulent - considering my lifestyle the risk is quite low (not nearly zero of course). But I will enjoy the thought that - should the low risk materialize - there is something I can do about that.
For most nice things - you're right. In this case the reason is different. We're talking about a potentially dangerous thing - genetic manipulation. The 10 years are not for new research, but for further testing. The difference is that between "I think we will develop this by then" and "We have it, by then we should be sure whether it's safe" (assuming the current tests succeed).
If this passes initial tests and proves to be effective and not have any serious short-to-medium term side effects, then that is very good news for the infected - it is the first real cure. It's unlikely to be worse than the disease it cures. It can be soon cleared for therapeutic use.
But using it as a preventive vaccine? Would you really give it to healthy people? Hell no! You need a lot more research on long-term effects, including relatively rare ones, resulting from interaction with other, less wide-spread genes. Does this change influence later pregnancy? Development of a child? How does the immune system of that child develop? So many questions... Some will not be fully answered in 10 years, but we need to draw the line somewhere.
True, but not an answer to my question. Most of the things you mention are 2013. G+ failed to take off a lot earlier, when it was not as all-encompassing as it is now. I know why it's almost universally hated now. Tell me why it failed in the beginning.
Most new ideas are either flops or fads. A few survive the test of time and become part of the basic toolset of a civilization (telephone, e-mail, etc). These tend to be pretty obvious ideas made possible by recent advances, not "new revolutionary ways of doing something" based on the same basic technology. E-mail is almost as old as the networks themselves, because it was an obvious need.
I've always been sceptical of the thought that anything newer than 10 years is really revolutionary, unless it's an effect of a technological or scientific breakthrough. So far in my experience life proves me right.
But fads are powerful, in any field. I remember that one of the older professors in my MSc times taught us about the "new economy", how it changes everything and what its impact on our field (IT/CS) is. He seemed convinced - I was not. Weird - with this generation gap I should have been the enthusiast and he - the sceptic... Took reality less than 2 years to kick in with the first bursting bubble. I don't hear any "new economy" enthusiasts (in the sense he meant it) now.
The one thing which is not a fad is a social platform for status updates, sharing and group communication. There is a need for that, but not really for only one. There was MySpace, there is Facebook, there will be others - some with full set of basic functionality, some specialized. Eventually standards (de iure, de facto, who cares - good solutions are there, just not universal and polished) will emerge for configurable forwarding of different types of content to different platforms. Stuff like "make my FB status automatically visible on G+ and add a button to Instagram to make sharing my new photo on SomeNewThing one click away, even though that SomeNewThing is in beta, I'm an early adopter and there's no way for Instagram to support it explicitly already." After that some fragmentation will happen and it will "just work". Who cares who your e-mail provider is? Maybe you even run your own server. Cool. Same thing will happen here.
But what about single logon? FB started to take that role, but it seems it will fail. Looks like that simply must be a separate service. Not that I want it anyway...
Seems like FB's friend/non-friend division is not a good model of real life relationships! Wow! Surprise, surprise. Makes me wonder what Google did wrong with G+ to get so little popularity - the categorization of friends into separate groups and selective per-group availability of your content seemed to be among the initial assumptions (based on press releases from long time ago, I have no idea whether it works as advertised). That seems to be the right solution. Something else must have been very wrong... Without an account on either service I can't risk a guess.
If you have a brain, you bought a garage-full of those and are going to sell them for twice the price after the ban kicks in (assuming the ban only restricts production, not sale). Buyers will be there. Whether their choice makes any sense at all doesn't matter.
I wish I had thought of that when the ban was introduced here. Too much work, not enough time to think...
Hardware switch off, only WiFi within range under my full control (and I mean it) - no attempt to connect. Hardware switch on, wireshark on, full dump - nothing suspicious. Good enough for me.
Get a good one and test it, that's it. Paranoia is fun, but needs to have some limits. Still, it is kind of a niche reader - if you use something more publisher-controlled, a Kindle or some official app... YMMV.
Microsoft's big "problem" is "free updates". They should have a yearly subscription fee and that should increase as the OS gets older at some predictable rate. That's how to properly price ration an old OS's updates. They simply can't be expected to support XP forever, for free.
Except this is actually the one good thing that MS does. You buy their software - you get updates for free for quite a long time (not forever though).
Why is it so nice? Because the only updates that really matter here are security updates. And they are not worth even $5 per year for Joe Sixpack. No amount of educational actions are going to fix that, as people just tend to ignore threats or assume they won't hit them. The fact that they are free and automatic are probably the only reason why not every home computer is part of a botnet. This is actually a valuable service for the society as a whole.
Make it optional and non-free, far more than 50% of users will not buy it. Then deal with the massive botnets in a world where most of the machines are never updated.
Now excuse me while I go take a bath./me actually defending MS... Saying that something they do is right... The horror... The HORROR...
But no, we're not all as much like that. Some try to think critically, compare different sources, etc., others don't. Still, since you can't do that all the time, you're still vulnerable. And your brain is a traitor - it will absorb some messages on a subconscious level and make decisions for you without revealing the reasons. Everyone is susceptible. It's just dissapointing that most people don't even seem to try to make it harder.
+50 Insightful. "National Security" is the big fat lie in the name. It should be "State security". This is an important distinction. National security means protecting your people from outside threats (and has no bussiness listening on citizens, unless they are suspected of spying for someone else). State security is exactly peacekeeping - making sure that domestic peace is preserved and the country keeps running the way it runs. That does include some protection from outsiders, sure, but also keeping internal peace.
That last part introduces three things that have nothing to do with with "national security" or are strictly incompatible with it: - Keeping internal peace - making sure that any protests are limited and have no long-term consequences and that any potential revolutionaries are under control. Widespread domestic surveillance helps a lot. Irrelevant to national security. - Cultivating limited external conflict. Not enough to be a threat for the country, but enough to provide a common enemy, a scapegoat for failed internal actions (see previous point) and a good reason for when the perpetrators are exposed and the scapegoat strategy cannot work. Lowers national security. - Cooperation with law enforcement. Makes domestic actions more scalable and easier. Largely orthogonal to national security - the scope is completely different, the police may sometimes help arrest someone actually formally charged with spying, but that's it. State security is a very different animal, the police, FBI, etc. could be very useful.
Now look at the actions of your government, compare with the above and ask yourself - which kind of security is being protected? "National" or "state"? Was national security ever a priority in the last decades?
The problem is that the executives of those companies have learned that giving large political "donations" to key politicians is probably the best kind of investment they can ever make.
Sure, this is wrong and not done in the open in most other places, but the problem is the fact that it works. I don't mean buying laws - that's completely understandable, corruption is just greed, it's universal. But the politicians need the money for reelection, and that's scary.
The worst part of modern society, not just in America, is just how effective PR & marketing got. Of course you need some money to win an election - you need to get your message to the voters. But this is limited. Get the flyers out, buy some TV time, done. Why do you need more? For more advanced PR and support. This should not work with critically thinking people.
Marketing works. Ads work. PR works. And this is very, very sad. It's like most people are controllable semi-conscious droids.
The funny thing is how few of the comments in the media talk about the Snowden's case in the only context that makes even the pro-national-security-collect-everything guys stop and think.
As far as we know, the guy wasn't being paid for this. Wasn't specifically pre-trained for this. Had no external help. Just look what he managed to get access to. Now couple this with the thinking behind the "I told you" comments saying "see, it was possible and bam! the NSA was actually doing it". Now see how many people the NSA has.
The discussion whether the utility of having these data trumps privacy or constitutionality concerns is moot. Snowden showed the honestly funny truth. If he could do it, other competent intelligence agencies are doing it. NSA is in fact (unintentionally, of course) collecting data on Americans for Russians/Chinese/whoever. They are a wonderful source - a bit hard to get to, but once you do...
The NSA wants to stop any attempts to restrict its data collection (citing national security), because regaining lost privileges is a bit hard and they like what they have. But - as explained above - national security dictates that NSA's data collection should be immediately minimized. Know what you must and control it. As you grow, you're easier to penetrate. As is, Snowden made NSA look like a glaring hole in the security of US of A. Ironic, isn't it?
Not that I care. Not my country, not my business...
> Because that doesn't count. Research has to be published in a peer-reviewed journal (or at a peer-reviewed conference) or it doesn't exist.
Well... true.
> You don't get credit for it,
Yup.
> it never gets cited or used by other research, it doesn't become part of the literature.
Nope, not necessarily, depends on the field. I see more and more citations of even blog entries. Some have more citations than the best paper anyone I met personally wrote. Some "not-papers" become cornerstones of entire branches of research, although they tend to be later replaced by real papers by the same author (with nothing new in them). Note that not all publishers will even accept citations like that.
Still, these citations do not count - at least where I leave. You may be the author of the most influential text in the field in years. Your results may have been replicated by multiple peers and cited by almost everyone who matters, making you a real celebrity. However, it's not in a journal on the ministerial list. It is not indexed by the oficially endorsed database (mostly Web of Science here). It gets cited, but these citations do not appear in the database. So, your official parameters (like h-index) are unaffected. It is entirely possible to be - at the same time - one of the most influential researchers worldwide and a deadweight for your institution, lowering its total score. Also, grant proposals you submit will get lower scores, because you're "not influential enough", you're unlikely to produce anything worthwile.
So, you're basically right. You will swallow any restrictions imposed by the publisher if the journal is good enough and wants to publish your paper. Because your evaluation is not based on your real achievements - that's too subjective. It is based on artificial scoring, in which some peer-reviewed journals, mainly from the largest publishers, simply rule.
As far as I recall he claimed no such thing. He claimed that the malware updated through the air gap. Quite a different thing than hacking - you already have an audio-networking-capable software on both communicating boxes.
This would mean that malware using this technique is already in the wild. Quite an ad for someone offering any protection from this, but if confirmed - very interesting.
Did you notice that I was referring to the "No need" part of the sentence? Yes need. Why implement a solution that catches most cellphone owners when you can just as easily implement one that catches every cellphone (well, unless it's off) and has much better coverage? Just because most of us (except the telco specialists among the readers) feel more at home in the TCP/IP world, making WiFi sound easier?
I don't need to be representative of any group. It's enough that I know I'm not alone in this. Want to trace MACs on WiFi? Go ahead. We're invisible.
And why would I have WiFi on when I'm not using it? In fact, I can't remember the last time I turned it on on a cellphone. Had it been broken since September, I wouldn't notice.
Slashdot Mirror
One more unrelated thing:
Unfortunately most young web/cloud companies do not care about security at all
This actually isn't nearly a stupid as it sounds, at least for anything "social". Your users tend to be young and careless or just generally not very privacy and security conscious. With a bit of luck noone will attack you for a while (until you're really big). If you can show quick growth during that time, you should be able to get a huge offer and sell out before any significant attacks happen, making security 100% SEP. Money spent on fixing vulnerabilities is money wasted in this plan - caveat emptor.
The surprising thing is that in this case it worked perfectly as described... but they didn't take the offer. Mindboggling. Sure, they could hold on to it and keep going, but if that was their plan, then they really should have thought about security and privacy from the start.
Was my previous post so hard to understand?
Today's summary describes a correct response. I asked why stuff like this must be news, when it should, but clearly isn't, business as usual. How can "please inform us about any security problems here: x@y.z" possibly be newsworthy, not standard procedure since early beta? They could have handled the situation like this from the start. Unfortunately most young web/cloud companies do not care about security at all (heh, as if older ones were much better...) and do not react properly even if informed.
So:
In what way is waiting (...) before you actually do something a "correct response"?
In no way at all and the post you just replied to never claimed otherwise.
Why so angry? Or am I reading too much between the lines?
Why oh why must things like this be news? Correct response to a security problem. Too bad it wasn't fast enough to avoid exploitation.
Anyway, I'm more and more convinced that keeping a successful product, taking responsibility for it and developing it further might be The Right Thing (for the customers and the code), but is not the right business strategy. If your product becomes successful enough to prompt a giga$ offer - sell. Immediately. If you really want to keep working on it, insist on keeping some technical management position (you won't have full control anymore anyway).
Magnetic poo? Sounds like BS, but the question you're trying to answer is actually the most interesting thing about this research. WHY? If the alignment is real, it's kind of cool, but makes you wonder - they have a magnetic sense and they use it to... poop straight?!? WTF?
I guess it does have other uses, might explain some decisions dogs make in labyrinths etc... But why do they do THIS? What's the advantage? Weird.
Or do we underestimate the importance of pooping ceremonies? Good material for a new religion...
I guess most mods find the idea of fucking zero-g feces repulsive, not funny. No wonder, I bet it's one of the rarest fetishes out there...
Not amazing. The number of users is probably dropping as well, just a tiny bit slower than the entire desktop market, giving the appearance of an increase. Many people simply migrate away from desktops.
My guess is that anyone with the slightest tendency to migrate threw out Vista either immediately or as soon as 7 was released, meaning that the ones who still have it are most likely to keep their system as is as long as possible. So, expect this ~3.6% result to stay remarkably stable compared to the others, or even grow if the desktop market shrinks faster.
Where are the mod points when I need them?
Relatively flat management structure in my department puts me in a weird position - direct management of a relatively small team, but high enough on the chart to have to deal with a lot of high-level stuff. That means I get to do a lot of both technical and non-technical management stuff on several layers.
The technical management is very, very easy in comparison. If you have the right people, projects mostly do themselves, your job is just to steer them and solve deadlocks where your developers just can't agree and any decision is better than none. But the non-technical parts... the horror... Keeping the team motivated on one side, keeping the bosses happy on the other. Hiring. Resources. Paperwork. Getting other departments to really support you, not "just do their work". This. Is. Difficult. And few people see it as such.
A good non-technical manager recognizes situations where such questions may arise and:
1. Predicts such questions or gathers them from informal talks before the actual meeting, asks the team, makes sure that he/she understood the answer well enough by rephrasing it in front of someone from the team... and is ready to give a technical answer.
2. Is very good at delaying the answer to consult the team first and at recognizing situations where this is not enough and the person asking must be redirected to the right person on the team (as rarely as possible).
3. Has at least one person on the team with sufficient interpersonal skills (and enough political common sense to stay quiet during non-technical discussions) to take with him to meetings where many unpredictable technical questions are likely to arise.
Really, this doesn't happen all that often. Most of the manager's work is non-technical. I'd take a good absolutely non-technical manager over an average technical one any time.
With similar management skills a technical manager would probably be better. Probably. Can he resist the urge to micromanage things he does somewhat understand?
Not likely. Not for the therapeutic vaccine. I think most HIV-positive people will take the chance if it really works.
For future use as preventive vaccine - yeah, expect resistance. Even more than for other vaccines. After all, most of them are just punching bags for your immune system - they aren't supposed to "do" anything, the FUD is about unintented ("or are they?") side-effects, impurities, stuff like that. In this case the vaccine is directly active - it modifies your body in a way.
In fact, I would be reluctant as well to use it until it had been in use for 20 years or so. HIV is not that virulent - considering my lifestyle the risk is quite low (not nearly zero of course). But I will enjoy the thought that - should the low risk materialize - there is something I can do about that.
For most nice things - you're right. In this case the reason is different. We're talking about a potentially dangerous thing - genetic manipulation. The 10 years are not for new research, but for further testing. The difference is that between "I think we will develop this by then" and "We have it, by then we should be sure whether it's safe" (assuming the current tests succeed).
If this passes initial tests and proves to be effective and not have any serious short-to-medium term side effects, then that is very good news for the infected - it is the first real cure. It's unlikely to be worse than the disease it cures. It can be soon cleared for therapeutic use.
But using it as a preventive vaccine? Would you really give it to healthy people? Hell no! You need a lot more research on long-term effects, including relatively rare ones, resulting from interaction with other, less wide-spread genes. Does this change influence later pregnancy? Development of a child? How does the immune system of that child develop? So many questions... Some will not be fully answered in 10 years, but we need to draw the line somewhere.
True, but not an answer to my question. Most of the things you mention are 2013. G+ failed to take off a lot earlier, when it was not as all-encompassing as it is now. I know why it's almost universally hated now. Tell me why it failed in the beginning.
Most new ideas are either flops or fads. A few survive the test of time and become part of the basic toolset of a civilization (telephone, e-mail, etc). These tend to be pretty obvious ideas made possible by recent advances, not "new revolutionary ways of doing something" based on the same basic technology. E-mail is almost as old as the networks themselves, because it was an obvious need.
I've always been sceptical of the thought that anything newer than 10 years is really revolutionary, unless it's an effect of a technological or scientific breakthrough. So far in my experience life proves me right.
But fads are powerful, in any field. I remember that one of the older professors in my MSc times taught us about the "new economy", how it changes everything and what its impact on our field (IT/CS) is. He seemed convinced - I was not. Weird - with this generation gap I should have been the enthusiast and he - the sceptic... Took reality less than 2 years to kick in with the first bursting bubble. I don't hear any "new economy" enthusiasts (in the sense he meant it) now.
The one thing which is not a fad is a social platform for status updates, sharing and group communication. There is a need for that, but not really for only one. There was MySpace, there is Facebook, there will be others - some with full set of basic functionality, some specialized. Eventually standards (de iure, de facto, who cares - good solutions are there, just not universal and polished) will emerge for configurable forwarding of different types of content to different platforms. Stuff like "make my FB status automatically visible on G+ and add a button to Instagram to make sharing my new photo on SomeNewThing one click away, even though that SomeNewThing is in beta, I'm an early adopter and there's no way for Instagram to support it explicitly already." After that some fragmentation will happen and it will "just work". Who cares who your e-mail provider is? Maybe you even run your own server. Cool. Same thing will happen here.
But what about single logon? FB started to take that role, but it seems it will fail. Looks like that simply must be a separate service. Not that I want it anyway...
Seems like FB's friend/non-friend division is not a good model of real life relationships! Wow! Surprise, surprise. Makes me wonder what Google did wrong with G+ to get so little popularity - the categorization of friends into separate groups and selective per-group availability of your content seemed to be among the initial assumptions (based on press releases from long time ago, I have no idea whether it works as advertised). That seems to be the right solution. Something else must have been very wrong... Without an account on either service I can't risk a guess.
If you have a brain, you bought a garage-full of those and are going to sell them for twice the price after the ban kicks in (assuming the ban only restricts production, not sale). Buyers will be there. Whether their choice makes any sense at all doesn't matter.
I wish I had thought of that when the ban was introduced here. Too much work, not enough time to think...
Hardware switch off, only WiFi within range under my full control (and I mean it) - no attempt to connect. Hardware switch on, wireshark on, full dump - nothing suspicious. Good enough for me.
Get a good one and test it, that's it. Paranoia is fun, but needs to have some limits. Still, it is kind of a niche reader - if you use something more publisher-controlled, a Kindle or some official app... YMMV.
Yeah, sure. Imagine the outcry. That would be seen as just another tax.
Microsoft's big "problem" is "free updates". They should have a yearly subscription fee and that should increase as the OS gets older at some predictable rate. That's how to properly price ration an old OS's updates. They simply can't be expected to support XP forever, for free.
Except this is actually the one good thing that MS does. You buy their software - you get updates for free for quite a long time (not forever though).
Why is it so nice? Because the only updates that really matter here are security updates. And they are not worth even $5 per year for Joe Sixpack. No amount of educational actions are going to fix that, as people just tend to ignore threats or assume they won't hit them. The fact that they are free and automatic are probably the only reason why not every home computer is part of a botnet. This is actually a valuable service for the society as a whole.
Make it optional and non-free, far more than 50% of users will not buy it. Then deal with the massive botnets in a world where most of the machines are never updated.
Now excuse me while I go take a bath. /me actually defending MS... Saying that something they do is right... The horror... The HORROR...
News? Not really. Just more sadness.
But no, we're not all as much like that. Some try to think critically, compare different sources, etc., others don't. Still, since you can't do that all the time, you're still vulnerable. And your brain is a traitor - it will absorb some messages on a subconscious level and make decisions for you without revealing the reasons. Everyone is susceptible. It's just dissapointing that most people don't even seem to try to make it harder.
+50 Insightful. "National Security" is the big fat lie in the name. It should be "State security". This is an important distinction. National security means protecting your people from outside threats (and has no bussiness listening on citizens, unless they are suspected of spying for someone else). State security is exactly peacekeeping - making sure that domestic peace is preserved and the country keeps running the way it runs. That does include some protection from outsiders, sure, but also keeping internal peace.
That last part introduces three things that have nothing to do with with "national security" or are strictly incompatible with it:
- Keeping internal peace - making sure that any protests are limited and have no long-term consequences and that any potential revolutionaries are under control. Widespread domestic surveillance helps a lot. Irrelevant to national security.
- Cultivating limited external conflict. Not enough to be a threat for the country, but enough to provide a common enemy, a scapegoat for failed internal actions (see previous point) and a good reason for when the perpetrators are exposed and the scapegoat strategy cannot work. Lowers national security.
- Cooperation with law enforcement. Makes domestic actions more scalable and easier. Largely orthogonal to national security - the scope is completely different, the police may sometimes help arrest someone actually formally charged with spying, but that's it. State security is a very different animal, the police, FBI, etc. could be very useful.
Now look at the actions of your government, compare with the above and ask yourself - which kind of security is being protected? "National" or "state"? Was national security ever a priority in the last decades?
The problem is that the executives of those companies have learned that giving large political "donations" to key politicians is probably the best kind of investment they can ever make.
Sure, this is wrong and not done in the open in most other places, but the problem is the fact that it works. I don't mean buying laws - that's completely understandable, corruption is just greed, it's universal. But the politicians need the money for reelection, and that's scary.
The worst part of modern society, not just in America, is just how effective PR & marketing got. Of course you need some money to win an election - you need to get your message to the voters. But this is limited. Get the flyers out, buy some TV time, done. Why do you need more? For more advanced PR and support. This should not work with critically thinking people.
Marketing works. Ads work. PR works. And this is very, very sad. It's like most people are controllable semi-conscious droids.
The funny thing is how few of the comments in the media talk about the Snowden's case in the only context that makes even the pro-national-security-collect-everything guys stop and think.
As far as we know, the guy wasn't being paid for this. Wasn't specifically pre-trained for this. Had no external help. Just look what he managed to get access to. Now couple this with the thinking behind the "I told you" comments saying "see, it was possible and bam! the NSA was actually doing it". Now see how many people the NSA has.
The discussion whether the utility of having these data trumps privacy or constitutionality concerns is moot. Snowden showed the honestly funny truth. If he could do it, other competent intelligence agencies are doing it. NSA is in fact (unintentionally, of course) collecting data on Americans for Russians/Chinese/whoever. They are a wonderful source - a bit hard to get to, but once you do...
The NSA wants to stop any attempts to restrict its data collection (citing national security), because regaining lost privileges is a bit hard and they like what they have. But - as explained above - national security dictates that NSA's data collection should be immediately minimized. Know what you must and control it. As you grow, you're easier to penetrate. As is, Snowden made NSA look like a glaring hole in the security of US of A. Ironic, isn't it?
Not that I care. Not my country, not my business...
> Because that doesn't count. Research has to be published in a peer-reviewed journal (or at a peer-reviewed conference) or it doesn't exist.
Well... true.
> You don't get credit for it,
Yup.
> it never gets cited or used by other research, it doesn't become part of the literature.
Nope, not necessarily, depends on the field. I see more and more citations of even blog entries. Some have more citations than the best paper anyone I met personally wrote. Some "not-papers" become cornerstones of entire branches of research, although they tend to be later replaced by real papers by the same author (with nothing new in them). Note that not all publishers will even accept citations like that.
Still, these citations do not count - at least where I leave. You may be the author of the most influential text in the field in years. Your results may have been replicated by multiple peers and cited by almost everyone who matters, making you a real celebrity. However, it's not in a journal on the ministerial list. It is not indexed by the oficially endorsed database (mostly Web of Science here). It gets cited, but these citations do not appear in the database. So, your official parameters (like h-index) are unaffected. It is entirely possible to be - at the same time - one of the most influential researchers worldwide and a deadweight for your institution, lowering its total score. Also, grant proposals you submit will get lower scores, because you're "not influential enough", you're unlikely to produce anything worthwile.
So, you're basically right. You will swallow any restrictions imposed by the publisher if the journal is good enough and wants to publish your paper. Because your evaluation is not based on your real achievements - that's too subjective. It is based on artificial scoring, in which some peer-reviewed journals, mainly from the largest publishers, simply rule.
As far as I recall he claimed no such thing. He claimed that the malware updated through the air gap. Quite a different thing than hacking - you already have an audio-networking-capable software on both communicating boxes.
This would mean that malware using this technique is already in the wild. Quite an ad for someone offering any protection from this, but if confirmed - very interesting.
Did you notice that I was referring to the "No need" part of the sentence? Yes need. Why implement a solution that catches most cellphone owners when you can just as easily implement one that catches every cellphone (well, unless it's off) and has much better coverage? Just because most of us (except the telco specialists among the readers) feel more at home in the TCP/IP world, making WiFi sound easier?
I don't need to be representative of any group. It's enough that I know I'm not alone in this. Want to trace MACs on WiFi? Go ahead. We're invisible.
And why would I have WiFi on when I'm not using it? In fact, I can't remember the last time I turned it on on a cellphone. Had it been broken since September, I wouldn't notice.