There is a perceived difference between the old situation where we didn't know if we were getting a car that would soon cost us more money and the new one where we *do* know that the car's battery is about to cost us a fortune. I guess its really not just a perceived difference. With the gas-car its at least possible you aren't getting screwed. If electric cars are going to be viable we need to drive down costs of battery recycling. Scale will help some with that, but cheap lithium from places like Bolivia, and now Afghanistan, will make recycling less desirable, and we will be back in the same situation we are in now, fighting wars for resources, and polluting (but with heavy metals). Seems like there is always some battery tech a couple years out that will replace these terrible lithium things, but I'll just stick with a small efficient gasoline engine until they do.
"Cyberwar" by Richard Clarke is where I read his suggestion. As Securityemo's reply indicates below, the amount of processing necessary to do signature matching for either a virus or a video someone doesn't want seen, would be prohibitive at this time for that kind of bandwidth.
I don't think Mr. Clarke was overstating the threats, but I do think he underestimates the problems that come along with his proposed solutions, both technical and otherwise.
Relying on the continued technical inability to install such filters is a bad idea though.
Richard Clarke has suggested that the backbone endpoints, and even ISPs have super smart deep-packet-inspection filters that get their signature files from both folks like AV vendors *and* the government. In addition to signatures for malware, you could certainly create signatures for "dangerous ideas". Speaking of dangerous ideas... He also recognizes that serious oversight is needed to prevent abuse, but makes the assumption that such oversight is possible. When the people you are supposed to be overseeing can control what packets get sent to you, how do you do that?
The antivirus companies will have a market at least as long as users have root privileges on the machines they buy at the store. It doesn't matter if they ship loaded with linux and SElinux *correctly* configured. People will do stupid stuff and the home user doesn't normally having anything worth wasting a first use exploit on, so the virus scanner will continue to be a moderately useful and necessary tool for any computing equipment with significant marketshare. And actually the iPhone is an example showing that even if all the user has is physical access, they will gain root and subsequently get attacked by malware.
That is why I primarily use OSs with little marketshare for my financial computing. Maybe I just made an argument for fragmentation?
The boring kind, or the fun kind with pictures of dead folks and Illuminati imagery? More specifically is the problem with corruption, not enough spot checks, too much import volume, or all of the above?
I've been reading "cyberwar" by Richard Clark. He didn't have anything bad to say about the guy in the story, except that he was the only person willing to take a (pretty much identical) position, that Clark had himself vacated. According to the book the US is actually very very good at cyber attack. But he also says that businesses, he specifically calls out Microsoft, have lobbied extensively, not just to have the government look the other way from their bugs, and keep using their software, but to not regulate security for private business. DHS protects.gov, this cyber thingy protects.mil. No one protects.com and.org. None of the companies want to have security regulations placed on them (including power grid, and financial systems), and neither the previous administration or this one wants to force them. I'm generally against regulation and consider it a bad thing (tm), (its like my department noting they are going to hire more managers, again), but he does make a compelling case. The guys (apparently a very small group) he spoke with at blackhat apparently were persuaded as well, though they (and he) are worried about what sort of oversight is needed, to prevent privacy and worse abuses. Its all well and good to force ISPs to disconnect people detected to be part of botnets until they get their machine cleaned, but false positives that correlate strangely with unpopular opinions on the websites is a truly frightening idea. On the other side, who can argue that FDIC insured banks don't have an obligation to keep the insured money safe per the guidelines of the insurer?
Every time someone uses the term "denialist" to refer to *anyone* regarding AGW. It weakens the case. It is not ok. For any reason. It hurts the science, because people associate the climatologists with the insult they received for being skeptics. Being skeptical is good! I know its annoying that people keep asking for more and more and more proof, especially because its obvious they have something they *want* to believe. But just keep answering the questions or pointing to places where they can get the answers. I have no data, but my intuition indicates that many skeptics are being reinforced in their viewpoints simply because they are being ridiculed for their beliefs by well meaning people. We got past the question "is the climate really changing"? Its really past time that we moved on from "are we causing it"? And got on to "is the change bad for us"? Because that is going to get asked (and has been), and its going to take at least as much time to answer to the satisfaction of those who can change behavior as the first two.
Digital forums are not well explained as an analogue of paper published media. Its somewhere between those, and a mail service. A newspaper or magazine has many readers and few authors, hence a small volume of traffic that can be edited and checked for veracity. A mail service has many authors and many readers, but they are one to one, instead of many to many as in a digital forum. The many authors to many readers relationship results in far to much traffic for the facilitator of the traffic to authenticate all of it. If a country decides that the facilitators of a forum are responsible for its content, it will simply cease to have digital forums.
As the rich pay the early adopter costs, the companies will continue to come out with better mods, reducing the price of the previous ones. The price for the older mods will soon come down enough for middle class folks to mod themselves, and eventually enough to be covered by insurance plans as standard. At least in the world we should strive to create, that is how it would work. There is nothing wrong with the wealthy getting it first, they pay more for it and thereby allow for a higher (if unequal) quality of life for all. It worked that way with lasik in the US. I'm not sure if it worked that way because it was an optional elective surgery so it wasn't the "pay-up or die" situation that allows for higher prices, or whether it was that the insurance companies were completely uninvolved, or for some other reason that the hops have hidden from me.
There are cases where the math to model something predated the thing that math was later used to model. But (more often probably) the math was invented (or discovered, not getting into that one), in order to model what was desired. It is my understanding that Newton's formulation of calculus was driven by the need to model his laws of physics in a formal fashion. As need is almost always the driver of invention/discovery this is not surprising.
So one side hacks computers because the other side is using computers to hack brains. I don't consider that just cause. Humans have built in firewalls against BS. Yes they can be overcome, but generally that is called persuasion, or deception depending on the validity of the information being uploaded. And keeping your populace sheltered from the outside might prevent the internet from hacking them, but in face to face conversations they will be even more vulnerable due to their ignorance.
On the bright side, I can't wait to watch the wars between cognitive dictatorships once we all upload.*
It is only Iran saying that they were spy websites. Seems like a improvised excuse to censor their own populace to me. Not that they need an excuse, but excuses decrease the amount of resulting discontent. Just using the word "because" in a request has been shown to dramatically boost acquiescence. As has been discussed before, the young educated Iranians that tend to be the ones protesting are quite tech aware on average, it wouldn't surprise me if they set the sites up entirely themselves with no prodding. Iran is just as embarrassed about 'amateurs' making their jobs difficult as the superpowers are I'd guess. "Oh no! The sheeple can write html! We are doomed!"
Going into (or deeper into) debt during a recession only makes sense if the expenditures are put towards something that will produce revenue for the government in the future. The public works projects that left nothing behind but worthless infrastructure in places with little or no population were mistakes. The Hoover dam though... that made sense, even though it still hasn't sold enough electricity to pay for all the costs involved. The original costs are due to be paid in 2037. Unless something bad happens though, it was a good investment that *also* created jobs. Just creating jobs by throwing money at people won't get you out of a recession.
The article was a bit poor. The data sets aren't really incomplete in most cases. They only seem that way from a traditional standpoint. The missing samples often contain absolutely no information, in which case the original image/signal can be reconstructed perfectly. In brief, nyquist is a rule about sampling non-sparse data, so if you rotate your sparse data into a basis in which it is non-sparse, and you satisfy the nyquist rule in that basis (though not in the original one), you are still fine.
Never ascribe to malice or incompetence what can be explained by incompetent malice. I'm proud of myself, that sounded witty, but honestly I'd guess the original system "just worked" and slowly the needs outgrew it so that fewer people could use it at any given time than would like to use it. So slowly that the people who would have to explain the purchase could say "but its not that much worse than last year" instead of filling out enough forms to account for the mass of a sequoia, in order to do the requisition.
Doesn't this constitute a sampling bias? (from netcraft)
Why do you not report uptimes for Linux 2.6 or FreeBSD 6 ?
We only report uptimes for systems where the operating system's timer runs at 100Hz or less. Because the TCP code only uses the low 32 bits of the timer, if the timer runs at say 1000Hz, the value wraps around every 49.7 days (whereas at 100Hz it wraps after 497 days). As there are large numbers of systems which have a higher uptime than this, it is not possible to report accurate uptimes for these systems.
The Linux kernel switched to a higher internal timer rate at kernel version 2.5.26. Linux 2.4 used a rate of 100Hz. Linux 2.6 used a timer at 1000Hz (some architectures were using 1000Hz before this), until the default was changed back to 250Hz in May 2006. (An explanation of the HZ setting in Linux.)
FreeBSD versions 4 and 5 used a 100Hz timer, but FreeBSD 6 has moved to a customisable timer with a default setting of 1000Hz.
So unfortunately this means that we cannot give reliable uptime figures for many Linux and FreeBSD servers.
I'm a bit dense sometimes, but was that a joke? Rubber meets road types know that process doesn't add quality. It decreases quality by providing the ever present excuse "but I followed process, so we must need to fix ours". Perhaps some amount of process could force quality, but I don't think a human could design such a thing. Accountability works wonders though.
The yeast aren't dead. They are just sleeping. Dreaming of simple sugars. If you don't believe me, boil up three pounds of sugar in a gallon of water, cool it below 27c or so and pour it back in the jug, and add the sediment from a bottle conditioned ale. The dreamer *will* awaken.
I always thought Star Wars was more of a dune ripoff. Paul was born on a jungle planet, came to power on a desert planet, Luke was the reverse. Paul's grandfather was the primary antagonist. Luke I'm your father! I think that would make the analog of Fremen... the Ewoks, which doesn't exactly work, but the ewoks were pretty darn vicious for furry three foot tall insurgents. Am I full of it on this one or is it a dune ripoff?
If they used their *own* machines to do the loading I'd agree. But they almost certainly used a small botnet or at least the compromised machines of others to do the dirty work, so they would remain, er, anonymous. Taking over other peoples machines isn't civil disobedience, its quite uncivil. Part of civil disobedience is getting hit by the water hoses to make a public point. If there are no repercussions, its just ignoring laws you don't like, not civil disobedience. A more appropriate analogy would be stealing cars from everyone along a block and putting them in front of a store's entrance so no one could use it until they were removed. Everyone loves car analogies.
I am suspect of the interface reference. Are they counting things where an enumeration got used as an int, or there was an implicit cast from a 32bit float to a 64bit one? From a recent TV show "A difference that makes no difference is no difference." Stepping back a bit there will be howls from OO/Functional/FSM zealots that look at a program and declare its inferior architecture, lack of maintainability etc. indicate its results are wrong. These are programs written to be run once to turn one set of data into a more understandable and concise one. A truth test set run through it is good enough, they don't need iso compliant, triply refactored, perfectly architectured code to get the right answer. I don't think any of my CS proffs would have cared about such inane drivel they barely paid attention to what language we each picked to solve the assignment in. My software engineering proff would have yelled about comment density and coding standards compliance, but I consider that a different discipline primarily applicable to widely used and/or safety critical code.
*However* Keeping track of digit precision through a calculation isn't CS, its fundamental grade school science. That is only one step from forgetting to do unit analysis for a sanity check. If they are forgetting that, they are probably also not looking at numerical conditioning, or trying to get by with doubles when they need bignums. None of this is CS egocentrism, its stuff we learn in math and science courses.
Isn't obscurity exactly what you want until you figure out a counter? If I figured out how to turn a bunch of smoke detectors and cleaning chemicals into a thermo-nuke that fits in a shoe heel, I don't think I'd make the plans public right away. Yes the public as a whole knowing how it worked would speed up the effort to build a detector, but not as much as it would speed up some teenager with a bad week making something nasty in chem lab. Don't they withhold details on a linux kernel bug until they get it fixed now?
I am fairly certain that Germany is already a member of the same treaties. The German developer would just be charged instead. Some information, like some physical devices, only has use for killing. Is there some qualitative difference that makes it wrong to regulate such information, but ok to regulate the devices?
Slashdot Mirror
There is a perceived difference between the old situation where we didn't know if we were getting a car that would soon cost us more money and the new one where we *do* know that the car's battery is about to cost us a fortune. I guess its really not just a perceived difference. With the gas-car its at least possible you aren't getting screwed. If electric cars are going to be viable we need to drive down costs of battery recycling. Scale will help some with that, but cheap lithium from places like Bolivia, and now Afghanistan, will make recycling less desirable, and we will be back in the same situation we are in now, fighting wars for resources, and polluting (but with heavy metals). Seems like there is always some battery tech a couple years out that will replace these terrible lithium things, but I'll just stick with a small efficient gasoline engine until they do.
"Cyberwar" by Richard Clarke is where I read his suggestion. As Securityemo's reply indicates below, the amount of processing necessary to do signature matching for either a virus or a video someone doesn't want seen, would be prohibitive at this time for that kind of bandwidth.
I don't think Mr. Clarke was overstating the threats, but I do think he underestimates the problems that come along with his proposed solutions, both technical and otherwise.
Relying on the continued technical inability to install such filters is a bad idea though.
Richard Clarke has suggested that the backbone endpoints, and even ISPs have super smart deep-packet-inspection filters that get their signature files from both folks like AV vendors *and* the government. In addition to signatures for malware, you could certainly create signatures for "dangerous ideas". Speaking of dangerous ideas... He also recognizes that serious oversight is needed to prevent abuse, but makes the assumption that such oversight is possible. When the people you are supposed to be overseeing can control what packets get sent to you, how do you do that?
The antivirus companies will have a market at least as long as users have root privileges on the machines they buy at the store. It doesn't matter if they ship loaded with linux and SElinux *correctly* configured. People will do stupid stuff and the home user doesn't normally having anything worth wasting a first use exploit on, so the virus scanner will continue to be a moderately useful and necessary tool for any computing equipment with significant marketshare. And actually the iPhone is an example showing that even if all the user has is physical access, they will gain root and subsequently get attacked by malware.
That is why I primarily use OSs with little marketshare for my financial computing. Maybe I just made an argument for fragmentation?
The boring kind, or the fun kind with pictures of dead folks and Illuminati imagery? More specifically is the problem with corruption, not enough spot checks, too much import volume, or all of the above?
I've been reading "cyberwar" by Richard Clark. He didn't have anything bad to say about the guy in the story, except that he was the only person willing to take a (pretty much identical) position, that Clark had himself vacated. According to the book the US is actually very very good at cyber attack. But he also says that businesses, he specifically calls out Microsoft, have lobbied extensively, not just to have the government look the other way from their bugs, and keep using their software, but to not regulate security for private business. DHS protects .gov, this cyber thingy protects .mil. No one protects .com and .org. None of the companies want to have security regulations placed on them (including power grid, and financial systems), and neither the previous administration or this one wants to force them. I'm generally against regulation and consider it a bad thing (tm), (its like my department noting they are going to hire more managers, again), but he does make a compelling case. The guys (apparently a very small group) he spoke with at blackhat apparently were persuaded as well, though they (and he) are worried about what sort of oversight is needed, to prevent privacy and worse abuses. Its all well and good to force ISPs to disconnect people detected to be part of botnets until they get their machine cleaned, but false positives that correlate strangely with unpopular opinions on the websites is a truly frightening idea. On the other side, who can argue that FDIC insured banks don't have an obligation to keep the insured money safe per the guidelines of the insurer?
Every time someone uses the term "denialist" to refer to *anyone* regarding AGW. It weakens the case. It is not ok. For any reason. It hurts the science, because people associate the climatologists with the insult they received for being skeptics. Being skeptical is good! I know its annoying that people keep asking for more and more and more proof, especially because its obvious they have something they *want* to believe. But just keep answering the questions or pointing to places where they can get the answers. I have no data, but my intuition indicates that many skeptics are being reinforced in their viewpoints simply because they are being ridiculed for their beliefs by well meaning people. We got past the question "is the climate really changing"? Its really past time that we moved on from "are we causing it"? And got on to "is the change bad for us"? Because that is going to get asked (and has been), and its going to take at least as much time to answer to the satisfaction of those who can change behavior as the first two.
Digital forums are not well explained as an analogue of paper published media. Its somewhere between those, and a mail service. A newspaper or magazine has many readers and few authors, hence a small volume of traffic that can be edited and checked for veracity. A mail service has many authors and many readers, but they are one to one, instead of many to many as in a digital forum. The many authors to many readers relationship results in far to much traffic for the facilitator of the traffic to authenticate all of it. If a country decides that the facilitators of a forum are responsible for its content, it will simply cease to have digital forums.
As the rich pay the early adopter costs, the companies will continue to come out with better mods, reducing the price of the previous ones. The price for the older mods will soon come down enough for middle class folks to mod themselves, and eventually enough to be covered by insurance plans as standard. At least in the world we should strive to create, that is how it would work. There is nothing wrong with the wealthy getting it first, they pay more for it and thereby allow for a higher (if unequal) quality of life for all. It worked that way with lasik in the US. I'm not sure if it worked that way because it was an optional elective surgery so it wasn't the "pay-up or die" situation that allows for higher prices, or whether it was that the insurance companies were completely uninvolved, or for some other reason that the hops have hidden from me.
There are cases where the math to model something predated the thing that math was later used to model. But (more often probably) the math was invented (or discovered, not getting into that one), in order to model what was desired. It is my understanding that Newton's formulation of calculus was driven by the need to model his laws of physics in a formal fashion. As need is almost always the driver of invention/discovery this is not surprising.
So one side hacks computers because the other side is using computers to hack brains. I don't consider that just cause. Humans have built in firewalls against BS. Yes they can be overcome, but generally that is called persuasion, or deception depending on the validity of the information being uploaded. And keeping your populace sheltered from the outside might prevent the internet from hacking them, but in face to face conversations they will be even more vulnerable due to their ignorance.
On the bright side, I can't wait to watch the wars between cognitive dictatorships once we all upload.*
* Yes someone *has* been reading too much Stross.
It is only Iran saying that they were spy websites. Seems like a improvised excuse to censor their own populace to me. Not that they need an excuse, but excuses decrease the amount of resulting discontent. Just using the word "because" in a request has been shown to dramatically boost acquiescence. As has been discussed before, the young educated Iranians that tend to be the ones protesting are quite tech aware on average, it wouldn't surprise me if they set the sites up entirely themselves with no prodding. Iran is just as embarrassed about 'amateurs' making their jobs difficult as the superpowers are I'd guess. "Oh no! The sheeple can write html! We are doomed!"
Going into (or deeper into) debt during a recession only makes sense if the expenditures are put towards something that will produce revenue for the government in the future. The public works projects that left nothing behind but worthless infrastructure in places with little or no population were mistakes. The Hoover dam though... that made sense, even though it still hasn't sold enough electricity to pay for all the costs involved. The original costs are due to be paid in 2037. Unless something bad happens though, it was a good investment that *also* created jobs. Just creating jobs by throwing money at people won't get you out of a recession.
The article was a bit poor. The data sets aren't really incomplete in most cases. They only seem that way from a traditional standpoint. The missing samples often contain absolutely no information, in which case the original image/signal can be reconstructed perfectly. In brief, nyquist is a rule about sampling non-sparse data, so if you rotate your sparse data into a basis in which it is non-sparse, and you satisfy the nyquist rule in that basis (though not in the original one), you are still fine.
I like this link better l1 magic
Never ascribe to malice or incompetence what can be explained by incompetent malice. I'm proud of myself, that sounded witty, but honestly I'd guess the original system "just worked" and slowly the needs outgrew it so that fewer people could use it at any given time than would like to use it. So slowly that the people who would have to explain the purchase could say "but its not that much worse than last year" instead of filling out enough forms to account for the mass of a sequoia, in order to do the requisition.
Doesn't this constitute a sampling bias? (from netcraft)
Why do you not report uptimes for Linux 2.6 or FreeBSD 6 ?
We only report uptimes for systems where the operating system's timer runs at 100Hz or less. Because the TCP code only uses the low 32 bits of the timer, if the timer runs at say 1000Hz, the value wraps around every 49.7 days (whereas at 100Hz it wraps after 497 days). As there are large numbers of systems which have a higher uptime than this, it is not possible to report accurate uptimes for these systems.
The Linux kernel switched to a higher internal timer rate at kernel version 2.5.26. Linux 2.4 used a rate of 100Hz. Linux 2.6 used a timer at 1000Hz (some architectures were using 1000Hz before this), until the default was changed back to 250Hz in May 2006. (An explanation of the HZ setting in Linux.)
FreeBSD versions 4 and 5 used a 100Hz timer, but FreeBSD 6 has moved to a customisable timer with a default setting of 1000Hz.
So unfortunately this means that we cannot give reliable uptime figures for many Linux and FreeBSD servers.
That is silly, it would quickly discover the only way to win is not to play.
I'm a bit dense sometimes, but was that a joke? Rubber meets road types know that process doesn't add quality. It decreases quality by providing the ever present excuse "but I followed process, so we must need to fix ours". Perhaps some amount of process could force quality, but I don't think a human could design such a thing. Accountability works wonders though.
The yeast aren't dead. They are just sleeping. Dreaming of simple sugars. If you don't believe me, boil up three pounds of sugar in a gallon of water, cool it below 27c or so and pour it back in the jug, and add the sediment from a bottle conditioned ale. The dreamer *will* awaken.
I always thought Star Wars was more of a dune ripoff. Paul was born on a jungle planet, came to power on a desert planet, Luke was the reverse. Paul's grandfather was the primary antagonist. Luke I'm your father! I think that would make the analog of Fremen... the Ewoks, which doesn't exactly work, but the ewoks were pretty darn vicious for furry three foot tall insurgents. Am I full of it on this one or is it a dune ripoff?
If they used their *own* machines to do the loading I'd agree. But they almost certainly used a small botnet or at least the compromised machines of others to do the dirty work, so they would remain, er, anonymous. Taking over other peoples machines isn't civil disobedience, its quite uncivil. Part of civil disobedience is getting hit by the water hoses to make a public point. If there are no repercussions, its just ignoring laws you don't like, not civil disobedience. A more appropriate analogy would be stealing cars from everyone along a block and putting them in front of a store's entrance so no one could use it until they were removed. Everyone loves car analogies.
I am suspect of the interface reference. Are they counting things where an enumeration got used as an int, or there was an implicit cast from a 32bit float to a 64bit one? From a recent TV show "A difference that makes no difference is no difference." Stepping back a bit there will be howls from OO/Functional/FSM zealots that look at a program and declare its inferior architecture, lack of maintainability etc. indicate its results are wrong. These are programs written to be run once to turn one set of data into a more understandable and concise one. A truth test set run through it is good enough, they don't need iso compliant, triply refactored, perfectly architectured code to get the right answer. I don't think any of my CS proffs would have cared about such inane drivel they barely paid attention to what language we each picked to solve the assignment in. My software engineering proff would have yelled about comment density and coding standards compliance, but I consider that a different discipline primarily applicable to widely used and/or safety critical code.
*However*
Keeping track of digit precision through a calculation isn't CS, its fundamental grade school science. That is only one step from forgetting to do unit analysis for a sanity check. If they are forgetting that, they are probably also not looking at numerical conditioning, or trying to get by with doubles when they need bignums. None of this is CS egocentrism, its stuff we learn in math and science courses.
Isn't obscurity exactly what you want until you figure out a counter? If I figured out how to turn a bunch of smoke detectors and cleaning chemicals into a thermo-nuke that fits in a shoe heel, I don't think I'd make the plans public right away. Yes the public as a whole knowing how it worked would speed up the effort to build a detector, but not as much as it would speed up some teenager with a bad week making something nasty in chem lab. Don't they withhold details on a linux kernel bug until they get it fixed now?
I am fairly certain that Germany is already a member of the same treaties. The German developer would just be charged instead. Some information, like some physical devices, only has use for killing. Is there some qualitative difference that makes it wrong to regulate such information, but ok to regulate the devices?
don't forget that some are ok with an SLI configuration. Or you can always use one card for physics and one for graphics.