I didn't know there is such a thing as "class of scientific theories" with any scientific meaning.
I mean, class of combustion theories can't be falsified, because what ever is found about combustion, it would just rule out *some* combustion theories, but "combustion theories" as a class can't ever be disproven. Therefore combustion theories can't be very scientific, because the class of combustion theories can't be disproven...;-)
OTOH, if string theories really *can* accomodate *anything*, isn't that like saying that some string theory can tell us the "truth", and it's only a matter of choosing the right theory from the class of string theories?
No, something here isn't quite right... I suspect the root of the problem is in talking about how scientific "a class of theories" is, but what do I know.
You keep evading. What trajectory are you talking about? Just clearly specify what trajectory you are talking about, and we'll see which of us is misunderstanding...
I suspect it's you, but maybe you'll prove otherwise.
If you're talking about trajectory of the tug, I imagine the calculation would be pretty much like calculations done in a Harrier jet fighter when it's hovering... Not very difficult, I imagine.
If you're talking about the trajectory of the tug-asteroid complex, then it could use even the same software that was used to determine that asteroid is going to hit Earth in the first place, just adding the tug to the calculations. Not to mention that current orbit, position, velocity and mass of the asteroid would be very precisely known, because the tug would help in measuring those.
I'm not really sure what calculations you are after... Do you mean simply calculating that the tug would actually change the orbit of the asteroid? Well, that acceleration is already given in the summary for an asteroid of some mass, isn't it. So for some rough practical values, just do
delta v = time * acceleration given
or
delta position = 0.5 * acceleration given * time^2
Nah, there wouldn't be a lot of oppostion. There might be very loud opposition from a very small minority in a few countries (I think we're both thinking of the same country here...). But that would not really matter, because in general, the people who are really in power want to stay alive, and they're not stupid enough to fall for some doomsday cult thing. I mean, comparing to global warming, if you're rich that might even make you richer. But everybody being killed by a big asteroid is very bad for *all* business.
And for an effort like this (launching a rocket per day), there would need to be multiple rocket manufacturing and launch facilites all around the world. If, against all the odds, the wackos managed to bomb one, or overthrow one participating government, it still would not stop the rest of us form trying to save humanity.
Sounds like you're assuming the thrusters would be of a constant force and not controllable, that the tug would have to be put to precisely correct position and then stay there passively?
Active control of suitable thrusters to maintain correct position would not be hard. Knowing exact position in relation to the asteroid would not be hard (simple radar). It would not require complex math and equation solving in the tug. It would just be "we're in this position, we should be two centimeters in that direction, change thrust accordingly, wait a millisecond for next radar reading, repeat".
Complex and high-precision orbit calculations are only required when you want to get to a distant planet with minimal course corrections on the way, and then "only" to save fuel. Here the tug is spewing out propellant constantly, so actively adjusting the position on millisecond intervals doesn't cost anything extra.
Note that efficiency would not be a desgin goal, it would be a design limitation. Ie. you would not really care for or optimize for efficiency, you would optimize for providing maximal tugging force for the duration of the mission with available technology. Ie. if you could increase the force by lowering efficiency (putting the thrusters in even greater angle), then who cares about efficiency.
If critical (like avoiding end of civilization as we know it), a single tug could be operational for a very short time, and then we'd just launch new tugs to replace the spent onces as often as is needed.
If fate of humanity depended on it, I bet we could ramp up production and start launching a rocket per day very fast. I mean "do you want to do everything you can to help this effort for a few years, or do you want that all you love will disapper in a firestorm in a few years" is kind of motivational question;-)
I agree that usually just sniffing/recording is at least a bit easier than MITM, and of course MITM will always require a bit more sophisticated software. But these days with switched networks etc, if somebody has the capability to do sniffing (eg. by redirecting data from a hacked switch/router/virtual server host/whatever, or pretending to be a WLAN access point, or plugging a laptop in the middle of a switch/router network cable), then doing a MITM is not really harder. In some cases, network-wise there's no difference between MITM or just sniffing, difference is only in the sniffing software being passive data relay, MITM software being active participant in the connection. And I'm pretty sure plug-n-play MITM software for different cases is readily available at the "black hat" market...
The point is, if you want real security, encryption without authentication is not an option, it's IMHO just wrong to call that security. I guess it could be called obfuscation, to differentiate it from real end-to-end client-to-server security.
How would it work? Would it be just completely automated service, where anybody can send certificate details, and then receive a signed certificate in email? Surely you realize that this kind of certificate would be completely worthless...
So I presume there would be some kind of checks, so that just anybody couldn't ask for any certificate. Can you explaing what kind of checks and verifications there would be? What would be verified about a random certificate request? How would the signed certificate be delivered to the recipient?
I did not say anything about FF. I did not respond to TFA. I only criticized what I quoted: the implied claim that anybody could get a proper certificate for a domain that I own, and the impossible suggestion to "use SSL only for encrypting data".
Reading the message you respond to would be good too, ya?
I call "liar". I don't think FF3 forces anybody to use Verisign, and I don't think it's impossible to use self-signed certificates with FF3. Why are you claiming something that is not true?
Self signed HTTPS: "The communication with this site is secure because it encrypts the data you're sending to it. However there is no guarantee that it's owned by the organization that it claims to belong to. [checkbox] Don't tell this to me anymore."
Wrong. "The communication with this site is insecure because even though data transmitted is encrypted, you don't know if some hostile 3rd party is intercepting, decrypting, recording and possibly altering data on the way. Additionally, there is no guarantee that the certificate or the web site belongs to the organization you think it belongs to."
SSL may not be just for encryption, but perhaps it should be.. or should have been. It should never have served this dual purpose - and the story explains quite nicely -why-.
But SSL (or any communications protocol for that matter) can't be just for secure end-to-end encryption. Simply impossible.
If you don't have a shared secret, you need some kind of certificate authority that is known beforehand by both parties. With self-signed SSL certificate, you have neither, and therefore you don't have end-to-end encryption either. Well, you may have if nobody wanted to intercept your connection, but you have no way to know, and that can be even worse if you falsely believe you have secure connection.
CAs do very little to ensure that the site you're connecting to is really the one it claims to be.
So, are you claiming that you could get a recognized CA certificate for a domain that I own? If you can't, then there's enough security to achieve what is supposed to be achieved.
As a webmaster and owner of a site that uses SSL I second the author's proposal and more: let's stop pretending CAs can ensure the identity of the communicating parties, shut them down, save money and use SSL only for encrypting data.
The thing is, you can't have secure encrypted connection without authorization, because of man-in-the-middle attack vector. Ie. your encryption is really only as secure as your authentication.
SSL with insecure authentication provides only insecure encryption. Then SSL encryption is only as secure as SSL authentication.
To "use SSL only for encrypting data" is not an option, if by "encryption" you mean reliable end-to-end encryption, with no eavesdropping and no modifying the transmitted data by a man-in-the-middle. Really.
I always wondered what the Bible meant by "blocking the fountains of the deep"
If it means anything specific, it probably means the passing of the last wave of the tsunami that likely was the origin of the Middle East food myths...
The human race is just a bunch of superstitious bald apes with better tools than their cousins with fur.
Well, not quite. You make it sound like human race has been just given the tools and now has them. Let me say it better.
The human race is just a bunch of superstitious bald apes, no different from their cousins with fur, except human race has the ability to make better tools, and then use the first tools to make even better tools, and then talk about the tools they've made with each others and combine their knowledge to make even more excellent tools together, and then kill each other with their tools and take the tools of other to help them make their own tools even better again.
I don't see why we can't point out how colossally stupid this is.
And I suspect other/. readers don't see that either, because I don't much arguing about the stupidity of this (which it kind of was, stupid that is). I only see them arguing about illegality (which it apparently was not, illegal that is).
Or am I committing a crime when I ask for extra napkins at McDonalds?
Only if you're a cop and acting without a properly authorized napkin seizure warrant.
This is why they sometimes give you way too many napkins, ketchup, straws and everything at fast food places. It tells you that the place is frequented by cops, and it's not good business if customers run out of napkins and can't ask for more... So they give you more than you need, just in case you're a cop.
Unless you're dealing with cosmology. Then, whenever your theory proves to be wrong or you observe phenomenon that it did not and could not have accounted for, you just patch up your existing theory without questioning any of the underlying assumptions and without examining alternative explanations. Or worse, you just ignore contradictory evidence.
Just what makes you think that cosmologists aren't looking at alternative explanations and questioning the underlying assumptions? I mean, there's a pretty much guaranteed Nobel of Physics waiting for the one who would revolutionarize cosmology once again...
It's just that new theories need to fit those pesky observations, old and new...
Yes, of course it would be tremendously interesting.
But I don't think it'd even show that life "travelling" around is more likely than life emerging, because even if life emerged at two places (like Earth and Mars), but then also "travelled", maybe at both directions, I think it's more than likely that one would wipe out the other.
I mean, just think of all the extinct classes of life on earth we know about, then extrapolate to include all the extinct classes we don't know about, especially from the early Archean. I think it'd be extremely unlikely that two competing, separate lineages of life could exist side by side long enough for both of them to leave fossiles.
Except with Mars, if we find life there, there's a good chance it shares common origin with Earth life (based on similar DNA for example). In that case it doesn't really say much about likelyhood of life emerging...
That's just what I was thinking. This gadget is easily defeated by simply saturating the target area with shells
Uh... If you're up against a technologically and materially superior enemy, saturating the airspace with artillery fire is not done "easily". It could be achived temporarily with good tactics, but in general just trying to do it is a very quick way to do a suicide. You see, a technologically superior enemy (ie. the one with the state-of-the-art defensive lasers) also has superior counter-artillery capability, and will wipe out your artillery as soon as it tires any kind of concentrated bombardment.
Also, most importantly, a "traditional" 4X4 drive actually is rather horrible at normal driving speeds on slippery roads, even if the 4x4 switch is in the "HI" position. They can start an uncontrolled 4-wheel slide without much warning about too high speed.
Now modern 4x4 systems fix this more or less, but how many older SUVs have just the traditional low 4x4 - high 4x4 - rear wheel drive? Not to mention the suspension designed for trucks and/or low-speed off-road conditions.
No, I think his point is that sometimes, even if you're doing everything right, a collision is unavoidable. In such a case, it's better to be the big dog.
You've got it wrong. Sometimes, if you're doing everything right in a SUV, a collision is unavoidable, no matter how good a driver and in how agile small car the enemy is...
Slashdot Mirror
I didn't know there is such a thing as "class of scientific theories" with any scientific meaning.
I mean, class of combustion theories can't be falsified, because what ever is found about combustion, it would just rule out *some* combustion theories, but "combustion theories" as a class can't ever be disproven. Therefore combustion theories can't be very scientific, because the class of combustion theories can't be disproven... ;-)
OTOH, if string theories really *can* accomodate *anything*, isn't that like saying that some string theory can tell us the "truth", and it's only a matter of choosing the right theory from the class of string theories?
No, something here isn't quite right... I suspect the root of the problem is in talking about how scientific "a class of theories" is, but what do I know.
You keep evading. What trajectory are you talking about? Just clearly specify what trajectory you are talking about, and we'll see which of us is misunderstanding...
I suspect it's you, but maybe you'll prove otherwise.
Calculate *what* trajectory?
If you're talking about trajectory of the tug, I imagine the calculation would be pretty much like calculations done in a Harrier jet fighter when it's hovering... Not very difficult, I imagine.
If you're talking about the trajectory of the tug-asteroid complex, then it could use even the same software that was used to determine that asteroid is going to hit Earth in the first place, just adding the tug to the calculations. Not to mention that current orbit, position, velocity and mass of the asteroid would be very precisely known, because the tug would help in measuring those.
I'm not really sure what calculations you are after... Do you mean simply calculating that the tug would actually change the orbit of the asteroid? Well, that acceleration is already given in the summary for an asteroid of some mass, isn't it. So for some rough practical values, just do
delta v = time * acceleration given
or
delta position = 0.5 * acceleration given * time^2
or whatever.
Nah, there wouldn't be a lot of oppostion. There might be very loud opposition from a very small minority in a few countries (I think we're both thinking of the same country here...). But that would not really matter, because in general, the people who are really in power want to stay alive, and they're not stupid enough to fall for some doomsday cult thing. I mean, comparing to global warming, if you're rich that might even make you richer. But everybody being killed by a big asteroid is very bad for *all* business.
And for an effort like this (launching a rocket per day), there would need to be multiple rocket manufacturing and launch facilites all around the world. If, against all the odds, the wackos managed to bomb one, or overthrow one participating government, it still would not stop the rest of us form trying to save humanity.
0.22 microns per second per day, which in more familiar units is
2.5462963 * 10^-12 m / s^2 .
Sounds like you're assuming the thrusters would be of a constant force and not controllable, that the tug would have to be put to precisely correct position and then stay there passively?
Active control of suitable thrusters to maintain correct position would not be hard. Knowing exact position in relation to the asteroid would not be hard (simple radar). It would not require complex math and equation solving in the tug. It would just be "we're in this position, we should be two centimeters in that direction, change thrust accordingly, wait a millisecond for next radar reading, repeat".
Complex and high-precision orbit calculations are only required when you want to get to a distant planet with minimal course corrections on the way, and then "only" to save fuel. Here the tug is spewing out propellant constantly, so actively adjusting the position on millisecond intervals doesn't cost anything extra.
Note that efficiency would not be a desgin goal, it would be a design limitation. Ie. you would not really care for or optimize for efficiency, you would optimize for providing maximal tugging force for the duration of the mission with available technology. Ie. if you could increase the force by lowering efficiency (putting the thrusters in even greater angle), then who cares about efficiency.
If critical (like avoiding end of civilization as we know it), a single tug could be operational for a very short time, and then we'd just launch new tugs to replace the spent onces as often as is needed.
If fate of humanity depended on it, I bet we could ramp up production and start launching a rocket per day very fast. I mean "do you want to do everything you can to help this effort for a few years, or do you want that all you love will disapper in a firestorm in a few years" is kind of motivational question ;-)
I agree that usually just sniffing/recording is at least a bit easier than MITM, and of course MITM will always require a bit more sophisticated software. But these days with switched networks etc, if somebody has the capability to do sniffing (eg. by redirecting data from a hacked switch/router/virtual server host/whatever, or pretending to be a WLAN access point, or plugging a laptop in the middle of a switch/router network cable), then doing a MITM is not really harder. In some cases, network-wise there's no difference between MITM or just sniffing, difference is only in the sniffing software being passive data relay, MITM software being active participant in the connection. And I'm pretty sure plug-n-play MITM software for different cases is readily available at the "black hat" market...
The point is, if you want real security, encryption without authentication is not an option, it's IMHO just wrong to call that security. I guess it could be called obfuscation, to differentiate it from real end-to-end client-to-server security.
Anyway, there are two ways of acheiving sniffer-proof end to end encryption with no authentication and no third party trust.
Authentication is still very important - with these methods you are still vulnerable to classic MITM attack.
If a connection is vulnerable to man-in-the-middle, then it's not really very sniffer proof, now is it...?
How would it work? Would it be just completely automated service, where anybody can send certificate details, and then receive a signed certificate in email? Surely you realize that this kind of certificate would be completely worthless...
So I presume there would be some kind of checks, so that just anybody couldn't ask for any certificate. Can you explaing what kind of checks and verifications there would be? What would be verified about a random certificate request? How would the signed certificate be delivered to the recipient?
I did not say anything about FF. I did not respond to TFA. I only criticized what I quoted: the implied claim that anybody could get a proper certificate for a domain that I own, and the impossible suggestion to "use SSL only for encrypting data".
Reading the message you respond to would be good too, ya?
I call "liar". I don't think FF3 forces anybody to use Verisign, and I don't think it's impossible to use self-signed certificates with FF3. Why are you claiming something that is not true?
Self signed HTTPS: "The communication with this site is secure because it encrypts the data you're sending to it. However there is no guarantee that it's owned by the organization that it claims to belong to. [checkbox] Don't tell this to me anymore."
Wrong.
"The communication with this site is insecure because even though data transmitted is encrypted, you don't know if some hostile 3rd party is intercepting, decrypting, recording and possibly altering data on the way. Additionally, there is no guarantee that the certificate or the web site belongs to the organization you think it belongs to."
SSL may not be just for encryption, but perhaps it should be.. or should have been. It should never have served this dual purpose - and the story explains quite nicely -why-.
But SSL (or any communications protocol for that matter) can't be just for secure end-to-end encryption. Simply impossible.
If you don't have a shared secret, you need some kind of certificate authority that is known beforehand by both parties. With self-signed SSL certificate, you have neither, and therefore you don't have end-to-end encryption either. Well, you may have if nobody wanted to intercept your connection, but you have no way to know, and that can be even worse if you falsely believe you have secure connection.
CAs do very little to ensure that the site you're connecting to is really the one it claims to be.
So, are you claiming that you could get a recognized CA certificate for a domain that I own? If you can't, then there's enough security to achieve what is supposed to be achieved.
As a webmaster and owner of a site that uses SSL I second the author's proposal and more: let's stop pretending CAs can ensure the identity of the communicating parties, shut them down, save money and use SSL only for encrypting data.
The thing is, you can't have secure encrypted connection without authorization, because of man-in-the-middle attack vector. Ie. your encryption is really only as secure as your authentication.
SSL with insecure authentication provides only insecure encryption. Then SSL encryption is only as secure as SSL authentication.
To "use SSL only for encrypting data" is not an option, if by "encryption" you mean reliable end-to-end encryption, with no eavesdropping and no modifying the transmitted data by a man-in-the-middle. Really.
I always wondered what the Bible meant by "blocking the fountains of the deep"
If it means anything specific, it probably means the passing of the last wave of the tsunami that likely was the origin of the Middle East food myths...
The human race is just a bunch of superstitious bald apes with better tools than their cousins with fur.
Well, not quite. You make it sound like human race has been just given the tools and now has them. Let me say it better.
The human race is just a bunch of superstitious bald apes, no different from their cousins with fur, except human race has the ability to make better tools, and then use the first tools to make even better tools, and then talk about the tools they've made with each others and combine their knowledge to make even more excellent tools together, and then kill each other with their tools and take the tools of other to help them make their own tools even better again.
I don't see why we can't point out how colossally stupid this is.
And I suspect other /. readers don't see that either, because I don't much arguing about the stupidity of this (which it kind of was, stupid that is). I only see them arguing about illegality (which it apparently was not, illegal that is).
Or am I committing a crime when I ask for extra napkins at McDonalds?
Only if you're a cop and acting without a properly authorized napkin seizure warrant.
This is why they sometimes give you way too many napkins, ketchup, straws and everything at fast food places. It tells you that the place is frequented by cops, and it's not good business if customers run out of napkins and can't ask for more... So they give you more than you need, just in case you're a cop.
Unless you're dealing with cosmology. Then, whenever your theory proves to be wrong or you observe phenomenon that it did not and could not have accounted for, you just patch up your existing theory without questioning any of the underlying assumptions and without examining alternative explanations. Or worse, you just ignore contradictory evidence.
Just what makes you think that cosmologists aren't looking at alternative explanations and questioning the underlying assumptions? I mean, there's a pretty much guaranteed Nobel of Physics waiting for the one who would revolutionarize cosmology once again...
It's just that new theories need to fit those pesky observations, old and new...
Yes, of course it would be tremendously interesting.
But I don't think it'd even show that life "travelling" around is more likely than life emerging, because even if life emerged at two places (like Earth and Mars), but then also "travelled", maybe at both directions, I think it's more than likely that one would wipe out the other.
I mean, just think of all the extinct classes of life on earth we know about, then extrapolate to include all the extinct classes we don't know about, especially from the early Archean. I think it'd be extremely unlikely that two competing, separate lineages of life could exist side by side long enough for both of them to leave fossiles.
Except with Mars, if we find life there, there's a good chance it shares common origin with Earth life (based on similar DNA for example). In that case it doesn't really say much about likelyhood of life emerging...
That's just what I was thinking. This gadget is easily defeated by simply saturating the target area with shells
Uh... If you're up against a technologically and materially superior enemy, saturating the airspace with artillery fire is not done "easily". It could be achived temporarily with good tactics, but in general just trying to do it is a very quick way to do a suicide. You see, a technologically superior enemy (ie. the one with the state-of-the-art defensive lasers) also has superior counter-artillery capability, and will wipe out your artillery as soon as it tires any kind of concentrated bombardment.
Also, most importantly, a "traditional" 4X4 drive actually is rather horrible at normal driving speeds on slippery roads, even if the 4x4 switch is in the "HI" position. They can start an uncontrolled 4-wheel slide without much warning about too high speed.
Now modern 4x4 systems fix this more or less, but how many older SUVs have just the traditional low 4x4 - high 4x4 - rear wheel drive? Not to mention the suspension designed for trucks and/or low-speed off-road conditions.
No, I think his point is that sometimes, even if you're doing everything right, a collision is unavoidable. In such a case, it's better to be the big dog.
You've got it wrong. Sometimes, if you're doing everything right in a SUV, a collision is unavoidable, no matter how good a driver and in how agile small car the enemy is...